Make Your Company Data Driven. Connect to any data source, easily visualize, dashboard and share your data.
Docker Tag: redash/redash:10.1.0.b50633
This release includes fixes for three security vulnerabilities (click the links for complete details to see whether your installation is affected):
REDASH_COOKIE_SECRET
is not set explicitly (CVE-2021-41192)state
parameter in OAuth client code affects installations where Google Login is enabled (CVE-2021-43777)It also incorporates several fixes from master that merged after the V10.0 release.
See CHANGELOG for the full release notes.
Huge thanks to Ian Carroll and another reporter who preferred to remain anonymous for responsibly disclosing these vulnerabilities.
Follow our standard upgrade process (reproduced below).
/opt/redash/docker-compose.yml
Redash image reference to redash/redash:10.1.0.b50633
docker-compose stop server scheduler scheduled_worker adhoc_worker
(you might need to list additional services if you updated your configuration)Impact
segment at this link. If your installation is affected, follow the instructions under the Patches
heading to secure the secret fields in your database.Follow the same steps as V10 but for step 5:
docker-compose run --rm server manage db upgrade
redash/redash:10.1.0.b50633
Impact
segment at this link. If your installation is affected, follow the instructions under the Patches
heading to secure the secret fields in your database.Docker Tag: redash/redash:10.0.0.b50363
See CHANGELOG for the full release notes.
Complete upgrade instructions for those coming from V8 -> V10 appear below.
Note: V10 is the first non-beta Redash release since V8. So we expect most users upgrading to V10 are coming from V8. The upgrade from V8->V10 is like any other, but since RQ replaced Celery in this version there are a couple extra modifications that need to be done in your docker-compose.yml
.
If you already run the V9-beta release you already made these changes. You can use the standard upgrade instructions instead.
These steps are performed on the server that runs Docker.
cd /opt/redash
opt/redash/docker-compose.yml
to reference the docker image you want to upgrade to: redash/redash:10.0.0.b50363
services.scheduler.environment
omit QUEUES
and WORKERS_COUNT
and omit environment altogether if it is empty.
5. Under services
, add a new service for general RQ jobs:
worker:
<<: *redash-service
command: worker
environment:
QUEUES: "periodic emails default"
WORKERS_COUNT: 1
docker-compose stop server scheduler scheduled_worker adhoc_worker
(you might need to list additional services if you defined them in your docker-compose.yml
previously)docker-compose up --force-recreate --build
docker-compose run --rm server manage db upgrade
docker-compose up -d
Dashboard URLs now include the dashboard id and slug.
For example, given a dashboard with the slug account-overview
and an id of 251
:
Before
https://redash.app/dashboards/account-overview
After
https://redash.app/dashboards/251-account-overview
The dashboard can also be reached using the new /dashboard
(notice this is singular) endpoint. It accepts either an ID or a slug:
https://redash.app/dashboard/251
https://redash.app/dashboard/account-overview
Either of these will redirect to the After link above. Dashboard ID's are guaranteed to be unique. But dashboards can share the same slug. If a user visits /dashboard/<some slug>
and more than one dashboard exists with that slug, they will be redirected to the earliest created dashboard with that slug.
Docker Tag: redash/redash:10.0.0-beta.b49597
See CHANGELOG for the full release notes.
Typically, if you are running your own instance of Redash and wish to upgrade, you would simply modify the Docker tag in your docker-compose.yml file. Since RQ has replaced Celery in this version, there are a couple extra modifications that need to be done in your docker-compose.yml:
worker:
<<: *redash-service
command: worker
environment:
QUEUES: "periodic emails default"
WORKERS_COUNT: 1
Following that, force a recreation of your containers with docker-compose up --force-recreate --build and you should be good to go.
Docker Tag: redash/redash:9.0.0-beta.b42121
.
See CHANGELOG for the full release notes.
Typically, if you are running your own instance of Redash and wish to upgrade, you would simply modify the Docker tag in your docker-compose.yml file. Since RQ has replaced Celery in this version, there are a couple extra modifications that need to be done in your docker-compose.yml:
worker:
<<: *redash-service
command: worker
environment:
QUEUES: "periodic emails default"
WORKERS_COUNT: 1
Following that, force a recreation of your containers with docker-compose up --force-recreate --build and you should be good to go.
Docker Tag: redash/redash:8.0.0.b32245
.
See CHANGELOG for the full release notes.
Docker Tag: redash/redash:8.0.0-beta.2.b29352
.
See CHANGELOG for the full release notes.
Please read the following before upgrading:
If you're using the tarball deployment and not Docker, you might need to manually update some of the dependencies. Compare your current Python dependencies with the ones in the requirements*.txt
files.
This release adds encryption of your data sources configuration. By default it will use the REDASH_COOKIE_SECRET
as encryption key. But we recommend setting a new key for it using the REDASH_SECRET_KEY
environment variable. Note that you need to set this before running migrations. Otherwise everything will be encrypted with REDSAH_COOKIE_SECRET
.
See CHANGELOG for the full release notes.
Before upgrading to v6.0.0 make sure to clear out the Celery queue (unless upgrade from v6.0.0-beta).
This is the final release of v6.0.0. See v6.0.0-beta for details of what's new in v6.0.0. This release includes only fixes from regressions introduces in the beta version.
This release had contributions from 5 people: @rauchy, @denisov-vlad, @arikfr, @ariarijp, and @gabrieldutra. Thank you, everyone 🙏
Redash v6 beta is now available! 🙌 This release was 2 months in the making and it is full with good stuff!
cached_query_
prefix instead of query_
.There were also important changes to the code and infrastructure:
This is just a summary, you're welcome to review the full CHANGELOG.
This release had contributions from 38 people: @arikfr, @kravets-levko, @jezdez, @kyoshidajp, @kocsmy, @alison985, @gabrieldutra, @washort, @GitSumito, @emtwo, @rauchy, @alexanderlz, @denisov-vlad, @ariarijp, @yoavbls, @zhujunsan, @sjakthol, @koooge, @SakuradaJun, @dmonego, @Udomomo, @cclauss, @combineads, @zaimy, @Trigl, @ralphilius, @jodevsa, @deecay, @igorcanadi, @pashaxp, @hoangphuoc25, @toph, @burnash, @wankdanker, @Yossi-a, @Rovel, @kadrach, and @nicof38. Thank you, everyone 🙏
Happy querying :nerd_face:
v5.0.2: