docs/releases/v1.50.0-next.1-changelog.md
Upgrade Helper: https://backstage.github.io/upgrade-helper/?to=1.50.0-next.1
examples on actions registered via the actions registry. Action authors can now provide examples with compile-time-checked input and output values that match their schema definitions.FetchMiddlewares.clarifyFailures() which replaces the uninformative "TypeError: Failed to fetch" with a message that includes the request method and URL.createRouteRef by replacing the dual TParams/TParamKeys type parameters with a single TParamKey parameter. This is a breaking change for callers that explicitly provided type arguments, but most usage that relies on inference is unaffected.FlattenedMessages type to avoid excessive type instantiation depth in TypeScript 6 when using createTranslationRef with the translations option.createSchemaFromZod helper to use a schema-first generic pattern, replacing the ZodSchema<TOutput, ZodTypeDef, TInput> constraint with TSchema extends ZodType. This avoids "excessively deep" type inference errors when multiple Zod copies are resolved.fa55078: BREAKING: Refactored SignInResolverFactoryOptions to use a schema-first generic pattern, following Zod's recommended approach for writing generic functions. The type parameters changed from <TAuthResult, TOptionsOutput, TOptionsInput> to <TAuthResult, TSchema extends ZodType>.
This fixes "Type instantiation is excessively deep and possibly infinite" errors that occurred when the Zod version in a user's project did not align with the one in Backstage core.
If you use createSignInResolverFactory without explicit type parameters (the typical usage), no changes are needed:
// This usage is unchanged
createSignInResolverFactory({
optionsSchema: z.object({ domain: z.string() }).optional(),
create(options = {}) {
/* ... */
},
});
If you reference SignInResolverFactoryOptions with explicit type parameters, update as follows:
- SignInResolverFactoryOptions<MyAuthResult, MyOutput, MyInput>
+ SignInResolverFactoryOptions<MyAuthResult, typeof mySchema>
execute-template actions registry action that executes a scaffolder template with provided input values and returns a task ID for tracking progress.examples array from actions bridged via the actions registry.FetchMiddlewares.clarifyFailures() to the default fetch API middleware stack.examples on actions registered via the actions registry. Action authors can now provide examples with compile-time-checked input and output values that match their schema definitions.zod/v4 with schema-driven defaults and type inference.AwsS3UrlReader failing to read files from S3 buckets configured with custom endpoint hosts. When an integration was configured with a specific endpoint like https://bucket-1.s3.eu-central-1.amazonaws.com, the URL parser incorrectly fell through to the non-AWS code path, always defaulting the region to us-east-1 instead of extracting it from the hostname.examples on actions registered via the actions registry. Action authors can now provide examples with compile-time-checked input and output values that match their schema definitions.glob dependency from v7/v8/v11 to v13 to address security vulnerabilities in older versions. Bumped rollup from v4.27 to v4.59+ to fix a high severity path traversal vulnerability (GHSA-mw96-cpmx-2vgc).DOM.AsyncIterable to the default lib in the shared TypeScript configuration, enabling standard async iteration support for DOM APIs such as FileSystemDirectoryHandle. This aligns behavior with TypeScript 6.0, where this lib is included in DOM by default.glob dependency from v7/v8/v11 to v13 to address security vulnerabilities in older versions. Bumped rollup from v4.27 to v4.59+ to fix a high severity path traversal vulnerability (GHSA-mw96-cpmx-2vgc).glob dependency from v7/v8/v11 to v13 to address security vulnerabilities in older versions. Bumped rollup from v4.27 to v4.59+ to fix a high severity path traversal vulnerability (GHSA-mw96-cpmx-2vgc).frontend-plugin to frontend-plugin-legacyglob dependency from v7/v8/v11 to v13 to address security vulnerabilities in older versions. Bumped rollup from v4.27 to v4.59+ to fix a high severity path traversal vulnerability (GHSA-mw96-cpmx-2vgc).createRouteRef call.no-mixed-plugin-imports rule to return null from non-fixable suggestion handlers and added an explicit SuggestionReportDescriptor[] type annotation, matching the stricter type checking in TypeScript 6.0.ForwardedError with a clear message.glob dependency from v7/v8/v11 to v13 to address security vulnerabilities in older versions. Bumped rollup from v4.27 to v4.59+ to fix a high severity path traversal vulnerability (GHSA-mw96-cpmx-2vgc).2e5c5f8: Bumped glob dependency from v7/v8/v11 to v13 to address security vulnerabilities in older versions. Bumped rollup from v4.27 to v4.59+ to fix a high severity path traversal vulnerability (GHSA-mw96-cpmx-2vgc).
8d79835: Added RangeSlider component for selecting numeric ranges.
Affected components: RangeSlider
5081bcc: Fixed Avatar becoming elliptical in flex layouts by preventing it from shrinking.
Affected components: Avatar
d840ba9: Fixed relative href resolution for BUI link components. Relative paths like ../other are now correctly turned into absolute paths before reaching the React Aria layer, ensuring client-side navigation goes to the right place.
Affected components: ButtonLink, Card, CellProfile, CellText, Link, ListRow, MenuItem, MenuListBoxItem, Row, SearchAutocompleteItem, Tab, Tag
3bc23a5: Added support for disabling pagination in useTable complete mode by setting paginationOptions: { type: 'none' }. This skips data slicing and produces pagination: { type: 'none' } in tableProps, removing the need for consumers to manually override the pagination prop on Table. Also fixed complete mode not reacting to dynamic changes in paginationOptions.pageSize.
Affected components: useTable
c368cf3: Updated dependency @types/use-sync-external-store to ^1.0.0.
d0f055f: Added showPaginationLabel prop to TablePagination and useTable pagination options. When set to false, the pagination label (e.g., "1 - 20 of 150") is hidden while navigation controls remain visible. Defaults to true.
Affected components: TablePagination, useTable
feaf3d1: Fixed HeaderNav hover indicator covering tab text when theme uses opaque background colors. Also fixed an incorrect CSS variable reference (--bui-font-family → --bui-font-regular).
Affected components: Header
e5baa20: Added support for configuring URL redirects on the app/routes extension. Redirects can be configured through app-config as an array of {from, to} path pairs, which will cause navigation to the from path to be redirected to the to path.
For example:
app:
extensions:
- app/routes:
config:
redirects:
- from: /old-path
to: /new-path
Updated dependencies
glob dependency from v7/v8/v11 to v13 to address security vulnerabilities in older versions. Bumped rollup from v4.27 to v4.59+ to fix a high severity path traversal vulnerability (GHSA-mw96-cpmx-2vgc).IN (subquery) to EXISTS (correlated subquery) patterns. This enables PostgreSQL semi-join optimizations and fixes NOT IN NULL-semantics pitfalls by using NOT EXISTS instead.GithubEntityProvider with validateLocationsExist: true and filters.branch configured would always check for the catalog file on the repository's default branch (HEAD) instead of the configured branch. This caused repositories to be filtered out when the catalog file only existed on the non-default branch.title and icon to the new frontend system plugin definition.title and icon to the new frontend system plugin definition.EntityInfoCard header overflowing on narrow screens.paginationOptions: { type: 'none' } instead of deriving page size from data length.title and icon to the new frontend system plugin definition.title and icon to the new frontend system plugin definition.nodemailer from 7.0.13 to 8.0.4GroupProfileCard and UserProfileCard content overflowing on narrow screens.title and icon to the new frontend system plugin definition.864a799: Fix the display of the description in GitlabRepoPicker:
owner.description helper text outside the allowedOwners conditional so it renders for both Select and Autocomplete modes.Autocomplete label to use fields.gitlabRepoPicker.owner.inputTitle instead of fields.gitlabRepoPicker.owner.title.a7a14b7: Removed custom IterableDirectoryHandle and WritableFileHandle types in favor of the standard DOM FileSystemDirectoryHandle and FileSystemFileHandle types, which are now available through the DOM.AsyncIterable lib added to the shared TypeScript configuration.
Updated dependencies
jest-when dev dependency.SearchModal leaving the page in a broken state by not restoring body overflow and aria-hidden attributes when closing.title and icon to the new frontend system plugin definition.