zenml

v0.94.4 Security

This release patches 1 CVE for security teams tracking exposure across their dependency inventory.

Published 22d Model Serving & MLOps

View tool

1 patched CVE

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE CVE-2023-4863 EPSS 93%

1 CVEs patched

Topics

agentops agents ai automl data-science machine-learning

+12 more

devops-tools genai llm llmops metadata-tracking mlops pipelines production-ready pytorch tensorflow workflow zenml

Affected surfaces

auth rbac

ReleasePort's take

Light signal

editorial:auto 13d

ZenML version 0.94.4 raises the maximum size limit for secrets stored in its SQL secrets store.

Why it matters: If you hit the prior secret‑size cap, upgrade to 0.94.4 immediately; otherwise treat as FYI.

Summary

AI summary

Increase the max size of ZenML secrets stored in the SQL secrets store.

Changes in this release

Type	Severity	Summary	CVE
Feature
Feature	Medium	SQL secrets store maximum size increased SQL secrets store maximum size increased Source: llm_adapter@2026-05-21 Confidence: high	—
Feature	Medium	Run metadata creation for isolated dynamic steps Run metadata creation for isolated dynamic steps Source: llm_adapter@2026-05-21 Confidence: high	—
Feature	Medium	Keyword-only arguments now supported in step functions Keyword-only arguments now supported in step functions Source: llm_adapter@2026-05-21 Confidence: high	—
Feature	Medium	Non-module-level step and dynamic pipeline definitions allowed Non-module-level step and dynamic pipeline definitions allowed Source: llm_adapter@2026-05-21 Confidence: high	—
Feature	Medium	Nested dynamic pipelines supported Nested dynamic pipelines supported Source: llm_adapter@2026-05-21 Confidence: high	—
Feature	Medium	Advanced Run:AI training workload settings added Advanced Run:AI training workload settings added Source: llm_adapter@2026-05-21 Confidence: high	—
Feature	Medium	New Databricks step-operator introduced New Databricks step-operator introduced Source: llm_adapter@2026-05-21 Confidence: high	—
Feature	Medium	Flavor-specific configuration help command added Flavor-specific configuration help command added Source: llm_adapter@2026-05-21 Confidence: low	—
Feature	Medium	Extra information added for kubernetes-killed jobs Extra information added for kubernetes-killed jobs Source: llm_adapter@2026-05-21 Confidence: low	—
Performance	Medium	O(N) global scan performance issue in artifact delete fixed O(N) global scan performance issue in artifact delete fixed Source: llm_adapter@2026-05-21 Confidence: high	—
Performance	Medium	Multiple RBAC calls during dehydration reduced Multiple RBAC calls during dehydration reduced Source: llm_adapter@2026-05-21 Confidence: high	—
Bugfix
Bugfix	Medium	Better signal handling during step execution Better signal handling during step execution Source: llm_adapter@2026-05-21 Confidence: high	—
Bugfix	Medium	Kubernetes label sanitization implemented Kubernetes label sanitization implemented Source: llm_adapter@2026-05-21 Confidence: high	—
Bugfix	Medium	Orchestrator setting resolution fixed Orchestrator setting resolution fixed Source: llm_adapter@2026-05-21 Confidence: high	—
Bugfix	Medium	MLflow deployment healthcheck method fixed MLflow deployment healthcheck method fixed Source: llm_adapter@2026-05-21 Confidence: high	—
Bugfix	Medium	Deployment invocation request fields fixed Deployment invocation request fields fixed Source: llm_adapter@2026-05-21 Confidence: high	—
Bugfix	Medium	Databricks tags and custom-tags fixed Databricks tags and custom-tags fixed Source: llm_adapter@2026-05-21 Confidence: high	—

Full changelog

What's Changed

Add version 0.94.2 to legacy docs by @github-actions[bot] in https://github.com/zenml-io/zenml/pull/4766
Add 0.94.3 to the migration tests by @github-actions[bot] in https://github.com/zenml-io/zenml/pull/4768
Revise Run:AI service account setup and troubleshooting by @safoinme in https://github.com/zenml-io/zenml/pull/4772
Update dynamic pipelines docs by @schustmi in https://github.com/zenml-io/zenml/pull/4776
Misc release-testing fixes by @schustmi in https://github.com/zenml-io/zenml/pull/4770
Increase the max size of zenml secrets stored in the SQL secrets store by @stefannica in https://github.com/zenml-io/zenml/pull/4769
Create run metadata for isolated steps (dynamic) by @Json-Andriopoulos in https://github.com/zenml-io/zenml/pull/4785
Better signal handling during step execution by @schustmi in https://github.com/zenml-io/zenml/pull/4784
Bump the minor-and-patch group across 1 directory with 9 updates by @dependabot[bot] in https://github.com/zenml-io/zenml/pull/4795
Fix O(N) global scan in artifact-version delete by @joaquinhuigomez in https://github.com/zenml-io/zenml/pull/4686
Fix multiple RBAC calls during dehydration by @schustmi in https://github.com/zenml-io/zenml/pull/4797
Clarify that DynamicPipelineRunner.wait() timeout is a soft timeout by @shaun0927 in https://github.com/zenml-io/zenml/pull/4741
Fix typo in step creation error message by @shaun0927 in https://github.com/zenml-io/zenml/pull/4736
Allow keyword only args in step function by @schustmi in https://github.com/zenml-io/zenml/pull/4798
Kubernetes label sanitization by @bcdurak in https://github.com/zenml-io/zenml/pull/4756
Allow non module-level definitions of steps and dynamic pipelines by @schustmi in https://github.com/zenml-io/zenml/pull/4799
Added ability to get help with flavor specific configurations by @AlexejPenner in https://github.com/zenml-io/zenml/pull/4662
Extract projects-backend release dispatch into dedicated workflow by @safoinme in https://github.com/zenml-io/zenml/pull/4720
Fixing orchestrator setting resolution by @bcdurak in https://github.com/zenml-io/zenml/pull/4803
Fix notify projects backend zizmor scan by @strickvl in https://github.com/zenml-io/zenml/pull/4808
Fix Check Links workflow failures (runai.md + dangling preemption refs + Slack 403) by @strickvl in https://github.com/zenml-io/zenml/pull/4807
Fix nightly PyPI trusted publishing by @strickvl in https://github.com/zenml-io/zenml/pull/4806
Add uv.lock to .gitignore by @strickvl in https://github.com/zenml-io/zenml/pull/4811
Nested dynamic pipelines by @schustmi in https://github.com/zenml-io/zenml/pull/4775
Refresh agent guidance docs by @strickvl in https://github.com/zenml-io/zenml/pull/4817
Fix MLflow deployment healthcheck method by @strickvl in https://github.com/zenml-io/zenml/pull/4816
Update docs for recent feature drift by @strickvl in https://github.com/zenml-io/zenml/pull/4818
Add advanced Run:AI training workload settings by @safoinme in https://github.com/zenml-io/zenml/pull/4780
Fix deployment invocation request fields by @schustmi in https://github.com/zenml-io/zenml/pull/4809
Extra info on kubernetes-killed jobs by @Json-Andriopoulos in https://github.com/zenml-io/zenml/pull/4800
Introduce new Databricks step-operator and fix tags and custom-tags by @safoinme in https://github.com/zenml-io/zenml/pull/4648
Fix PydanticAI agent example dependencies by @strickvl in https://github.com/zenml-io/zenml/pull/4823
Refactor Databricks test cases to use temporary path for wheel directory by @safoinme in https://github.com/zenml-io/zenml/pull/4824
Prepare release 0.94.4 by @github-actions[bot] in https://github.com/zenml-io/zenml/pull/4821

New Contributors

@joaquinhuigomez made their first contribution in https://github.com/zenml-io/zenml/pull/4686
@shaun0927 made their first contribution in https://github.com/zenml-io/zenml/pull/4741

Full Changelog: https://github.com/zenml-io/zenml/compare/0.94.3...0.94.4

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track zenml

Get notified when new releases ship.

About zenml

ZenML : One AI Platform from Pipelines to Agents. https://zenml.io.

All releases →