v7.11

Release Notes

This update provides important bug fixes and improvements.

Canvas Connect

New Features

• PingPong will now save the (iss, sub) pair as an external login based on the OIDC claim provided by the LTI platform during launch. This change allows PingPong to match users across launches even when their email address changes.
• The new External Login providers will not be selectable by LTI admins when setting up new LTI connections.

Updates & Improvements

• Canvas Connect setup pages now advertise support options based on the pre-configured support settings displayed in About.
• Improved data sharing between Canvas Connect setup pages to minimize API calls.

Thread Exports

Resolved Issues

• Fixed: Thread Exports may fail because when exporting threads including assistants with the "Record User Name" option enabled.
• Fixed: Thread Exports show the current assistant prompt instead of the recorded thread prompt.

Voice Mode

Resolved Issues

• Fixed: In some cases, typically when the "Assistant Should Message First" option is enabled for an assistant, the server may attempt to write an empty user message in the transcript.

Internal

New Features

• Adds new get_by_email_external_logins_priority class method in Users table to replace get_by_email_sso and accounts_to_merge. The new method returns the best match user based on a ranked list of External Logins, along with the list of all matching user ids, which replaces the accounts_to_merge functionality.

Updates & Improvements

• Use the new dictionary-style syntax for accessing request state, which was introduced in Starlette 0.52.0.
• Decrease the number of new External Login records created by moving the existing External Login records to the new user ID.
• The worktree folder name in create-worktree.sh now follows the same naming sanitization as the DB names to prevent branch names such as username/feat/commit creating nested folders.
• models.ExternalLogin.create_or_update no longer enforces a check that only one ExternalLogin for a single provider per user. This change is required because a user might be part of more than one LTI instances that provide OIDC claims by the same issuer.
• Removed unused /lti/sso/providers endpoint. The client currently uses /lti/public/sso/providers.
• Dependency upgrades.

Deployment Information

Schema Upgrade	Migration Script	Permissions Update	Task Definition Update	Configuration Update
YES	No	No	No	No

Deployment Details

• Schema Upgrade:
  • Add indexes to external_login_providers
  • Add internal_only in ExternalLoginProvider

Related PRs

• deps(web): bump dotenv from 17.2.3 to 17.2.4 in /web/pingpong in the production-dependencies group by @dependabot[bot] in #1364
• deps(py): bump the production-dependencies group with 5 updates by @dependabot[bot] in #1365
• feat: refactor session management and state handling by @ekassos in #1366
• feat: lookup users by email and multiple external logins by @ekassos in #1367
• change: move external logins to new user instead of creating new one by @ekassos in #1368
• fix(exports): missing User fields & prompt consistency by @ekassos in #1369
• fix(voice): handle empty transcripts by @ekassos in #1370
• change(worktree-scripts): sanitize worktree folder name by @ekassos in #1371
• feat(lti): add support information at the bottom of the setup page by @ekassos in #1372
• feat(lti): save LTI claim subject as external login by @ekassos in #1377
• deps(py): bump the production-dependencies group with 2 updates by @dependabot[bot] in #1376
• deps(web-dev): bump svelte from 5.49.2 to 5.50.0 in /web/pingpong in the development-dependencies group by @dependabot[bot] in #1375
• deps(gha)/ bump the github-actions group with 2 updates by @dependabot[bot] in #1374
• deps(web): bump tldts from 7.0.22 to 7.0.23 in /web/pingpong in the production-dependencies group by @dependabot[bot] in #1373
• fix: upgrade existing ix_external_login_providers_name by @ekassos in #1378

Full Changelog: 995-srv506-web337...1007-srv515-web341