diff --git a/source/administration-guide/configure/environment-configuration-settings.rst b/source/administration-guide/configure/environment-configuration-settings.rst index 681a1573cc3..e3a47df768d 100644 --- a/source/administration-guide/configure/environment-configuration-settings.rst +++ b/source/administration-guide/configure/environment-configuration-settings.rst @@ -833,13 +833,31 @@ Maximum idle connections Query timeout ~~~~~~~~~~~~~ -+--------------------------------------------------------+-------------------------------------------------------------------------+ -| The amount of time to wait, in seconds, for a response | - System Config path: **Environment > Database** | ++--------------------------------------------------------+----------------------------------------------------------------------------------+ +| The amount of time to wait, in seconds, for a response | - System Config path: **Environment > Database** | | from the database after opening a connection and | - ``config.json`` setting: ``SqlSettings`` > ``QueryTimeout`` > ``30`` | -| sending the query. | - Environment variable: ``MM_SQLSETTINGS_QUERYTIMEOUT`` | -| | | -| Numerical input in seconds. Default is **30** seconds. | | -+--------------------------------------------------------+-------------------------------------------------------------------------+ +| sending the query. | - Environment variable: ``MM_SQLSETTINGS_QUERYTIMEOUT`` | +| | | +| Numerical input in seconds. Default is **30** seconds. | | ++--------------------------------------------------------+----------------------------------------------------------------------------------+ + +.. config:setting:: analytics-query-timeout + :displayname: Analytics Query timeout (Database) + :systemconsole: Environment > Database + :configjson: .SqlSettings.AnalyticsQueryTimeout + :environment: MM_SQLSETTINGS_ANALYTICSQUERYTIMEOUT + :description: The number of seconds to wait for a response from the database after opening a connection and sending certain analytics queries. This setting only applies to long queries which are run in the background to populate some information in the Team and Site Statistics pages. Default is **300** seconds. + +Analytics query timeout +~~~~~~~~~~~~~~~~~~~~~~~ + ++--------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------+ +| The number of seconds to wait for a response from the database after opening a connection | - ``config.json`` setting: ``SqlSettings`` > ``AnalyticsQueryTimeout`` > ``300`` | +| and sending certain analytics queries. This setting only applies to long queries which are | - System Config path: **Environment > Database** | +| run in the background to populate some information in the Team and Site Statistics pages. | - Environment variable: ``MM_SQLSETTINGS_ANALYTICSQUERYTIMEOUT`` | +| | | +| Numerical input in seconds. Default is **300** seconds. | | ++--------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------+ .. config:setting:: maximum-connection-lifetime :displayname: Maximum connection lifetime (Database) diff --git a/source/administration-guide/configure/system-attributes.rst b/source/administration-guide/configure/system-attributes.rst index 4b41fa8d91d..080043cdca0 100644 --- a/source/administration-guide/configure/system-attributes.rst +++ b/source/administration-guide/configure/system-attributes.rst @@ -10,6 +10,6 @@ Review and manage the following system attributes configuration options in the S You can define, manage, and enforce specific attributes, including: -- **Custom attributes for user profiles**: Display details such as job titles, departments, or other metadata, on user profiles that align with your organizational structures and workflows. Learn more about :doc:`managing custom user profile attributes `. API responses for custom profile attributes return default visibility and sort order when those values are missing. +- **User attributes**: Display details such as job titles, departments, or other metadata, on user profiles that align with your organizational structures and workflows. Learn more about :doc:`managing user attributes `. API responses for user attributes return default visibility and sort order when those values are missing. - **Granular access controls based on user attributes**: Ensure users have access to only the resources and functionality relevant to their roles, bolstering security and compliance across the organization. Learn more about :doc:`managing access based on user attributes `. - **Control user-managed attributes in attribute-based access control (ABAC)**: From Mattermost v10.11 (Enterprise Edition Advanced), user-managed attributes are excluded from ABAC rules by default to prevent unauthorized access. System admins can enable them with a configuration setting. Learn more about enabling user-managed attributes in ABAC rules in the :ref:`User Attributes documentation `. diff --git a/source/administration-guide/manage/admin/user-attributes.rst b/source/administration-guide/manage/admin/user-attributes.rst index cfb4a41aaf7..d8c881d60c2 100644 --- a/source/administration-guide/manage/admin/user-attributes.rst +++ b/source/administration-guide/manage/admin/user-attributes.rst @@ -11,7 +11,7 @@ System attributes enable you to customize user profile attributes to match your From Mattermost v11, you have enhanced control over these user attributes through admin-managed vs user-editable settings. By default, attributes are admin-managed for security, but you can explicitly allow user editing for specific attributes that don't impact access control or sensitive organizational data. These user attributes supplement existing user details visible from the user's profile picture. .. image:: ../../../images/cpa-properties.png - :alt: Mobile examples of a user profile with custom user attributes added as system attributes. + :alt: Mobile examples of a user profile with user attributes added as system attributes. Before you begin ----------------- @@ -126,11 +126,11 @@ Manage attributes - **Delete**: Delete attributes you no longer need or want by selecting **More** |more-icon| and selecting **Delete property**. .. note:: - When updating custom profile attributes via API or automation, the ``attrs`` object replaces existing attribute settings rather than merging. If you send only visibility, the sort order resets to ``0`` unless you include ``sort_order`` in the same request. If a patch fails, the API may return the error string "Unable to patch Custom Profile Attribute field". + When updating user attributes via API or automation, the ``attrs`` object replaces existing attribute settings rather than merging. If you send only visibility, the sort order resets to ``0`` unless you include ``sort_order`` in the same request. If a patch fails, the API may return the error string "Unable to patch User Attribute field". - **User Edit Permissions**: From Mattermost v11, all user attributes are admin-managed by default for enhanced security. To allow user editing for specific attributes, administrators can enable this through the **More** |more-icon| menu and selecting **Allow user editing**. This should only be enabled for attributes that do not impact security access controls or organizational policies. Attributes used in ABAC policies should remain admin-managed unless there's a specific business need and the security implications are fully understood. -- **Edit User Attribute Values**: From Mattermost v11.1, you can view and update custom profile attribute values for individual users through the System Console. See the :ref:`Manage user attributes ` documentation for details. +- **Edit User Attribute Values**: From Mattermost v11.1, you can view and update user attribute values for individual users through the System Console. See the :ref:`Manage user attributes ` documentation for details. In cases where multiple system admins manage system attributes, refresh your web browser instance to see real-time updates to system attributes made by other admins. diff --git a/source/administration-guide/manage/mmctl-command-line-tool.rst b/source/administration-guide/manage/mmctl-command-line-tool.rst index 16a340423e1..e4aafabec55 100644 --- a/source/administration-guide/manage/mmctl-command-line-tool.rst +++ b/source/administration-guide/manage/mmctl-command-line-tool.rst @@ -30,7 +30,7 @@ mmctl commands - `mmctl bot`_ - Bot Management - `mmctl channel`_ - Channel Management - `mmctl command`_ - Command Management -- `mmctl cpa`_ - Custom Profile Attribute Management +- `mmctl cpa`_ - User Attribute Management - `mmctl completion`_ - Generate autocompletion scripts for bash, fish, powershell, and zsh - `mmctl compliance-export`_ - Compliance Export Management - `mmctl config`_ - Configuration Management @@ -2013,7 +2013,7 @@ mmctl cpa Manage User Attributes for extended user profile information. Child Commands - - `mmctl cpa field`_ - Manage CPA fields + - `mmctl cpa field`_ - Manage User Attribute fields **Options** @@ -2026,13 +2026,13 @@ mmctl cpa field **Description** -Manage Custom Profile Attribute fields. +Manage User Attribute fields. Child Commands - - `mmctl cpa field create`_ - Create a new CPA field - - `mmctl cpa field delete`_ - Delete a CPA field - - `mmctl cpa field edit`_ - Edit a CPA field - - `mmctl cpa field list`_ - List CPA fields + - `mmctl cpa field create`_ - Create a new User Attribute field + - `mmctl cpa field delete`_ - Delete a User Attribute field + - `mmctl cpa field edit`_ - Edit a User Attribute field + - `mmctl cpa field list`_ - List User Attribute fields **Options** @@ -2045,7 +2045,7 @@ mmctl cpa field create **Description** -Create a new Custom Profile Attribute field. +Create a new User Attribute field. **Format** @@ -2088,7 +2088,7 @@ mmctl cpa field delete **Description** -Delete an existing Custom Profile Attribute field. +Delete an existing User Attribute field. **Format** @@ -2129,7 +2129,7 @@ mmctl cpa field edit **Description** -Edit an existing Custom Profile Attribute field. +Edit an existing User Attribute field. **Format** @@ -2174,7 +2174,7 @@ mmctl cpa field list **Description** -List all Custom Profile Attribute fields. +List all User Attribute fields. **Format** diff --git a/source/administration-guide/scale/common-configure-mattermost-for-enterprise-search.rst b/source/administration-guide/scale/common-configure-mattermost-for-enterprise-search.rst index 7222c77b90f..0cf16c7d63d 100644 --- a/source/administration-guide/scale/common-configure-mattermost-for-enterprise-search.rst +++ b/source/administration-guide/scale/common-configure-mattermost-for-enterprise-search.rst @@ -40,7 +40,7 @@ Set **Enable Elasticsearch for search queries** to ``true``, and setting **Enabl .. warning:: - For high post volume deployments, we also strongly recommend *disabling* Database Search once Elasticsearch or AWS OpenSearch is fully configured and running. The Mattermost Server will fall back on Database search if ElasticSearch or OpenSearch are unavailable which can lead to performance degradation on high post volume deployments. + For high post volume deployments, we also strongly recommend *disabling* Database Search once Elasticsearch or AWS OpenSearch is fully configured and running. The Mattermost Server will fall back on Database search if Elasticsearch or OpenSearch are unavailable, which can lead to performance degradation on high post volume deployments. From Mattermost v11.7, the server proactively detects outages through periodic health checks and falls back to database search on the first health check failure, rather than waiting for requests to time out. See the :ref:`outage handling FAQ ` for details. Once the configuration is saved, new posts made to the database are automatically indexed on the Elasticsearch or AWS OpenSearch server. diff --git a/source/administration-guide/scale/enterprise-search.rst b/source/administration-guide/scale/enterprise-search.rst index b239b2cfff4..49109a638f8 100644 --- a/source/administration-guide/scale/enterprise-search.rst +++ b/source/administration-guide/scale/enterprise-search.rst @@ -129,6 +129,49 @@ From Mattermost v11, :doc:`Support Packet generation ` for search engine outages. See :doc:`performance monitoring metrics ` for details. + +During an outage, you may see the following log messages: + +.. list-table:: + :widths: 15 45 40 + :header-rows: 1 + + * - Level + - Log message + - Meaning + * - Error + - ``Search engine health check failed repeatedly; stopping engine`` + - The failure threshold was reached and the engine has been stopped. Search falls back to the database. + * - Warn + - ``Search engine health check failed`` + - An individual health check failed. Includes a ``consecutive_failures`` count. + * - Warn + - ``Search engine health check failed: it is now marked as unhealthy`` + - A previously healthy engine failed a health check and has been marked unhealthy. Search requests will fall back to the database immediately. + * - Warn + - ``Search engine watcher: Start() failed, will retry`` + - A reconnection attempt failed. Includes a ``next_backoff`` field indicating the time until the next retry. + * - Info + - ``Search engine health check succeeded: it is now marked as healthy`` + - The engine passed a health check after being unhealthy and is now handling search requests again. + * - Info + - ``Search engine watcher: engine started successfully`` + - The engine has recovered and is active again. + * - Info + - ``Search engine watcher: engine disabled, parking`` + - The health monitor is idle because the search engine is disabled in configuration. + My search indexes won't complete, what should I do? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/source/administration-guide/scale/performance-monitoring-metrics.rst b/source/administration-guide/scale/performance-monitoring-metrics.rst index dda3ceb64f2..14e89995d2a 100644 --- a/source/administration-guide/scale/performance-monitoring-metrics.rst +++ b/source/administration-guide/scale/performance-monitoring-metrics.rst @@ -118,6 +118,7 @@ Search metrics - ``mattermost_search_post_index_total``: The total number of posts indexes carried out. - ``mattermost_search_posts_searches_total``: The total number of post searches carried out. - ``mattermost_search_user_index_total``: The total number of user indexes carried out. +- ``mattermost_search_engine_status``: Status of the configured search engine: ``1`` = healthy or not configured, ``0`` = configured but unavailable. Use this metric to set up alerts for search engine outages. WebSocket metrics ~~~~~~~~~~~~~~~~~ diff --git a/source/administration-guide/upgrade/important-upgrade-notes.rst b/source/administration-guide/upgrade/important-upgrade-notes.rst index 8de7599d792..9089cb64544 100644 --- a/source/administration-guide/upgrade/important-upgrade-notes.rst +++ b/source/administration-guide/upgrade/important-upgrade-notes.rst @@ -12,6 +12,142 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes> | If you're upgrading | Then... | | from a version earlier than... | | +====================================================+==================================================================================================================================================================+ +| v11.7 | FIPS builds require a minimum of 14 characters for passwords, atmos/camo proxy configuration, and shared channel secrets. Shorter passwords for existing users | +| | will no longer be valid and require a password reset. Non-FIPS builds are unaffected. | +| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| | Added a new partial unique index (``idx_accesscontrolpolicies_name_type``) to the ``AccessControlPolicies`` table on (Name, Type) filtered to | +| | ``WHERE Type = 'parent'``. Before creating the index, duplicate parent policy names are resolved by appending the policy ID to all but the oldest entry. This | +| | enforces uniqueness of parent policy names and prevents future duplicates from being created. The migration takes < 1 second. The migration targets | +| | ``AccessControlPolicies``, not posts or reactions. For deployments where ``AttributeBasedAccessControl`` was not enabled, the table will be empty and the | +| | migration completes in under a second. For deployments where the flag was enabled, the number of parent policies is expected to remain small, so timing is | +| | still negligible. The ``CREATE UNIQUE INDEX`` (non-concurrent) takes a ``SHARE`` lock on ``AccessControlPolicies``, blocking concurrent ``INSERT/UPDATE/DELETE`` | +| | for the duration of the index build. The ``UPDATE`` (deduplication) takes a ``ROW EXCLUSIVE`` lock on the same table. For most self-hosted deployments, the | +| | ``AttributeBasedAccessControl`` feature flag will not have been enabled, so the table will be empty and both operations complete in milliseconds. For Cloud or | +| | early-access deployments where the feature flag was enabled, the table may contain data, but the number of parent policies is expected to be small, so the lock | +| | window remains short. The ``CREATE UNIQUE INDEX`` (non-concurrent) takes a brief ``SHARE`` lock on ``AccessControlPolicies``. For deployments where | +| | ``AttributeBasedAccessControl`` was not enabled, the table is empty and the lock is negligible. For deployments where the flag was enabled, the number of | +| | parent policies is expected to be small, so the lock window remains short in either case. The migrations are fully backwards-compatible and no database downtime | +| | is expected for this upgrade. The SQL queries included are: | +| | | +| | .. code-block:: sql | +| | | +| | -- PostgreSQL only (MySQL not supported in v11+): | +| | -- Deduplicate parent policy names before adding unique constraint. | +| | -- The oldest policy (by CreateAt) keeps its original name; duplicates get ' ()' appended. | +| | UPDATE AccessControlPolicies AS p | +| | SET Name = LEFT(p.Name, 128 - LENGTH(' (' || p.ID || ')')) || ' (' || p.ID || ')' | +| | FROM ( | +| | SELECT ID, Name, ROW_NUMBER() OVER (PARTITION BY Name ORDER BY CreateAt ASC) AS rn | +| | FROM AccessControlPolicies | +| | WHERE Type = 'parent' | +| | ) AS dupes | +| | WHERE p.ID = dupes.ID | +| | AND dupes.rn > 1; | +| | | +| | CREATE UNIQUE INDEX IF NOT EXISTS idx_accesscontrolpolicies_name_type | +| | ON AccessControlPolicies (Name, Type) | +| | WHERE Type = 'parent'; | +| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| | The ``PropertyFields`` table is modified. Two new nullable columns, ``CreatedBy`` and ``UpdatedBy``, are added to track which user created and last modified | +| | each field. A new ``ObjectType`` column is added with a ``NOT NULL`` constraint and an empty string default, to discriminate between legacy and typed property | +| | fields. A new ``Protected`` boolean column is added with a default of ``FALSE``, along with three new columns (``PermissionField``, ``PermissionValues``, | +| | ``PermissionOptions``) using a new ``permission_level`` enum type with values none, sysadmin, and member. The existing unique index ``idx_propertyfields_unique``| +| | on (GroupID, TargetID, Name) is dropped and replaced by two new partial unique indexes: ``idx_propertyfields_unique_legacy`` which covers legacy rows where | +| | ``ObjectType = ''`` and ``idx_propertyfields_unique_typed`` which covers typed rows where ``ObjectType != ''``, indexing (``ObjectType``, ``GroupID``, | +| | ``TargetType``, ``TargetID``, ``Name``). | +| | | +| | The ``PropertyValues`` table is modified. Two new nullable columns, ``CreatedBy`` and ``UpdatedBy``, are added, matching | +| | the same tracking columns on ``PropertyFields``. | +| | | +| | A new ``Views`` table is created. A new index ``idx_views_channel_id_delete_at`` on (``ChannelId``, ``DeleteAt``) is created for this table. | +| | | +| | Migrations 160, 161, and 165 use ``ALTER TABLE ADD COLUMN``, which briefly acquires a lock, but this is instant | +| | (metadata-only) on PostgreSQL 11+. All other migrations, including index creation and deletion, use CONCURRENTLY and are lock-free. All locks are instant | +| | metadata operations and all index operations use CONCURRENTLY. These eight migrations are safe for zero-downtime deployment. They only affect low-row-count | +| | tables (``PropertyFields``, ``PropertyValues``) and create a new empty table (``Views``), with no full-table data modifications, no column type changes, and | +| | minimal I/O from concurrent index operations. The migrations are fully backwards-compatible and no database downtime is expected for this upgrade. The SQL | +| | queries included are: | +| | | +| | .. code-block:: sql | +| | | +| | --- 160 | +| | ALTER TABLE PropertyFields | +| | ADD COLUMN IF NOT EXISTS CreatedBy varchar(26), | +| | ADD COLUMN IF NOT EXISTS UpdatedBy varchar(26); | +| | | +| | ALTER TABLE PropertyValues | +| | ADD COLUMN IF NOT EXISTS CreatedBy varchar(26), | +| | ADD COLUMN IF NOT EXISTS UpdatedBy varchar(26); | +| | | +| | --- 161 | +| | ALTER TABLE PropertyFields ADD COLUMN IF NOT EXISTS ObjectType varchar(255) NOT NULL DEFAULT ''; | +| | | +| | --- 162 | +| | DROP INDEX CONCURRENTLY IF EXISTS idx_propertyfields_unique; | +| | | +| | --- 163 | +| | CREATE UNIQUE INDEX CONCURRENTLY IF NOT EXISTS idx_propertyfields_unique_legacy | +| | ON PropertyFields (GroupID, TargetID, Name) | +| | WHERE DeleteAt = 0 AND ObjectType = ''; | +| | | +| | --- 164 | +| | CREATE UNIQUE INDEX CONCURRENTLY IF NOT EXISTS idx_propertyfields_unique_typed | +| | ON PropertyFields (ObjectType, GroupID, TargetType, TargetID, Name) | +| | WHERE DeleteAt = 0 AND ObjectType != ''; | +| | | +| | --- 165 | +| | DO $$ | +| | BEGIN | +| | IF NOT EXISTS (SELECT * FROM pg_type typ | +| | INNER JOIN pg_namespace nsp ON nsp.oid = typ.typnamespace | +| | WHERE nsp.nspname = current_schema() | +| | AND typ.typname = 'permission_level') THEN | +| | CREATE TYPE permission_level AS ENUM ('none', 'sysadmin', 'member'); | +| | END IF; | +| | END; | +| | $$ | +| | LANGUAGE plpgsql; | +| | | +| | ALTER TABLE PropertyFields | +| | ADD COLUMN IF NOT EXISTS Protected BOOLEAN NOT NULL DEFAULT FALSE, | +| | ADD COLUMN IF NOT EXISTS PermissionField permission_level, | +| | ADD COLUMN IF NOT EXISTS PermissionValues permission_level, | +| | ADD COLUMN IF NOT EXISTS PermissionOptions permission_level; | +| | | +| | --- 166 | +| | CREATE TABLE IF NOT EXISTS Views ( | +| | Id VARCHAR(26) PRIMARY KEY, | +| | ChannelId VARCHAR(26) NOT NULL, | +| | Type VARCHAR(32) NOT NULL, | +| | CreatorId VARCHAR(26) NOT NULL, | +| | Title VARCHAR(256) NOT NULL, | +| | Description TEXT, | +| | SortOrder INTEGER NOT NULL DEFAULT 0, | +| | Props jsonb, | +| | CreateAt BIGINT NOT NULL, | +| | UpdateAt BIGINT NOT NULL, | +| | DeleteAt BIGINT NOT NULL DEFAULT 0 | +| | ); | +| | | +| | --- 167 | +| | CREATE INDEX CONCURRENTLY IF NOT EXISTS idx_views_channel_id_delete_at ON Views(ChannelId, DeleteAt); | +| | | +| | --- 171 | +| | DROP INDEX CONCURRENTLY IF EXISTS idx_propertyfields_protected; | +| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| | The ``role_updated`` WebSocket events are scoped to the affected team/channel instead of broadcasting globally, improving performance and | +| | reducing unnecessary network traffic. No manual action is required from administrators as the migration runs automatically during the upgrade. No downtime is | +| | expected, and no special planning is needed for the upgrade as the migration can run during normal operations. All installations are affected by this change, | +| | but the impact is minimal since the ``roles`` table is small with well under 10k rows even on large installations. The upgrade includes automatic database | +| | migrations to add a ``schemeid`` column to the ``roles`` table for efficient role-scheme lookups. The migrations use PostgreSQL's non-blocking techniques: first | +| | adding the column with a brief ACCESS EXCLUSIVE lock (catalog-only operation), then backfilling existing data with a ROW EXCLUSIVE lock, and finally creating | +| | an index concurrently with a SHARE UPDATE EXCLUSIVE lock that doesn't block other operations. The ``roles`` table size is bounded and unaffected by posts, | +| | reactions, or other high-volume data. The migrations are fully backwards-compatible. | +| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| | v11.7 includes Agents plugin v2. Please see `this guide`_ on how to upgrade the Mattermost Agents plugin from a v1.x release to v2.0.0. It covers the supported | +| | version path, the migrations that run automatically on first start of v2.0.0, the breaking changes and default-behavior flips that admins should know about | +| | before the upgrade window, and the verification steps to confirm the upgrade succeeded. | ++----------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | v11.6 | Single-channel guests are no longer counted toward the primary licensed seat count and are permitted free up to a 1:1 ratio with licensed seats. A new stat card,| | | license row, and admin banner provide visibility into single-channel guest usage and overage warnings. | | +------------------------------------------------------------------------------------------------------------------------------------------------------------------+ @@ -1940,6 +2076,7 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes> .. _000141_add_remoteid_channelid_to_post_acknowledgements.down.sql: https://github.com/mattermost/mattermost/blob/release-10.10/server/channels/db/migrations/postgres/000141_add_remoteid_channelid_to_post_acknowledgements.down.sql .. _000141_add_remoteid_channelid_to_post_acknowledgements.up.sql: https://github.com/mattermost/mattermost/blob/release-10.10/server/channels/db/migrations/postgres/000141_add_remoteid_channelid_to_post_acknowledgements.up.sql +.. _this guide: https://github.com/mattermost/mattermost-plugin-agents/blob/master/docs/upgrading_to_2.0.md‎.md Additional upgrade notes ------------------------ diff --git a/source/administration-guide/upgrade/open-source-components.rst b/source/administration-guide/upgrade/open-source-components.rst index 572b44ccdba..d4ff8411740 100644 --- a/source/administration-guide/upgrade/open-source-components.rst +++ b/source/administration-guide/upgrade/open-source-components.rst @@ -9,6 +9,7 @@ The following open source components are used to provide the full benefits of Ma Desktop -------- +- Mattermost Desktop v6.2.0 - `View Open Source Components `__. - Mattermost Desktop v6.1.0 - `View Open Source Components `__. - Mattermost Desktop v6.0.0 - `View Open Source Components `__. - Mattermost Desktop v5.13.0 - `View Open Source Components `__. @@ -38,6 +39,7 @@ Desktop Mobile ------- +- Mattermost Mobile v2.40.0 - `View Open Source Components `__. - Mattermost Mobile v2.39.0 - `View Open Source Components `__. - Mattermost Mobile v2.38.0 - `View Open Source Components `__. - Mattermost Mobile v2.37.0 - `View Open Source Components `__. @@ -138,6 +140,7 @@ Mobile Server ------------------------------ +- Mattermost Enterprise Edition v11.7.0 - `View Open Source Components `__. - Mattermost Enterprise Edition v11.6.0 - `View Open Source Components `__. - Mattermost Enterprise Edition v11.5.0 - `View Open Source Components `__. - Mattermost Enterprise Edition v11.4.0 - `View Open Source Components `__. diff --git a/source/administration-guide/upgrade/prepare-to-upgrade-mattermost.rst b/source/administration-guide/upgrade/prepare-to-upgrade-mattermost.rst index a016138c88d..37eddc87485 100644 --- a/source/administration-guide/upgrade/prepare-to-upgrade-mattermost.rst +++ b/source/administration-guide/upgrade/prepare-to-upgrade-mattermost.rst @@ -58,7 +58,7 @@ We strongly recommend that you: - Upgrade your instance of Mattermost to the latest :doc:`Extended Support Release (ESR) ` first before attempting to run the Mattermost v6.0 upgrade. .. important:: - Support for Mattermost Server v10.5 :doc:`Extended Support Release ` has come to the end of its life cycle on November 15, 2025. Upgrading to Mattermost Server v10.11 Extended Support Release or later is required. Upgrading from the previous Extended Support Release to the latest Extended Support Release is supported. Review the :doc:`important-upgrade-notes` for all intermediate versions in between to ensure you’re aware of the possible migrations that could affect your upgrade. + Support for Mattermost Server v10.11 :doc:`Extended Support Release ` is coming to the end of its life cycle on August 15, 2026. Upgrading to Mattermost Server v11.7 Extended Support Release or later is recommended. Upgrading from the previous Extended Support Release to the latest Extended Support Release is supported. Review the :doc:`important-upgrade-notes` for all intermediate versions in between to ensure you’re aware of the possible migrations that could affect your upgrade. v6.0 database schema migrations ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/source/agents b/source/agents index de69cba6d97..43738eedbd6 160000 --- a/source/agents +++ b/source/agents @@ -1 +1 @@ -Subproject commit de69cba6d976cb4371d6c66385a8a66159eed0a2 +Subproject commit 43738eedbd6c55985ee3002d3cbdc5b2f8ec0a85 diff --git a/source/conf.py b/source/conf.py index c4acceccce2..17bed3ac2e3 100644 --- a/source/conf.py +++ b/source/conf.py @@ -526,9 +526,9 @@ def setup(app: Sphinx): # built documents. # # The short X.Y version. -# version = '11.6' +# version = '11.7' # The full version, including alpha/beta/rc tags. -# release = '11.6' +# release = '11.7' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. @@ -578,6 +578,8 @@ def setup(app: Sphinx): "agents/CLAUDE.md", "agents/README.md", "agents/interpluginclient/README.md", + # Plugin-internal schema migration reviews (submodule); not customer-facing docs + "agents/store/migrations/reviews/*.md", "agents/notice.txt", "agents/license.txt" ] diff --git a/source/deployment-guide/desktop/desktop-msi-installer-and-group-policy-install.rst b/source/deployment-guide/desktop/desktop-msi-installer-and-group-policy-install.rst index 0b31b8e238b..dcb1b13539a 100644 --- a/source/deployment-guide/desktop/desktop-msi-installer-and-group-policy-install.rst +++ b/source/deployment-guide/desktop/desktop-msi-installer-and-group-policy-install.rst @@ -229,3 +229,10 @@ Use the ``APPLICATIONFOLDER`` parameter to specify an installation directory for - **PowerShell:** ``Start-Process -FilePath "$env:systemroot\system32\msiexec.exe" -ArgumentList '/i mattermost-desktop-v6.2.0-x64.msi APPLICATIONFOLDER=""'`` Change this command as new versions of the Mattermost Desktop App are released. + +macOS managed configuration (MDM) +--------------------------------- + +From Mattermost Desktop v6.2.0, admins can manage supported Desktop App configuration on macOS using managed preferences delivered through an MDM solution, in addition to the Windows group policy support described above. macOS managed preferences support the same configuration items as the Windows group policies listed in the `Install group policy files locally <#install-group-policy-files-locally>`__ section, including predefined server lists, server management controls, and update notification controls. + +To apply managed configuration on macOS, deploy a configuration profile that sets the supported keys to client Macs through your MDM solution. The Mattermost Desktop App reads managed preference values on launch; restart the app after changing managed configuration for new values to take effect. diff --git a/source/deployment-guide/server/linux/deploy-rhel.rst b/source/deployment-guide/server/linux/deploy-rhel.rst index 37101ad373b..98563f842b3 100644 --- a/source/deployment-guide/server/linux/deploy-rhel.rst +++ b/source/deployment-guide/server/linux/deploy-rhel.rst @@ -44,13 +44,13 @@ In a terminal window, ssh onto the system that will host the Mattermost Server. .. code-block:: sh - wget https://releases.mattermost.com/11.6.2/mattermost-11.6.2-linux-amd64.tar.gz + wget https://releases.mattermost.com/11.7.0/mattermost-11.7.0-linux-amd64.tar.gz .. tab:: Current ESR .. code-block:: sh - wget https://releases.mattermost.com/10.11.17/mattermost-10.11.17-linux-amd64.tar.gz + wget https://releases.mattermost.com/11.7.0/mattermost-11.7.0-linux-amd64.tar.gz .. tab:: Older releases diff --git a/source/deployment-guide/server/linux/deploy-tar.rst b/source/deployment-guide/server/linux/deploy-tar.rst index 0e5cd84a81c..d0b2031790c 100644 --- a/source/deployment-guide/server/linux/deploy-tar.rst +++ b/source/deployment-guide/server/linux/deploy-tar.rst @@ -45,13 +45,13 @@ In a terminal window, ssh onto the system that will host the Mattermost Server. .. code-block:: sh - wget https://releases.mattermost.com/11.6.2/mattermost-11.6.2-linux-amd64.tar.gz + wget https://releases.mattermost.com/11.7.0/mattermost-11.7.0-linux-amd64.tar.gz .. tab:: Current ESR .. code-block:: sh - wget https://releases.mattermost.com/10.11.17/mattermost-10.11.17-linux-amd64.tar.gz + wget https://releases.mattermost.com/11.7.0/mattermost-11.7.0-linux-amd64.tar.gz .. tab:: Older releases diff --git a/source/deployment-guide/software-hardware-requirements.rst b/source/deployment-guide/software-hardware-requirements.rst index 4d0c1685e49..39e477eb467 100644 --- a/source/deployment-guide/software-hardware-requirements.rst +++ b/source/deployment-guide/software-hardware-requirements.rst @@ -135,11 +135,9 @@ When a PostgreSQL version reaches its end of life (EOL), Mattermost will require +------------------------------------------------------------+------------------+--------------------------------+ | :ref:`v10.11 ESR `| 2025-8-15 | 13.x | +------------------------------------------------------------+------------------+--------------------------------+ -| v11.7 ESR ``*`` | 2026-5-15 | 14.x (EOL 2026-11-12) | +| :ref:`v11.7 ESR ` | 2026-5-15 | 14.x (EOL 2026-11-12) | +------------------------------------------------------------+------------------+--------------------------------+ -``*`` Forcasted release version and date. - Customers will have 9 months to plan, test, and upgrade their PostgreSQL version before the new requirement takes effect. This policy aims to provide clarity and transparency so you can align database upgrades with the Mattermost release schedule. Contact a `Mattermost Expert `_. to discuss your options. Database Search limitations diff --git a/source/end-user-guide/access/client-availability.rst b/source/end-user-guide/access/client-availability.rst index 3764f13b426..704036a3957 100644 --- a/source/end-user-guide/access/client-availability.rst +++ b/source/end-user-guide/access/client-availability.rst @@ -94,7 +94,7 @@ Teams +----------------------------------------------------------------------------------------------+-------------+-------------+-------------+ | :ref:`Manage team members ` | |checkmark| | |checkmark| | | +----------------------------------------------------------------------------------------------+-------------+-------------+-------------+ -| :ref:`Leave team ` | |checkmark| | |checkmark| | | +| :ref:`Leave team ` | |checkmark| | |checkmark| | |checkmark| | +----------------------------------------------------------------------------------------------+-------------+-------------+-------------+ Collaborative playbooks diff --git a/source/end-user-guide/collaborate/organize-using-teams.rst b/source/end-user-guide/collaborate/organize-using-teams.rst index 114c786c30d..f2556fb20bd 100644 --- a/source/end-user-guide/collaborate/organize-using-teams.rst +++ b/source/end-user-guide/collaborate/organize-using-teams.rst @@ -87,11 +87,15 @@ You can be a member of multiple teams at the same time. To join additional teams .. image:: ../../images/join-team.png :alt: Select a team name to join another team. +From Mattermost Mobile v2.40.0, you can join another team from the mobile app by tapping the team name in the channel list header, then tapping **Join Another Team**. + Leave a team ------------ Users can also choose to remove themselves from a team, from **Team menu > Leave Team**. This will remove the user from the team, and from all public channels and private channels on the team. +From Mattermost Mobile v2.40.0, you can leave a team from the mobile app when you belong to more than one team. In the channel list, tap the team name, tap **Leave team**, then confirm. + They will only be able to rejoin the team if it's open, or if they receive a new invitation. If they do rejoin, they will no longer be a part of their old channels. Remove people from teams diff --git a/source/end-user-guide/collaborate/send-messages.rst b/source/end-user-guide/collaborate/send-messages.rst index 7fd868e430a..c452fbd8f3d 100644 --- a/source/end-user-guide/collaborate/send-messages.rst +++ b/source/end-user-guide/collaborate/send-messages.rst @@ -44,10 +44,12 @@ You can use AI to enhance your messages before sending them. This feature helps From Mattermost v11.5, when you use AI Rewrite while composing a reply in a thread, the AI incorporates context from the thread to generate suggestions that better fit the ongoing conversation. +From Mattermost v11.7, Rewrite is accessed through the **AI Actions** |ai-actions-icon| menu, alongside any custom prompts your system admin has made available. + On Web/Desktop or Mobile: 1. Type your message in the message compose field. - 2. Select the **Rewrite** |ai-rewrite| option from the message actions. + 2. Open the **AI Actions** |ai-actions-icon| menu from the message actions, then select **Rewrite**. 3. Select a bot from the list of available AI agents. 4. Choose from available rewrite options: @@ -62,6 +64,10 @@ On Web/Desktop or Mobile: 5. Review the AI-generated suggestion. Select **Regenerate** to try again or **Discard** to return to your original message. 6. Select **Send** |send-icon| +.. tip:: + + From Mattermost v11.7, system admins can publish custom prompts that appear alongside Rewrite in the **AI Actions** |ai-actions-icon| menu. If you don't see a custom prompt you expect, check with your system admin. + .. note:: Messages that have been rewritten using AI are automatically marked as AI-generated content for transparency. Your system admin must :doc:`configure AI agents ` for the rewrite feature to be available. diff --git a/source/product-overview/common-esr-support-rst.rst b/source/product-overview/common-esr-support-rst.rst index cd0b79d968c..dd9efb1dbcb 100644 --- a/source/product-overview/common-esr-support-rst.rst +++ b/source/product-overview/common-esr-support-rst.rst @@ -1,3 +1,3 @@ .. important:: - Support for Mattermost Server v10.5 :ref:`Extended Support Release ` has come to the end of its life cycle on November 15, 2025. Upgrading to :doc:`Mattermost Server v10.11 or later ` is required. + Support for Mattermost Server v10.11 :ref:`Extended Support Release ` is coming to the end of its life cycle on August 15, 2026. Upgrading to :doc:`Mattermost Server v11.7 or later ` is recommended. diff --git a/source/product-overview/common-esr-support-upgrade.md b/source/product-overview/common-esr-support-upgrade.md index b914a80e0be..ca29711085c 100644 --- a/source/product-overview/common-esr-support-upgrade.md +++ b/source/product-overview/common-esr-support-upgrade.md @@ -1,7 +1,7 @@ -- Support for Mattermost Server v10.5 [Extended Support Release](https://docs.mattermost.com/product-overview/release-policy.html#extended-support-releases) has come to the end of its life cycle on November 15, 2025. Upgrading to Mattermost Server v10.11 or later is required. -- Upgrading from one Extended Support Release (ESR) to the next ESR (``major`` -> ``major_next``) is fully supported and tested. However, upgrading across multiple ESR versions (``major`` to ``major+2``) is supported, but not tested. If you plan to skip versions, we strongly recommend upgrading only between ESR releases. For example, if you're upgrading from v8.1 ESR, upgrade to the v9.5 ESR or the v9.11 ESR before attempting to upgrade to the [v10.5 ESR](https://docs.mattermost.com/product-overview/mattermost-v10-changelog.html#release-v10-5-extended-support-release) or the [v10.11 ESR](https://docs.mattermost.com/product-overview/mattermost-v10-changelog.html#release-v10-11-extended-support-release). +- Support for Mattermost Server v10.11 [Extended Support Release](https://docs.mattermost.com/product-overview/release-policy.html#extended-support-releases) is coming to the end of its life cycle on August 15, 2026. Upgrading to Mattermost Server v11.7 or later is recommended. +- Upgrading from one Extended Support Release (ESR) to the next ESR (``major`` -> ``major_next``) is fully supported and tested. However, upgrading across multiple ESR versions (``major`` to ``major+2``) is supported, but not tested. If you plan to skip versions, we strongly recommend upgrading only between ESR releases. For example, if you're upgrading from v8.1 ESR, upgrade to the v9.5 ESR or the v9.11 ESR before attempting to upgrade to the [v10.11 ESR](https://docs.mattermost.com/product-overview/mattermost-v10-changelog.html#release-v10-11-extended-support-release) or the [v11.7 ESR](https://docs.mattermost.com/product-overview/mattermost-server-releases.html). - See the [Important Upgrade Notes](https://docs.mattermost.com/upgrade/important-upgrade-notes.html) documentation for details on upgrading to a newer release. - See the [changelog in progress](https://bit.ly/2nK3cVf) for details about the upcoming release. -- All Mattermost users must accept Mattermost's [Acceptable Use Policy](https://mattermost.com/terms-of-use/#acceptable-use-policy) and [Privacy Policy](https://mattermost.com/privacy-policy/) when creating an account or accessing Mattermost. For customers with a Mattermost subscription, including self-hosted deployments, organizations may replace or override the Acceptable Use Policy in the [Mattermost System Console](https://docs.mattermost.com/administration-guide/configure/site-configuration-settings.html#terms-of-use-link) with their own acceptable use or conduct policies, based on contractual terms with Mattermost, so long as your own terms either incorporate the Acceptable Use Policy or include equivalent terms. If you change the default link to add your own terms for using the service you provide, your new terms must include a link to the default terms so end users are aware of the Mattermost Acceptable Use Policy for Mattermost software. \ No newline at end of file +- All Mattermost users must accept Mattermost's [Acceptable Use Policy](https://mattermost.com/terms-of-use/#acceptable-use-policy) and [Privacy Policy](https://mattermost.com/privacy-policy/) when creating an account or accessing Mattermost. For customers with a Mattermost subscription, including self-hosted deployments, organizations may replace or override the Acceptable Use Policy in the [Mattermost System Console](https://docs.mattermost.com/administration-guide/configure/site-configuration-settings.html#terms-of-use-link) with their own acceptable use or conduct policies, based on contractual terms with Mattermost, so long as your own terms either incorporate the Acceptable Use Policy or include equivalent terms. If you change the default link to add your own terms for using the service you provide, your new terms must include a link to the default terms so end users are aware of the Mattermost Acceptable Use Policy for Mattermost software. diff --git a/source/product-overview/common-esr-support.md b/source/product-overview/common-esr-support.md index 1701b5493f8..f04561abba2 100644 --- a/source/product-overview/common-esr-support.md +++ b/source/product-overview/common-esr-support.md @@ -1,4 +1,4 @@ -- Support for Mattermost Server v10.5 [Extended Support Release](https://docs.mattermost.com/product-overview/release-policy.html#extended-support-releases) has come to the end of its life cycle on November 15, 2025. Upgrading to [Mattermost Server v10.11](https://docs.mattermost.com/product-overview/mattermost-v10-changelog.html#release-v10-11-extended-support-release) or later is required. +- Support for Mattermost Server v10.11 [Extended Support Release](https://docs.mattermost.com/product-overview/release-policy.html#extended-support-releases) is coming to the end of its life cycle on August 15, 2026. Upgrading to [Mattermost Server v11.7](https://docs.mattermost.com/product-overview/mattermost-server-releases.html) or later is recommended. - All Mattermost users must accept Mattermost's [Acceptable Use Policy](https://mattermost.com/terms-of-use/#acceptable-use-policy) and [Privacy Policy](https://mattermost.com/privacy-policy/) when creating an account or accessing Mattermost. For customers with a Mattermost subscription, including self-hosted deployments, organizations may replace or override the Acceptable Use Policy in the [Mattermost System Console](https://docs.mattermost.com/administration-guide/configure/site-configuration-settings.html#terms-of-use-link) with their own acceptable use or conduct policies, based on contractual terms with Mattermost, so long as your own terms either incorporate the Acceptable Use Policy or include equivalent terms. If you change the default link to add your own terms for using the service you provide, your new terms must include a link to the default terms so end users are aware of the Mattermost Acceptable Use Policy for Mattermost software. \ No newline at end of file diff --git a/source/product-overview/mattermost-server-releases.md b/source/product-overview/mattermost-server-releases.md index 9f7e9776334..cc67ad9331a 100644 --- a/source/product-overview/mattermost-server-releases.md +++ b/source/product-overview/mattermost-server-releases.md @@ -19,6 +19,7 @@ Mattermost releases a new server version on the 16th of each month in [binary fo | **Release** | **Released on** | **Support ends** | |:---|:---|:---| +| v11.7 [Download](https://releases.mattermost.com/11.7.0/mattermost-11.7.0-linux-amd64.tar.gz) \| {ref}`Changelog ` \|
SBOM
| 2026-05-15 | 2027-05-15 {ref}`EXTENDED ` | | v11.6 [Download](https://releases.mattermost.com/11.6.2/mattermost-11.6.2-linux-amd64.tar.gz) \| {ref}`Changelog ` \|
SBOM
| 2026-04-16 | 2026-07-15 | | v11.5 [Download](https://releases.mattermost.com/11.5.5/mattermost-11.5.5-linux-amd64.tar.gz) \| {ref}`Changelog ` \|
SBOM
| 2026-03-16 | 2026-06-15 | | v11.4 [Download](https://releases.mattermost.com/11.4.5/mattermost-11.4.5-linux-amd64.tar.gz) \| {ref}`Changelog ` \|
SBOM
| 2026-02-16 | 2026-05-15 | diff --git a/source/product-overview/mattermost-v11-changelog.md b/source/product-overview/mattermost-v11-changelog.md index 94b4042a6d1..fa186618f5c 100644 --- a/source/product-overview/mattermost-v11-changelog.md +++ b/source/product-overview/mattermost-v11-changelog.md @@ -13,6 +13,143 @@ Platform and OS scope reflects reported and tested environments and may not represent all affected configurations. ``` +(release-v11.7-extended-support-release)= +## Release v11.7 - [Extended Support Release](https://docs.mattermost.com/product-overview/release-policy.html#release-types) + +**Release day 2026-05-15** + +```{Attention} +**Breaking Changes** + - FIPS builds require a minimum of 14 characters for passwords, atmos/camo proxy configuration, and shared channel secrets. Shorter passwords for existing users will no longer be valid and require a password reset. Non-FIPS builds are unaffected. + - v11.7 includes Agents plugin v2. Please see [this guide](https://github.com/mattermost/mattermost-plugin-agents/blob/master/docs/upgrading_to_2.0.md‎.md) on how to upgrade the Mattermost Agents plugin from a v1.x release to v2.0.0. It covers the supported version path, the migrations that run automatically on first start of v2.0.0, the breaking changes and default-behavior flips that admins should know about before the upgrade window, and the verification steps to confirm the upgrade succeeded. +``` + +#### Database Schema Changes + - The following schema changes are included in the v11.7 release. No database downtime is expected for this upgrade. See the [Important Upgrade Notes](https://docs.mattermost.com/upgrade/important-upgrade-notes.html) for more details. + - Added a new partial unique index (``idx_accesscontrolpolicies_name_type``) to the ``AccessControlPolicies`` table on (Name, Type) filtered to ``WHERE Type = 'parent'``. + - The ``PropertyFields`` and ``PropertyValues`` tables were modified, and a new ``Views`` table was created. + - Scoped the ``role_updated`` WebSocket events to the affected team/channel instead of broadcasting globally. + +#### config.json +New setting options were added to ``config.json``. Below is a list of the additions and their default values on install. The settings can be modified in ``config.json``, or the System Console when available. + - **Changes to Enterprise Advanced plan:** + - Under ``ExperimentalSetting`` in ``config.json``, added ``EnableWatermark`` configuration setting to add watermarking toggle in the server. + - **Changes to Enterprise plans:** + - Under ``PasswordSettings`` in ``config.json``, added ``​​PasswordFIPSMinimumLength`` configuration setting to require a minimum of 14 characters for passwords and for atmos/camo proxy and shared channel secrets. + - **Changes to all plans:** + - Under ``DatabaseSettings`` in ``config.json``, added ``AnalyticsQueryTimeout`` configuration [setting](https://docs.mattermost.com/administration-guide/configure/environment-configuration-settings.html#query-timeout) for use when running long analytics queries in the background. + +### Compatibility + - Updated minimum Edge and Chrome versions to 146+. + +```{Important} +If you upgrade from a release earlier than v11.6, please read the other [Important Upgrade Notes](https://docs.mattermost.com/administration-guide/upgrade/important-upgrade-notes.html). In case of an upgrade failure, please check the [Downgrade Guide](https://docs.mattermost.com/administration-guide/upgrade/downgrading-mattermost-server.html) and the [Recovery Guide](https://docs.mattermost.com/deployment-guide/backup-disaster-recovery.html) for rollback steps and interim mitigation strategy. +``` + +### Improvements + +See [this blog post](https://mattermost.com/blog/mattermost-v11-7-is-now-available/) on the highlights in our latest release. + +#### User Interface (UI) + - Pre-packaged Boards plugin version [v9.2.4](https://github.com/mattermost/mattermost-plugin-boards/releases/tag/v9.2.4). + - Pre-packaged GitHub plugin version [v2.7.0](https://github.com/mattermost/mattermost-plugin-github/releases/tag/v2.7.0). + - Pre-packaged Jira plugin version [v4.6.0](https://github.com/mattermost/mattermost-plugin-jira/releases/tag/v4.6.0). + - Pre-packaged Zoom plugin version [v1.13.0](https://github.com/mattermost/mattermost-plugin-zoom/releases/tag/v1.13.0). + - Pre-packaged [Agents](https://docs.mattermost.com/end-user-guide/agents.html) plugin version [v2.0.3](https://github.com/mattermost/mattermost-plugin-agents/releases/tag/v2.0.3). + - Pre-packaged Playbooks plugin version [v2.8.1](https://github.com/mattermost/mattermost-plugin-playbooks/releases/tag/v2.8.1). + - Message attachment footers now support full Markdown rendering, including bold, italic, links, and emoji. + - Changed the **Browse Channels** modal and ``~channel`` autocomplete to prioritize channels with a matching display name. + - Added an "Open in new tab" button to the **Product Switcher** menu. + - Substring matching is now allowed when searching channel members in the member sub-panel in a channel. + - Improved accessibility of thread list menus. + - Channel banners are now shown in thread views. + - Improved autocomplete while typing in Korean and using Firefox (reported on Desktop App and web browser). + - Updated license renewal and expiry notification emails with refreshed branding, copy, and layout. + - Added the ability to open channels in a separate popout window, with full channel and right-hand side functionality. + - Dropped support for JS features required by browsers over three years old (reported on webapp and Safari browser). + - Renamed user-visible references from "Custom Profile Attributes" to "User Attributes" across the admin console, error messages, and server translations. + - Added the [ability to handle](https://docs.mattermost.com/administration-guide/onboard/connected-workspaces.html) from which remotes a channel is shared from the channel settings user interface. + +#### Administration + - Updated dependency versions for server and public services. + - Migrated access control policies from v0.2 to v0.3, replacing the wildcard action with explicit action types to support multi-action policies. + - Added [team-level](https://docs.mattermost.com/administration-guide/manage/admin/attribute-based-access-control.html) ABAC membership policies, allowing Team Admins to create and manage attribute-based access policies for private channels within their team directly from a new Membership Policies tab in the Team Settings Modal. + - Added [permission policies](https://docs.mattermost.com/administration-guide/manage/admin/attribute-based-access-control.html) to manage file attachment download/upload actions. + - Policy editor is improved for "Multi Select" attribute types to use more intuitive operators. + - Added support for [Elasticsearch v9](https://docs.mattermost.com/administration-guide/scale/enterprise-search.html#elasticsearch) alongside v8. Elasticsearch v7 is no longer supported. + - Fail-fast requests are now done to the Elasticsearch/Opensearch cluster when it is down. + - Added a new ``mattermost_search_engine_status`` metric that reports whether the Elasticsearch/Opensearch cluster is healthy (value = 1) or not (value = 0). If the cluster is not enabled, its value is reported as 1. + - Added [logic](https://docs.mattermost.com/administration-guide/scale/common-configure-mattermost-for-enterprise-search.html) to monitor the health of Elasticsearch/Opensearch clusters to implement a retry mechanism. + - Updated URL validation in integration actions to make them more secure. + - Added a new built-in delegated administration role: Shared Channel Manager. This role allows System Admins to delegate Connected Workspaces management to specific users without granting full system administration access. + - Shared Channels related errors now appear in the main log file by default. + - Added a new Integrated Boards feature flag. + - Added protected fields and field specific permissions to the property fields. + - Added a ``--workers`` flag to the mmctl import process to control concurrency. + - Added support for listing user roles through mmctl. + - In the access control table editor, multi-select user attributes can now only use the "in" operator; changing the attribute on a row no longer resets the operator when both attributes are non-multi-select. + - Tightened authorization on the group syncable link and patch endpoints. + - Added new permissions to back Self Service Agent Creation in Mattermost Agents: + - ``manage_own_agent``: Allows users to create and manage their own agents. + - ``manage_others_agent``: Allows users to create and manage agents they didn't create, even if that user isn't one of the administrator users assigned to the agent by the creator. + +#### Performance + - Benchmarking test results showed no significant difference: a -0.90% decrease in the number of supported users for the new release, which lies within the ``[-5%, +5%]`` prediction interval. View the full raw data and methodology in our [Performance Reports repository](https://github.com/mattermost/performance-reports/tree/main/performance-comparisons/v11.7). + +#### Plugins + - Added a pluggable AI Actions Menu to the text editor formatting bar with cascading submenus. Plugins can register custom action items via ``registerAIActionMenuItemComponent``. The existing Rewrite feature is now accessed through this menu. + - Improved response handling for outgoing webhook requests. + +### Bug Fixes + - Fixed a crash when native app download links were malformed (reported on web browser). + - Fixed an issue where premade themes were hidden when custom themes were disabled. + - Fixed an issue where importing files with Japanese dakuten/handakuten characters (e.g., ガ, パ, べ) failed on macOS due to Unicode normalization mismatch (NFC/NFD). + - Fixed an issue that caused profile pictures to be incorrectly rotated on upload, as their EXIF rotation tag was ignored (reported on iOS). + - Fixed a nil pointer dereference in ``UpdateUser`` when the user update operation returned an unexpected nil result (Sentry VF, 14 events). + - Fixed an issue with the date picker not being able to overflow interactive dialogs properly. + - Fixed an issue where fetching a newly created channel could fail with "channel not found" on deployments with database read replicas. + - Fixed visual glitches with misaligned text and icon in image attachments in compact mode. + - Fixed an issue where shared channels would intermittently display "Shared with trusted organizations" instead of showing the actual connection name. + - Fixed an issue where attachment-only posts would get sent on **enter** even when set to only send on **ctrl/cmd + enter**. + - Fixed styling issues in the **Browse Channels** modal when there were long channel purpose values present. + - Fixed an issue where shared channel invites were silently dropped in High Availability clusters when the API request landed on a non-leader node. + - Fixed an issue where message attachment titles would render encoded special characters as-is. + - Fixed an issue with the **Invite to Team** modal ignoring the most recent key pressed when suggesting users (reported on Desktop App and web browser). + - Fixed an issue where a "Don't have an account" link showed up on the login page even when signups were disabled. + - Fixed issues with interactive dialogs - dynamic select lookups, radio values, and field refresh. + - Fixed an issue where desktop notifications still triggered for a channel or thread that was focused in a popout window (reported on Desktop App). + - Fixed an issue where the ``remote_id`` field on user objects could be set via the user patch API. + - Fixed an issue where keyboard navigation didn't work in the channel header and sidebar channel menus. + - Fixed an issue where the Workspace Optimization page appeared in the System Console on Mattermost Cloud workspaces. + - Fixed an issue where in compact mode, file attachment's name didn't display correctly when editing a post with attachments. + - Fixed an issue where the textbox would appear focused but not accept keyboard shortcuts after editing a post. + - Fixed an issue where SAML login failed for users mapped via objectGUID when the IdP sent the value as a UUID string instead of base64-encoded raw bytes (affecting Keycloak 26.6.0 and later with user-attribute-ldap-mapper). + - Fixed an issue with clipped emoticons and letters in channel banners. + - Fixed an issue where removing a remote could leave channels in a "shared" state, even if not shared with any remote. + - Fixed an issue where OpenSearch/Elasticsearch reindex jobs could report success even when bulk writes were silently rejected by the search backend, causing silent data loss in the search index. + +### API Changes + - Added a new API endpoint ``GET /api/v4/channels/{channel_id}/views/{view_id}/posts`` to retrieve paginated posts for a specific view. Card posts are temporarily excluded from search results. Card posts now use collaborative permissions — any channel member can edit or delete any card without needing ``edit_others_posts/delete_others_posts`` permissions. + - Added new API endpoints for the Property System Architecture v2. + - Plugin API: Added new pre-hooks for channel membership, team membership, and channel archiving. Plugins can now intercept operations before they are persisted using three new hooks: ``ChannelMemberWillBeAdded`` (modify or reject a channel member addition), ``TeamMemberWillBeAdded`` (modify or reject a team member addition), and ``ChannelWillBeArchived`` (reject a channel archive). + - Added new API endpoints ``PUT /api/v4/system/e2e/ai_bridge``, ``GET /api/v4/system/e2e/ai_bridge``, and ``DELETE /api/v4/system/e2e/ai_bridge`` for E2E testing of AI features. These endpoints are only accessible when ``EnableTesting`` is true. Refactored internal AI-related logic to use a new ``AgentsBridge`` interface for improved testability. Added new DTOs in ``server/public/model`` for AI bridge information and test helpers. + - Added a new API endpoint ``PUT /api/v4/channels/{channel_id}/members`` that sets the complete membership of a channel in a single call. The endpoint accepts a JSON object with ``members`` (desired user IDs) and an optional ``channel_admins`` (user IDs to designate as channel admins). The server computes the diff against current membership, adds or removes users as needed, and reconciles admin roles. Results are streamed back as NDJSON for progress tracking. Requires system admin permissions. + - Added three new plugin APIs for shared channel sync: ``ReceiveSharedChannelSyncMsg``, ``ReceiveSharedChannelAttachmentSyncMsg``, and ``ReceiveSharedChannelProfileImageSyncMsg``. These allow plugins acting as shared channel remotes to sync posts, reactions, users, file attachments, and profile images into Mattermost, complementing the existing outbound ``OnSharedChannels`` hooks. + +### Websocket Event Changes + - Added websocket events for Property System Architecture v2. + +### Audit Log Event Changes + - Added new audit logs ``AuditEventCreateView``, ``AuditEventGetView``, ``AuditEventUpdateView``, ``AuditEventDeleteView``, ``AuditEventListViewsForChannel``, ``AuditEventUpdateViewSortOrder``, ``AuditEventGetPostsForView``, ``AuditEventCreatePropertyField``, ``AuditEventDeletePropertyField``, ``AuditEventGetPropertyFields``, ``AuditEventPatchPropertyField``, ``AuditEventGetPropertyValues``, and ``AuditEventPatchPropertyValues`` for Integrated Boards. + - Added a new audit log ``AuditEventSetChannelMembers`` for channel memberships. + - Added new audit logs ``AuditEventCreateTeamAccessPolicy``, ``AuditEventUpdateTeamAccessPolicy``, ``AuditEventDeleteTeamAccessPolicy``, ``AuditEventAssignTeamAccessPolicy``, ``AuditEventUnassignTeamAccessPolicy``, and ``AuditEventTriggerTeamPolicySync`` for team-level ABAC membership policies. + +### Go Version + - v11.7 is built with Go ``v1.25.9``. + +### Contributors + - [abhijit-singh](https://github.com/abhijit-singh), [agarciamontoro](https://github.com/agarciamontoro), [amyblais](https://github.com/amyblais), [andrleite](https://github.com/andrleite), [angeloskyratzakos](https://github.com/angeloskyratzakos), [Aryakoste](https://github.com/Aryakoste), [asaadmahmood](https://github.com/asaadmahmood), [avasconcelos114](https://github.com/avasconcelos114), [axilleas](https://github.com/axilleas), [BenCookie95](https://github.com/BenCookie95), [bgardner8008](https://github.com/bgardner8008), [Br1an67](https://github.com/Br1an67), [calebroseland](https://github.com/calebroseland), [carlisgg](https://github.com/carlisgg), [Combs7th](https://github.com/Combs7th), [cpoile](https://github.com/cpoile), [crspeller](https://github.com/crspeller), [ctlaltdieliet](https://github.com/ctlaltdieliet), [cursor[bot]](https://github.com/cursor[bot]), [DannyDaemonic](https://github.com/DannyDaemonic), [davidkrauser](https://github.com/davidkrauser), [devinbinnie](https://github.com/devinbinnie), [DHaussermann](https://github.com/DHaussermann), [edgarbellot](https://github.com/edgarbellot), [enahum](https://github.com/enahum), [esarafianou](https://github.com/esarafianou), [esethna](https://github.com/esethna), [ewwollesen](https://github.com/ewwollesen), [fmartingr](https://github.com/fmartingr), [frankps](https://translate.mattermost.com/user/frankps), [ggrossetie](https://github.com/ggrossetie), [grubbins](https://github.com/grubbins), [hanzei](https://github.com/hanzei), [harshilsharma63](https://github.com/harshilsharma63), [hmhealey](https://github.com/hmhealey), [isacikgoz](https://github.com/isacikgoz), [jgheithcock](https://github.com/jgheithcock), [jprusch](https://translate.mattermost.com/user/jprusch), [kayazeren](https://translate.mattermost.com/user/kayazeren), [krotesk](https://translate.mattermost.com/user/krotesk), [KuSh](https://github.com/KuSh), [larkox](https://github.com/larkox), [lieut-data](https://github.com/lieut-data), [M-ZubairAhmed](https://github.com/M-ZubairAhmed), [marianunez](https://github.com/marianunez), [maruTA-bis5](https://translate.mattermost.com/user/maruTA-bis5), [master7](https://translate.mattermost.com/user/master7), [matthewbirtch](https://github.com/matthewbirtch), [Maty556677](https://translate.mattermost.com/user/Maty556677), [mgdelacroix](https://github.com/mgdelacroix), [NAM-MAN](https://github.com/NAM-MAN), [nang2049](https://github.com/nang2049), [NARSimoes](https://github.com/NARSimoes), [nickmisasi](https://github.com/nickmisasi), [pavelzeman](https://github.com/pavelzeman), [pvev](https://github.com/pvev), [Rajat-Dabade](https://github.com/Rajat-Dabade), [Reinkard](https://translate.mattermost.com/user/Reinkard), [Ricky-Tigg](https://translate.mattermost.com/user/Ricky-Tigg), [RinSkywarp](https://translate.mattermost.com/user/RinSkywarp), [sadohert](https://github.com/sadohert), [saturninoabril](https://github.com/saturninoabril), [sbishel](https://github.com/sbishel), [Sharuru](https://translate.mattermost.com/user/Sharuru), [svelle](https://github.com/svelle), [ThrRip](https://translate.mattermost.com/user/ThrRip), [tnir](https://translate.mattermost.com/user/tnir), [Umeaboy](https://translate.mattermost.com/user/Umeaboy), [Victor-Nyagudi](https://github.com/Victor-Nyagudi), [wiersgallak](https://github.com/wiersgallak), [wiggin77](https://github.com/wiggin77), [Willyfrog](https://github.com/Willyfrog), [yasserfaraazkhan](https://github.com/yasserfaraazkhan) + (release-v11.6-feature-release)= ## Release v11.6 - [Feature Release](https://docs.mattermost.com/product-overview/release-policy.html#release-types) diff --git a/source/product-overview/release-policy.md b/source/product-overview/release-policy.md index a25819b2f17..7efc649321b 100644 --- a/source/product-overview/release-policy.md +++ b/source/product-overview/release-policy.md @@ -26,8 +26,8 @@ See the full list of all Mattermost Server and desktop app releases and life cyc Mattermost Extended Support Releases (ESRs) are a strategic choice for organizations looking for stability and reduced frequency of updates. Using ESRs can minimize disruptions associated with frequent upgrades, making them an attractive option for environments where stability is paramount. Starting with the August 2025 Mattermost server and desktop app releases (server v10.11 and desktop app v5.13), Mattermost has adjusted the ESR life cycle as follows: - - **Extended Cadence**: The ESR release cycle has changed from every 6 months to every 9 months. - - **Prolonged Support**: The support window has increased from 9 months to 12 months. + - **Extended Cadence**: ESRs are released every 9 months. + - **Prolonged Support**: ESRs are supported for 12 months. We strongly recommend planning ahead for upgrades before the end of an ESR's life cycle to ensure continuity in receiving security updates. @@ -55,16 +55,19 @@ gantt v11.1 :done, 2025-11-14, 2026-02-15 v11.2 :done, 2025-12-16, 2026-03-15 v11.3 :done, 2026-01-16, 2026-04-15 - v11.4 :active, 2026-02-16, 2026-05-15 + v11.4 :done, 2026-02-16, 2026-05-15 v11.5 :active, 2026-03-16, 2026-06-15 v11.6 :active, 2026-04-16, 2026-07-15 - v11.7 & Desktop App v6.2 Extended Support :crit, 2026-05-16, 2027-05-15 + v11.7 & Desktop App v6.2 Extended Support :crit, 2026-05-15, 2027-05-15 + v11.8 :active, 2026-06-16, 2026-09-15 ``` **Timeline Legend:** The chart above shows both release dates and end-of-life dates for each version. ESRs provide longer-term stability for organizations preferring less frequent updates. - 🔵 **Blue bars**: Regular feature releases (monthly releases with standard support lifecycle) -- 🔴 **Red bars**: Extended Support Releases (ESRs) - Released every 6-9 months with extended 9-12 month support +- 🔴 **Red bars**: Extended Support Releases (ESRs), released every 9 months with 12 months of support + - v10.11 & Desktop App v5.13: Supported until August 15, 2026 + - v11.7 & Desktop App v6.2: Supported until May 15, 2027 (esr-notifications)= ### ESR Notifications @@ -83,7 +86,7 @@ The following table lists all releases across Mattermost v7.0, v8.0, and v9.0, i ```{Important} - If you're on a legacy Mattermost release prior to v7.1, in order to take advantage of newer Mattermost releases, you must upgrade to [v7.1 ESR](https://docs.mattermost.com/product-overview/unsupported-legacy-releases.html#release-v7-1-extended-support-release) at a minimum. -- Upgrading from one Extended Support Release (ESR) to the next ESR (``major`` -> ``major_next``) is fully supported and tested. However, upgrading across multiple ESR versions (``major`` to ``major+2``) is supported, but not tested. If you plan to skip versions, we strongly recommend upgrading only between ESR releases. For example, if you're upgrading from v8.1 ESR, upgrade to the v9.5 ESR or the v9.11 ESR before attempting to upgrade to the [v10.5 ESR](https://docs.mattermost.com/product-overview/mattermost-v10-changelog.html#release-v10-5-extended-support-release) or the [v10.11 ESR](https://docs.mattermost.com/product-overview/mattermost-v10-changelog.html#release-v10-11-extended-support-release). +- Upgrading from one Extended Support Release (ESR) to the next ESR (``major`` -> ``major_next``) is fully supported and tested. However, upgrading across multiple ESR versions (``major`` to ``major+2``) is supported, but not tested. If you plan to skip versions, we strongly recommend upgrading only between ESR releases. For example, if you're upgrading from v8.1 ESR, upgrade to the v9.5 ESR or the v9.11 ESR before attempting to upgrade to the [v10.11 ESR](https://docs.mattermost.com/product-overview/mattermost-v10-changelog.html#release-v10-11-extended-support-release) or the [v11.7 ESR](https://docs.mattermost.com/product-overview/mattermost-v11-changelog.html#release-v11-7-extended-support-release). ``` | **Release** | **Release Type** | **Support ended** | diff --git a/source/product-overview/ui-ada-changelog.rst b/source/product-overview/ui-ada-changelog.rst index a6d52fc4ca3..17b903bfd59 100644 --- a/source/product-overview/ui-ada-changelog.rst +++ b/source/product-overview/ui-ada-changelog.rst @@ -12,6 +12,30 @@ Changelog * - Version - Change Description + * - v11.7 + - (UI) Message attachment footers now support full Markdown rendering, including bold, italic, links, and emoji. + * - v11.7 + - (UI) Changed the **Browse Channels** modal and ``~channel`` autocomplete to prioritize channels with a matching display name. + * - v11.7 + - (UI) Added an "Open in new tab" button to the **Product Switcher** menu. + * - v11.7 + - (UI) Substring matching is now allowed when searching channel members in the member sub-panel in a channel. + * - v11.7 + - (Accessibility) Improved accessibility of thread list menus. + * - v11.7 + - (UI) Improved autocomplete while typing in Korean and using Firefox. + * - v11.7 + - (UI) Updated license renewal and expiry notification emails with refreshed branding, copy, and layout. + * - v11.7 + - (UI) Added the ability to open channels in a separate popout window, with full channel and right-hand side functionality. + * - v11.7 + - (UI) Dropped support for JS features required by browsers over three years old. + * - v11.7 + - (UI) Renamed user-visible references from "Custom Profile Attributes" to "User Attributes" across the admin console, error messages, and server translations. + * - v11.7 + - (UI) Added the `ability to handle `__ from which remotes a channel is shared from the channel settings user interface. + * - v11.7 + - (UI) Channel banners are now shown in thread views. * - v11.6 - (UI) Added support for Default Agent in suggestions and integrated Agents into the App Bar. * - v11.6