{"id":"src_hOB_TRdhwgSbXeQoEi1cn","slug":"temporal-server","name":"Temporal Server","type":"github","url":"https://github.com/temporalio/temporal","orgId":"org_llbei_Px9QEsv1BUOja1x","org":{"slug":"temporal","name":"Temporal"},"isPrimary":false,"metadata":"{\"evaluatedMethod\":\"github\",\"evaluatedAt\":\"2026-04-11T13:59:08.494Z\",\"changelogDetectedAt\":\"2026-04-11T14:01:17.098Z\"}","releaseCount":100,"releasesLast30Days":8,"avgReleasesPerWeek":0.9,"latestVersion":"v1.28.4","latestDate":"2026-04-10T21:07:31.000Z","changelogUrl":null,"hasChangelogFile":false,"lastFetchedAt":"2026-04-19T07:02:53.277Z","trackingSince":"2021-06-23T23:52:37.000Z","releases":[{"id":"rel_JGdBsb_UIoERvITIJlhwk","version":"v1.28.4","title":"v1.28.4","summary":"## What's Changed\r\n\r\n### Potential Breaking Change \r\nIf using authorization with replication setup, set `system.disableStreamingAuthorizer` dynamic co...","content":"## What's Changed\r\n\r\n### Potential Breaking Change \r\nIf using authorization with replication setup, set `system.disableStreamingAuthorizer` dynamic config to `true` to opt out from changes in this release and avoid replication traffic connection errors. Check the linked CVE for implications of opting out.\r\n\r\n### **Security**\r\n- Addresses [CVE-2026-5724](https://www.cve.org/cverecord?id=CVE-2026-5724), MEDIUM\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.28.3...v1.28.4\r\n\r\n### **Helpful links to get you started with Temporal**\r\n\r\n[Temporal Docs](https://docs.temporal.io/) \r\n[Server](https://github.com/temporalio/temporal) \r\n[Helm Chart](https://github.com/temporalio/helm-charts)\r\n\r\n### **Docker images for this release (use the tag `1.28.4`)**\r\n\r\n[Server](https://hub.docker.com/r/temporalio/server)\r\n[Server With Auto Setup](https://hub.docker.com/r/temporalio/auto-setup) ([what is Auto-Setup?](https://docs.temporal.io/blog/auto-setup))\r\n[Admin-Tools](https://hub.docker.com/r/temporalio/admin-tools)","publishedAt":"2026-04-10T21:07:31.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.28.4","media":[]},{"id":"rel_wRrNclDoAG2VhAj-ZPP5z","version":"v1.29.6","title":"v1.29.6","summary":"## What's Changed\r\n\r\n### Potential Breaking Change \r\nIf using authorization with replication setup, set `system.disableStreamingAuthorizer` dynamic co...","content":"## What's Changed\r\n\r\n### Potential Breaking Change \r\nIf using authorization with replication setup, set `system.disableStreamingAuthorizer` dynamic config to `true` to opt out from changes in this release and avoid replication traffic connection errors. Check the linked CVE for implications of opting out.\r\n\r\n### **Security**\r\n- Addresses [CVE-2026-5724](https://www.cve.org/cverecord?id=CVE-2026-5724), MEDIUM\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.29.5...v1.29.6\r\n\r\n### **Helpful links to get you started with Temporal**\r\n\r\n[Temporal Docs](https://docs.temporal.io/) \r\n[Server](https://github.com/temporalio/temporal) \r\n[Helm Chart](https://github.com/temporalio/helm-charts)\r\n\r\n### **Docker images for this release (use the tag `1.29.6`)**\r\n\r\n[Server](https://hub.docker.com/r/temporalio/server)\r\n[Server With Auto Setup](https://hub.docker.com/r/temporalio/auto-setup) ([what is Auto-Setup?](https://docs.temporal.io/blog/auto-setup))\r\n[Admin-Tools](https://hub.docker.com/r/temporalio/admin-tools)","publishedAt":"2026-04-10T21:07:12.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.29.6","media":[]},{"id":"rel_6j02NP6tSuG3uwT-B4lPa","version":"v1.30.4","title":"v1.30.4","summary":"## What's Changed\r\n\r\n### Potential Breaking Change \r\nIf using authorization with replication setup, set `system.disableStreamingAuthorizer` dynamic co...","content":"## What's Changed\r\n\r\n### Potential Breaking Change \r\nIf using authorization with replication setup, set `system.disableStreamingAuthorizer` dynamic config to `true` to opt out from changes in this release and avoid replication traffic connection errors. Check the linked CVE for implications of opting out.\r\n\r\n### **Security**\r\n- Addresses [CVE-2026-5724](https://www.cve.org/cverecord?id=CVE-2026-5724), MEDIUM\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.30.3...v1.30.4\r\n\r\n### **Helpful links to get you started with Temporal**\r\n\r\n[Temporal Docs](https://docs.temporal.io/) \r\n[Server](https://github.com/temporalio/temporal) \r\n[Helm Chart](https://github.com/temporalio/helm-charts)\r\n\r\n### **Docker images for this release (use the tag `1.30.4`)**\r\n\r\n[Server](https://hub.docker.com/r/temporalio/server)\r\n[Admin-Tools](https://hub.docker.com/r/temporalio/admin-tools)","publishedAt":"2026-04-10T21:06:39.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.30.4","media":[]},{"id":"rel_SyzoeACg0aQbEKFqxXfN4","version":"v1.30.3","title":"v1.30.3","summary":"## What's Changed\r\n\r\n### **Security**\r\n\r\n- Check namespaces in batch workflow ([CVE-2026-5199](https://www.cve.org/cverecord?id=CVE-2026-5199), LOW)\r\n...","content":"## What's Changed\r\n\r\n### **Security**\r\n\r\n- Check namespaces in batch workflow ([CVE-2026-5199](https://www.cve.org/cverecord?id=CVE-2026-5199), LOW)\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.30.2...v1.30.3\r\n\r\n### **Helpful links to get you started with Temporal**\r\n\r\n[Temporal Docs](https://docs.temporal.io/) \r\n[Server](https://github.com/temporalio/temporal) \r\n[Helm Chart](https://github.com/temporalio/helm-charts)\r\n\r\n### **Docker images for this release (use the tag `1.30.3`)**\r\n\r\n[Server](https://hub.docker.com/r/temporalio/server)\r\n[Admin-Tools](https://hub.docker.com/r/temporalio/admin-tools)","publishedAt":"2026-04-01T17:55:04.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.30.3","media":[]},{"id":"rel_aamr93-pkTEzSx8qnVjT0","version":"v1.29.5","title":"v1.29.5","summary":"## What's Changed\r\n\r\n### **Security**\r\n\r\n- Check namespaces in batch workflow ([CVE-2026-5199](https://www.cve.org/cverecord?id=CVE-2026-5199), LOW)\r\n...","content":"## What's Changed\r\n\r\n### **Security**\r\n\r\n- Check namespaces in batch workflow ([CVE-2026-5199](https://www.cve.org/cverecord?id=CVE-2026-5199), LOW)\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.29.4.1...v1.29.5\r\n\r\n### **Helpful links to get you started with Temporal**\r\n\r\n[Temporal Docs](https://docs.temporal.io/) \r\n[Server](https://github.com/temporalio/temporal) \r\n[Helm Chart](https://github.com/temporalio/helm-charts)\r\n\r\n### **Docker images for this release (use the tag `1.29.5`)**\r\n\r\n[Server](https://hub.docker.com/r/temporalio/server)\r\n[Server With Auto Setup](https://hub.docker.com/r/temporalio/auto-setup) ([what is Auto-Setup?](https://docs.temporal.io/blog/auto-setup))\r\n[Admin-Tools](https://hub.docker.com/r/temporalio/admin-tools)","publishedAt":"2026-04-01T17:55:00.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.29.5","media":[]},{"id":"rel_AjSySwM1YRqIkgI-QaDLO","version":"v1.28.3.1","title":"v1.28.3.1","summary":"## What's Changed\n* Bump dependencies to address security CVEs for v1.28.3.1 by @rkannan82 in https://github.com/temporalio/temporal/pull/9662\n\n\n**Ful...","content":"## What's Changed\n* Bump dependencies to address security CVEs for v1.28.3.1 by @rkannan82 in https://github.com/temporalio/temporal/pull/9662\n\n\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.28.3...v1.28.3.1","publishedAt":"2026-03-26T20:05:30.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.28.3.1","media":[]},{"id":"rel_ZfkKZc0psaoqSEgvIiKUc","version":"v1.29.4.1","title":"v1.29.4.1","summary":"## What's Changed\n* Bump dependencies to address security CVEs for v1.29.4.1 by @rkannan82 in https://github.com/temporalio/temporal/pull/9629\n\n\n**Ful...","content":"## What's Changed\n* Bump dependencies to address security CVEs for v1.29.4.1 by @rkannan82 in https://github.com/temporalio/temporal/pull/9629\n\n\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.29.4...v1.29.4.1","publishedAt":"2026-03-25T17:07:30.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.29.4.1","media":[]},{"id":"rel_vRXWFuimBXFXkfSUFOy86","version":"v1.30.2","title":"v1.30.2","summary":"## What's Changed\n\n### **Worker Versioning**\n\n- **Upgrade-on-Continue-as-New (Public Preview) -** New feature enables Pinned workflows to find out whe...","content":"## What's Changed\n\n### **Worker Versioning**\n\n- **Upgrade-on-Continue-as-New (Public Preview) -** New feature enables Pinned workflows to find out when a new worker version is available for them to upgrade to. Use this to Pin long-running workflows and let them upgrade-on-continue-as-new to the [Target Worker Deployment Version](https://docs.temporal.io/worker-versioning#versioning-definitions) (#9239)\n- System protection caches to reduce excessive `GetTaskQueueUserData` lookups (#9168, #9262)\n- Track version drainage properly with `VersioningOverride` for automated worker controllers (#9147)\n- Fix `approximate_backlog_count` metric for Current and Ramping version tasks (#9300, #9316, #8957)\n- Fix task rescheduling edge case during AutoUpgrade Transition (#9250)\n\n### **Bug Fixes**\n\n- Fix bug in retrieving archived workflows from Google Cloud Store (#9329)\n- Fix race in `fairTaskReader` (#9467)\n- Bump Temporal CLI version to 1.6.1 in Docker image build (#9433)\n\n### **Security**\n\n- Bump `google.golang.org/grpc` v1.72.2 → v1.79.3 (CVE-2026-33186, CRITICAL)\n- Bump `go.opentelemetry.io/otel/sdk` v1.34.0 → v1.40.0 (CVE-2026-24051, HIGH)\n- Bump Go 1.25.7 → 1.25.8 (CVE-2026-25679, HIGH)\n- Bump Alpine `zlib` 1.3.1-r2 → 1.3.2-r0 (CVE-2026-22184, HIGH)\n\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.30.1...v1.30.2\n\n### **Helpful links to get you started with Temporal**\n\n[Temporal Docs](https://docs.temporal.io/) [Server](https://github.com/temporalio/temporal) [Docker Compose](https://github.com/temporalio/docker-compose) [Helm Chart](https://github.com/temporalio/helm-charts)\n\n### **Docker images for this release (use the tag `1.30.2`)**\n\n[Server](https://hub.docker.com/r/temporalio/server) [Server With Auto Setup](https://hub.docker.com/r/temporalio/auto-setup) ([what is Auto-Setup?](https://docs.temporal.io/blog/auto-setup)) [Admin-Tools](https://hub.docker.com/r/temporalio/admin-tools)","publishedAt":"2026-03-24T22:40:36.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.30.2","media":[]},{"id":"rel_I_rntJsUzgQf9iNP88jlS","version":"v1.28.3","title":"v1.28.3","summary":"## What's Changed\n\nThis patch addresses multiple CVEs in Go dependencies and updates the Elasticsearch image:\n\n- Bump `golang.org/x/crypto` v0.37.0 → ...","content":"## What's Changed\n\nThis patch addresses multiple CVEs in Go dependencies and updates the Elasticsearch image:\n\n- Bump `golang.org/x/crypto` v0.37.0 → v0.45.0 (GO-2025-4116, GO-2025-4134, GO-2025-4135)\n- Bump `golang.org/x/net` v0.39.0 → v0.47.0 (GO-2026-4440, GO-2026-4441)\n- Bump Go 1.24.5 → 1.24.13 for stdlib CVE fixes (crypto/tls, crypto/x509)\n- Bump Elasticsearch image to 8.5.0 (#9497)\n\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.28.2...v1.28.3\n\n\n### Helpful links to get you started with Temporal\n[Temporal Docs](https://docs.temporal.io/)\n[Server](https://github.com/temporalio/temporal)\n[Docker Compose](https://github.com/temporalio/docker-compose)\n[Helm Chart](https://github.com/temporalio/helm-charts)\n\n### Docker images for this release\n[Server](https://hub.docker.com/r/temporalio/server) (use the tag 1.28.3)\n[Server With Auto Setup](https://hub.docker.com/r/temporalio/auto-setup) ([what is Auto-Setup?](https://docs.temporal.io/blog/auto-setup))\n[Admin-Tools](https://hub.docker.com/r/temporalio/admin-tools/)","publishedAt":"2026-03-18T17:30:05.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.28.3","media":[]},{"id":"rel_dTIr7QfkLZ68d-tOB1eo2","version":"v1.29.4","title":"v1.29.4","summary":"## What's Changed\r\nDependency Updates and Ignore Unknown Predefined Search Attributes After Rollback from v1.30.1\r\n\r\n# Helpful links to get you starte...","content":"## What's Changed\r\nDependency Updates and Ignore Unknown Predefined Search Attributes After Rollback from v1.30.1\r\n\r\n# Helpful links to get you started with Temporal\r\n[Temporal Docs](https://docs.temporal.io/)\r\n[Server](https://github.com/temporalio/temporal)\r\n[Samples Server](https://github.com/temporalio/samples-server)\r\n[Helm Chart](https://github.com/temporalio/helm-charts)\r\n\r\n# Docker images\r\n[Server](https://hub.docker.com/r/temporalio/server)\r\n[Admin-Tools](https://hub.docker.com/r/temporalio/admin-tools)\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.29.3...v1.29.4","publishedAt":"2026-03-07T03:40:00.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.29.4","media":[]},{"id":"rel_3svSvmSLFtHDwq09RB-Ox","version":"v1.30.1","title":"v1.30.1","summary":"# ⚠️💥 DOCKER IMAGE BREAKING CHANGES 💥⚠️\r\n\r\nStarting in this release, for security reasons, Temporal Docker images have been slimmed down, and we hav...","content":"# ⚠️💥 DOCKER IMAGE BREAKING CHANGES 💥⚠️\r\n\r\nStarting in this release, for security reasons, Temporal Docker images have been slimmed down, and we have removed binaries and packages that do not strictly need to be included. This includes:\r\n\r\n### `temporalio/admin-tools`\r\n\r\n**Removed tools:**\r\n\r\n- `bash`\r\n- `python3`\r\n- `libev`\r\n- `curl`\r\n- `jq`\r\n- `yq`\r\n- `mysql-client`\r\n- `postgresql-client`\r\n- `expat`\r\n- `tini`\r\n- `cqlsh`\r\n- `tctl`\r\n- `tctl-authorization-plugin`\r\n\r\n**Added tools:**\r\n\r\n- `temporal-elasticsearch-tool`\r\n\r\n`temporal` cli still exists in the admin-tools image\r\n## `temporalio/server`\r\n\r\n**Removed components:**\r\n\r\n- `temporal` CLI\r\n- `tctl` and `tctl-authorization-plugin` (both deprecated)\r\n- `dockerize`\r\n- `curl`\r\n- `bash`\r\n\r\n### `dockerize` → embedded `sprig`\r\n\r\n**Previous behavior:**\r\n\r\n- `dockerize` processed a persistent config template\r\n- The template lived in the image but could be overridden via volume mounts\r\n- `dockerize` provided `sprig` + custom helper functions\r\n- The server binary would search a set of paths for the rendered config file\r\n\r\n**New behavior:**\r\n\r\n- `sprig` templating is now built directly into the server binary\r\n- The default config template is embedded in the binary\r\n- `dockerize` is fully removed as an image dependency\r\n- `TEMPORAL_SERVER_CONFIG_FILE_PATH` is used to reference the config file. When not specified, the embedded template is processed.\r\n  - See [this PR](https://github.com/temporalio/temporal/pull/8477) for details\r\n- `# enable-template` is required at the top of the config file to enable `sprig` templating.\r\n\r\n**References:**\r\n\r\n- [Sprig documentation](https://masterminds.github.io/sprig/) for supported syntax\r\n- [The embedded default config](https://github.com/temporalio/temporal/blob/main/common/config/config_template_embedded.yaml) for the default configs that are available\r\n- [Samples Server](https://github.com/temporalio/samples-server/tree/main/compose) for examples of how to start the server with this new format\r\n\r\n## Image deprecations\r\n\r\nThe following images are deprecated and will no longer receive updates:\r\n\r\n- `temporalio/auto-setup`\r\n  - For local development, we recommend using the CLI dev server.\r\n  - See [Samples Server](https://github.com/temporalio/samples-server/tree/main/compose) for examples of how to use different persistence and visibility stores.\r\n- `temporalio/base-admin-tools`\r\n- `temporalio/base-server`\r\n- `temporalio/base-ci-builder`\r\n- `temporalio/base-builder`\r\n\r\n---\r\n\r\n# ⚠️💥 Helm Chart BREAKING CHANGES 💥⚠️\r\n\r\nDue to the Docker image breaking changes above, you must now use a minimum Helm chart version of `temporal-0.73.2`.\r\n\r\n### Configuration Options\r\n\r\n| Value | Description | Default |\r\n| --- | --- | --- |\r\n| `server.useEntrypointScript` | Use an entrypoint script that auto-detects dockerize vs sprig | `false` |\r\n| `server.configMapsToMount` | Which config template to mount: `dockerize`, `sprig`, or `both` | `dockerize` |\r\n| `server.setConfigFilePath` | Set `TEMPORAL_SERVER_CONFIG_FILE_PATH` env var (required for sprig) | `false` |\r\n\r\n### Configuration for Different Scenarios\r\n\r\n**Option 1: Support both pre-1.30 and 1.30+ images (recommended for CI/testing)**\r\n\r\n```yaml\r\nserver:\r\n  useEntrypointScript: true\r\n  configMapsToMount: \"both\"\r\n  setConfigFilePath: false\r\n```\r\n\r\n**Option 2: 1.30+ only (sprig templating)**\r\n\r\n```yaml\r\nserver:\r\n  image:\r\n    tag: \"1.30.1\" # or later\r\n  useEntrypointScript: false\r\n  configMapsToMount: \"sprig\"\r\n  setConfigFilePath: true\r\n```\r\n\r\n**Option 3: Pre-1.30 only (dockerize, deprecated)**\r\n\r\n```yaml\r\nserver:\r\n  image:\r\n    tag: \"1.29.3\" # or earlier\r\n  useEntrypointScript: false\r\n  configMapsToMount: \"dockerize\"\r\n  setConfigFilePath: false\r\n```\r\n\r\n---\r\n\r\n# ⚠️ *Behavioral / Potentially Breaking Change*\r\n\r\n### Retry behavior of `PermissionDenied` for Nexus operations\r\n\r\nThe retry behavior for `PermissionDenied` errors when scheduling a Nexus operation has been updated.\r\n\r\n- Previously, these errors were not retried. With this change, `PermissionDenied` is now considered retryable.\r\n- Impact:\r\n  - OSS users who inject their own custom Nexus registries may notice different retry patterns for `PermissionDenied` errors.\r\n- We are considering adding a dynamic config flag to control this behavior.\r\n\r\n### `metrics.Tag` interface-to-struct conversion\r\n\r\n`metrics.Tag` is changing from an interface to a concrete type, and tag `Key()` and `Value()` reader methods are being replaced with exported `Key` and `Value` fields. `metrics.Handler` methods that accept tags now only accept the concrete type.\r\n\r\nIf you build your own temporal server with a custom metrics handler `temporal.WithCustomMetricsHandler(metricsHandler)`, you need to update that handler to read `metrics.Tag` keys and values via exported `Key` and `Value` fields. If you provide a custom `metrics.Tag` interface implementation, you need to replace that implementation with a concrete `metrics.Tag`, for example by using `metrics.StringTag`.\r\n\r\n### Default `system.enableCrossNamespaceCommands` dynamic configuration value\r\n\r\n`system.enableCrossNamespaceCommands` controls if a workflow can schedule a command to start childworkflow, cancel or signal another workflow in a different namespace. This feature is deprecated and the default value changed from `true` to `false` in this release. If your workload relying on this feature, please add an explicitly dynamic config override and set the value for this key to be `true`. \r\n\r\n# ⚠️ Worker Versioning\r\n\r\n> [!WARNING] \r\n> Note — Worker Versioning users only\r\n> If you are using the Worker Deployment API `SetWorkerDeploymentCurrentVersion` and need to roll back after upgrading to v1.30.1, roll back to v1.29.3 or newer (not an older version). Rolling back to a version older than v1.29.3 after calling `SetWorkerDeploymentCurrentVersion` in v1.30.1 will cause a panic in `ListWorkerDeployments`.\r\nTo preserve this rollback safety guarantee, upgrade to v1.29.3 before upgrading to v1.30.1.\r\nIf you are not using Worker Versioning, or not rolling back, this does not apply to you.\r\n\r\n- Improved reliability and safety:\r\n  - Made APIs significantly more robust and scalable by propagating routing config to task queues asynchronously.\r\n    - **[⚠️ Behavioral Change]** In cases where you want to wait until all partitions of all task queues are aware of your latest Routing Config change (i.e., latest Current or Ramping Version) before taking an action, you must now ensure that `WorkerDeploymentInfo.RoutingConfigUpdateState == ROUTING_CONFIG_UPDATE_STATE_COMPLETED` after `SetCurrentVersion` or `SetRampingVersion` API calls complete. Previously, those APIs returned success only after that condition was true, but now propagation completes asynchronously. In general, users need not be concerned with this change, but this behavior change is being noted for awareness.\r\n  - **[⚠️ Behavioral Change]** Reject Versioning Override for versions that do not exist.\r\n  - New safety mechanism (revision number) to guarantee that auto-upgrade workflows never accidentally use an outdated version if they switch task queue partitions.\r\n- Improved observability and ease of use:\r\n  - New `TemporalUsedWorkerVersions` search attribute, which shows which Worker Deployment Versions a workflow has used during its lifetime.\r\n  - Improved accuracy and tagging of metrics.\r\n  - Improved error messages (added Worker Deployment name, Build ID, and other info to error messages where relevant).\r\n  - `WorkflowExecutionOptionsUpdated` history event now contains the identity of the client that changed the options (i.e., to set/unset a Versioning Override).\r\n- New capabilities:\r\n  - `LastCurrentTime` timestamp in version info tells you whether a version was ever promoted to Current in the past. This enables accelerated rollout of versions that have been Current in the recent past by allowing the controller to detect whether a rollout is actually a rollback.\r\n  - If a workflow is already Pinned, you can now set a Pinned Versioning Override without specifying a pinned version (easier for batch jobs setting Pinned Versioning Override on a large batch of workflows running on different versions).\r\n- Bug fixes:\r\n  - https://github.com/temporalio/temporal/pull/8706\r\n  - https://github.com/temporalio/temporal/pull/8887\r\n\r\n---\r\n## Task Queue Priority & Fairness Public Preview\r\n\r\n- Task Queue Priority and Fairness (initially introduced in `1.29`) are now in Public Preview.\r\n- To enable Priority on a task queue, namespace, or globally, set dynamic config `matching.useNewMatcher` to `true`.\r\n- To enable Fairness on a task queue, namespace, or globally, set dynamic configs `matching.useNewMatcher`, `matching.enableFairness`, and `matching.enableMigration` to `true`.\r\n\r\n**Examples:**\r\nPriority (task queue scoped)\r\n```yaml\r\nmatching.useNewMatcher:\r\n  - value: true\r\n    constraints:\r\n      namespace: \"my-namespace\"\r\n      taskQueueName: \"my-task-queue\"\r\n```\r\n\r\nFairness (task queue scoped):\r\n\r\n```yaml\r\nmatching.useNewMatcher:\r\n  - value: true\r\n    constraints:\r\n      namespace: \"my-namespace\"\r\n      taskQueueName: \"my-task-queue\"\r\nmatching.enableFairness:\r\n  - value: true\r\n    constraints:\r\n      namespace: \"my-namespace\"\r\n      taskQueueName: \"my-task-queue\"\r\nmatching.enableMigration:\r\n  - value: true\r\n    constraints:\r\n      namespace: \"my-namespace\"\r\n      taskQueueName: \"my-task-queue\"\r\n```\r\n\r\n- Changes since `1.29`:\r\n  - Fairness weight overrides can be set through the API.\r\n  - Priority metadata can be updated on existing workflows and activities through `UpdateWorkflowExecutionOptions` and `UpdateActivityOptions`. Affected tasks are rescheduled.\r\n  - The `approximate_backlog_count` metric now has a `task_priority` label.\r\n  - Polls to sticky queues are redirected to higher-priority backlog tasks on normal partitions. This is enabled by default, but can be disabled with dynamic configs `matching.priorityBacklogForwarding` and `matching.ephemeralDataUpdateInterval`.\r\n  - Fairness can be turned on for active task queues without losing tasks. Previously backlogged tasks are dispatched first. Ensure dynamic config `matching.enableMigration` is enabled before, or at the same time as, enabling fairness.\r\n  - Fairness can be configured to switch on automatically on usage of fairness keys. Enable dynamic config `matching.autoEnableV2`.\r\n\r\n\r\n\r\n## Degraded Workflow Visibility\r\n\r\n- `system.numConsecutiveWorkflowTaskProblemsToTriggerSearchAttribute` is a new dynamic config value to turn on degraded workflow visibility. Setting this to `0` turns off the feature entirely; any positive integer value becomes the number of consecutive workflow task failures needed to add the `TemporalReportedProblems` search attribute.\r\n- `TemporalReportedProblems` is a new search attribute to identify workflows that are not making progress. The search attribute is a `KeywordList` with two entries: a `cause` and a `category`. The cause is either `WorkflowTaskFailed` or `WorkflowTaskTimedOut`. If the cause is `WorkflowTaskFailed`, the category is one of the [following values](https://github.com/temporalio/api/blob/2e5751c82c13013ec7c486efb36969e56a116fe5/temporal/api/enums/v1/failed_cause.proto#L14). If the cause is `WorkflowTaskTimedOut`, the category is always `ScheduleToClose`.\r\n- See documentation [here](https://docs.temporal.io/encyclopedia/detecting-workflow-failures#detecting-workflow-task-failures)\r\n\r\n\r\n## External payloads\r\n\r\n`history.externalPayloadsEnabled` is a new dynamic config value that enables server-side support for the claim-check pattern, where payloads are stored in external storage outside of history. When enabled, the server produces the aggregate size and count of external payloads and returns `ExternalPayloadSizeBytes` and `ExternalPayloadCount` on the `DescribeWorkflowExecution` call. This feature depends on claim-check pattern support in the Temporal SDK, which is currently under development.\r\n\r\n\r\n## Visibility with OpenSearch\r\n\r\nTemporal can now run with OpenSearch 2+ as a visibility store. You only need to set up Temporal config as you would for Elasticsearch (see the provided [Elasticsearch config template](https://github.com/temporalio/temporal/blob/v1.30.0/config/development-cass-es.yaml#L14)).\r\n\r\n## Increasing the maximum number of custom search attributes\r\n\r\nYou can now change the maximum number of custom search attributes when using a SQL database as the visibility store. Previously, there was a hard-coded amount of pre-allocated fields that could be used to create custom search attributes. Now, you can change the maximum number of pre-allocated fields.\r\n\r\nExample: assuming you have the default schema provided by Temporal and you want to increase the number of `Int`-type custom search attributes from 3 to 5 and `Keyword`-type from 10 to 12, follow the steps below:\r\n\r\n1. Change your DB schema by adding the necessary columns.\r\n   1. MySQL (check the existing [schema definition](https://github.com/temporalio/temporal/blob/v1.30.0/schema/mysql/v8/visibility/schema.sql), and copy the syntax for the respective search attribute type):\r\n\r\n      ```sql\r\n      ALTER TABLE custom_search_attributes\r\n        ADD COLUMN Int04     BIGINT       GENERATED ALWAYS AS (search_attributes->\"$.Int04\"),\r\n        ADD COLUMN Int05     BIGINT       GENERATED ALWAYS AS (search_attributes->\"$.Int05\"),\r\n        ADD COLUMN Keyword11 VARCHAR(255) GENERATED ALWAYS AS (search_attributes->>\"$.Keyword11\"),\r\n        ADD COLUMN Keyword12 VARCHAR(255) GENERATED ALWAYS AS (search_attributes->>\"$.Keyword12\");\r\n\r\n      ALTER TABLE custom_search_attributes\r\n        ADD INDEX by_int_04     ON custom_search_attributes (namespace_id, Int04),\r\n        ADD INDEX by_int_05     ON custom_search_attributes (namespace_id, Int05),\r\n        ADD INDEX by_keyword_11 ON custom_search_attributes (namespace_id, Keyword11),\r\n        ADD INDEX by_keyword_12 ON custom_search_attributes (namespace_id, Keyword12);\r\n      ```\r\n\r\n   2. PostgreSQL (check the existing [schema definition](https://github.com/temporalio/temporal/blob/v1.30.0/schema/postgresql/v12/visibility/schema.sql), and copy the syntax for the respective search attribute type):\r\n\r\n      ```sql\r\n      ALTER TABLE executions_visibility\r\n        ADD COLUMN Int04     BIGINT       GENERATED ALWAYS AS ((search_attributes->'Int04')::bigint),\r\n        ADD COLUMN Int05     BIGINT       GENERATED ALWAYS AS ((search_attributes->'Int05')::bigint),\r\n        ADD COLUMN Keyword11 VARCHAR(255) GENERATED ALWAYS AS (search_attributes->>'Keyword11'),\r\n        ADD COLUMN Keyword12 VARCHAR(255) GENERATED ALWAYS AS (search_attributes->>'Keyword12');\r\n\r\n      ALTER TABLE executions_visibility\r\n        ADD INDEX by_int_04     ON executions_visibility (namespace_id, Int04,     (COALESCE(close_time, '9999-12-31 23:59:59')) DESC, start_time DESC, run_id),\r\n        ADD INDEX by_int_05     ON executions_visibility (namespace_id, Int05,     (COALESCE(close_time, '9999-12-31 23:59:59')) DESC, start_time DESC, run_id),\r\n        ADD INDEX by_keyword_11 ON executions_visibility (namespace_id, Keyword11, (COALESCE(close_time, '9999-12-31 23:59:59')) DESC, start_time DESC, run_id),\r\n        ADD INDEX by_keyword_12 ON executions_visibility (namespace_id, Keyword12, (COALESCE(close_time, '9999-12-31 23:59:59')) DESC, start_time DESC, run_id);\r\n      ```\r\n\r\n2. Modify the Temporal config file:\r\n\r\n   ```yaml\r\n   persistence:\r\n     visibilityStore: ...\r\n\r\n   visibility:\r\n     persistenceCustomSearchAttributes:\r\n       Int: 5\r\n       Keyword: 12\r\n   ```\r\n\r\n3. Restart Temporal.\r\n\r\nYou can only increase the maximum number of pre-allocated fields. Reducing the maximum number in the config is a no-op. **Do not drop columns from your database table.**\r\n\r\n## Visibility Query Converter\r\n\r\nWe are introducing a new experimental query converter to replace the existing ones. Currently, there are two query converter implementations: one for Elasticsearch, which builds the query search body; and one for SQL, which mainly validates the query. The new query converter unifies these implementations such that each Visibility Store implementation can implement the `StoreQueryConverter` interface to build its query object without needing to implement parsing and validation.\r\n\r\nThe new unified query converter is **not** 100% backward compatible with the existing query converter for Elasticsearch. In other words, if you use Elasticsearch as your visibility store, some queries might not work.\r\n\r\nIn particular, the new query converter performs stricter validation of query clauses and does not allow comparisons between a search attribute and a value of a different type. For example, the existing query converter for Elasticsearch allows comparing a `Keyword`-type search attribute with an integer (e.g., `WorkflowType = 123`), but the new query converter returns an error.\r\n\r\nSince this is still experimental, the new unified query converter is disabled by default and can be enabled by setting the dynamic config `system.visibilityEnableUnifiedQueryConverter: true`. Once the new query converter is production-ready, it will be enabled by default (projected: `v1.31.0`), and the old ones will be deprecated and removed (projected: `v1.32.0`).\r\n\r\n## Elasticsearch tool\r\n\r\nTemporal now provides an experimental `temporal-elasticsearch-tool` to manage visibility templates and indexes. The tool supports the same authentication and AWS request-signing features as the Temporal server. See the [README](https://github.com/temporalio/temporal/blob/a85623e47588be183a6df3c111b0bb781cfe2969/tools/elasticsearch/README.md) for usage details.\r\n\r\n\r\n\r\n## Internal Nexus Callback Routing\r\n\r\nThis simplifies Nexus callback configuration by introducing internal routing for worker-targeted operations, eliminating the need for callback URL templates and allowlist configuration in normal deployments.\r\n\r\n### New `useSystemCallbackURL` Toggle (`component.nexusoperations.useSystemCallbackURL`)\r\n\r\n- When enabled, worker-targeted Nexus operations use a fixed `temporal://system` callback URL instead of requiring a configured URL template\r\n- External endpoint targets continue to use template-generated URLs\r\n- Default: `false` (will change to `true` in a future release)\r\n\r\n### Automatic `temporal://system` Allowlisting\r\n\r\n- The `temporal://system` URL is now always permitted by callback address validation, regardless of configured `component.callbacks.allowedAddresses` rules\r\n- No explicit allowlist entry is needed for internal worker callbacks\r\n\r\n### Dynamic Config Examples\r\n\r\n**Before (required configuration):**\r\n\r\n```yaml\r\nsystem.enableNexus:\r\n  - value: true\r\ncomponent.nexusoperations.callback.endpoint.template:\r\n  - value: http://localhost:7233/namespaces/.NamespaceName/nexus/callback\r\ncomponent.callbacks.allowedAddresses:\r\n  - value:\r\n      - Pattern: \"*\"\r\n        AllowInsecure: true\r\n```\r\n\r\n**After (zero config for worker targets):**\r\n\r\n```yaml\r\nsystem.enableNexus:\r\n  - value: true\r\ncomponent.nexusoperations.useSystemCallbackURL:\r\n  - value: true\r\n```\r\n\r\n### Migration Notes\r\n\r\nWhen `useSystemCallbackURL` is enabled, your `HTTPCallerProvider` must route internal requests using the `Source` and `Token` headers, overriding the path to `/nexus/callback`. See `components/callbacks/request.go` for the routing implementation.\r\n\r\n---\r\n\r\n## Dynamic Config Changes\r\n\r\n### Nexus\r\n\r\n- `component.nexusoperations.limit.operation.timeout.min` has been renamed to `component.nexusoperations.limit.request.timeout.min`, and given a default value of `500ms`.\r\n- A new config, `component.nexusoperations.limit.dispatch.task.timeout.min`, has been added with a default value of `1s`. This is the minimum time remaining for a request to be dispatched to the handler worker. If the remaining request timeout is less than this value, a timeout error is returned. Working in conjunction with `MinRequestTimeout`, both configs help ensure that the server has enough time to complete a Nexus request.\r\n---\r\n\r\n# Helpful links to get you started with Temporal\r\n[Temporal Docs](https://docs.temporal.io/)\r\n[Server](https://github.com/temporalio/temporal)\r\n[Samples Server](https://github.com/temporalio/samples-server)\r\n[Helm Chart](https://github.com/temporalio/helm-charts)\r\n\r\n# Docker images\r\n[Server](https://hub.docker.com/r/temporalio/server)\r\n[Admin-Tools](https://hub.docker.com/r/temporalio/admin-tools)\r\n\r\n---\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.30.0...v1.30.1\r\n","publishedAt":"2026-03-02T22:45:48.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.30.1","media":[]},{"id":"rel_19l98oXsMlyIZ5MpdERL1","version":"v1.29.3","title":"v1.29.3","summary":"## What's changed\r\nIgnore unknown fields when decoding Worker Deployment memo for backwards compatibility after rolling back from v1.30\r\n\r\n**Full Chan...","content":"## What's changed\r\nIgnore unknown fields when decoding Worker Deployment memo for backwards compatibility after rolling back from v1.30\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.29.2...v1.29.3\r\n\r\n### Helpful links to get you started with Temporal\r\n[Temporal Docs](https://docs.temporal.io/)\r\n[Server](https://github.com/temporalio/temporal)\r\n[Docker Compose](https://github.com/temporalio/docker-compose)\r\n[Helm Chart](https://github.com/temporalio/helm-charts)\r\n\r\n### Docker images for this release (use the tag `1.29.3`)\r\n[Server](https://hub.docker.com/r/temporalio/server)\r\n[Server With Auto Setup](https://hub.docker.com/r/temporalio/auto-setup) ([what is Auto-Setup?](https://docs.temporal.io/blog/auto-setup))\r\n[Admin-Tools](https://hub.docker.com/r/temporalio/admin-tools)\r\n","publishedAt":"2026-02-04T18:17:36.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.29.3","media":[]},{"id":"rel_OUjso1OMEMJBwFJhnYG2Q","version":"v1.29.2","title":"v1.29.2","summary":"## What's Changed\r\nThis patch includes fixes for CVE-2025-14987 and CVE-2025-14986\r\n\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/com...","content":"## What's Changed\r\nThis patch includes fixes for CVE-2025-14987 and CVE-2025-14986\r\n\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.29.1...v1.29.2\r\n\r\n### Helpful links to get you started with Temporal\r\n[Temporal Docs](https://docs.temporal.io/)\r\n[Server](https://github.com/temporalio/temporal)\r\n[Docker Compose](https://github.com/temporalio/docker-compose)\r\n[Helm Chart](https://github.com/temporalio/helm-charts)\r\n\r\n### Docker images for this release\r\n[Server](https://hub.docker.com/r/temporalio/server) (use the tag 1.29.2)\r\n[Server With Auto Setup](https://hub.docker.com/r/temporalio/auto-setup) ([what is Auto-Setup?](https://docs.temporal.io/blog/auto-setup))\r\n[Admin-Tools](https://hub.docker.com/r/temporalio/admin-tools/)","publishedAt":"2025-12-30T20:07:43.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.29.2","media":[]},{"id":"rel_3XY-Lobzu2p4kkomYiMFI","version":"v1.28.2","title":"v1.28.2","summary":"## What's Changed\r\nThis patch includes fixes for CVE-2025-14987 and CVE-2025-14986 and a few other improvements\r\n\r\n\r\n**Full Changelog**: https://githu...","content":"## What's Changed\r\nThis patch includes fixes for CVE-2025-14987 and CVE-2025-14986 and a few other improvements\r\n\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.28.1...v1.28.2\r\n\r\n\r\n### Helpful links to get you started with Temporal\r\n[Temporal Docs](https://docs.temporal.io/)\r\n[Server](https://github.com/temporalio/temporal)\r\n[Docker Compose](https://github.com/temporalio/docker-compose)\r\n[Helm Chart](https://github.com/temporalio/helm-charts)\r\n\r\n### Docker images for this release\r\n[Server](https://hub.docker.com/r/temporalio/server) (use the tag 1.28.2)\r\n[Server With Auto Setup](https://hub.docker.com/r/temporalio/auto-setup) ([what is Auto-Setup?](https://docs.temporal.io/blog/auto-setup))\r\n[Admin-Tools](https://hub.docker.com/r/temporalio/admin-tools/)","publishedAt":"2025-12-30T20:05:59.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.28.2","media":[]},{"id":"rel_KVWXNscV_6Z5HHhwyRK8S","version":"v1.27.4","title":"v1.27.4","summary":"## What's Changed\r\nThis patch includes fixes for CVE-2025-14987 and CVE-2025-14986\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compa...","content":"## What's Changed\r\nThis patch includes fixes for CVE-2025-14987 and CVE-2025-14986\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.27.3...v1.27.4\r\n\r\n\r\n### Helpful links to get you started with Temporal\r\n[Temporal Docs](https://docs.temporal.io/)\r\n[Server](https://github.com/temporalio/temporal)\r\n[Docker Compose](https://github.com/temporalio/docker-compose)\r\n[Helm Chart](https://github.com/temporalio/helm-charts)\r\n\r\n### Docker images for this release\r\n[Server](https://hub.docker.com/r/temporalio/server) (use the tag 1.27.4)\r\n[Server With Auto Setup](https://hub.docker.com/r/temporalio/auto-setup) ([what is Auto-Setup?](https://docs.temporal.io/blog/auto-setup))\r\n[Admin-Tools](https://hub.docker.com/r/temporalio/admin-tools/)","publishedAt":"2025-12-30T20:03:41.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.27.4","media":[]},{"id":"rel_OyKJdlDQeXyhbOqj_To14","version":"v1.29.1","title":"v1.29.1","summary":"## Release Highlights\r\n\r\nThis patch release fixes an issue in Priority and Workflow Versioning.\r\nIt also fixes a bug in Workflow Retry for versioned w...","content":"## Release Highlights\r\n\r\nThis patch release fixes an issue in Priority and Workflow Versioning.\r\nIt also fixes a bug in Workflow Retry for versioned workflows.\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.29.0...v1.29.1\r\n\r\n### Helpful links to get you started with Temporal\r\n[Temporal Docs](https://docs.temporal.io/)\r\n[Server](https://github.com/temporalio/temporal)\r\n[Docker Compose](https://github.com/temporalio/docker-compose)\r\n[Helm Chart](https://github.com/temporalio/helm-charts)\r\n\r\n### Docker images for this release\r\n[Server](https://hub.docker.com/repository/docker/temporalio/server)\r\n[Server With Auto Setup](https://hub.docker.com/repository/docker/temporalio/auto-setup) ([what is Auto-Setup?](https://docs.temporal.io/blog/auto-setup))\r\n[Admin-Tools](https://hub.docker.com/repository/docker/temporalio/admin-tools)","publishedAt":"2025-10-29T23:47:24.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.29.1","media":[]},{"id":"rel_54zoLD-lgDeBak1EZynsG","version":"v1.29.0","title":"v1.29.0","summary":"# ⚠️💥 UPCOMING BREAKING CHANGES 💥⚠️\r\n\r\nStarting from next server release `1.30.0`, for security reasons, Temporal docker images will be slimmed down...","content":"# ⚠️💥 UPCOMING BREAKING CHANGES 💥⚠️\r\n\r\nStarting from next server release `1.30.0`, for security reasons, Temporal docker images will be slimmed down and we are taking away the binaries and packages that don’t strictly need to be included. This includes: \r\n\r\n## `temporalio/server`\r\n\r\n- `temporal` CLI - included in `admin-tools`\r\n- `tctl` and `tctl-authorization-plugin` - both are deprecated CLIs\r\n- `dockerize` - used for templating the configuration, functionality that is now inlined in the server codebase\r\n- `curl` - not part of the Temporal distribution\r\n\r\n## `temporalio/admin-tools`\r\n\r\n- `tctl` and `tctl-authorization-plugin`\r\n- `python3`\r\n- `libev`\r\n- `curl`\r\n- `jq`\r\n- `yq`\r\n- `mysql-client`\r\n- `postgresql-client`\r\n- `expat`\r\n- `tini`\r\n- `cqlsh`\r\n\r\n# Task queue fairness - pre-release\r\n\r\n**Description:**\r\n\r\nTask queue fairness allows you to control the execution order of workflows, activities, and child workflows within a single task queue by assigning fairness keys and weights. Note that priority keys take precedence over fairness assignments.\r\n\r\nFairness can be attached to workflows and activities using the latest versions of most SDKs. In order for priority to take effect on the server, you need to switch to set the dynamic config `matching.enableFairness` to `true` either on specific task queues, namespaces, or globally. \r\n\r\n⚠️ Turning the feature on/off will cause currently backlogged tasks to be lost; which can cause workflows to be stuck. This limitation will be lifted in future releases.\r\n\r\nSee more usage details here: [Temporal - Task Queue Fairness Guide (Pre-Release)](https://docs.google.com/document/d/1km6GNMnAgswiyvs6tifRvxq4StXoagGfgpe0PW5fvDI/edit?tab=t.0)\r\n\r\nRollout operational task: (schema upgrade)\r\n\r\n# Versioning improvement\r\n\r\n## Bug fixes\r\n\r\n- `RampingVersionPercentageChangedTime`  is now visible from the Routing Config and can be accessed via a `DescribeDeployment` call (https://github.com/temporalio/temporal/pull/8089)\r\n- Correct the drainage status of a deactivated version when it gets rolled back (https://github.com/temporalio/temporal/pull/8119)\r\n- Fix max deployment count check to not block new versions (https://github.com/temporalio/temporal/pull/7841)\r\n- Do not set sticky queue if a deployment transition is ongoing (https://github.com/temporalio/temporal/pull/7852)\r\n- Do not bypass task generation when version changes during a deployment transition (https://github.com/temporalio/temporal/pull/7890)\r\n- Make unsupported and deprecated Deployment API’s return Unimplemented error (https://github.com/temporalio/temporal/pull/8009)\r\n- Update DeploymentName from Override and fix batch UpdateOptions serialization bug (https://github.com/temporalio/temporal/pull/7910)\r\n\r\n## Improvements\r\n\r\n- Queries on drained + poller-less version to respond with descriptive error message (https://github.com/temporalio/temporal/pull/7946)\r\n- SetWorkerDeploymentManager: Help coordinate multiple tenant writes to the k8s worker controller without overwriting each others changes (https://github.com/temporalio/temporal/pull/8278)\r\n- Allow people to revert a task queue back to the un-versioned state without needing to set a 0% ramped non-nil Ramping Version (https://github.com/temporalio/temporal/pull/8172)\r\n- Allow users to be able to opt-in to activating versions that have not yet had any pollers (https://github.com/temporalio/temporal/pull/8254)\r\n\r\nCloud rollout operational task: \r\n\r\n# Task queue config\r\n\r\nDescription: \r\n\r\nTask queues can be now configured via the new `UpdateTaskQueueConfig` endpoint. It allows configuring (1) the queue’s maximum requests per second and (2) default maximum requests per second for fairness keys (feature is in pre-release). For example, using the [Temporal CLI](https://docs.temporal.io/cli) 1.5.0 or later:\r\n\r\n```bash\r\ntemporal task-queue config set --task-queue foo --task-queue-type bar --queue-rate-limit 100 --queue-rate-limit-reason \"throttling\"\r\n```\r\n\r\nNote that the rate limit for the task queue from the API takes precedence over the rate limit set via the worker’s `TaskQueueActivitiesPerSecond` option. If the API rate limit is unset again, it will fall back to the worker’s rate limit again, if set. Otherwise the system’s default limit is applied.\r\n\r\n# Authorizer\r\n\r\n**Description:** Added a new dynamic config (`frontend.exposeAuthorizerErrors`) to control whether the frontend authorization interceptor should propagate errors returned by the `Authorizer` component as-is or wrap them with a `PermissionDenied` service error. Default is `false`, meaning all errors will be wrapped with `PermissionDenied`, which matches current behavior to avoid breaking any custom `Authorizer` implementers.\r\n\r\n# Eager workflow start public release (on by default)\r\n\r\n**Description:** Eager workflow start is a latency optimization for worker and a starter a colocated in the same process. If the starter (client) requests eager execution, and a worker slot is available, the client will request the server to start the workflow eagerly. If permitted (the dynamic\r\nconfig is on, and there's no start delay), the first workflow task will be returned inline to be processed by the colocated worker.\r\n\r\nThis feature is now on by default and the `EagerExecutionAccepted` flag has been added to `WorkflowExecutionStartedEventAttributes` for debugging purposes (https://github.com/temporalio/temporal/pull/8056)\r\n\r\nTo turn this feature off set the dynamic config `system.enableEagerWorkflowStart` to `false`.\r\n\r\n# Activity and workflow metrics changes\r\n\r\n**Description:** A number of activity and workflow metrics were added and `activity_e2e_latency` has been deprecated. ([#8196](https://github.com/temporalio/temporal/pull/8196), [#8185](https://github.com/temporalio/temporal/pull/8185))\r\n\r\n**Deprecated Metrics**\r\n\r\n- `activity_e2e_latency` → Deprecated, replaced with better named activity_start_to_close_latency\r\n\r\n**New Metrics**\r\n\r\n- `activity_start_to_close_latency`: Per attempt latency from activity start to close\r\n- `activity_schedule_to_close_latency`: End-to-end duration, including retries and backoff.\r\n- `activity_success`: Number of succeeded activities\r\n- `activity_fail`: Number of final failures for activities\r\n- `activity_timeout`: Incremented on the final activity timeout tagged by `timeout_type`\r\n- `activity_task_fail`: Failures for activities including retries\r\n- `activity_task_timeout`: Number of activity attempt timeouts, tagged by `timeout_type`.\r\n- `activity_cancel`**:** Number of canceled activities\r\n- `workflow_duration`**:** End to end latency of workflow\r\n\r\n# Batch operation improvement\r\n\r\n**Description:** Removed the internal `BatchParams` go struct in favor of a protobuf struct for safer serialization. Optimized the batch operation processing with proactive page fetching, removing the worker wait for new pages to be completed. (https://github.com/temporalio/temporal/pull/8144, https://github.com/temporalio/temporal/pull/8081).\r\n\r\n## Batch Activity Reset and Update Options\r\n\r\nDescription: Support activity reset and update-options on the server side. (https://github.com/temporalio/temporal/pull/8061)\r\n\r\n# Nexus\r\n\r\n**Description:**\r\n\r\n- Fixed a bug where the standby outbound task executor could sometimes return a `NamespaceNotActive` error.\r\n- Fixed a data race in Nexus disallowed headers dynamic config.\r\n- All remote frontend HTTP calls will always attempt to use HTTP2 by default.\r\n- Changed the default to true for dynamic config `component.nexusoperations.recordCancelRequestCompletionEvents` . This config will be removed in a future release.\r\n- Fixed a bug for forwarded Nexus operation completion HTTP requests that contained a failure. The failure will now be reconstructed instead of reusing the original HTTP request body.\r\n- Added logic to forward Nexus HTTP requests using the same dispatch type (by endpoint or by namespace+task queue) as the original request. This behavior is behind a dynamic config, `frontend.nexusForwardRequestUseEndpointDispatch`, because endpoints currently do not support replication and therefore forwarding requests by endpoint will not work out of the box.\r\n- The original HTTP request headers will now be passed through as-is, without sanitization, for forwarded requests.\r\n- Bug fix: a new workflow task will be generated for `NexusOperationCancelRequestCompleted|Failed` events.\r\n\r\n# Visibility\r\n\r\n**Description:** `ScanWorkflowExecutions` has been removed from Visibility. The API is still available, but it simply calls `ListWorkflowExecutions`.\r\n\r\n# Worker Insights\r\n\r\n**Description:** Worker insights is an umbrella project that addresses the operational complexities and toil of worker management (tuning performance knobs, scaling workers). Our end goal is to automate this process for our users. As a first step, this release adds the capability to propagate the worker state (configuration + SDK metrics) to the server via a heartbeat mechanism.  This state is stored in-memory on the matching servers, and can be queried by the user.\r\n\r\nTo achieve this, this release introduces 3 APIs:\r\n\r\n1. RecordWorkerHeartbeat: To send heartbeat to the matching service. Used by SDK.\r\n2. ListWorkers: To query the state of 1 or more workers that match a predicate. \r\n3. DescribeWorker: To query the state of a specific worker.\r\n\r\nThese APIs are disabled by default.\r\n\r\nFlags are: `frontend.WorkerHeartbeatsEnabled` and `frontend.ListWorkersEnabled`.\r\n\r\n### Helpful links to get you started with Temporal\r\n\r\n[Temporal Docs](https://docs.temporal.io/)\r\n[Server](https://github.com/temporalio/temporal)\r\n[Docker Compose](https://github.com/temporalio/docker-compose)\r\n[Helm Chart](https://github.com/temporalio/helm-charts)\r\n\r\n### Docker images for this release (use the tag `1.29.0`)\r\n\r\n[Server](https://hub.docker.com/r/temporalio/server)\r\n[Server With Auto Setup](https://hub.docker.com/r/temporalio/auto-setup) ([what is Auto-Setup?](https://docs.temporal.io/blog/auto-setup))\r\n[Admin-Tools](https://hub.docker.com/r/temporalio/admin-tools)\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.28.1...v1.29.0\r\n","publishedAt":"2025-10-03T17:33:49.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.29.0","media":[]},{"id":"rel_1p7IJUrM1EavTMGv9azHx","version":"v1.26.3","title":"v1.26.3","summary":"## Release Highlights\r\n* Limit the number of parts allowed for auth token by @picatz in https://github.com/temporalio/temporal/pull/8122\r\n\r\n### Helpfu...","content":"## Release Highlights\r\n* Limit the number of parts allowed for auth token by @picatz in https://github.com/temporalio/temporal/pull/8122\r\n\r\n### Helpful links to get you started with Temporal\r\n[Temporal Docs](https://docs.temporal.io/)\r\n[Server](https://github.com/temporalio/temporal)\r\n[Docker Compose](https://github.com/temporalio/docker-compose)\r\n[Helm Chart](https://github.com/temporalio/helm-charts)\r\n\r\n### Docker images for this release (use the tag `1.26.3`)\r\n[Server](https://hub.docker.com/repository/docker/temporalio/server)\r\n[Server With Auto Setup](https://hub.docker.com/repository/docker/temporalio/auto-setup) ([what is Auto-Setup?](https://docs.temporal.io/blog/auto-setup))\r\n[Admin-Tools](https://hub.docker.com/repository/docker/temporalio/admin-tools)\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.26.2...v1.26.3\r\n","publishedAt":"2025-08-20T22:30:29.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.26.3","media":[]},{"id":"rel_zFqKwXgIug4-kJVF5sugf","version":"v1.27.3","title":"v1.27.3","summary":"## Release Highlights\r\n* Limit the number of parts allowed for auth token by @picatz in https://github.com/temporalio/temporal/pull/8122\r\n\r\n### Helpfu...","content":"## Release Highlights\r\n* Limit the number of parts allowed for auth token by @picatz in https://github.com/temporalio/temporal/pull/8122\r\n\r\n### Helpful links to get you started with Temporal\r\n[Temporal Docs](https://docs.temporal.io/)\r\n[Server](https://github.com/temporalio/temporal)\r\n[Docker Compose](https://github.com/temporalio/docker-compose)\r\n[Helm Chart](https://github.com/temporalio/helm-charts)\r\n\r\n### Docker images for this release (use the tag `1.27.3`)\r\n[Server](https://hub.docker.com/repository/docker/temporalio/server)\r\n[Server With Auto Setup](https://hub.docker.com/repository/docker/temporalio/auto-setup) ([what is Auto-Setup?](https://docs.temporal.io/blog/auto-setup))\r\n[Admin-Tools](https://hub.docker.com/repository/docker/temporalio/admin-tools)\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.27.2...v1.27.3\r\n","publishedAt":"2025-08-20T22:29:48.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.27.3","media":[]},{"id":"rel_N5PaYzzubyekbN4ao6zxg","version":"v1.28.1","title":"v1.28.1","summary":"This patch release fixes a few Workflow Update, Worker Deployment, Scheduler, Matching, and security bugs.\r\n\r\n### Helpful links to get you started wit...","content":"This patch release fixes a few Workflow Update, Worker Deployment, Scheduler, Matching, and security bugs.\r\n\r\n### Helpful links to get you started with Temporal\r\n[Temporal Docs](https://docs.temporal.io/)\r\n[Server](https://github.com/temporalio/temporal)\r\n[Docker Compose](https://github.com/temporalio/docker-compose)\r\n[Helm Chart](https://github.com/temporalio/helm-charts)\r\n\r\n### Docker images for this release (use the tag `1.28.1`)\r\n[Server](https://hub.docker.com/repository/docker/temporalio/server)\r\n[Server With Auto Setup](https://hub.docker.com/repository/docker/temporalio/auto-setup) ([what is Auto-Setup?](https://docs.temporal.io/blog/auto-setup))\r\n[Admin-Tools](https://hub.docker.com/repository/docker/temporalio/admin-tools)\r\n\r\n**Full Changelog**: https://github.com/temporalio/temporal/compare/v1.28.0...v1.28.1\r\n","publishedAt":"2025-08-06T19:12:26.000Z","url":"https://github.com/temporalio/temporal/releases/tag/v1.28.1","media":[]}],"pagination":{"page":1,"pageSize":20,"totalPages":5,"totalItems":100},"summaries":{"rolling":{"windowDays":90,"summary":"Temporal Server shipped security fixes across all supported versions, with the most critical being a medium-severity authorization vulnerability in replicated deployments that requires opting out via `system.disableStreamingAuthorizer` if affected. The v1.30.x line continued maturing worker versioning with upgrade-on-continue-as-new entering public preview, allowing pinned workflows to detect and upgrade to new worker versions, while v1.30.1 introduced breaking changes to Docker images by removing bash, curl, deprecated CLI tools, and other unnecessary binaries for a slimmer security posture—a shift that required careful migration planning for users relying on those utilities in containers.","releaseCount":12,"generatedAt":"2026-04-11T14:01:20.469Z"},"monthly":[{"year":2026,"month":3,"summary":"Temporal Server's March focus split between worker versioning capabilities and security hardening. The 1.30.2 release shipped Upgrade-on-Continue-as-New in public preview, letting pinned long-running workflows automatically detect and upgrade to new worker versions, alongside fixes for task queueing metrics and archived workflow retrieval. Earlier releases addressed dependency CVEs across supported versions, and 1.30.1 introduced breaking Docker image changes—removing bash, curl, Python, and deprecated tools from admin-tools and server images for security, while embedding sprig to replace dockerize's template processing.","releaseCount":6,"generatedAt":"2026-04-11T14:01:23.156Z"}]}}