diff --git a/.changeset/beige-parents-lick.md b/.changeset/beige-parents-lick.md deleted file mode 100644 index e2fd26d144..0000000000 --- a/.changeset/beige-parents-lick.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -'@hyperdx/app': patch -'@hyperdx/common-utils': patch ---- - -fix: prevent false "data source not set" error on markdown dashboard tiles diff --git a/.changeset/calm-tips-repeat.md b/.changeset/calm-tips-repeat.md deleted file mode 100644 index c81908c211..0000000000 --- a/.changeset/calm-tips-repeat.md +++ /dev/null @@ -1,12 +0,0 @@ ---- -"@hyperdx/otel-collector": minor ---- - -feat: new optimized otel schema based on weeks of benchmarks. - -The Primary Key is now grouped by `toStartOfFiveMinutes`. At extremely large -data sizes, it may be helpful to reduce granularity to 1 minute instead of 5. -Bloom Filter indexes can be used instead, but full text search performs better -across the board. Additionally, tests show that TimestampTime is effectively -not necessary, which is especially true with data grouped by 5 minute -boundaries by default. diff --git a/.changeset/clever-sources-disable.md b/.changeset/clever-sources-disable.md deleted file mode 100644 index 17d0e93dc9..0000000000 --- a/.changeset/clever-sources-disable.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -"@hyperdx/common-utils": minor -"@hyperdx/api": minor -"@hyperdx/app": minor ---- - -Add ability to disable data sources with improved UX - diff --git a/.changeset/cool-students-camp.md b/.changeset/cool-students-camp.md deleted file mode 100644 index 20b1e7d60c..0000000000 --- a/.changeset/cool-students-camp.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -"@hyperdx/common-utils": patch -"@hyperdx/app": patch ---- - -fix: Infer singular quantileXXX() from MV quantilesXXXState() diff --git a/.changeset/deep-years-see.md b/.changeset/deep-years-see.md deleted file mode 100644 index 3bb1864d8a..0000000000 --- a/.changeset/deep-years-see.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -'@hyperdx/app': patch ---- - -Support per-signal OTLP exporter endpoints for Hyperdx internal telemetry diff --git a/.changeset/dirty-rings-report.md b/.changeset/dirty-rings-report.md deleted file mode 100644 index ae9908c25a..0000000000 --- a/.changeset/dirty-rings-report.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -"@hyperdx/common-utils": minor -"@hyperdx/api": minor -"@hyperdx/app": minor ---- - -feat: Add per-series number formats diff --git a/.changeset/dry-donkeys-add.md b/.changeset/dry-donkeys-add.md deleted file mode 100644 index d57841aeee..0000000000 --- a/.changeset/dry-donkeys-add.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -"@hyperdx/api": minor -"@hyperdx/common-utils": patch -"@hyperdx/cli": patch ---- - -Add support for event patterns in MCP server, reduce code duplication diff --git a/.changeset/dry-dryers-complain.md b/.changeset/dry-dryers-complain.md deleted file mode 100644 index 45287f0a60..0000000000 --- a/.changeset/dry-dryers-complain.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@hyperdx/common-utils": patch ---- - -feat: adds optimization for lucene rendering based on a keyvalue concatenated Array(String) diff --git a/.changeset/external-api-heatmap.md b/.changeset/external-api-heatmap.md deleted file mode 100644 index 6008c383f0..0000000000 --- a/.changeset/external-api-heatmap.md +++ /dev/null @@ -1,17 +0,0 @@ ---- -'@hyperdx/api': minor ---- - -feat(api): support heatmap tiles in external dashboards API - -Heatmap is the only builder-mode display type that did not round-trip -through the external dashboards API. The serializer dropped it into the -"unsupported" fall-through, so creating, fetching, and updating heatmap -tiles via `/api/v2/dashboards` lost the config. Heatmap now serializes -and parses on both directions, with `valueExpression`, -`countExpression`, `heatmapScaleType`, and `numberFormat` preserved -across save/get. The heatmap select item does not expose `aggFn` or -`alias`: the chart-level `displayType: "heatmap"` is the discriminator, -the heatmap aggregation function is fixed internally, and -`HeatmapSeriesEditor` does not render an alias input. Raw-SQL heatmap -remains unsupported (heatmap rendering requires builder mode). diff --git a/.changeset/fix-cli-version.md b/.changeset/fix-cli-version.md deleted file mode 100644 index 1b0fb98525..0000000000 --- a/.changeset/fix-cli-version.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@hyperdx/cli": patch ---- - -Fix CLI version flag reporting hardcoded 0.1.0 instead of the actual package version diff --git a/.changeset/fix-clickstack-switch-color-theme-token.md b/.changeset/fix-clickstack-switch-color-theme-token.md deleted file mode 100644 index 04f2a70827..0000000000 --- a/.changeset/fix-clickstack-switch-color-theme-token.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -'@hyperdx/app': patch ---- - -fix: ClickStack switch checked-state color not applying theme tokens diff --git a/.changeset/fix-mcp-query-schema.md b/.changeset/fix-mcp-query-schema.md deleted file mode 100644 index 2471d6cfa5..0000000000 --- a/.changeset/fix-mcp-query-schema.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -'@hyperdx/api': patch ---- - -fix: flatten MCP query tool schema so SDK serializes inputSchema correctly diff --git a/.changeset/forty-beers-applaud.md b/.changeset/forty-beers-applaud.md deleted file mode 100644 index 341a8cbf1c..0000000000 --- a/.changeset/forty-beers-applaud.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@hyperdx/common-utils": patch ---- - -Fix issue with incorrect cache key being set in settings queries in nodejs diff --git a/.changeset/gold-snakes-repeat.md b/.changeset/gold-snakes-repeat.md deleted file mode 100644 index ea3ecd413f..0000000000 --- a/.changeset/gold-snakes-repeat.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -"@hyperdx/common-utils": minor -"@hyperdx/api": minor -"@hyperdx/app": minor ---- - -feat: introducing rollup and source support for full autocomplete diff --git a/.changeset/gorgeous-parrots-tie.md b/.changeset/gorgeous-parrots-tie.md deleted file mode 100644 index a94370c465..0000000000 --- a/.changeset/gorgeous-parrots-tie.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -"@hyperdx/api": minor -"@hyperdx/app": minor ---- - -Add support for increase aggFn on sum counter metrics and rewrite sum metric rate computation to fix correctness issues. diff --git a/.changeset/hdx-2150-deep-review-followups.md b/.changeset/hdx-2150-deep-review-followups.md deleted file mode 100644 index ff2c07d39a..0000000000 --- a/.changeset/hdx-2150-deep-review-followups.md +++ /dev/null @@ -1,23 +0,0 @@ ---- -'@hyperdx/api': patch -'@hyperdx/common-utils': patch ---- - -External Dashboards API: tighten validation around container/tab references -on the v2 dashboards routes. - -- Cap tile `containerId` and `tabId` at 256 characters to mirror the - internal `DashboardContainer` schema and the `DASHBOARD_CONTAINER_ID_MAX` - constant, now exported from `@hyperdx/common-utils`. -- Cap a single dashboard payload at 500 tiles via the new - `DASHBOARD_MAX_TILES` constant to keep one request from pushing tens of - MB into Mongo. -- Treat empty-string `containerId` / `tabId` on legacy Mongo docs as - absent on read, so dashboards predating the containers feature still - round-trip through the external schema's `min(1)` cap. -- Extract the cross-tile container/tab consistency check into a shared - `validateDashboardContainersConsistency` helper so the canonical - schema and the request body schema agree on what a valid payload is. -- OpenAPI now publishes the matching `maxLength` and `maxItems` bounds - on `DashboardContainer.id`, `DashboardContainerTab.id`, the - `containers` array, and the request `tiles` array. diff --git a/.changeset/hdx-2150-deep-review-roundtrip.md b/.changeset/hdx-2150-deep-review-roundtrip.md deleted file mode 100644 index 915a3f66b9..0000000000 --- a/.changeset/hdx-2150-deep-review-roundtrip.md +++ /dev/null @@ -1,32 +0,0 @@ ---- -'@hyperdx/api': patch -'@hyperdx/common-utils': patch ---- - -External Dashboards API: fix `PUT` round-trip when the request body omits -`containers`, and self-heal orphan `containerId` / `tabId` references on -read. - -- Move tile-level container/tab reference resolution out of the request - body schema and into the `POST` and `PUT` handlers, so a `PUT` whose - body omits `containers` validates tile refs against the existing - dashboard's containers (the documented "preserve on omit" branch) - rather than against an empty fallback. Without this, a `PUT` that - changes only `tiles` while keeping a tile homed in a real preserved - container was rejected with `Tile references unknown containerId`. -- Split the shared validation helper into a structure-only pass - (`validateDashboardContainersStructure`) and a tile-ref pass - (`validateDashboardTileContainerRefs`) on - `@hyperdx/common-utils`. The composite - `validateDashboardContainersConsistency` now wraps both, so existing - callers keep their current behavior. -- On read, drop `tile.containerId` / `tile.tabId` when the ref does not - resolve to a container (or tab) in the same dashboard. A pre-existing - doc with an orphan ref now round-trips on `GET` as if the ref were - absent, so the next `PUT` validates instead of failing with - `Tile references unknown containerId`. Each drop is logged with the - dashboard id, tile id, and the offending ref. -- Document in the OpenAPI `PUT /api/v2/dashboards/{id}` description that - the endpoint does not support optimistic concurrency. Concurrent PUTs - may silently overwrite each other; clients should serialize edits to - a given dashboard. diff --git a/.changeset/hdx-2150-external-api-containers-tabs.md b/.changeset/hdx-2150-external-api-containers-tabs.md deleted file mode 100644 index 0b5bb6bac9..0000000000 --- a/.changeset/hdx-2150-external-api-containers-tabs.md +++ /dev/null @@ -1,13 +0,0 @@ ---- -'@hyperdx/api': minor ---- - -External Dashboards API now round-trips the new dashboard organization -layer added in #2015: `containers` on the dashboard, optional `tabs` on each -container, and `containerId` / `tabId` on each tile. Create, get, list, and -update all preserve the structure. The body validates that tile -`containerId` references resolve to a real container, that tile `tabId` -references resolve to a tab inside that container, and that tab ids are -unique within a container. Container id uniqueness is already enforced by -the shared schema. Dashboards saved without `containers` round-trip -unchanged. diff --git a/.changeset/hdx-2150-validators-into-own-module.md b/.changeset/hdx-2150-validators-into-own-module.md deleted file mode 100644 index 2957f40f90..0000000000 --- a/.changeset/hdx-2150-validators-into-own-module.md +++ /dev/null @@ -1,14 +0,0 @@ ---- -'@hyperdx/api': patch -'@hyperdx/common-utils': patch ---- - -Internal refactor: move `validateDashboardContainersStructure` and -`validateDashboardTileContainerRefs` (and their two helper types) out -of `@hyperdx/common-utils/dist/types` into a new -`@hyperdx/common-utils/dist/dashboardValidation` module. The `types` -file now only contains types and type guards, matching the rest of the -codebase. The previously exported `validateDashboardContainersConsistency` -composite was only used by its own unit test and is dropped; production -code in the v2 dashboards router uses the two underlying helpers -directly. No behaviour change for callers of the external API. diff --git a/.changeset/hdx-2212-mcp-containers-tabs.md b/.changeset/hdx-2212-mcp-containers-tabs.md deleted file mode 100644 index 4dd6f6747a..0000000000 --- a/.changeset/hdx-2212-mcp-containers-tabs.md +++ /dev/null @@ -1,12 +0,0 @@ ---- -'@hyperdx/api': minor ---- - -MCP `hyperdx_save_dashboard` now accepts the dashboard organization layer -added in #2201: an optional `containers` array on the dashboard, plus -`containerId` and `tabId` on each tile. The same five cross-field rules -the external API enforces fire on the MCP path: container ids unique, -tab ids unique within a container, tile.containerId resolves, tile.tabId -resolves to a tab on that container, and tile.tabId requires -tile.containerId. The MCP `buildQueryGuidePrompt` documents the new -shape under a CONTAINERS AND TABS section. diff --git a/.changeset/hdx-3044-add-alert-note-field.md b/.changeset/hdx-3044-add-alert-note-field.md deleted file mode 100644 index 09ae00f341..0000000000 --- a/.changeset/hdx-3044-add-alert-note-field.md +++ /dev/null @@ -1,24 +0,0 @@ ---- -'@hyperdx/common-utils': minor -'@hyperdx/api': minor -'@hyperdx/app': minor ---- - -feat: add optional note field to alerts - -Adds a freeform note/reason field to alerts that supports markdown formatting, -allowing on-call responders to document why an alert exists, threshold decision -history, and links to runbooks. - -- New `note` field on the Alert model (optional, max 4096 chars, supports - markdown) -- Note textarea in both the saved-search alert modal and the dashboard tile - alert editor -- Notes displayed on the /alerts page in a collapsible section (hidden by - default) with full markdown rendering -- Alert tabs in the saved-search modal show a red bell firing indicator - alongside the webhook channel icon, matching the AlertStatusIcon pattern - used on dashboard tiles and the app nav -- The Alerts button on the search page shows a red bell icon when at least one - alert in the saved search is firing -- External API v2 updated with `note` field in OpenAPI docs diff --git a/.changeset/hdx-4111-alert-table-filter-expression.md b/.changeset/hdx-4111-alert-table-filter-expression.md deleted file mode 100644 index a22ac376c7..0000000000 --- a/.changeset/hdx-4111-alert-table-filter-expression.md +++ /dev/null @@ -1,20 +0,0 @@ ---- -'@hyperdx/common-utils': minor -'@hyperdx/api': minor -'@hyperdx/app': minor ---- - -refactor(alerts/search): consolidate the saved-search → chart-config builder -into a single shared helper, `buildSearchChartConfig`, in -`@hyperdx/common-utils/core/searchChartConfig.ts`. The app search page, the -alert preview chart, and the scheduled alert task's `SAVED_SEARCH` branch now -all route through it, so `tableFilterExpression`, `implicitColumnExpression`, -sample-weight expressions, SELECT precedence, and the `count()` default -SELECT shape are applied identically by construction. - -Behavior fixes that fall out of consolidation: -- The alert task and the alert preview now apply `source.tableFilterExpression` - on Log sources, matching what the search page already did. -- A latent bug in the search-page builder is fixed: a non-null `filters` - array no longer silently drops the `tableFilterExpression` SQL filter via - spread-overwrite. diff --git a/.changeset/hdx-4125-vercel-preview-inline-api.md b/.changeset/hdx-4125-vercel-preview-inline-api.md deleted file mode 100644 index 3943fa3cb6..0000000000 --- a/.changeset/hdx-4125-vercel-preview-inline-api.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -"@hyperdx/api": patch -"@hyperdx/app": patch ---- - -Enable end-to-end PR testing on Vercel previews by inlining the Express API into the Next.js `/api/[...all]` serverless function (opt-in via `HDX_PREVIEW_INLINE_API=true`). Production deploys (Docker fullstack image, standalone Next output) are unchanged — they keep proxying `/api/*` to the separately-deployed API service. - -Also realigns `clickhouseProxy.ts` with the upstream EE implementation (modulo CHC and RBAC code paths): query params are now parsed from the request URL via `validateAndSanitizePath()` + `URL.searchParams` instead of `req.query`, which fixes a `Setting all is neither a builtin setting nor started with the prefix 'custom_'` regression on Vercel previews where Next.js's `[...all]` catch-all route polluted `req.query`. Adds path-injection hardening, POST-only enforcement, and exposes `X-ClickHouse-Mixed-Response` / `X-ClickHouse-Service-Unavailable` response headers for the browser ClickHouse client. diff --git a/.changeset/hdx-4129-cli-team-switching.md b/.changeset/hdx-4129-cli-team-switching.md deleted file mode 100644 index 81e46eb147..0000000000 --- a/.changeset/hdx-4129-cli-team-switching.md +++ /dev/null @@ -1,21 +0,0 @@ ---- -'@hyperdx/cli': patch ---- - -feat: support multiple teams and kubectx-style team switching in the CLI - -Adds three new commands for users that belong to multiple teams (HyperDX Cloud / -EE): - -- `hdx team list` — list every team the authenticated user belongs to, marking - the active one -- `hdx team current` — print the currently active team -- `hdx team use ` — switch the active team (matched by team ID or - case-insensitive name) - -The active team is persisted to `~/.config/hyperdx/cli/session.json` so the -choice survives across CLI invocations, and the CLI now sends an `x-hdx-team` -header on every API and ClickHouse-proxy request so the server scopes data to -the chosen team. `hdx auth status` also surfaces the active team. - -On single-team OSS deployments these commands are effectively no-ops. diff --git a/.changeset/hdx-4173-redact-webhook-secrets.md b/.changeset/hdx-4173-redact-webhook-secrets.md deleted file mode 100644 index d4334252ff..0000000000 --- a/.changeset/hdx-4173-redact-webhook-secrets.md +++ /dev/null @@ -1,18 +0,0 @@ ---- -'@hyperdx/api': minor -'@hyperdx/app': minor ---- - -fix(security): redact sensitive fields from internal webhook API responses - -The `GET /api/webhooks` endpoint now masks webhook URLs (`/****`) and -redacts header and query parameter values (keys preserved, values replaced with -`****`), preventing team members from retrieving secrets configured by others. - -The `PUT` handler merges redacted markers back to stored values so editing a -webhook without re-entering secrets preserves the originals. Changing the URL -while preserving masked secrets is rejected to prevent exfiltration. - -`GET /api/webhooks`, `POST /api/webhooks`, and `PUT /api/webhooks/:id` -responses now return masked values for `url`, `headers`, and `queryParams` -instead of plaintext secrets. diff --git a/.changeset/heatmap-chart-editor-dashboard.md b/.changeset/heatmap-chart-editor-dashboard.md deleted file mode 100644 index c17ea2fc0e..0000000000 --- a/.changeset/heatmap-chart-editor-dashboard.md +++ /dev/null @@ -1,13 +0,0 @@ ---- -'@hyperdx/app': minor -'@hyperdx/common-utils': patch ---- - -feat: heatmap charts in chart editor and dashboards - -- Heatmap is now a selectable display type in the chart editor tabs -- Dashboard tiles render heatmaps via the shared `DBHeatmapChart` component -- Heatmap source picker restricted to trace sources; value/count expressions auto-populate from the source's duration expression -- Display Settings drawer (scale, value, count) shared across search Event Deltas, chart editor, and dashboards -- Click a dashboard heatmap tile to open Event Deltas with source, where clause, filters, and time range preserved -- Dynamic Y-axis sizing measures formatted tick labels so long labels (e.g. "1.67min") are not clipped diff --git a/.changeset/lucky-adults-jump.md b/.changeset/lucky-adults-jump.md deleted file mode 100644 index 9c9bb3a76e..0000000000 --- a/.changeset/lucky-adults-jump.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@hyperdx/app": patch ---- - -fix: numbers from filters bar was always showing 0 instead of the count diff --git a/.changeset/mcp-table-group-by-on-left.md b/.changeset/mcp-table-group-by-on-left.md deleted file mode 100644 index e23073adaa..0000000000 --- a/.changeset/mcp-table-group-by-on-left.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -'@hyperdx/api': patch ---- - -Add groupByColumnsOnLeft to MCP dashboard table tile schema diff --git a/.changeset/mighty-garlics-refuse.md b/.changeset/mighty-garlics-refuse.md deleted file mode 100644 index 9df49c9d20..0000000000 --- a/.changeset/mighty-garlics-refuse.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@hyperdx/app": patch ---- - -Standardize query param libraries diff --git a/.changeset/proud-hounds-draw.md b/.changeset/proud-hounds-draw.md deleted file mode 100644 index 2457bf9d91..0000000000 --- a/.changeset/proud-hounds-draw.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@hyperdx/api": patch ---- - -Increase MCP rate limit to 10 req/s diff --git a/.changeset/redact-secrets-deep-review-followups.md b/.changeset/redact-secrets-deep-review-followups.md deleted file mode 100644 index 0a5f04ab64..0000000000 --- a/.changeset/redact-secrets-deep-review-followups.md +++ /dev/null @@ -1,32 +0,0 @@ ---- -'@hyperdx/api': patch ---- - -fix(api): tighten redactSecrets after deep-review on #2188 - -Several security/correctness gaps surfaced by deep-review across -two passes on the original redactSecrets PR. - -- The `bearer` value alphabet is now `\S+`. Real-world payloads - carry plenty of opaque non-JWT bearers with `:`, `%`, or quote - chars in them, and any alphabet narrower than `\S+` leaks the - suffix past `[REDACTED]`. RFC 6750's b64token alphabet is a - strict subset of `\S+`. (Same fix subsumes the earlier change - that added `_` to cover JWT signatures.) -- The `basic-auth-url` scheme allowlist now covers - http(s) / ws(s) / ftp / sftp / ssh / postgres(ql) / mysql / - mariadb / mongodb(+srv) / mssql / sqlserver / snowflake / - redis(s) / amqp(s) / kafka(+ssl) / clickhouse / smtp(s) / - ldap(s) / nats. The match is also case-insensitive (RFC 3986 - declares schemes case-insensitive), so `HTTPS://user:pw@host` - no longer bypasses redaction. -- The `llm-vendor-key` pattern now catches OpenAI ("sk-..."), - Anthropic ("sk-ant-..."), and Google Gemini ("AIza..." with 35 - trailing chars). Without Gemini coverage, a Gemini API key in - an observability payload would be exfiltrated to the very - provider that issued it. - -Docstring scopes the redactor explicitly to LLM input. Tests -cover each new shape, the JWT-with-underscore regression, the -opaque-bearer-with-`:` / `%` regressions, the uppercase-scheme -bypass, and the Gemini key shape. diff --git a/.changeset/rich-houses-divide.md b/.changeset/rich-houses-divide.md deleted file mode 100644 index da03d52b7c..0000000000 --- a/.changeset/rich-houses-divide.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -"@hyperdx/common-utils": patch -"@hyperdx/app": patch ---- - -feat: Add more dashboard onClick linking options diff --git a/.changeset/shaggy-experts-collect.md b/.changeset/shaggy-experts-collect.md deleted file mode 100644 index 123e15f84a..0000000000 --- a/.changeset/shaggy-experts-collect.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -"@hyperdx/common-utils": patch -"@hyperdx/app": patch ---- - -feat: Add filter templating to custom dashboard on-click diff --git a/.changeset/slow-bananas-lay.md b/.changeset/slow-bananas-lay.md deleted file mode 100644 index 6b4e1567c8..0000000000 --- a/.changeset/slow-bananas-lay.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -"@hyperdx/common-utils": patch -"@hyperdx/api": patch ---- - -feat: Add custom onClick field to external dashboards API diff --git a/.changeset/smooth-goats-applaud.md b/.changeset/smooth-goats-applaud.md deleted file mode 100644 index a34cf95869..0000000000 --- a/.changeset/smooth-goats-applaud.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@hyperdx/app": patch ---- - -fix: Ensure search histogram count matches result table count diff --git a/.changeset/three-shrimps-complain.md b/.changeset/three-shrimps-complain.md deleted file mode 100644 index 1af9d75885..0000000000 --- a/.changeset/three-shrimps-complain.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -"@hyperdx/common-utils": patch -"@hyperdx/app": patch ---- - -feat: Support import/export for dashboard onClicks diff --git a/.changeset/tidy-pets-shout.md b/.changeset/tidy-pets-shout.md deleted file mode 100644 index 1edc7eaa4a..0000000000 --- a/.changeset/tidy-pets-shout.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -'@hyperdx/api': patch -'@hyperdx/app': patch ---- - -fix: use block_number/block_offset to uniquely identify log rows diff --git a/.env b/.env index 94a302566a..573383864f 100644 --- a/.env +++ b/.env @@ -8,8 +8,8 @@ NEXT_ALL_IN_ONE_IMAGE_NAME_DOCKERHUB=clickhouse/clickstack-all-in-one ALL_IN_ONE_IMAGE_NAME_DOCKERHUB=hyperdx/hyperdx-all-in-one NEXT_OTEL_COLLECTOR_IMAGE_NAME_DOCKERHUB=clickhouse/clickstack-otel-collector OTEL_COLLECTOR_IMAGE_NAME_DOCKERHUB=hyperdx/hyperdx-otel-collector -CODE_VERSION=2.24.1 -IMAGE_VERSION_SUB_TAG=.24.1 +CODE_VERSION=2.25.0 +IMAGE_VERSION_SUB_TAG=.25.0 IMAGE_VERSION=2 IMAGE_NIGHTLY_TAG=2-nightly IMAGE_LATEST_TAG=latest diff --git a/packages/api/CHANGELOG.md b/packages/api/CHANGELOG.md index c5791c6506..1af11a1643 100644 --- a/packages/api/CHANGELOG.md +++ b/packages/api/CHANGELOG.md @@ -1,5 +1,210 @@ # @hyperdx/api +## 2.25.0 + +### Minor Changes + +- eb16df44: Add ability to disable data sources with improved UX +- 143f7a79: feat: Add per-series number formats +- f6a1d021: Add support for event patterns in MCP server, reduce code duplication +- 4d22d4ba: feat(api): support heatmap tiles in external dashboards API + + Heatmap is the only builder-mode display type that did not round-trip + through the external dashboards API. The serializer dropped it into the + "unsupported" fall-through, so creating, fetching, and updating heatmap + tiles via `/api/v2/dashboards` lost the config. Heatmap now serializes + and parses on both directions, with `valueExpression`, + `countExpression`, `heatmapScaleType`, and `numberFormat` preserved + across save/get. The heatmap select item does not expose `aggFn` or + `alias`: the chart-level `displayType: "heatmap"` is the discriminator, + the heatmap aggregation function is fixed internally, and + `HeatmapSeriesEditor` does not render an alias input. Raw-SQL heatmap + remains unsupported (heatmap rendering requires builder mode). + +- 7d7269a7: feat: introducing rollup and source support for full autocomplete +- 4cc5eb3f: Add support for increase aggFn on sum counter metrics and rewrite sum metric rate computation to fix correctness issues. +- 41395ca7: External Dashboards API now round-trips the new dashboard organization + layer added in #2015: `containers` on the dashboard, optional `tabs` on each + container, and `containerId` / `tabId` on each tile. Create, get, list, and + update all preserve the structure. The body validates that tile + `containerId` references resolve to a real container, that tile `tabId` + references resolve to a tab inside that container, and that tab ids are + unique within a container. Container id uniqueness is already enforced by + the shared schema. Dashboards saved without `containers` round-trip + unchanged. +- 41eefec7: MCP `hyperdx_save_dashboard` now accepts the dashboard organization layer + added in #2201: an optional `containers` array on the dashboard, plus + `containerId` and `tabId` on each tile. The same five cross-field rules + the external API enforces fire on the MCP path: container ids unique, + tab ids unique within a container, tile.containerId resolves, tile.tabId + resolves to a tab on that container, and tile.tabId requires + tile.containerId. The MCP `buildQueryGuidePrompt` documents the new + shape under a CONTAINERS AND TABS section. +- d3a5a575: feat: add optional note field to alerts + + Adds a freeform note/reason field to alerts that supports markdown formatting, + allowing on-call responders to document why an alert exists, threshold decision + history, and links to runbooks. + + - New `note` field on the Alert model (optional, max 4096 chars, supports + markdown) + - Note textarea in both the saved-search alert modal and the dashboard tile + alert editor + - Notes displayed on the /alerts page in a collapsible section (hidden by + default) with full markdown rendering + - Alert tabs in the saved-search modal show a red bell firing indicator + alongside the webhook channel icon, matching the AlertStatusIcon pattern + used on dashboard tiles and the app nav + - The Alerts button on the search page shows a red bell icon when at least one + alert in the saved search is firing + - External API v2 updated with `note` field in OpenAPI docs + +- 5c6da48c: refactor(alerts/search): consolidate the saved-search → chart-config builder + into a single shared helper, `buildSearchChartConfig`, in + `@hyperdx/common-utils/core/searchChartConfig.ts`. The app search page, the + alert preview chart, and the scheduled alert task's `SAVED_SEARCH` branch now + all route through it, so `tableFilterExpression`, `implicitColumnExpression`, + sample-weight expressions, SELECT precedence, and the `count()` default + SELECT shape are applied identically by construction. + + Behavior fixes that fall out of consolidation: + + - The alert task and the alert preview now apply `source.tableFilterExpression` + on Log sources, matching what the search page already did. + - A latent bug in the search-page builder is fixed: a non-null `filters` + array no longer silently drops the `tableFilterExpression` SQL filter via + spread-overwrite. + +- a50db927: fix(security): redact sensitive fields from internal webhook API responses + + The `GET /api/webhooks` endpoint now masks webhook URLs (`/****`) and + redacts header and query parameter values (keys preserved, values replaced with + `****`), preventing team members from retrieving secrets configured by others. + + The `PUT` handler merges redacted markers back to stored values so editing a + webhook without re-entering secrets preserves the originals. Changing the URL + while preserving masked secrets is rejected to prevent exfiltration. + + `GET /api/webhooks`, `POST /api/webhooks`, and `PUT /api/webhooks/:id` + responses now return masked values for `url`, `headers`, and `queryParams` + instead of plaintext secrets. + +### Patch Changes + +- fecbfff7: fix: flatten MCP query tool schema so SDK serializes inputSchema correctly +- 41395ca7: External Dashboards API: tighten validation around container/tab references + on the v2 dashboards routes. + + - Cap tile `containerId` and `tabId` at 256 characters to mirror the + internal `DashboardContainer` schema and the `DASHBOARD_CONTAINER_ID_MAX` + constant, now exported from `@hyperdx/common-utils`. + - Cap a single dashboard payload at 500 tiles via the new + `DASHBOARD_MAX_TILES` constant to keep one request from pushing tens of + MB into Mongo. + - Treat empty-string `containerId` / `tabId` on legacy Mongo docs as + absent on read, so dashboards predating the containers feature still + round-trip through the external schema's `min(1)` cap. + - Extract the cross-tile container/tab consistency check into a shared + `validateDashboardContainersConsistency` helper so the canonical + schema and the request body schema agree on what a valid payload is. + - OpenAPI now publishes the matching `maxLength` and `maxItems` bounds + on `DashboardContainer.id`, `DashboardContainerTab.id`, the + `containers` array, and the request `tiles` array. + +- 41395ca7: External Dashboards API: fix `PUT` round-trip when the request body omits + `containers`, and self-heal orphan `containerId` / `tabId` references on + read. + + - Move tile-level container/tab reference resolution out of the request + body schema and into the `POST` and `PUT` handlers, so a `PUT` whose + body omits `containers` validates tile refs against the existing + dashboard's containers (the documented "preserve on omit" branch) + rather than against an empty fallback. Without this, a `PUT` that + changes only `tiles` while keeping a tile homed in a real preserved + container was rejected with `Tile references unknown containerId`. + - Split the shared validation helper into a structure-only pass + (`validateDashboardContainersStructure`) and a tile-ref pass + (`validateDashboardTileContainerRefs`) on + `@hyperdx/common-utils`. The composite + `validateDashboardContainersConsistency` now wraps both, so existing + callers keep their current behavior. + - On read, drop `tile.containerId` / `tile.tabId` when the ref does not + resolve to a container (or tab) in the same dashboard. A pre-existing + doc with an orphan ref now round-trips on `GET` as if the ref were + absent, so the next `PUT` validates instead of failing with + `Tile references unknown containerId`. Each drop is logged with the + dashboard id, tile id, and the offending ref. + - Document in the OpenAPI `PUT /api/v2/dashboards/{id}` description that + the endpoint does not support optimistic concurrency. Concurrent PUTs + may silently overwrite each other; clients should serialize edits to + a given dashboard. + +- 41395ca7: Internal refactor: move `validateDashboardContainersStructure` and + `validateDashboardTileContainerRefs` (and their two helper types) out + of `@hyperdx/common-utils/dist/types` into a new + `@hyperdx/common-utils/dist/dashboardValidation` module. The `types` + file now only contains types and type guards, matching the rest of the + codebase. The previously exported `validateDashboardContainersConsistency` + composite was only used by its own unit test and is dropped; production + code in the v2 dashboards router uses the two underlying helpers + directly. No behaviour change for callers of the external API. +- 29586e7b: Enable end-to-end PR testing on Vercel previews by inlining the Express API into the Next.js `/api/[...all]` serverless function (opt-in via `HDX_PREVIEW_INLINE_API=true`). Production deploys (Docker fullstack image, standalone Next output) are unchanged — they keep proxying `/api/*` to the separately-deployed API service. + + Also realigns `clickhouseProxy.ts` with the upstream EE implementation (modulo CHC and RBAC code paths): query params are now parsed from the request URL via `validateAndSanitizePath()` + `URL.searchParams` instead of `req.query`, which fixes a `Setting all is neither a builtin setting nor started with the prefix 'custom_'` regression on Vercel previews where Next.js's `[...all]` catch-all route polluted `req.query`. Adds path-injection hardening, POST-only enforcement, and exposes `X-ClickHouse-Mixed-Response` / `X-ClickHouse-Service-Unavailable` response headers for the browser ClickHouse client. + +- 1c73d0c4: Add groupByColumnsOnLeft to MCP dashboard table tile schema +- 694e3c92: Increase MCP rate limit to 10 req/s +- eb7fdb4b: fix(api): tighten redactSecrets after deep-review on #2188 + + Several security/correctness gaps surfaced by deep-review across + two passes on the original redactSecrets PR. + + - The `bearer` value alphabet is now `\S+`. Real-world payloads + carry plenty of opaque non-JWT bearers with `:`, `%`, or quote + chars in them, and any alphabet narrower than `\S+` leaks the + suffix past `[REDACTED]`. RFC 6750's b64token alphabet is a + strict subset of `\S+`. (Same fix subsumes the earlier change + that added `_` to cover JWT signatures.) + - The `basic-auth-url` scheme allowlist now covers + http(s) / ws(s) / ftp / sftp / ssh / postgres(ql) / mysql / + mariadb / mongodb(+srv) / mssql / sqlserver / snowflake / + redis(s) / amqp(s) / kafka(+ssl) / clickhouse / smtp(s) / + ldap(s) / nats. The match is also case-insensitive (RFC 3986 + declares schemes case-insensitive), so `HTTPS://user:pw@host` + no longer bypasses redaction. + - The `llm-vendor-key` pattern now catches OpenAI ("sk-..."), + Anthropic ("sk-ant-..."), and Google Gemini ("AIza..." with 35 + trailing chars). Without Gemini coverage, a Gemini API key in + an observability payload would be exfiltrated to the very + provider that issued it. + + Docstring scopes the redactor explicitly to LLM input. Tests + cover each new shape, the JWT-with-underscore regression, the + opaque-bearer-with-`:` / `%` regressions, the uppercase-scheme + bypass, and the Gemini key shape. + +- 9d5f14f3: feat: Add custom onClick field to external dashboards API +- 88b2b646: fix: use block_number/block_offset to uniquely identify log rows +- Updated dependencies [a5294f8d] +- Updated dependencies [eb16df44] +- Updated dependencies [24699cde] +- Updated dependencies [143f7a79] +- Updated dependencies [f6a1d021] +- Updated dependencies [aa1a8523] +- Updated dependencies [022fe893] +- Updated dependencies [7d7269a7] +- Updated dependencies [41395ca7] +- Updated dependencies [41395ca7] +- Updated dependencies [41395ca7] +- Updated dependencies [d3a5a575] +- Updated dependencies [5c6da48c] +- Updated dependencies [ef571cc0] +- Updated dependencies [c2a9f96f] +- Updated dependencies [a36c5b19] +- Updated dependencies [9d5f14f3] +- Updated dependencies [401dff5a] + - @hyperdx/common-utils@0.19.0 + ## 2.24.1 ### Patch Changes diff --git a/packages/api/package.json b/packages/api/package.json index 2b8271c4e8..56a556cf66 100644 --- a/packages/api/package.json +++ b/packages/api/package.json @@ -1,6 +1,6 @@ { "name": "@hyperdx/api", - "version": "2.24.1", + "version": "2.25.0", "license": "MIT", "private": true, "engines": { @@ -11,7 +11,7 @@ "@ai-sdk/openai": "^3.0.47", "@braintree/sanitize-url": "^7.1.1", "@esm2cjs/p-queue": "^7.3.0", - "@hyperdx/common-utils": "^0.18.1", + "@hyperdx/common-utils": "^0.19.0", "@hyperdx/node-opentelemetry": "^0.9.0", "@hyperdx/passport-local-mongoose": "^9.0.1", "@modelcontextprotocol/sdk": "^1.27.1", diff --git a/packages/app/CHANGELOG.md b/packages/app/CHANGELOG.md index 4cd8994493..07c9e8432c 100644 --- a/packages/app/CHANGELOG.md +++ b/packages/app/CHANGELOG.md @@ -1,5 +1,120 @@ # @hyperdx/app +## 2.25.0 + +### Minor Changes + +- eb16df44: Add ability to disable data sources with improved UX +- 143f7a79: feat: Add per-series number formats +- 7d7269a7: feat: introducing rollup and source support for full autocomplete +- 4cc5eb3f: Add support for increase aggFn on sum counter metrics and rewrite sum metric rate computation to fix correctness issues. +- d3a5a575: feat: add optional note field to alerts + + Adds a freeform note/reason field to alerts that supports markdown formatting, + allowing on-call responders to document why an alert exists, threshold decision + history, and links to runbooks. + + - New `note` field on the Alert model (optional, max 4096 chars, supports + markdown) + - Note textarea in both the saved-search alert modal and the dashboard tile + alert editor + - Notes displayed on the /alerts page in a collapsible section (hidden by + default) with full markdown rendering + - Alert tabs in the saved-search modal show a red bell firing indicator + alongside the webhook channel icon, matching the AlertStatusIcon pattern + used on dashboard tiles and the app nav + - The Alerts button on the search page shows a red bell icon when at least one + alert in the saved search is firing + - External API v2 updated with `note` field in OpenAPI docs + +- 5c6da48c: refactor(alerts/search): consolidate the saved-search → chart-config builder + into a single shared helper, `buildSearchChartConfig`, in + `@hyperdx/common-utils/core/searchChartConfig.ts`. The app search page, the + alert preview chart, and the scheduled alert task's `SAVED_SEARCH` branch now + all route through it, so `tableFilterExpression`, `implicitColumnExpression`, + sample-weight expressions, SELECT precedence, and the `count()` default + SELECT shape are applied identically by construction. + + Behavior fixes that fall out of consolidation: + + - The alert task and the alert preview now apply `source.tableFilterExpression` + on Log sources, matching what the search page already did. + - A latent bug in the search-page builder is fixed: a non-null `filters` + array no longer silently drops the `tableFilterExpression` SQL filter via + spread-overwrite. + +- a50db927: fix(security): redact sensitive fields from internal webhook API responses + + The `GET /api/webhooks` endpoint now masks webhook URLs (`/****`) and + redacts header and query parameter values (keys preserved, values replaced with + `****`), preventing team members from retrieving secrets configured by others. + + The `PUT` handler merges redacted markers back to stored values so editing a + webhook without re-entering secrets preserves the originals. Changing the URL + while preserving masked secrets is rejected to prevent exfiltration. + + `GET /api/webhooks`, `POST /api/webhooks`, and `PUT /api/webhooks/:id` + responses now return masked values for `url`, `headers`, and `queryParams` + instead of plaintext secrets. + +- ef571cc0: feat: heatmap charts in chart editor and dashboards + + - Heatmap is now a selectable display type in the chart editor tabs + - Dashboard tiles render heatmaps via the shared `DBHeatmapChart` component + - Heatmap source picker restricted to trace sources; value/count expressions auto-populate from the source's duration expression + - Display Settings drawer (scale, value, count) shared across search Event Deltas, chart editor, and dashboards + - Click a dashboard heatmap tile to open Event Deltas with source, where clause, filters, and time range preserved + - Dynamic Y-axis sizing measures formatted tick labels so long labels (e.g. "1.67min") are not clipped + +### Patch Changes + +- a5294f8d: fix: prevent false "data source not set" error on markdown dashboard tiles +- 24699cde: fix: Infer singular quantileXXX() from MV quantilesXXXState() +- 4e9caeca: Support per-signal OTLP exporter endpoints for Hyperdx internal telemetry +- 32b38c33: fix: ClickStack switch checked-state color not applying theme tokens +- 29586e7b: Enable end-to-end PR testing on Vercel previews by inlining the Express API into the Next.js `/api/[...all]` serverless function (opt-in via `HDX_PREVIEW_INLINE_API=true`). Production deploys (Docker fullstack image, standalone Next output) are unchanged — they keep proxying `/api/*` to the separately-deployed API service. + + Also realigns `clickhouseProxy.ts` with the upstream EE implementation (modulo CHC and RBAC code paths): query params are now parsed from the request URL via `validateAndSanitizePath()` + `URL.searchParams` instead of `req.query`, which fixes a `Setting all is neither a builtin setting nor started with the prefix 'custom_'` regression on Vercel previews where Next.js's `[...all]` catch-all route polluted `req.query`. Adds path-injection hardening, POST-only enforcement, and exposes `X-ClickHouse-Mixed-Response` / `X-ClickHouse-Service-Unavailable` response headers for the browser ClickHouse client. + +- 6811ea05: fix: numbers from filters bar was always showing 0 instead of the count +- 3af4e920: Standardize query param libraries +- c2a9f96f: feat: Add more dashboard onClick linking options +- a36c5b19: feat: Add filter templating to custom dashboard on-click +- 6dc5d01d: fix: Ensure search histogram count matches result table count +- 401dff5a: feat: Support import/export for dashboard onClicks +- 88b2b646: fix: use block_number/block_offset to uniquely identify log rows +- Updated dependencies [a5294f8d] +- Updated dependencies [eb16df44] +- Updated dependencies [24699cde] +- Updated dependencies [143f7a79] +- Updated dependencies [f6a1d021] +- Updated dependencies [aa1a8523] +- Updated dependencies [4d22d4ba] +- Updated dependencies [fecbfff7] +- Updated dependencies [022fe893] +- Updated dependencies [7d7269a7] +- Updated dependencies [4cc5eb3f] +- Updated dependencies [41395ca7] +- Updated dependencies [41395ca7] +- Updated dependencies [41395ca7] +- Updated dependencies [41395ca7] +- Updated dependencies [41eefec7] +- Updated dependencies [d3a5a575] +- Updated dependencies [5c6da48c] +- Updated dependencies [29586e7b] +- Updated dependencies [a50db927] +- Updated dependencies [ef571cc0] +- Updated dependencies [1c73d0c4] +- Updated dependencies [694e3c92] +- Updated dependencies [eb7fdb4b] +- Updated dependencies [c2a9f96f] +- Updated dependencies [a36c5b19] +- Updated dependencies [9d5f14f3] +- Updated dependencies [401dff5a] +- Updated dependencies [88b2b646] + - @hyperdx/common-utils@0.19.0 + - @hyperdx/api@2.25.0 + ## 2.24.1 ### Patch Changes diff --git a/packages/app/package.json b/packages/app/package.json index e12fde546d..7271105a04 100644 --- a/packages/app/package.json +++ b/packages/app/package.json @@ -1,6 +1,6 @@ { "name": "@hyperdx/app", - "version": "2.24.1", + "version": "2.25.0", "private": true, "license": "MIT", "engines": { @@ -38,7 +38,7 @@ "@hookform/resolvers": "^3.9.0", "@hyperdx/api": "workspace:*", "@hyperdx/browser": "^0.22.1", - "@hyperdx/common-utils": "^0.18.1", + "@hyperdx/common-utils": "^0.19.0", "@hyperdx/node-opentelemetry": "^0.9.0", "@mantine/core": "^9.0.0", "@mantine/dates": "^9.0.0", diff --git a/packages/cli/CHANGELOG.md b/packages/cli/CHANGELOG.md index cf2cec27b1..9097522a8b 100644 --- a/packages/cli/CHANGELOG.md +++ b/packages/cli/CHANGELOG.md @@ -1,5 +1,29 @@ # @hyperdx/cli +## 0.4.1 + +### Patch Changes + +- f6a1d021: Add support for event patterns in MCP server, reduce code duplication +- 253cf5b7: Fix CLI version flag reporting hardcoded 0.1.0 instead of the actual package version +- 41043645: feat: support multiple teams and kubectx-style team switching in the CLI + + Adds three new commands for users that belong to multiple teams (HyperDX Cloud / + EE): + + - `hdx team list` — list every team the authenticated user belongs to, marking + the active one + - `hdx team current` — print the currently active team + - `hdx team use ` — switch the active team (matched by team ID or + case-insensitive name) + + The active team is persisted to `~/.config/hyperdx/cli/session.json` so the + choice survives across CLI invocations, and the CLI now sends an `x-hdx-team` + header on every API and ClickHouse-proxy request so the server scopes data to + the chosen team. `hdx auth status` also surfaces the active team. + + On single-team OSS deployments these commands are effectively no-ops. + ## 0.4.0 ### Minor Changes diff --git a/packages/cli/package.json b/packages/cli/package.json index dc6fedaffd..db8dfe83b9 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -1,6 +1,6 @@ { "name": "@hyperdx/cli", - "version": "0.4.0", + "version": "0.4.1", "license": "MIT", "type": "module", "publishConfig": { @@ -28,7 +28,7 @@ "devDependencies": { "@clickhouse/client": "^1.12.1", "@clickhouse/client-common": "^1.12.1", - "@hyperdx/common-utils": "^0.18.1", + "@hyperdx/common-utils": "^0.19.0", "@types/crypto-js": "^4.2.2", "@types/react": "^19.0.0", "@types/sqlstring": "^2.3.2", diff --git a/packages/common-utils/CHANGELOG.md b/packages/common-utils/CHANGELOG.md index 9c8d0cdb5a..c427268f95 100644 --- a/packages/common-utils/CHANGELOG.md +++ b/packages/common-utils/CHANGELOG.md @@ -1,5 +1,124 @@ # @hyperdx/common-utils +## 0.19.0 + +### Minor Changes + +- eb16df44: Add ability to disable data sources with improved UX +- 143f7a79: feat: Add per-series number formats +- 7d7269a7: feat: introducing rollup and source support for full autocomplete +- d3a5a575: feat: add optional note field to alerts + + Adds a freeform note/reason field to alerts that supports markdown formatting, + allowing on-call responders to document why an alert exists, threshold decision + history, and links to runbooks. + + - New `note` field on the Alert model (optional, max 4096 chars, supports + markdown) + - Note textarea in both the saved-search alert modal and the dashboard tile + alert editor + - Notes displayed on the /alerts page in a collapsible section (hidden by + default) with full markdown rendering + - Alert tabs in the saved-search modal show a red bell firing indicator + alongside the webhook channel icon, matching the AlertStatusIcon pattern + used on dashboard tiles and the app nav + - The Alerts button on the search page shows a red bell icon when at least one + alert in the saved search is firing + - External API v2 updated with `note` field in OpenAPI docs + +- 5c6da48c: refactor(alerts/search): consolidate the saved-search → chart-config builder + into a single shared helper, `buildSearchChartConfig`, in + `@hyperdx/common-utils/core/searchChartConfig.ts`. The app search page, the + alert preview chart, and the scheduled alert task's `SAVED_SEARCH` branch now + all route through it, so `tableFilterExpression`, `implicitColumnExpression`, + sample-weight expressions, SELECT precedence, and the `count()` default + SELECT shape are applied identically by construction. + + Behavior fixes that fall out of consolidation: + + - The alert task and the alert preview now apply `source.tableFilterExpression` + on Log sources, matching what the search page already did. + - A latent bug in the search-page builder is fixed: a non-null `filters` + array no longer silently drops the `tableFilterExpression` SQL filter via + spread-overwrite. + +### Patch Changes + +- a5294f8d: fix: prevent false "data source not set" error on markdown dashboard tiles +- 24699cde: fix: Infer singular quantileXXX() from MV quantilesXXXState() +- f6a1d021: Add support for event patterns in MCP server, reduce code duplication +- aa1a8523: feat: adds optimization for lucene rendering based on a keyvalue concatenated Array(String) +- 022fe893: Fix issue with incorrect cache key being set in settings queries in nodejs +- 41395ca7: External Dashboards API: tighten validation around container/tab references + on the v2 dashboards routes. + + - Cap tile `containerId` and `tabId` at 256 characters to mirror the + internal `DashboardContainer` schema and the `DASHBOARD_CONTAINER_ID_MAX` + constant, now exported from `@hyperdx/common-utils`. + - Cap a single dashboard payload at 500 tiles via the new + `DASHBOARD_MAX_TILES` constant to keep one request from pushing tens of + MB into Mongo. + - Treat empty-string `containerId` / `tabId` on legacy Mongo docs as + absent on read, so dashboards predating the containers feature still + round-trip through the external schema's `min(1)` cap. + - Extract the cross-tile container/tab consistency check into a shared + `validateDashboardContainersConsistency` helper so the canonical + schema and the request body schema agree on what a valid payload is. + - OpenAPI now publishes the matching `maxLength` and `maxItems` bounds + on `DashboardContainer.id`, `DashboardContainerTab.id`, the + `containers` array, and the request `tiles` array. + +- 41395ca7: External Dashboards API: fix `PUT` round-trip when the request body omits + `containers`, and self-heal orphan `containerId` / `tabId` references on + read. + + - Move tile-level container/tab reference resolution out of the request + body schema and into the `POST` and `PUT` handlers, so a `PUT` whose + body omits `containers` validates tile refs against the existing + dashboard's containers (the documented "preserve on omit" branch) + rather than against an empty fallback. Without this, a `PUT` that + changes only `tiles` while keeping a tile homed in a real preserved + container was rejected with `Tile references unknown containerId`. + - Split the shared validation helper into a structure-only pass + (`validateDashboardContainersStructure`) and a tile-ref pass + (`validateDashboardTileContainerRefs`) on + `@hyperdx/common-utils`. The composite + `validateDashboardContainersConsistency` now wraps both, so existing + callers keep their current behavior. + - On read, drop `tile.containerId` / `tile.tabId` when the ref does not + resolve to a container (or tab) in the same dashboard. A pre-existing + doc with an orphan ref now round-trips on `GET` as if the ref were + absent, so the next `PUT` validates instead of failing with + `Tile references unknown containerId`. Each drop is logged with the + dashboard id, tile id, and the offending ref. + - Document in the OpenAPI `PUT /api/v2/dashboards/{id}` description that + the endpoint does not support optimistic concurrency. Concurrent PUTs + may silently overwrite each other; clients should serialize edits to + a given dashboard. + +- 41395ca7: Internal refactor: move `validateDashboardContainersStructure` and + `validateDashboardTileContainerRefs` (and their two helper types) out + of `@hyperdx/common-utils/dist/types` into a new + `@hyperdx/common-utils/dist/dashboardValidation` module. The `types` + file now only contains types and type guards, matching the rest of the + codebase. The previously exported `validateDashboardContainersConsistency` + composite was only used by its own unit test and is dropped; production + code in the v2 dashboards router uses the two underlying helpers + directly. No behaviour change for callers of the external API. +- ef571cc0: feat: heatmap charts in chart editor and dashboards + + - Heatmap is now a selectable display type in the chart editor tabs + - Dashboard tiles render heatmaps via the shared `DBHeatmapChart` component + - Heatmap source picker restricted to trace sources; value/count expressions auto-populate from the source's duration expression + - Display Settings drawer (scale, value, count) shared across search Event Deltas, chart editor, and dashboards + - Click a dashboard heatmap tile to open Event Deltas with source, where clause, filters, and time range preserved + - Dynamic Y-axis sizing measures formatted tick labels so long labels (e.g. "1.67min") are not clipped + +- c2a9f96f: feat: Add more dashboard onClick linking options +- a36c5b19: feat: Add filter templating to custom dashboard on-click +- 9d5f14f3: feat: Add custom onClick field to external dashboards API +- 401dff5a: feat: Support import/export for dashboard onClicks + ## 0.18.1 ### Patch Changes diff --git a/packages/common-utils/package.json b/packages/common-utils/package.json index 2bed85e008..cb1eeb404a 100644 --- a/packages/common-utils/package.json +++ b/packages/common-utils/package.json @@ -1,7 +1,7 @@ { "name": "@hyperdx/common-utils", "description": "Common utilities for HyperDX application", - "version": "0.18.1", + "version": "0.19.0", "license": "MIT", "private": true, "files": [ diff --git a/packages/otel-collector/CHANGELOG.md b/packages/otel-collector/CHANGELOG.md index a70e038eb5..255d719609 100644 --- a/packages/otel-collector/CHANGELOG.md +++ b/packages/otel-collector/CHANGELOG.md @@ -1,5 +1,18 @@ # @hyperdx/otel-collector +## 2.25.0 + +### Minor Changes + +- aaba3e95: feat: new optimized otel schema based on weeks of benchmarks. + + The Primary Key is now grouped by `toStartOfFiveMinutes`. At extremely large + data sizes, it may be helpful to reduce granularity to 1 minute instead of 5. + Bloom Filter indexes can be used instead, but full text search performs better + across the board. Additionally, tests show that TimestampTime is effectively + not necessary, which is especially true with data grouped by 5 minute + boundaries by default. + ## 2.24.1 ### Patch Changes diff --git a/packages/otel-collector/package.json b/packages/otel-collector/package.json index 471c905672..3ad4fd6cac 100644 --- a/packages/otel-collector/package.json +++ b/packages/otel-collector/package.json @@ -1,7 +1,7 @@ { "name": "@hyperdx/otel-collector", "description": "HyperDX OpenTelemetry Collector configuration and Docker image", - "version": "2.24.1", + "version": "2.25.0", "license": "MIT", "private": true } diff --git a/yarn.lock b/yarn.lock index c66ac4bc0f..f6da4a6da9 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4337,7 +4337,7 @@ __metadata: "@ai-sdk/openai": "npm:^3.0.47" "@braintree/sanitize-url": "npm:^7.1.1" "@esm2cjs/p-queue": "npm:^7.3.0" - "@hyperdx/common-utils": "npm:^0.18.1" + "@hyperdx/common-utils": "npm:^0.19.0" "@hyperdx/node-opentelemetry": "npm:^0.9.0" "@hyperdx/passport-local-mongoose": "npm:^9.0.1" "@modelcontextprotocol/sdk": "npm:^1.27.1" @@ -4426,7 +4426,7 @@ __metadata: "@hookform/resolvers": "npm:^3.9.0" "@hyperdx/api": "workspace:*" "@hyperdx/browser": "npm:^0.22.1" - "@hyperdx/common-utils": "npm:^0.18.1" + "@hyperdx/common-utils": "npm:^0.19.0" "@hyperdx/node-opentelemetry": "npm:^0.9.0" "@jedmao/location": "npm:^3.0.0" "@mantine/core": "npm:^9.0.0" @@ -4553,7 +4553,7 @@ __metadata: dependencies: "@clickhouse/client": "npm:^1.12.1" "@clickhouse/client-common": "npm:^1.12.1" - "@hyperdx/common-utils": "npm:^0.18.1" + "@hyperdx/common-utils": "npm:^0.19.0" "@types/crypto-js": "npm:^4.2.2" "@types/react": "npm:^19.0.0" "@types/sqlstring": "npm:^2.3.2" @@ -4575,7 +4575,7 @@ __metadata: languageName: unknown linkType: soft -"@hyperdx/common-utils@npm:^0.18.1, @hyperdx/common-utils@workspace:packages/common-utils": +"@hyperdx/common-utils@npm:^0.19.0, @hyperdx/common-utils@workspace:packages/common-utils": version: 0.0.0-use.local resolution: "@hyperdx/common-utils@workspace:packages/common-utils" dependencies: