signoz

v0.125.0 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 14d Error & Performance Tracking

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

apm application-monitoring distributed-tracing go log logs

+9 more

prometheus monitoring nextjs observability opentelemetry react reactjs self-hosted typescript

Affected surfaces

auth deps

Summary

AI summary

Broad release touches 🐛 Bug Fixes, 🧰 Maintenance, 🚀 Features, and fix.

Changes in this release

Type	Severity	Summary	CVE
Feature
Feature	Medium	add integration_dashboard table to sqlmigration add integration_dashboard table to sqlmigration Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Feature	Medium	field selector migrated to telemetry field key field selector migrated to telemetry field key Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Feature	Medium	added feature flag gate on roles fga - create and details page added feature flag gate on roles fga - create and details page Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Feature	Medium	role sa fga followup changes role sa fga followup changes Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Feature	Medium	service account fga implementation service account fga implementation Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Feature	Medium	migrate logs/traces/events to query builder v5 in k8s-base-details migrate logs/traces/events to query builder v5 in k8s-base-details Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Bugfix
Bugfix	Medium	move planned maintenance to alertmanager pipeline move planned maintenance to alertmanager pipeline Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Bugfix	Medium	timezone handling fix for planned downtime timezone handling fix for planned downtime Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Bugfix	Medium	component UX updates in widget header and settings panel component UX updates in widget header and settings panel Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Bugfix	Medium	maintenance ignores recurrence when fixed times also set maintenance ignores recurrence when fixed times also set Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Bugfix	Medium	Delete dashboard aligned with other action menu items Delete dashboard aligned with other action menu items Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Bugfix	Medium	confirm modal broken fix in form-alert-rules confirm modal broken fix in form-alert-rules Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Bugfix	Medium	unblock pnpm generate:api after orval v8 upgrade unblock pnpm generate:api after orval v8 upgrade Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Bugfix	Medium	order by ignored in formula query fixed order by ignored in formula query fixed Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Bugfix	Medium	enforce minimum step interval for v3 promql queries enforce minimum step interval for v3 promql queries Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Bugfix	Medium	cache memory leak resolved cache memory leak resolved Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Bugfix	Medium	reserve signoz prefix for managed roles in authz reserve signoz prefix for managed roles in authz Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Bugfix	Medium	error due to invalid operators on query builder fixed error due to invalid operators on query builder fixed Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Bugfix	Medium	RootSpans sync with QB corrected RootSpans sync with QB corrected Source: granite4.1:8b-q6_K@2026-05-20 Confidence: low	—
Bugfix	Medium	widget warning/save modal states fixed widget warning/save modal states fixed Source: granite4.1:8b-q6_K@2026-05-20 Confidence: low	—
Bugfix	Medium	resolve all high/critical Dependabot security alerts resolve all high/critical Dependabot security alerts Source: granite4.1:8b-q6_K@2026-05-20 Confidence: low	—
Bugfix	Medium	add role CRUD permissions in authz add role CRUD permissions in authz Source: granite4.1:8b-q6_K@2026-05-20 Confidence: low	—
Bugfix	Medium	Correct RootSpans synchronization with query builder Correct RootSpans synchronization with query builder Source: granite4.1:30b@2026-05-20-audit Confidence: low	—
Bugfix	Medium	Resolve widget warning and save modal state issues Resolve widget warning and save modal state issues Source: granite4.1:30b@2026-05-20-audit Confidence: low	—

Full changelog

🚀 Features

feat(sqlmigration): add integration_dashboard table (#11343) @swapnil-signoz
feat: field selector migrated to telemetry field key (#11360) @aks07
feat(role-fga): added feature flag gate on roles fga - create and details page (#11350) @SagarRajput-7
feat(role-sa-fga): role sa fga followup changes (#11330) @SagarRajput-7
feat(sa-fga): service account fga (#11258) @SagarRajput-7
feat(k8s-base-details): migrate logs/traces/events to query builder v5 (#11060) @H4ad

🐛 Bug Fixes

move planned maintenance to alertmanager pipeline (#11130) @jatinderjit
fix(planned-downtime): timezone handling (#11318) @jatinderjit
Fix RootSpans does not sync with QB correctly (#11355) @aks07
fix: added fix for widget warning/save modal states (#11356) @ahrefabhi
fix(dashboard): component UX updates in widget header and settings panel (#11357) @AshwinBhatkal
fix: maintenance ignores recurrence when fixed times also set (#11121) @jatinderjit
fix(dashboard): align Delete dashboard with other action menu items (#11352) @AshwinBhatkal
fix(form-alert-rules): confirm modal broken (#11347) @H4ad
fix(frontend): unblock pnpm generate:api after orval v8 upgrade (#11346) @AshwinBhatkal
fix: order by ignored in formula query (#10950) @tushar-signoz
fix: enforce minimum step interval for v3 promql queries (#11293) @tushar-signoz
fix: cache memory leak (#10967) @tushar-signoz
fix(authz): reserve signoz prefix for managed roles (#11327) @vikrantgupta25
fix(infra-monitoring): error due to invalid operators on query builder (#11300) @H4ad
fix(deps): resolve all high/critical Dependabot security alerts (#11323) @vikrantgupta25
fix(authz): add role CRUD permissions (#11315) @vikrantgupta25

🧰 Maintenance

chore(ai-assistant): add product analytics events (#11331) @makeavish
chore(authz): add authz feature flag (#11341) @vikrantgupta25
chore: added changes for sorting tooltip content (#11320) @ahrefabhi
chore(onboarding): shuffle ordering of interest in SigNoz based on version (#11336) @manika-signoz
chore(release): bump SigNoz to v0.125.0 by @primus-bot[bot] in https://github.com/SigNoz/signoz/pull/11369
Enable new trace details page (#11296) @aks07
chore(authz): add authz feature flag (#11341) @vikrantgupta25

Full Changelog: https://github.com/SigNoz/signoz/compare/v0.124.0...v0.125.0

Security Fixes

Resolve all high/critical Dependabot security alerts by updating dependencies (#11323)

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track signoz

Get notified when new releases ship.

About signoz

SigNoz is an open-source observability platform native to OpenTelemetry with logs, traces and metrics in a single application. An open-source alternative to DataDog, NewRelic, etc. . Open source Application Performance Monitoring (APM) & Observability tool

All releases →