available release version: cuda v11.8 + cuda v12.8
Release Date: November 11, 2025
Fix
- Collections - Critical interference with visual encodings
- was: collections auto-enablement overwriting color/size/opacity/icon/label encodings - encodings appear for ~1s then fallback to defaults.
- now: meaningful collections detection prevents unnecessary processing, safety net prioritizes existing encodings over defaults.
- status: fixed | action: none required.
- impact: affects all client types (PyGraphistry
.point_color()/.point_size(), GraphistryJS, REST API).
- Collections - Edge coloring with empty edge sets
- was: error or incorrect rendering when collections edge coloring applied to subgraph with no edges.
- now: graceful handling of empty edge sets in collections.
- status: fixed | action: none required.
- impact: Users applying collections to filtered graphs
- Collections - UI guard for edge encoding fallthrough
- was: collections edge encoding could fallthrough causing incorrect visual state.
- now: UI guard prevents problematic fallthrough behavior.
- status: partial | action: none required.
- note: temporary workaround while underlying issue addressed.
- impact: Collections users
- Collections - Prevent mixing base graph and collection encodings on load
- was: collection encodings mixed with base graph encodings on load, causing visual inconsistencies.
- now: encodings kept separate, preventing mixing.
- status: fixed | action: none required.
- impact: Collections users
- Collections - Legend filter race condition mitigation
- was: clicking legend filters during graph load could cause race conditions leading to empty table inspector or incorrect filter states.
- now: type changes prevented during load to reduce race condition likelihood.
- status: partial | action: none required.
- note: additional mitigations continue in subsequent releases.
- impact: Users filtering during graph load
- StreamGL GPU - Encodings race condition mitigation
- was: collections encodings could be overwritten by timing issues in GPU worker, causing visual encoding failures.
- now: improved encodingsUpdated flag timing in encodeNodes/encodeEdges, flag clearing moved to after successful data delivery.
- status: partial | action: none required.
- note: additional mitigations continue in subsequent releases.
- impact: Users with collections and custom visual encodings
- GPU Cache - Critical DataFrame caching leak
- was: forge-etl-python accumulating 15.3GB+ GPU memory over time due to LRU cache holding strong references to cuDF DataFrames.
- now: weak references (
weakref.ref()) with automatic cleanup of dead references, preventing memory accumulation.
- status: partial | action: none required.
- note: major leak fixed, additional autohealing layer for similar issues under development.
- impact: All GPU users - critical stability fix
- GFQL - Edge generation from GUI editor
- was: GUI GFQL editor generating incorrect edge GFQL queries.
- now: correct edge GFQL generated from GUI editor.
- status: fixed | action: none required.
- impact: Users creating GFQL queries via GUI editor
- GFQL - Collections degree properties
- was: degree, degree_in, degree_out properties not handled correctly in collections GFQL.
- now: all degree properties properly supported in collections GFQL queries.
- status: fixed | action: none required.
- impact: GFQL users querying node degree properties
- GFQL - Edge indexing with integer src/dest IDs
- was: incorrect edge indexing when datasets with int src and dest IDs pulled via GFQL.
- now: correct edge indexing for integer ID columns (uses reindexed IDs).
- status: fixed | action: none required.
- impact: GFQL users with integer node IDs
- GFQL - Preserve complex predicates in query builder
- was: switching between query builder and manual GFQL editing wiped out complex predicates.
- now: complex GFQL predicates preserved when switching editing modes and scrolling.
- status: fixed | action: none required.
- impact: GFQL users with complex queries
- Remote GFQL - DataFrame comparison bug causing "15% loading" hang
- was: Dataset loads hung at "15% loading" when reloading persisted datasets with sequential numeric node indices. Error:
ValueError: The truth value of a DataFrame is ambiguous
- now: Fixed comparison: changed
len(src_dst_nodes) == nodes_without_nulls to len(src_dst_nodes) == len(nodes_without_nulls)
- status: fixed | action: none required
- impact: Remote GFQL users loading persisted datasets
- GFQL - Fail-fast behavior for clearer error detection
- was: GFQL failures could cause cascading errors with unclear root cause
- now: Fail-fast with immediate clear error messages
- status: fixed | action: none required
- impact: GFQL users - faster error detection and debugging
- GFQL - Large graph data preservation
- was: Large graphs (>1M edges) could lose data integrity during save/load operations
- now: Full data integrity preserved for large datasets
- status: fixed | action: none required
- impact: Users with large datasets (millions of edges)
- GFQL API - get_dataset_plottable engine parameter handling
- was: get_dataset_plottable API incorrectly passing engine parameter as string instead of object, causing failures
- now: Engine parameter passed correctly to underlying functions
- status: fixed | action: none required
- impact: Users calling get_dataset_plottable API programmatically
- API - Remote GFQL and Python endpoint error handling
- was: Invalid requests returned unclear error codes
- now: Proper 400 HTTP error codes and messages for invalid requests like unexpected call() arguments
- status: fixed | action: none required
- impact: API users debugging invalid requests
- Python Endpoint - Remote 500 errors
- was: Python endpoint crashes with 500 HTTP errors due to process_python_query function signature mismatch causing TypeError with missing required arguments
- now: Correct function signature with all required parameters
- status: fixed | action: none required
- impact: All users calling Python endpoint API
- Auth API - Authentication HTTP status codes
- was: Permission denials returned HTTP 401 (Unauthorized)
- now: Returns HTTP 403 (Forbidden) for authenticated users lacking permissions, improving error clarity
- status: fixed | action: none required
- impact: API users debugging authentication vs authorization errors
- UI Admin - Invitation role dropdown viewer option with upgrade nudge
- was: viewer role option not visible in invitation dropdown, causing confusion.
- now: disabled viewer option shown in dropdown with upgrade nudge to inform users of plan limitations.
- status: fixed | action: none required.
- impact: Enterprise admins inviting users
- UI Admin - Hide extra_num_free_editors field in self-hosted installations
- was: extra_num_free_editors field visible in Organization forms even in self-hosted mode
- now: Field hidden when GRAPHISTRY_CLOUD=False
- status: fixed | action: none required
- impact: Self-hosted enterprise administrators
- UI - Toolbar buttons hanging below toolbar at narrow viewports
- was: Toolbar buttons overflow onto canvas at ~850px and below
- now: Responsive toolbar layout prevents overflow
- status: fixed | action: none required
- impact: Users on narrow screens or mobile devices
- UI - Color encoding panel responsiveness for narrow screens
- was: color encoding panel not responsive on narrow screens, content cut off or inaccessible.
- now: responsive layout down to 650px width, panel always visible and accessible.
- status: fixed | action: none required.
- impact: Mobile and narrow-screen users
- Play Mode - Erroneous square layout with non-zero play time durations
- was: Graph layout incorrectly rendered as square when using play mode with duration
- now: Correct layout rendering with play mode
- status: fixed | action: none required
- impact: Users with slow networks or systems under heavy load
- Camera Controls - Accumulating drag delay bug in camera panning
- was: Camera panning accumulated delay state, causing increasingly sluggish interaction
- now: Uses Observable.defer() pattern to prevent state accumulation in rxjs-gestures NormalizeOperator
- status: fixed | action: none required
- impact: Users panning large graphs
- Data Table - Loading indicator
- was: blank/empty table display while data loading, unclear if loading or no data.
- now: loading ellipsis (...) displayed during data fetch.
- status: fixed | action: none required.
- impact: All users using data table
- Data Table - Button race condition
- was: Clicking Data Table button before graph load caused crashes
- now: Button disabled during load with tooltip "Data Table - Please wait, loading data..." that changes to "Data Table" when ready
- status: fixed | action: none required
- impact: All users accessing data table during graph initialization
- Data Table - Race condition crash on graph load
- was: Critical timeout values hardcoded at 3-5s, causing crashes in high-latency environments
- now: Configurable timeout and retry values via environment variables (GRAPHISTRY_VIZ_TO_GPU_TIMEOUT_MS, GRAPHISTRY_VIZ_TO_GPU_RETRY_COUNT, GRAPHISTRY_HTTP_AGENT_TIMEOUT_MS, GRAPHISTRY_HTTP_AGENT_KEEPALIVE_MS), now default to 30s
- status: fixed | action: none required
- impact: All users, especially high-latency environments
- Data Table - CSV download authentication error
- was: error when downloading CSV from datatable view due to incomplete anonymous dataset download auth code.
- now: proper authentication handling for anonymous dataset downloads.
- status: fixed | action: toggle unauthenticated downloads in the settings page of the user or org that wants to enable that on all their items.
- impact: Users downloading CSV from data table
- Inspector - Data table crash on load and column picker persistence
- was: Inspector crashed when accessing data table during load, column selections not persisted
- now: Fixed load timing and column picker state persistence
- status: fixed | action: none required
- impact: Users inspecting graphs during load
- Inspector - vgraphLoaded race condition
- was: Inspector could crash during rapid interactions with large graphs due to timing issues between vgraphLoaded and data availability
- now: Fixed Falcor container pattern, improved fragment to props synchronization, added setInspectorColumns for reliable data table initialization
- status: fixed | action: none required
- impact: Users inspecting large graphs with rapid interactions
- GPU Service Timeouts - Color and graph rendering issues in high-latency environments
- was: GPU service timeouts too short (3-5s), causing premature failures and rendering issues
- now: Increased GPU service timeouts to 30s default with configurable environment variables
- status: fixed | action: none required
- impact: Users in high-latency environments or under heavy load
- Notebook Builds - Dependency resolution
- was: Notebook builds failing due to conflicting package dependencies
- now: Dependency conflicts resolved with proper version pinning
- status: fixed | action: none required
- impact: Users building custom notebook images
Features
- GeoViz - Kepler.gl geospatial visualization maps
- was: No geospatial map visualization capabilities
- now: Interactive GPU-accelerated maps with Map Mode (full geospatial exploration) and Hybrid Mode (seamlessly combines graph and map views) with time-series playback
- status: released | action: default OFF for enterprise - enable by setting
GRAPHISTRY_ENABLE_KEPLER=true in .env, then restart viz service
- impact: All users with geospatial data - major new visualization mode for location-aware graph analysis
- note: Automatically enabled for cloud/hub deployments (
GRAPHISTRY_CLOUD=true), opt-in for self-hosted enterprise
- Toolbar - Screenshot button on graph toolbar
- Org Settings - Personal org configuration access
- was: only certain plan tiers could configure personal organization settings
- now: paid plan users and all users in self-hosted mode (GRAPHISTRY_CLOUD=False) can config personal org in profile page
- status: released | action: none required
- GFQL - Policy system with tier-based resource governance
- was: No resource limits or algorithm restrictions for GFQL queries, risking system overload
- now: Tier-based limits (memory, CPU, row counts) and algorithm restrictions (hop limits, centrality node limits) enforced per organization/user tier
- status: released | action: none required
- impact: Remote GFQL users - new resource governance prevents runaway queries and ensures fair resource allocation
- GFQL - Persistence with visualization URLs
- was: No server-side dataset persistence from PyGraphistry client, requiring data re-upload for sharing
- now: Remote dataset persistence with immediate visualization URL return, dataset retrieval APIs for reuse
- status: released | action: none required
- impact: PyGraphistry users - enables dataset sharing and reuse without re-uploading
- GFQL - Authentication integration for remote operations
- was: No authentication support for remote GFQL operations from PyGraphistry client
- now: Token-based authentication with secure credential management
- status: released | action: none required
- impact: Remote GFQL users in authenticated environments
- SSO - Microsoft Entra (Azure AD) provider support
- was: No Azure Entra ID/Microsoft Entra authentication provider for enterprise SSO
- now: Full Azure Entra ID SSO with SPA (Single Page Application) support, extended client_id input fields for longer Azure identifiers, automatic tenant ID extraction, improved origin header detection for diverse configurations, and proper SSO invitation workflow integration
- status: released | action: none required
- impact: Enterprise customers using Azure/Microsoft authentication environments
- note: Includes security hardening with SSRF prevention and URL template validation (see Security section)
Security
- GFQL - Critical privacy settings vulnerability in persistence operations
- was: Privacy settings could be lost during GFQL persistence operations, exposing sensitive data
- now: Privacy settings preserved through all GFQL persistence paths with validation
- status: fixed | action: none required
- impact: ALL users - critical data privacy protection for GFQL workflows
- SSO - Azure Entra ID security validations
- was: Missing security validations for SSO URL fields and tenant configurations
- now: SSRF prevention for SSO URL fields, tenant ID validation, error handling for template placeholders
- status: fixed | action: none required
- impact: All SSO deployments - prevents security vulnerabilities in authentication workflows
Infra
- GPU Build - Dual CUDA build system (11.8/12.8) enabling support for both legacy and Blackwell GPUs.
- Observability - Comprehensive OpenTelemetry instrumentation for remote GFQL and Python endpoints with HTTP-level parent spans enabling complete distributed trace visualization in Jaeger. Traces now show full request lifecycle from HTTP entry through dataset loading, policy enforcement, execution phases, with automatic context propagation to 20+ child spans.
-
Environment Variables:
-
ENABLE_TRACE_CONTEXT_LOGGING=true: Adds trace_id/span_id to all log lines, enabling correlation between logs and distributed traces in Jaeger
-
JAEGER_URL: Jaeger UI endpoint (default: http://localhost:16686), allows pointing to external Jaeger instances
-
JAEGER_CONTAINER_NAME: Override service name in traces
- Includes rich searchable attributes (dataset.id, org.slug, error.type) and helper scripts for debugging (
bin/otel/)
- AWS AMI - Fixed NVIDIA 570 driver installation conflicts by pinning all 17 packages to version 570.158.01-0ubuntu1 in single apt transaction, preventing APT from selecting incompatible newer versions during dependency resolution. Also fixed packer template to auto-select availability zones and corrected g4dn instance type typo.
- GCP Image - Fixed NVIDIA 575 driver installation conflicts by creating dedicated GCP driver script with version pinning (575.57.08-0ubuntu1) for all 19 packages including nvidia-modprobe and nvidia-settings in single apt transaction, preventing APT from selecting incompatible newer versions (580.x) during dependency resolution. Added debconf pre-seeding to avoid interactive prompts on Ubuntu 22.04.
Versions
- PyGraphistry - 0.45.7 (was 0.39.1) - Remote GFQL execution with server-side persistence eliminating client round-trips, automatic engine detection (GPU/CPU), and metadata hydration. Critical fixes for authentication workflows, pandas/cuDF/dask engine compatibility crashes, and None dereference errors. Enhanced: GFQL validation/policy system, UMAP GPU fallback, hypergraph flexibility, comprehensive type safety.
- Conda - Upgraded
CONDA_IPYWIDGETS to 8.1.8 (from version 8.1.7).
- JupyterLab Server - Version range updated from 2.27.3 to 2.29 (was fixed at 2.27.3).
Docs
- REST API Docs - pandas
delim_whitespace deprecation guidance with migration steps.
- API Docs - Migration guidance from deprecated
.chain() to .gfql() unified graph query API.
Comments
0 comments
Please sign in to leave a comment.