docs/releases/v1.39.0-changelog.md
Upgrade Helper: https://backstage.github.io/upgrade-helper/?to=1.39.0
90ab044: BREAKING: Removed all deprecated exports, and removed support for the old backend system.
It also removes the CodeOwnersProcessor from the default set of processors, because it is expensive to run and has vague semantics. You need to update your backend to add it to the catalogProcessingExtensionPoint if you wish to continue using it.
The following removed exports are available from @backstage/plugin-catalog-node:
locationSpecToMetadataNamelocationSpecToLocationEntityprocessingResultEntitiesSearchFilterEntityFilterDeferredEntityEntityRelationSpecCatalogProcessorCatalogProcessorParserCatalogProcessorCacheCatalogProcessorEmitCatalogProcessorLocationResultCatalogProcessorEntityResultCatalogProcessorRelationResultCatalogProcessorErrorResultCatalogProcessorRefreshKeysResultCatalogProcessorResultEntityProviderEntityProviderConnectionEntityProviderMutationAnalyzeOptionsLocationAnalyzerScmLocationAnalyzerPlaceholderResolverPlaceholderResolverParamsPlaceholderResolverReadPlaceholderResolverResolveUrlparseEntityYamlThe following removed exports are available from @backstage/plugin-catalog-common:
LocationSpecAnalyzeLocationRequestAnalyzeLocationResponseAnalyzeLocationExistingEntityAnalyzeLocationGenerateEntityAnalyzeLocationEntityFieldThe following removed exports are instead implemented in the new backend system by @backstage/plugin-search-backend-module-catalog:
defaultCatalogCollatorEntityTransformerCatalogCollatorEntityTransformerDefaultCatalogCollatorThe following exports are removed without a direct replacement:
DefaultCatalogCollatorFactoryDefaultCatalogCollatorFactoryOptionsLocationEntityProcessorLocationEntityProcessorOptionsCatalogBuilderCatalogEnvironmentCatalogPermissionRuleInputCatalogProcessingEnginecreateRandomProcessingIntervalProcessingIntervalFunction/alpha export; please use the regular root default export instead.catalog.disableDefaultProcessors.entity-fetch audit events are not visible by default in the logs and are only displayed when the log severity level is adjusted."d385854: BREAKING: The DefaultSchedulerService constructor options now requires RootLifecycleService, HttpRouterService, and PluginMetadataService fields.
The scheduler will register a REST API for listing and triggering tasks. Please see the scheduler documentation for more details about this API.
1e06afd: GithubUrlReader's search detects glob-patterns supported by minimatch, instead of just detecting
* and ? characters.
For example, this allows to search for patterns like {C,c}atalog-info.yaml.
acea1d4: update documentation
72d019d: Removed various typos
c6bc67d: Added Valkey support alongside Redis in backend-defaults cache clients, using the new Keyv Valkey package. Also extended backend-test-utils to support Valkey in tests.
36f77e9: Bug fix: Pass user provided token through to gitlab url resolvers
0e7a640: The GithubUrlReader will now use the token from options when fetching repo details
Updated dependencies
FrontendRemoteResolver's misspelled getAdditionaRemoteInfo has been deprecated. Use the correct spelling getAdditionalRemoteInfo instead.mockServices.events()getLocations method to CatalogApi and CatalogClient. This method calls the GET /locations endpoint from the catalog backend.1e0230e: Support custom AuthConnector for OAuth2.
A user can pass their own AuthConnector implementation in OAuth2 constructor.
In which case the session manager will use that instead of the DefaultAuthConnector to interact with the
authentication provider.
A custom AuthConnector may call the authentication provider from the front-end, store and retrieve tokens
in the session storage, for example, and otherwise send custom requests to the authentication provider and
handle its responses.
Note, that if the custom AuthConnector transforms scopes returned from the authentication provider,
the transformation must be the same as OAuth2CreateOptions#scopeTransform passed to OAuth2 constructor.
See creating DefaultAuthConnector in OAuth2#create(...) for an example.
I18nextTranslationApi to support interpolation of JSX elements.OAuthRequestDialog to re-render on mount.d945206: Added support for federated credentials using managed identities in the Azure DevOps integration. Federated credentials are only available for Azure DevOps organizations that have been configured to use Entra ID for authentication.
integrations:
azure:
- host: dev.azure.com
credentials:
+ - clientId: ${APP_REGISTRATION_CLIENT_ID}
+ managedIdentityClientId: system-assigned
+ tenantId: ${AZURE_TENANT_ID}
This also adds support for automatically using the system-assigned managed identity of an Azure resource by specifying system-assigned as the client ID of the managed identity.
integrations:
azure:
- host: dev.azure.com
credentials:
- - clientId: ${AZURE_CLIENT_ID}
+ - clientId: system-assigned
f134cea: Implement Edit URL feature for Gerrit 3.9+.
It's possible to disable the edit url by adding the disableEditUrl: true config in the Gerrit integration.
organizations property to azure section in config.d.ts file57221d9: BREAKING: Removed support for the old backend system, and removed all deprecated exports.
If you were using one of the deprecated imports from this package, you will have to follow the instructions in their respective deprecation notices before upgrading. Most of the general utilities are available from @backstage/plugin-auth-node, and the specific auth providers are available from dedicated packages such as for example @backstage/plugin-auth-backend-module-github-provider. See the auth docs for specific instructions.
0d606ac: Added the configuration flag auth.omitIdentityTokenOwnershipClaim that causes issued user tokens to no longer contain the ent claim that represents the ownership references of the user.
The benefit of this new flag is that issued user tokens will be much smaller in
size, but they will no longer be self-contained. This means that any consumers
of the token that require access to the ownership claims now need to call the
/api/auth/v1/userinfo endpoint instead. Within the Backstage ecosystem this is
done automatically, as clients will still receive the full set of claims during
authentication, while plugin backends will need to use the UserInfoService
which already calls the user info endpoint if necessary.
When enabling this flag, it is important that any custom sign-in resolvers directly return the result of the sign-in method. For example, the following would not work:
const { token } = await ctx.issueToken({
claims: { sub: entityRef, ent: [entityRef] },
});
return { token }; // WARNING: This will not work with the flag enabled
Instead, the sign-in resolver should directly return the result:
return ctx.issueToken({
claims: { sub: entityRef, ent: [entityRef] },
});
72d019d: Removed various typos
ab53e6f: Added support for the new dangerousEntityRefFallback option for signInWithCatalogUser in AuthResolverContext.
b128ed9: The static key store now issues tokens with the same structure as other key stores. Tokens now include the typ field in the header and the uip (user identity proof) in the payload.
Updated dependencies
5850717: Update Bitbucket Cloud schema and models.
The latest schema was fetched from Bitbucket Cloud and stored locally. Based on the updated schema, the models got regenerated.
BREAKING:
Due to the schema changes, the model update includes one breaking change:
Account.username was removed.Additionally, there were a couple of compatible changes including the addition of
BaseCommit.committer and others.
repo:updated events as Events.RepoUpdatedEvent.CatalogTable when pagination is enabled.pluginId option of createFrontendPlugin.filter parameter has been added to EntityContextMenuItemBlueprint to make it easier to configure which entities a menu item should appear for. The filter parameter is a function which accepts an entity and returns a boolean.routeRef when using core-plugin-api in a dialog contextGithubLocationAnalyzer now requires the AuthService and the CatalogService when being constructed and the TokenManger has been removed./alpha export of this package, you should remove the /alpha part.userGroupMember.path, user.path and, group.path option to each query type to allow more complex msgraph queries@backstage/backend-common, please migrate to the new backend systemgenerateStepper and defaultGenerateStepper now require a translation argument to be passed through for supporting translations.pluginId option of createFrontendPlugin.catalog-import plugin.parseEntityYaml from @backstage/plugin-catalog-backend, to make it more easily usable by custom plugins and modulesgetLocations method to CatalogApi and CatalogClient. This method calls the GET /locations endpoint from the catalog backend.d47aaa3: Added EntityOrderFilter to sort entities by different fields/columns. This new filter allows users to specify the order in which entities are displayed in the catalog.
Example usage:
import {
EntityOrderFilter,
useEntityList,
} from '@backstage/plugin-catalog-react';
// ...
const { updateFilters } = useEntityList();
// ...
updateFilters({
order: new EntityOrderFilter([
{
field: 'metadata.name',
order: 'desc',
},
]),
});
1a003ff: Add getLocations method to CatalogApi and CatalogClient. This method calls the GET /locations endpoint from the catalog backend.
filter parameter has been added to EntityContextMenuItemBlueprint to make it easier to configure which entities a menu item should appear for. The filter parameter is a function which accepts an entity and returns a boolean.ae249fc: BREAKING: Removed the createGithubSignatureValidator export.
Added support webhook validation based on integrations.github.[].apps.[].webhookSecret.
PinnipedHelper class now expects a regular LoggerService instance from the new backend system, instead of a Winston logger.@kubernetes/client-node to 1.1.2.PermissionClient to exhaust the request body size limit too quickly when making many requests.PermissionClient to exhaust the request body size limit too quickly when making many requests.PermissionClient to throw an error when authorizing basic permissions with the permission.EXPERIMENTAL_enableBatchedRequests config enabled.PermissionClient to exhaust the request body size limit too quickly when making many requests.pluginId option of createFrontendPlugin.templatingExtensions was incorrectly set to templateExtensionsworkspace:template and workspace:template:file actions to complement respective fetch:* actionstemplatingExtensions was incorrectly set to templateExtensionstemplatingExtensions was incorrectly set to templateExtensionsfilterValue in SearchFilter.Autocomplete to prevent unintended resets729a7d6: Added a configuration to permit backend plugin module failures on startup:
backend:
...
startup:
plugins:
plugin-x:
modules:
module-y:
onPluginModuleBootFailure: continue
This configuration permits plugin-x with module-y to fail on startup. Omitting the
onPluginModuleBootFailure configuration matches the previous behavior, wherein any
individual plugin module failure is forwarded to the plugin and aborts backend startup.
The default can also be changed, so that continuing on failure is the default unless otherwise specified:
backend:
startup:
default:
onPluginModuleBootFailure: continue
plugins:
catalog:
modules:
github:
onPluginModuleBootFailure: abort
72d019d: Removed various typos
Updated dependencies
lazyCompilation and refreshOptions for rspackinfo object to the context of the alpha CLI.@octokit/request to ^8.0.0.react-refresh to ^0.17.0.plugin property of AppNodeSpec.pluginId option of createFrontendPlugin.@backstage-community/plugin-puppetdb to ^0.6.0.LogViewer now supports a textWrap prop that wraps log lines to the next line for overflowing content instead of using horizontal scrollTranslationApi now supports interpolation of JSX elements by passing them directly as values to the translation function. If any of the provided interpolation values are JSX elements, the translation function will return a JSX element instead of a string.lerna-debug.log* pattern from .gitignore as Lerna was removed from the package in version @backstage/[email protected].plugin property of AppNodeSpec.{ flags: { allowUnknownExtensionConfig: true } } to createSpecializedApp.173db8f: The source property of AppNodeSpec has been renamed to plugin. The old property has been deprecated and will be removed in a future release.
fb58f20: The id option of createFrontendPlugin has been renamed to pluginId in order to better align with similar APIs in the frontend and backend systems.
The old id option is deprecated and will be removed in a future release.
72d019d: Removed various typos
Updated dependencies
pluginId option of createFrontendPlugin.163f3da: This expands the configurability of release-manifests to pave the road for more configuration options in the cli.
Specifically it allows the specification of mirrored, proxied, or air-gapped hosts when upgrading across releases when working in restricted or heavily governed development environments (common in large enterprises and government entities).
typedoc to ^0.28.0.MockTranslationApi.pluginId option of createFrontendPlugin.pluginId option of createFrontendPlugin.pluginId option of createFrontendPlugin.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.dangerouslyAllowSignInWithoutUserInCatalog auth resolver config.332e934: Added the identity property to BackstageSignInResult.
The prepareBackstageIdentityResponse function will now also forward the identity to the response if present in the provided sign-in result.
ab53e6f: Added a new dangerousEntityRefFallback option to the signInWithCatalogUser method in AuthResolverContext. The option will cause the provided entity reference to be used as a fallback in case the user is not found in the catalog. It is up to the caller to provide the fallback entity reference.
Auth providers that include pre-defined sign-in resolvers are encouraged to define a flag named dangerouslyAllowSignInWithoutUserInCatalog in their config, which in turn enables use of the dangerousEntityRefFallback option. For example:
export const usernameMatchingUserEntityName = createSignInResolverFactory({
optionsSchema: z
.object({
dangerouslyAllowSignInWithoutUserInCatalog: z.boolean().optional(),
})
.optional(),
create(options = {}) {
return async (
info: SignInInfo<OAuthAuthenticatorResult<PassportProfile>>,
ctx,
) => {
const { username } = info.result.fullProfile;
if (!username) {
throw new Error('User profile does not contain a username');
}
return ctx.signInWithCatalogUser(
{ entityRef: { name: username } },
{
dangerousEntityRefFallback:
options?.dangerouslyAllowSignInWithoutUserInCatalog
? { entityRef: { name: username } }
: undefined,
},
);
};
},
});
Updated dependencies
3bce578: Support Bitbucket Cloud's repo:updated events at BitbucketCloudEntityProvider.
To make use of the new event type, you have to configure your webhook or add a new ones
that delivers this event type to Backstage similar to repo:push before.
Only repo:updated events that modify a repository's URL (e.g., due to a name change)
will cause changes (removing the "old", adding the "new" repository).
Updated dependencies
pluginId option of createFrontendPlugin.pluginId option of createFrontendPlugin.pluginId option of createFrontendPlugin.object_kind field with priority over event_name on Gitlab webhook event typesf7ca0fe: Added the Catalog presentation API to the HomePageRecentlyVisited and HomePageTopVisited components
fb58f20: Internal update to use the new pluginId option of createFrontendPlugin.
eddd96c: Added optional title prop to customHomePageGrid
16eb4bf: Export ContentModal from @backstage/plugin-home-react so people can use this in other scenarios.
Renamed CatalogReactComponentsNameToClassKey to PluginHomeComponentsNameToClassKey in overridableComponents.ts
Made QuickStartCard docsLinkTitle prop more flexible to allow for any React.JSX.Element instead of just a string.
Added QuickStartCard prop additionalContent which can eventually replace the prop video.
2c1761f: Added a variant prop to the WelcomeTitle component making it work with the Customizable Home page feature. Adding it like this <WelcomeTitle variant='h1' /> to the list of items under CustomHomepageGrid will allow it to render with a size that works well.
195323f: Export root page route from the home plugin to enable adding links/nav to it from outside the plugin
72d019d: Removed various typos
d710d74: docs: Update default for preventCollision prop
Updated dependencies
16eb4bf: Export ContentModal from @backstage/plugin-home-react so people can use this in other scenarios.
Renamed CatalogReactComponentsNameToClassKey to PluginHomeComponentsNameToClassKey in overridableComponents.ts
Made QuickStartCard docsLinkTitle prop more flexible to allow for any React.JSX.Element instead of just a string.
Added QuickStartCard prop additionalContent which can eventually replace the prop video.
Updated dependencies
pluginId option of createFrontendPlugin.@kubernetes/client-node to 1.1.2.@kubernetes/client-node to 1.1.2.@kubernetes/client-node to 1.1.2.@kubernetes/client-node to 1.1.2.pluginId option of createFrontendPlugin.4f10768: Fix slack notification processor to handle a notification with an empty description
f6480c7: Fix dataloader caching, and use the proper catalog service ref
a1c5bbb: Added email-based Slack User ID lookup if metadata.annotations.slack.com/bot-notify is missing from user entity
e099d0a: Notifications which mention user entity refs are now replaced with Slack compatible mentions.
Example: Welcome <@user:default/billy>! -> Welcome <@U123456890>!
Updated dependencies
fb58f20: Internal update to use the new pluginId option of createFrontendPlugin.
02e8af1: Enhance user profile card configuration:
maxRelations numerical configuration that controls over how many user groups are shown directly on the profile card:
maxRelations is set to 0, the list of user groups is not displayed.maxRelations is set to a positive number, up to that many groups are displayed.hideIcons, was added to optionally hide the visual icons associated with each group in the displayed list.# Example in app-config.yaml
app:
extensions:
- entity-card:org/user-profile:
config:
maxRelations: 5 # (optional) Show up to 5 groups on the card
hideIcons: true # (optional) Hide the group icons
08ba448: display entity-ref in GroupProfileCard so groups can easily determine their Group ID
18e84c9: Fixed missing spec.profile field on MyGroupsSidebarItem.tsx so the group spec.profile.displayName is shown on the sidebar"
72d019d: Removed various typos
Updated dependencies
publish:github:pull-request actioncreate log a more appropriate error message to the end user advising that the files they're trying to modify might not existuser in createMockActionContextpluginId option of createFrontendPlugin.search.elasticsearch.queryOptions config were not picked up by the ElasticSearchSearchEngine.pluginId option of createFrontendPlugin.pluginId option of createFrontendPlugin.pluginId option of createFrontendPlugin.npm: and backstage: ranges to the lockfile to ensure compatibility with tools that parse the lockfile and ensure dependencies stay locked when building dist workspaces.