The interactive file manager requires Javascript. Please enable it or use sftp or scp.
You may still browse the files here.

Name	Modified	Size	InfoDownloads / Week
Parent folder
camunda8-getting-started-bundle-8.9.0-windows-x86_64.zip	2026-04-09	946.0 MB	0
camunda8-getting-started-bundle-8.9.0-linux-x86_64.tar.gz	2026-04-09	924.3 MB	0
camunda8-getting-started-bundle-8.9.0-darwin-x86_64.zip	2026-04-09	930.7 MB	0
camunda8-getting-started-bundle-8.9.0-darwin-aarch64.zip	2026-04-09	923.2 MB	0
camunda8-run-8.9.0-darwin-x86_64.zip	2026-04-09	778.5 MB	0
camunda8-run-8.9.0-darwin-aarch64.zip	2026-04-09	777.9 MB	0
camunda8-run-8.9.0-windows-x86_64.zip	2026-04-09	779.2 MB	0
camunda8-run-8.9.0-linux-x86_64.tar.gz	2026-04-09	778.4 MB	0
CHANGELOG-8.9.0.md	2026-04-07	189.5 kB	0
camunda-db-rdbms-schema-8.9.0.zip	2026-04-07	35.2 kB	0
camunda-db-rdbms-schema-8.9.0.zip.sha1sum	2026-04-07	76 Bytes	0
camunda-optimize-8.9.0-production.tar.gz	2026-04-07	145.9 MB	0
camunda-optimize-8.9.0-production.tar.gz.sha1sum	2026-04-07	83 Bytes	0
camunda-zeebe-8.9.0.tar.gz	2026-04-07	382.1 MB	0
camunda-zeebe-8.9.0.tar.gz.sha1sum	2026-04-07	69 Bytes	0
camunda-zeebe-8.9.0.zip	2026-04-07	382.2 MB	0
camunda-zeebe-8.9.0.zip.sha1sum	2026-04-07	66 Bytes	0
8.9.0 source code.tar.gz	2026-04-07	33.0 MB	0
8.9.0 source code.zip	2026-04-07	50.4 MB	2
README.md	2026-04-07	115.7 kB	0
Totals: 20 Items		7.8 GB	2

version:8.9.0

Enhancements

Java Client

API: Allow filtering and sorting by BusinessId in process instances search queries (#47246)
Support handling GET requests with empty responses in the java client (#37243)
Use OffsetDateTime for date-time fields in java client (#33678)

Misc

feat: Add tests for multi-JWKS support (#47217)
feat: Support multiple JWKS endpoints per OIDC issuer (#47213)
Use the businessIdUniqueness config to toggle validation logic in the engine (#45715)
Expose configuration property for business Id uniqueness validation (#45714)
Engine: Propagate Business Id to child process instances (Call Activity: inherit-only for MVP) (#44980)
Gateway: Stable partition routing for Business Id uniqueness (#44979)
API: Support Business Id on process instance start (REST + gRPC) (#44977)
Optimize: support extraConfiguration via SPRING_CONFIG_IMPORT (parity with orchestration) (#44820)
[Spring SDK] Workflow for compatibility tests (#41948)
[Spring SDK] Add integration tests (#41947)
[Spring SDK] Configure revapi (#41941)
[CPT] Compatibility tests workflow (#41917)
[Camunda Client] Workflow for compatibility tests (#41916)
[Camunda Client] Adjust acceptance test pom with new testing profile and client versioning (#41914)
[Camunda Client] Create new annotation @CompatibilityTest for testing (#41913)
[CPT: DSL] Assert process instance (#41298)
[CPT: DSL] Throw BPMN error (#41267)
[CPT: DSL] Create process instance (#41230)
Improve backup/restore usability: always ensure missing index templates are created (>=8.8) (#40675)
Restore to match RDBMS (#40233)
[EPIC]: As a engineer I want to run a load test for a specific supported version (#38829)
Mark batchOperations as FAILED if all partitions have failed (#37821)
Introduce a write latency metric for the meta store (#36348)
Allow users to always open variable value editor in a completed process instance on Operate (#32516)
Handle user experience for "no permission to operation" (#29895)
[CPT] I can use a test environment globally (#29131)
Use element instances search C8 API endpoint for instance history in Operate UI (#27330)
[CPT] Assert that a message was correlated to a process instance (#23291)
[CPT] I can add a custom containers to the runtime (#23158)
[CPT] Generate a process coverage diagram (#23153)
I can download the diagram as bpmn xml file (#22005)
Cluster health endpoint (#20921)
[CPT] I can deploy resources via test annotation (#19178)

Bug Fixes

Broker

Deploying too many versions of a large process can lead to startup problems (#11253)
RoleChangeListener is not called after becoming Leader (#4409)

Gateway

NullPointerException in MCP gateway for null userTaskKey in getUserTask (#48201)
NullPointerException in MCP gateway for null userTaskKey in searchUserTaskVariables (#48197)
NullPointerException in MCP gateway for null incidentKey in resolveIncident (#48196)
Partition retry inconsistency between gRPC and REST gateways for process instance creation (#46756)
Gateway can easily overwhelm broker with handling blocking jobs (long polling) (#7659)

Java Client

[CPT] Slow test execution and test failures if the client prefers REST (#45667)
Client failure handling ends in Stackoverflow (#34597)

Misc

SUSPEND audit log entityKey does not match batchOperationKey (#50311)
Evaluate an expression API response schema expects result to be unknown, not null (#50091)
Scheduled flush timer in CamundaExporter get starved under sustained load (#49820)
Failure to deserialise DbCheckpointState (#49812)
NullPointerException for OperationType when handling BatchOperationChunkRecordValue (#49765)
Task is not highlighted after navigating to History tab (#49707)
Audit Log API: Sentinel Values Returned Instead of null (#49564)
RESUME audit log entityKey does not match batchOperationKey (#49513)
Inconsistent display: Identity name shows as 'Identity' in dashboard/app switcher but as 'Admin' in cluster details (Helm Chart, 8.9 snapshot) (#49512)
Missing Navigation to Root Decision Instance in DMN Incidents (#49425)
Batch Operation Details page cannot be scrolled (#49410)
Delete decision instance returns 404 instead of 403 (#49280)
Incident tab context remains visible after incident resolution in Operate details view (#49220)
fix: POST /groups/search 500 response uses bare $ref to schema instead of proper Response Object (#49197)
OpenAPI spec: DecisionEvaluationById.variables has incorrect description ("message variables") (#49190)
Swagger UI POST requests results in a 401 with CSRF validation error (#48902)
Delete decision instance API cannot use key returned by Get decision instance (#48867)
Authorization search endpoint does not return page.startCursor and page.endCursor (#48857)
USER_TASK authorization cannot be re-created (#48847)
Fullscreen toggle does not work in Operate diagram controls (Chrome) (#48823)
Operate: Navigating to parent process from Call Activity link causes page to continuously jump (#48807)
UI: No margin in Input/Output Mappings panel list (#48801)
Process instance details page doesn't handle permission errors on process instance history (#48728)
MCP gateway: invalid search filter values cause 500 with Java class name leak (#48578)
Recoverable exceptions in a ZeebeTransaction are not logged (#48538)
Batch move of regular ad-hoc subprocess corrupts the process instance (#48530)
Operate UI shows incorrect token count when moving MI instances to an outside element (#48527)
Process Instance with tag does not complete (#48502)
duplicate WHERE clause in MessageSubscriptionMapper getProcessDefinitionStatistics query (#48387)
Tooltip not displaying correctly when hover over on the 3 dots for batch operation details page (#48386)
[CPT] An assertion error in CamundaProcessTestContext is wrapped inside an UndeclaredThrowableException (Spring) (#48359)
Broker fails to start after a restart: Liquibase cannot a quire lock (#48332)
Admin Operations Log. Filters are using different styles and some filters can't be reset (#48279)
Client Entity Incorrectly Labeled as "User" in Admin Operations Log (#48256)
Swagger UI again only works using the authenticated tab (#48243)
Task History tab content is not updated after some operation was perform (#48240)
Excessive v2/element-instances/search requests and Instance History flickering on navigation (#48198)
NullPointerException in MCP gateway for null incident key parameter (#48195)
Optimize-client: Make maven build resilient to 'yarn install' failures (#48153)
Raft bootstrap can block broker shutdown (#48136)
Persistent web sessions broken on H2 - CAST(? AS BLOB) type mismatch (#48092)
Resource access check failing when retrieving specific Global Task Listeners via API (#48056)
Task History. Details modal window cannot be open for completed tasks (#48013)
Resolve incident. Different statuses are returned for batch and single process instance operations (#48011)
400 Bad Request for unsupported fields in Search Process Definitions when isLatestVersion is true (#47959)
Process instance creation not evenly distributed due to repeated recreation of roundRobinDispatchStrategy (#47955)
Add Playwright testing for Swagger UI (#47889)
Unauthenticated OIDC API requests return an invalid OAuth 2.0 Protected Resource Metadata link (#47773)
History deletion job fails on operate-operation index update since it is archived (#47680)
[CPT] Process coverage report doesn't show completed ad-hoc sub-process elements (#47653)
Flaky test: use RecordingExporter.await() instead of Awaitility.await() in MultiPartitionDeploymentLifecycleTest (#47626)
Element instance IDs do not get updated after job-worker to camunda user task migration (#47609)
Optimize FE crashes with invalid dashboard filters (#47595)
Restore fails when exporter position is -1 (#47587)
Optimize: spring.config.import cannot process YAML list (#47473)
Optimize: spring.config.import ignores entries with whitespaces (#47472)
Camunda user task can not be migrated after migration from job-worker user task (#47408)
Scale up after scale down do not work with dynamic node id provider (#47335)
AuthorizationRequest missing equals()/hashCode() renders authorization cache ineffective (#47193)
Usage metrics dated indices are not included in backup snapshots (#47122)
Tasklist v1 endpoints unavailable in c8Run (main/8.10 and 8.9) with ElasticSearch (#47006)
Tasklist v2 variables search endpoint returns fewer variables (#46967)
MCP gateway should return serialized JSON text response along with structuredContent (#46949)
REST API returns null for evaluatedDecisions/decisionDefinitionType (POST /decision-definitions/evaluation) (#46920)
Bug: brokerStartup health indicator incorrectly assigned to readiness group for broker (#46879)
Authorizations have an overhead even if disabled (#46873)
Properly use Tasklist properties in ClientConfig instead of ENV vars (#46839)
Verbose error messages leaking backend details during deployment operations (#46793)
Misleading “no processes deployed” message when no running instances exist (#46791)
Pattern for processDefinitionId in openapi schema is not working for unicode characters (UTF8) (#46782)
Delete processes and decisions isntance failed with invalid state (#46675)
Search element instance incidents API returns 500 when sorting by errorMessage (#46661)
[CPT] Tests are getting slower with increasing number of test executions (#46638)
fix: mark tenantId as nullable in cluster variable OpenAPI response schema (#46635)
@Deployment annotation on @SpringBootTest test class silently ignored since 8.8 (#46557)
Batch operation related to historic data deletion are marked as completed before the data is deleted (#46526)
Operate incident retry button spinner does not stop after retry (#46466)
RDBMS exporter nullifies errorMessage on incident resolution (#46395)
Snapshot replication is interrupted by heartbeats (#46345)
Optimize Authentication Error (#46344)
Add required and nullable to fields in getProcessInstance, deployResource, and license (#46271)
Backup frequency matches checkpoint frequency (#46232)
RootProcessInstanceKey incorrectly defined as domain type (#46207)
Tablist is scrollable in bottom right panel in Operate UI (#45995)
Learn more button is focused when opening input mappings tab (#45994)
Details page does not show affected item key for certain batch operation types (#45988)
Fonts in Optimize UI are not rendered properly when in an environment without internet access (#45970)
API search request fails due to missing property in elasticsearch client (#45809)
Variables do not load for multi-instance elements with multiple instances (#45765)
[8.9.0-alpha4+] Legacy Operate OpensearchConnector ignores awsEnabled — crashes on IRSA deployments (#45761)
User is able to select and try to move an canceled element instance (#45718)
Harden index prefix configuration to prevent ILM from deleting unified indices (Zeebe records vs secondary storage) (#45705)
Make history deletion use process instance key, not root process instance key (#45635)
Unable to log in without explicitly configuring the OIDC callback/redirect URI (#45555)
Wrong instances count on multi instance bodies in modification mode (#45553)
SM 8.8 → 8.9 alpha4 migration breaks login/OC access (#45302)
Operate UI allows applying modification with only variable changes, returns 'Modification failed' error (#45268)
[CPT] Allow setting preferRestOverGrpc=true in CamundaSpringCamundaProcessTest (#45177)
Operate – Incorrect process instances count when selecting flow node without active token (#45156)
Processes with variables with a dot in the name are breaking when a variable that's a prefix of the exist in the same process instance (#45136)
incidentErrorHashCode filter param is ignored on process instances search endpoint (#45129)
[CPT] Wait until remote engine is ready (#44995)
Moving tokens out of multi-instance subprocess does not combine the tokens (#44955)
Distribution Stuck in Pending State After 8.7 Upgrade (#44908)
RDBMS exporter does not handle BatchOperation.INITIALIZED event, causing state and startDate divergence from ES/OS handling (#44899)
Wrong request payload when fetching AHSP children (#44895)
Client with revoked authorization can keep access by keeping authorization cache alive (#44844)
Batch operation can remain stuck in CREATED or ACTIVE state (#44841)
Bypassing existence check for users and groups assigned to Tenant (#44773)
CPT: User task response does not return customHeaders field (#44731)
I cannot delete history process definition data if the process definition is deleted from primary storage (#44627)
Operate modification dropdown shows flickering, until data is fetched (#44554)
Operate modification dropdown contains wrong entries (add, move, move all, etc.) (#44553)
Form from different tenant returned by Tasklist V1 (#44493)
Fix flaky RdbmsExporterIT.shouldExportCreatedAndDeletedMapping (#44434)
Non unique batchOperationIds in operate-list-view (#44423)
hasFailedWithRetriesLeft not present on searchJobsResult when using RDBMS (#44415)
Process definitions "get process instance statistics" endpoints returns different data when sort param exists in request (#44368)
Swagger UI does not automatically authenticate in SaaS (#44367)
Update with script blocks exporter when target document doesn't exist (#44356)
Error message is returned after navigating to Tasklist and Operate for specific clusters (#44302)
Batch operation details page showing Delete Process Instance for single operation (#44282)
Optimize 8.8.x cannot disable HTTP via CAMUNDA_OPTIMIZE_CONTAINER_PORTS_HTTP / container.ports.http (regression from 8.7) (#44222)
Investigate ProcessDefinitionStatisticsIT tests are taking longer for ES than OS (#44202)
Cursor methods return generic server error when provided with invalid input (#44198)
Lots of conflict error logs when deleting history of a large process instance (#44184)
Document 504 response scenarios for Complete user task API and related endpoints (#44179)
Pagination not working for Batch Operation Details page (#44111)
OC API: custom requestTimeout is ignored for create process instance with result (#43991)
Validate OC REST search request pagination attributes for conflicts (#43977)
Name field is empty for processes without definition name (#43939)
Incorrect specification of MessageCorrelationKey type in spec (#43907)
RocksDB memory usage increased per broker (#43768)
Batch retry includes unselected instances (#43728)
[OC API] Problem content type for success response (#43633)
Adding a default secondaryStorageType in load test (#43475)
User Task assigned event creates multiple audit logs (#43319)
Filter userTasks by localVariables with RDBMS as secondary storage is not working as expected (#43311)
BatchOperationExecutionExecuteProcessor does not always write a followup record to the log (#43197)
We miss the elasticsearch prometheus exporter (#43117)
Suspend Batch Operation unexpectedly blocks further Batch Operation progress (#43097)
Cluster Variables UI does not auto-refresh after create/delete; requires manual page refresh (#43018)
Tenant-scoped cluster variable UI controls are visible in SaaS where tenants are unsupported (#43017)
Cluster Variables UI: Forbidden error shown even with valid authorization (#43014)
Cluster Variables UI: Documentation Link Broken (404) and Incorrect URL (#43013)
Process instance archiver task silently stops (#42838)
GET audit log returns 404 (#42736)
Variable filter is ignored for batch operations (migration, modification) (#42721)
Cannot start instance with runtimeInstructions (#42576)
AWS OpenSearch Cannot Create/Apply ISM Policies (#42335)
Operations panel in Operate's processes tab always show finished tab as loading first (#42280)
Remove superficial dependency from Optimize (#42245)
More jobs are pushed then created, causing duplicated completions (#42244)
With enabled multi tenancy, the Role Search Query returns an empty result (#42175)
V2 Batch Operation Search: startDate missing in API response despite being documented (#42165)
Bug: Tenant cluster variable creation returns 200 OK on missing 'value' instead of 400 Bad Request (#42048)
Bug: Cluster Variable API returns generic Problem Details for missing name field (#42045)
Slow FEEL expression evaluation can block the stream processor (#41764)
C8run is unable to start (#41743)
C8Run doesn't start after it got terminated by a Windows reboot (#41727)
C8Run fails to start due to low disk space and then never starts again (#41726)
Retry operation button missing in Operate process details view in 8.8 Self Managed (#41647)
Exporter error on incident-resolution rejection causes Operate list-view update failures (#41584)
Broadcasted signal triggers start event subscriptions on all partitions (#41576)
Testcontainers 1.x is not working with Docker 29 (#41520)
[CPT] Fail to complete multiple instances of a user task (#41512)
LocalStorageDocumentStore fails when expiresAt is set in the DocumentCreationRequest (#41327)
Resolving multiple incidents through the v2 API does not increment job retries (#41213)
Process instance search ignores elementId when combined with $or conditions (#41103)
Group Id restrictions are applied when BYOGroups is enabled (#41096)
Investigate the possibility of key range overflow (#41041)
Reassignment of task fails in TU metrics insert in V1 Tasklist (#40985)
Add key range validation to prevent partition key overflows (#40981)
Cannot create authorization (#40968)
Support sorting batch operation searches on RDBMS (#40873)
“View full value” in variables panel does not open modal for completed process instances (#40859)
Navigate to Operate/Tasklist/Identity intermittently redirects to ‘/forbidden’ with 404 or Auth0 errors (#40855)
Batch resolve incident should only identify active incidents (#40822)
Tasklist complete task persist task variables in an undefined manner (#40817)
Authorizations search does not support sorting by resourceId (RDBMS, ES/OS) (#40799)
Optimize report sort by duration fails due to parsing error with unexpected long value (#40752)
Foreign key constraint violation in batch-operation internal state (#40747)
java.lang.ClassCastException: class ExecutableMultiInstanceBody cannot be cast to class ExecutableAdHocSubProcess (#40590)
Camunda Java client Http Client does not allow more than 5 concurrent connections (#40576)
Message Subscription API never populates processDefinitionKey (#40325)
Authorization DELETE fails with HTTP 500 after PUT update with overlapping permissions (Permission index corruption) (#40276)
Some endpoints are falsely disabled when secondary storage is disabled (#40199)
Only show latest version of process definitions in Tasklist's "Processes" tab (#40045)
Leader rebalance might not work after scaling (#40036)
Initial leader of dynamically scaled partition does not perform log compaction until restart/leader change (#39967)
Operate incidents appear with significant delay on Camunda 8.8 due to exporter post-export backoff (#39962)
Activateable jobs with NO_CATCH_EVENT_FOUND element id after old incident is resolved (#39853)
All process instances are affected by batch operations if a process with all versions is selected (#39848)
Cannot start instance with runtimeInstructions for multi-instance element (#39812)
c8run connectors don't take over --port setting (#39691)
Camunda 8.7 REST client fails on unknown response properties on job activate (#39675)
Job completion throws wrong error code (#39672)
Resolving an incident twice removes the incident (#39636)
c8run: --port isn't printed in "endpoints" dialogue (#39604)
webapps-schema fails to build on JDK >21 due to Groovy plugin/toolchain incompatibility (#39569)
Tasklist/Operate versions are wrong on the 8.8 release (#39559)
ProcessModelReader NPE (#39534)
Failing to parse ZonedDateTime - introduced with typed field for Java-Client (#39474)
Authorizations checks are not consistently applied to distributed signal commands (and potentially more) (#39430)
No validation of page limit attribute in Search Request (#39372)
In Optimize, a user, who is a member in multiple organizations in Saas, gets access to Optimize in any organization (#39350)
Specification missing 409 for Process Migration (#39336)
Intermediate message event gets correlated even when a user doesn't have permissions (#39301)
Incident icon and status not updated after resolving the incidents in Operate (#39267)
Reject Process Instance Migration with Duplicate Sequence Flow Mapping to The Same Target (#39237)
Public start forms link redirects to login page (#39234)
User cannot filter tasks by Processes inside custom filters of tasklist using V2 API (#39197)
Tasklist v2 tasks not loaded when includes large variable (#39189)
Historical indices can be missing ILM policies (#39134)
When using MS Entra, tokens are always treated as clients due to complete intersecting claims (#39049)
Timer Start events with a time cycle and start date in the past will not be executed on deployment (#38987)
Version checks are not preventing schema updates (#38985)
Cannot take native filesystem backup in an empty state (#38957)
Java Client Response ProcessDefinition is missing field hasStartForm (#38941)
Map serialization error when importing dashboards in Optimize (#38860)
Inconsistency between mandatory fields in ui vs api for the user update request (#38847)
Camunda Client IncidentFilter#creationTime is of type String instead of OffsetDateTime (#38827)
Camunda Client ProcessInstanceSequenceFlow does not offer field sequenceFlowId (#38789)
Camunda Client Process Definition Filter does not offer complex query for process definition name, but api does (#38780)
Orchestration Identity Connectors role not enough permissions to create process instances (#38751)
Exporter disabled while it is failing keeps retrying to open (#38724)
Deleting resources is not possible from Operate UI with enabled resource based permissions (#38711)
FNI and Variable aliases are used for V1 task search (#38696)
[CPT] Use SNAPSHOT image from stable branch (#38662)
Get decision instance by ID does not return evaluatedInputs and matchedRules (#38634)
The tasklist v1 controller doesn't resolve the Group Names after 8.8 migration (#38515)
Swagger UI requires CSRF validation when API is in unprotected mode for SM (#38505)
No qualifying bean of type 'gatewayRestObjectMapper' error after recent JacksonConfig changes (#38487)
Snapshot can be taken at processed position 0 only if forced exception is thrown unexpectedly (#38484)
NullPointerException in BpmnStateTransitionBehavior when executing runtime instructions for terminated process instance (#38481)
Write limit exhaustion blocks whitelisted commands from being written (#38454)
Operate/Tasklist Zeebe ES/OS Clients and Importer modules are not disabled by default (#38342)
Swagger UI only works using the authenticated tab (#38326)
Swagger Operate-v1 400 no such header error (#38320)
When unpacking the c8run archive, I get a folder c8run (#38318)
Processes from deleted tenants appear search results on the /v1/process-instances/search endpoint when running with Opensearch (#38297)
[ad-hoc sub-process] Throwing BPMN error for AHSP job worker job is rejected (#38276)
With disabled secondary storage, authorization assigned to groups are not applied (#38251)
Multiple message start events cannot reference different messages with the same name. (#38234)
BatchOperation Initialization fails on test clusters as unable to find a matching ResourceAccessController (#38214)
Incorrect Swagger BasicAuth Visibility And 'Enable Swagger' Toggle Inconsistencies (#38206)
Operate displays the number of process and element instances when a user has only the permission to read process definitions (#38198)
Camunda Client doesn't use default tenant id for correlating messages (#38157)
New self-managed helm chart uses different container name on statefulset (#38141)
Rolling update test is failing when partition scaling is enabled (#38140)
404 on showing flownode instance popover details (#38131)
Tasklist v1 API swagger UI is not accessible (#38114)
User creation fails in identity (#38094)
Failure to apply retention policy with too_long_http_line_exception error (#38033)
Prevent storing sessions when using OIDC for API calls (#37983)
Prevent values larger than permitted by the respective DB column from blocking data export (#37952)
CSRF is not supported in Swagger SaaS (#37950)
Creating cancellation batch operations does not work for active process instances (#37928)
Process message subscription events are not exported holistically (#37916)
Partition join cannot complete in some failure cases (#37892)
Regression: NPE in BrokerBasedPropertiesOverride when configuring exporter without args (#37880)
REST API Gateway accepts invalid types and unspecified properties (#37865)
Exporter Batch Requests can OOM if too many entities are included (#37845)
spring-boot-starter-camunda-sdk 8.8 violates Spring behavior (#37808)
Fix task list search API specification (#37785)
Tasklist v1 task search: alwaysReturnFullValue ignored for variables >8 KB (value returned as null) (#37767)
hasVariableSatisfies assertion fails on deserializing values written with a customized ObjectMapper (#37758)
Delete Document returns 204 instead of 200 (#37745)
Zeebe replay fails on EvaluatedDecisionRecord after adding decisionEvaluationInstanceKey (PR [#36772]) (#37668)
Unable to add a client ID to a role when it contains a valid characters (#37665)
Zeebe batch operations can't be triggered from Operate due to API format change (#37631)
I cannot log out of the Identity UI with a non-root servlet context path (#37616)
restore primary storage fail due to missing BrokerBasedProperties (#37544)
authentications is not refresh with api calls using the session cookie (#37539)
Partition scaling is stuck with NullPointerException (#37495)
Unknown Operation in cluster status response after partition scaling request (#37492)
The workflow engine only applies an authorization if the owning entity is assigned to the tenant (#37489)
A request matching both the configured user and the client claim should be treated as a client request (#37473)
Authorization exception for Job Activation with Multi Tenancy (#37472)
Some Java Client commands enable sending the request without providing all mandatory parameters (#37389)
Incompatible Awaitlity version in dependency tree of Camunda Process Test Spring (#37384)
Legacy batch operations are not shown properly in the operations panel of Operate's UI (#37370)
Partially completed batch operations are not shown properly in Operate (#37365)
OpenSearch ISM policy min_index_age is not updated after configuration change (#37361)
Exporting backlog from 8.7 should exclude 8.8 fields from being serialized (#37343)
Move filter criteria of V2 batch endpoints under a new filter root-level request attribute (#37332)
The C8Run Docker distribution can't be shut down using './shutdown.sh --docker' command (#37323)
Filter userTasks by tenant is not working using V2 API (#37296)
User cannot filter by unassigned tasks inside custom filters of tasklist using V2 API (#37294)
QueryBatchOperationTest is flaky (#37289)
NullPointerException in SearchQueryResponseMapper when IncidentEntity state is null (#37288)
MigrationSnapshotDirector should be closed and re-installed during role changes (#37234)
Camunda Java Client obfuscates underlying 403 error in case of using an invalid path (#37232)
With tasklist V2 API completed banner is not displayed (#37218)
Camunda User Task with an incident cannot be migrated (#37190)
Variables on elements without instances are not shown in modification mode (#37187)
Reduce the noise in schema-manager logs for nominal cases (#37164)
Inconsistent state when terminating a sub-process element and activating a child element via process instance modification (#37079)
[8.6][8.7] Investigate failing test ExporterDisableTest.exporterStaysDisabledAfterRestart (#37046)
API without /v2 prefix returns 403 instead of 404 (#37041)
Scaling is marked as completed before all partitions update their routing state (#37004)
Update error message for Modeler-to-Operate diagram access. (#36934)
NullPointerException when evaluating DMN with missing rule id (ruleId) (#36900)
ScriptTask elements are missing in StraightThroughProcessingLoopValidator (#36895)
NullPointerException in ExporterDirector (#36621)
Initializer config for defaultroles and mappingrules does not allow kebab-case (#36382)
The error message is not displayed under the text field after deleting existing variable value (#36375)
An error message is not displayed when user inserts incorrect value into "Edit Variable" modal window (#36367)
Race condition can result in error response to Tasklist V1 API operations (#36027)
An error occurred while attempting to decode the Jwt: I/O error on GET request (#35925)
SM Deleting One Mapping Also Deletes Other Mappings (#35673)
Windows. Error message in the logs when trying to stop Camunda 8 Run (#35315)
Authorization field is printed in the log when an error is raised when processing a record (#35177)
Parent instance not shown when call activity has incident in child process (#35169)
Long variable lists in dropdowns are cut off - some options inaccessible (#35101)
Camunda exporter not catching up (#35080)
REST API v2 response handling uses common ForkJoinPool (#35076)
Job push vicious circle (#35074)
Tasklist V2 API does not return process name (#34961)
Sorting arrows incorrect in Authorizations data tables (#34903)
Batch Operation in Operate Doesn't Apply to All Selected Processes (#34610)
Regression in metric zeebe_incident_events_total (#34342)
NPE at evaluation of job worker properties of Send Task with Publish Message implementation (#34190)
[Zeebe Client + mTLS] zeebe client secret must be set to authenticate operations from other apps (#34002)
Deadlock in registering/unregistering micrometer metrics (#33941)
Zeebe's backup fails if a new snapshot is created before the snapshot is reserved (#33499)
Bulk metrics do not reset if exporting stops (#33043)
Unable to edit module settings in Intellij IDEA (#32654)
[Groups] User cannot delete group description content (#32593)
Performance issue with v1 tasks search (#32336)
Wrong selection of process instances in process instance migration (#32201)
CamundaExporter starts exporting before being opened (#32009)
Dashboard tile does not jump to the mouse position after creation (#32001)
[CPT] Invocation of close method failed on bean with name 'proxiedCamundaClient' (#31860)
App visible to all users regardless of roles (starting from 8.8) (#31600)
C8 Run will not start with JDK 24 (#31521)
bpmnXML should not be requested when serving /v1/process-definitions/search endpoint (#30372)
Elasticsearch REST client resource leak (#29146)
java.lang.IllegalStateException: Expected to find element instance for given key, <key> but didn't exist. (#26755)
NullPointerException in FormResourceTransformer while formatting the parsing failure message (#26640)
--port not validating the data provided by the user (#26287)
RuntimeException: Expected to activate jobs of type '..', but no jobs available and at least one broker returned 'RESOURCE_EXHAUSTED' (#25806)
Allow to change ilmMinAgeForDeleteArchivedIndices of retention policy (#22564)
On a report, numeric variables that have a length of 16 are displayed as a date (#22104)
Backups use partition count from ClusterConfiguration (#21470)
Unsupported Operation Exception - ClosedQueue during Shutdown (#8025)

Maintenance

Add TTL to authorization cache (#38532)
Use the unified configuration in backup manager (#37130)
Refactor BatchOperation Scheduler for better modularity (#36751)
OpenAPI Spec misses type for some enums (#30674)
In HeartbeatHandler a Heartbeat may be wrongly considered as another message type (#27110)
Add ArchUnit test to ensure methods annotated by @VisibleForTesting are called only in appropriate contexts (#26687)
Update opensearch-java client to include the fix for eager_global_ordinals (#26085)

Task

Add feature introduction modal (#49097)
Minor fixes for new process instance page design (#49049)
Change default load test setup to include full coverage (main) (#48742)
Adapt new incidents tab table design (#48580)
Add sharding to the Operate visual regression tests (#48394)
Add audit log configuration for unknown actors (#48339)
Exclude decision evaluation logs when part of a process instance (#48329)
Fix flaky core features tests reported by monorepo ci (#48223)
Make process instance page new bottom panel responsive (#48164)
Improve batch operation cancel/resume/suspend error message (#48042)
Minor bugs deep linkable process instance page bottom panel (#48016)
Add Playwright testing for Swagger UI (#47889)
Add double click drill down for tasks that have called decisions in the diagram of the process instance page (#47786)
How to guarantee response schemas (#47649)
Validate businessId length in shared gateway request-validation layer (#47604)
Enforce business id uniqueness across all versions of a process (#47372)
Put all response fields in the required array or mark them nullable if needed (#47331)
Add nullability annotations for audit log API fields (#47304)
Unknown response nullability specification (#47302)
Track Identity entity names in the aduit log (#47235)
Prevent agent field getting written to ES/OS in ES/OS exporting (#47155)
Remove Operate process instance page redesign feature flag and adapt E2E tests (#47046)
Fix tab activation on Operate processes and decisions tab (#47045)
Add double click drill down for tasks that have called instances in the diagram of the process instance page (#47043)
Make process instance page new header responsive (#47042)
Add new details tabs on process instance page in Operate (#47041)
Add new incidents tabs on process instance page in Operate (#47040)
Make Operate process instance page bottom panel tabs deep linkable (#47039)
Update Operate diagram controls (#47038)
Rework process instance page operation buttons logic (#47037)
Create new design for process instance page header on Operate (#47036)
Create feature flag for Operate process instance page UI rework (#47035)
Refactor conditional events to use FEEL-provided variableNames (#46948)
Rename flow node to element in Operate: user interface (#46902)
Fix wrong declaration of nullable fields on jobs, batchOperation and task api (#46898)
Resolve nested objects returned as null but not declared nullable (jobs API, resource API) (#46897)
Rename flowNode to element in Operate - cleanup (#46868)
Rename flowNode to element in Operate: modules components (#46866)
Rename flowNode to element in Operate: App components (#46865)
Rename flowNode to element in Operate: playwright tests (#46864)
Rename flowNode to element in Operate: element icons (#46863)
Rename flowNode to element in Operate: bpmn-js related (#46862)
Rename flowNode to element in Operate: remaining stores (#46861)
Rename flowNode to element in Operate: modification store (#46860)
Rename flowNode to element in Operate: utility functions (#46859)
Rename flowNode to element in Operate: hooks (#46858)
Rename flowNode to element in Operate: type definitions (#46857)
Rename flowNode to element in Operate: rename file names (#46856)
Check constraints in schema for unicode support (#46787)
Filter audit log variable operations by the source of the request (#46701)
Track job complete operations in the audit log (#46657)
Correctly track business id across process definitions on instance migration (#46491)
Mark deprecated enum members for generators (#46398)
Make all arrays in responses required (#46391)
Make everything required, explicit nullable (#46390)
Clean up legacy Operate/Tasklist indices (#46371)
Support context during FEEL evaluation in Java client (#46335)
Extend ExpressionRecord with context and consider it during evaluation (#46334)
Extend the expression evaluation endpoint with a context field (#46333)
Implement engine-level Business ID length validation (#46328)
Incorporate identified nullable fields from QA report (#46306)
Add MCP server to c8run start output (#46292)
Add additional validation pass for openapi-lint in ci.yml (#46274)
Fix schema errors - existing defects not detected by CI (#46273)
Spectral rule: verify that elements in required array exist in schema (#46272)
Gateway strict mode (#46269)
Add Spectral lint: response arrays are required and cannot be nullable (#46224)
[CPT-DSL] Rename "Test Scenario DSL" to "JSON Test Cases" (#46195)
Configure Gateway to send explicit null when field is missing at runtime (#46175)
Harden OpenAPI response contract for 8.9 (#46165)
Support multi-tenancy for all MCP tools (#46133)
Implement Judge Assertions for AI Agent based Tests (#46128)
Implement Conditional Scenario API for Non-Deterministic Process Testing (#46126)
Enforce business ID uniqueness only at root instance level (#46112)
Add dedicated Audit Log archiver job (#45981)
Ensure deleted entities related audit logs are cleaned up after the retention period in ES/OS (#45979)
Ensure deleted entities related audit logs are cleaned up after the retention period in RDBMS (#45977)
RP Initiated Logout: Accessibility Improvements (#45976)
Remove Elasticsearch from Getting Started bundle (#45755)
Truncate related entity fields in RDBMS (#45665)
Remove obsolete element-selection related stores and code (#45659)
Revisit unwrapped parameters on MCP gateway tool signatures (#45542)
Migrate FE Operate tests: various PI details (#45539)
Clean up businessId when process instance is completed, terminated, or banned (#45532)
Add dedicated Spring Boot 3 and 4 starter modules to 8.9+ (#45523)
Metrics: Create test (JobStreamLifecycleIT) to validate active streams using tenantFilter (#45358)
UI: Add a modal to the Add Tenant flow that reminds users of assigning members (#45328)
Spike: Evaluate ES/OS shard settings and scaling behavior (#45301)
Persist business id for process instances in secondary storage (#45298)
Port missing BatchOperationCfg properties to the unified configs (#45292)
feat(exporter): export rootProcessInstanceKey for batch operation items (#45267)
Prepare Broker API for multiple Raft partition groups (#45262)
Prepare Exporter Distribution State Server for multiple Raft partition groups (#45261)
Prepare Inter-Partition Communication for multiple Raft partition groups (#45260)
Prepare Raft Server for multiple Raft partition groups (#45259)
Enforce business Id uniqueness per process definition on instance start (#45179)
Business Id propagation during process instance creation (#45178)
Add pagination to TestHelper for large @MultiDbTest integration tests (#45155)
Handle MCP metrics on dedicated Grafana dashboard views (#45015)
Implement small UX improvement for single PI modification changes (#44991)
Add pagination to processes by definition name list on operate dashboard (#44939)
Improve/configure MCP tool schema generation (#44926)
Refactor window.clientConfig usage to rely on getClientConfig util (#44740)
Add pagination to incident error message list on Operate dashboard (#44728)
Update openApi spec to reflect role/tenant/group update changes (#44649)
C8 Run supports other RDBMS (other than H2) (#44636)
C8Run: Switch H2 from in-memory to file-based storage (#44631)
Add acceptance tests for search filters AuditLogSearchClientIT class (#44527)
Update logout handler to provide redirect URL and return correct response (#44485)
Introduce “feature flag” that allows users to select to log users out of the cluster or to perform a single logout (#44484)
Re-introduce actor ID check at AuditLogIdentityOperationsIT.shouldTrackUserCreate (#44483)
Add endSessionEndpoint property to allow end session endpoint configuration (#44479)
Support property-based authorization creation from configuration (#44478)
Support setting request timeout on createProcessInstance MCP tool (#44474)
Provide MCP tool parameters from a wrapper object (#44473)
Add test suites for hooks/processDefinitions.ts and hooks/decisionDefinition.ts (#44468)
[Investigate] RPA audit logs not created (#44466)
Migrate Operate FE tests: TopPanel / MetadataPopover (#44452)
Migrate Operate FE tests: modification dropdown (#44451)
Add acceptance tests covering authorizations are properly checked for MCP tools (#44435)
Update Identity FE to rename "Identity to OC Admin" (#44428)
Merge dashboard v2 code back into the main folder (#44424)
Implement Create Process Instance MCP tool (#44395)
RP Initiated Logout - Frontend Part (#44286)
Align process definition statistics APIs to use mandatory request-body filters instead of path parameters (#44263)
Add Mixpanel event tracking for batch operations UI (#44241)
Integrate incident error statistics into dashboard panel (#44232)
Define client model and query for incident error statistics (#44231)
Flaky test: CamundaProcessTestExtensionMultiTenancyIT / CamundaSpringProcessMultiTenancyTestListenerIT (#44168)
Use alternative approach to size estimation using kyro serialisation when exporting (#44131)
Check: Add missing filters to audit log RDBMS layer (#44024)
Create RDBMS secondary indexes for authorization lookup and filtering (#44016)
Add RDBMS authorizations support (#44012)
Remove segment-preallocation-strategy flag from application configs (#43988)
Expose MCP tool execution metrics (#43932)
Avoid manual DTOs for MCP gateway (#43850)
Support 'anonymous' and 'unknown' actor types in batch operations API (#43792)
Enhance process instance-related Zeebe events with elementInstanceKey (#43760)
Enhance process instance-related Zeebe events with bpmnProcessId (#43757)
Enhance process instance-related Zeebe events with process definition key (#43756)
Add additional audit log authorization acceptance tests (#43720)
Re-introduce operations to PI table (#43698)
Remove v1 components and endpoints (#43693)
Add acceptance tests for Resource-related operations (#43690)
Add acceptance tests for Identity-related operations (#43688)
Add acceptance tests for process-related operations (#43684)
Deduplicate audit logs of distributed commands (#43680)
Refactor audit log key format in secondary storage (#43675)
Implement Cluster Status and Topology Tools (#43663)
Fix wildcard authorizations for audit log search requests (#43662)
Implement Process Definition Tools (#43609)
Implement Process Instance Tools (#43608)
Implement Variables Tools (#43606)
Implement Incident Tools (#43605)
Decouple gateway-mcp from gateway-rest (#43604)
Configure MCP Server Security Integration (#43603)
Add gateway-mcp Module Foundation (#43602)
Ensure audit log data is covered by RDMBS TTL audit log cleanup (#43585)
Update processInstances store usage with v2 logic for data fetching (#43558)
Event subprocess conditional start event trigger tests (#43540)
Conditional intermediate catch event trigger tests (#43538)
Conditional boundary event trigger tests (#43537)
Speed up Database ITs by not sleeping for 5 seconds in EntityManager.await (#43515)
Ensure process and decision audit log data is covered by RDMBS history cleanup (#43476)
Expose rootProcessInstanceKey via API (#43395)
Add REST API audit log entity key filter (#43361)
Add Identity-related audit log acceptance tests (#43360)
Audit log querying is supported on RDBMS storage (#43323)
Add visual regression test for Batch Operations UI (#43263)
Fix flaky PurgerIT.shouldSaveAndFindProcessInstanceByKey(CamundaRdbmsTestApplication) camundaWithOracleDB (#43261)
Overload audit log entityKey for Identity operations (#43249)
Create a separate load test config file that includes Optimize (#42873)
Update version count calculation with stale "2+ Versions" title (#42847)
Re-introduce useSourceParentKey as an ancestor scope resolution instruction (#42814)
Audit log search endpoint doesn't filter by authorized tenants (#42789)
Introduce a SegmentAllocator that preallocates segment with fallocate (#42761)
Restore functionality to retrieve data from the userinfo endpoint when using OIDC (#42745)
Implement Child Incident Statistics (RDBMS) (#42653)
Implement Parent Incident Statistics (RDBMS) (#42652)
Implement Child Incident Statistics (ES/OS) (#42651)
Implement Parent Incident Statistics (ES/OS) (#42650)
Define Incident Statistics API – Child Endpoint (#42649)
Define Incident Statistics API – Parent Endpoint (#42648)
Check: All audit log value types and intents are exported and mapped to operation types (#42561)
Migrate process-definitions state-management (#42481)
Delete decision requirements scheduled for deletion in RDBMS (#42477)
Delete decision definitions scheduled for deletion in ES/OS (#42476)
Create a batch operation to delete historic decision instances when processing ResourceDeletion.DELETE command (#42474)
[Engine] Enforce authorization checks for user task update and completion operations (#42410)
Delete decision instance data from RDBMS (#42403)
Delete decision instance data from OpenSearch (#42402)
Delete decision instance data from Elasticsearch (#42401)
Retrieve decision instances from secondary storage for deletion batch operation (#42400)
Process decision instance deletion in HistoryDeletionDeleteProcessor (#42399)
Add decision instance deletion endpoint (#42397)
Add decision instance deletion batch endpoint (#42396)
Support followup commands on Batch Operation completion (#42389)
Make history deletion schedulers configurable (#42386)
Clean-up v1 code (#42363)
SupportJackson 3 in client artifacts (8.9) (#42163)
Migrate process definition statistics view to v2 (#42141)
Setup TanStack query for process definition statistic endpoints (#42140)
Github workflow to bundle and publish the camunda8-getting-started-bundle (#42128)
Support filtering batch operation items by operation type via API (#42095)
Delete process definitions scheduled for deletion in ES/OS (#42084)
Upgrade the Orchestration Cluster application to Spring-Boot 4.0 (8.9) (#42079)
Upgrade client artifacts to Spring-Boot 4.0 (8.9) (#42075)
Support batch operation actor in Java client (#42070)
Support sorting batch operation items by processed date via API (#42043)
App Integrations Exporter (#41956)
Create a batch operation to delete historic process instances when processing ResourceDeletion.DELETE command (#41955)
Modify resource deletion request for history deletion (#41950)
Add authorization claims to Identity-related events (#41945)
Add authorization claims to batch-related events (#41942)
Add authorization claims to process-related events (#41940)
Notify user about started batch operation (#41910)
Remove unused sequenceFlow store (#41892)
Send delete process instance request from gateway to broker (#41885)
Support move and cancel modification by IDs in single instance modification API (#41874)
Display actor info in batch operations overview and details (#41862)
[FE] Update operate move modification to make use of the v2 API for auto selecting target ancestor scope (#41859)
[Engine] Refactor AuthorizationCheckBehavior (#41854)
Cleanup after migrating to useElementInstanceSelection hook (#41832)
Migrate flowNodeSelectionStore consumers to useProcessInstanceElementSelection (#41829)
Use selectElement / selectElementInstance from useElementInstanceSelection (#41827)
Replace state.metaData.flowNodeInstanceId by useElementInstanceSelection (#41822)
Replace state.metaData.instanceCount (#41821)
Replace state.metaData.instanceMetadata.flowNodeType by useElementInstanceSelection (#41820)
Replace isSelectedInstanceRunning by useElementInstanceSelection (#41819)
Create useProcessInstanceElementSelection hook to handle Operate UI element selection (#41817)
Remove remaining client-side permission checks in Operate (#41811)
Validate authorizations when deleting process instance history (#41771)
Send batch delete process instance request from gateway to broker (#41754)
View Batch Operation details (#41688)
feat(rdbms): hierarchy-aware history cleanup by rootProcessInstanceKey (#41683)
Enforce user task read permission check in Search layer for user task APIs (#41682)
feat(archiver): hierarchy-aware retention by rootProcessInstanceKey (ES/OS) (#41664)
feat(exporter): export rootProcessInstanceKey to ES/OS (#41658)
feat(engine): add rootProcessInstanceKey to Zeebe records (#41655)
Create processor for HistoryDeletion DELETE command (#41650)
Add process instance deletion endpoint (#41648)
Fix Tasklist E2E test "task completion with large variable form" (#41614)
Align design for Instance Selection Guidance in Multi-Instance Subprocess Modification (#41611)
Create deletion background task in RdbmsExporter (#41530)
Keep track of process instances to delete in RDBMS (#41529)
Create and populate history deletion index (#41528)
Disable invalid move targets for multi-instance bodies (#41519)
Create deletion background task in CamundaExporter (#41516)
Add basic support for move instruction inside multi-instance ad-hoc sub-process (#41514)
Add resource-related keys to audit log entities and filters (#41509)
Add Camunda Exporter and RDBMS handlers for resource operations (#41506)
Add Camunda Exporter and RDBMS handlers for form resource operations (#41505)
Add Camunda Exporter and RDBMS handlers for DRG resource operations (#41504)
Add Camunda Exporter and RDBMS handlers for decision resource operations (#41503)
Add Camunda Exporter and RDBMS handlers for process operations (#41502)
Ensure we cover the multi-exporter scenario in our test suite (#41432)
Convert Schema Guidelines to internal docs (#41385)
Ensure standalone decision audit log data is archived (#41347)
Add referencing user docs for tenants and clients (#41337)
Utilize isLatestVersion filter in decisions-definitions search call (#41308)
Add operations column to PI table (#41299)
Add user task audit log acceptance tests (#41238)
Implement Audit log atomic permissions for identity-related audit logs (#41231)
Add frontend playwright tests for the Identity audit log UI (#41212)
Support atomic user task audit log permissions when searching user task audit logs (#41211)
[CPT: DSL] Create JUnit extension to read test scenario files (#41207)
Implement User task property-based permissions for user task audit log querying (#41205)
[CPT: DSL] Create core test scenario DSL schema (#41203)
Add filters to the REST API endpoint for querying user task audit logs (#41202)
Add Audit Log REST API user-task query endpoint (#41201)
Add frontend playwright tests for the Tasklist task history audit log UI (#41199)
Add frontend playwright tests for the Operate General audit log UI (#41198)
Add ES/OS and RDBMS audit log exporter handlers for user task operations (#41191)
Add ES/OS and RDBMS audit log exporter handlers for identity role operations (#41180)
Add ES/OS and RDBMS audit log exporter handlers for identity group operations (#41179)
Add ES/OS and RDBMS audit log exporter handlers for identity tenant operations (#41178)
Add ES/OS and RDBMS audit log exporter handlers for identity authorization operations (#41177)
Add ES/OS and RDBMS audit log exporter handlers for identity mapping rule operations (#41176)
Add ES/OS and RDBMS audit log exporter handlers for identity user operations (#41175)
Add ES/OS and RDBMS exporter handlers for standalone decision evaluation operations (#41152)
Add ES/OS and RDBMS exporter audit log handlers for process instance cancel operations (#41150)
Add ES/OS and RDBMS exporter audit log handlers for process instance create operations (#41149)
Add ES/OS and RDBMS audit log exporter handlers for process instance migration (#41148)
Add ES/OS and RDBMS audit log exporter handlers for batch management (#41147)
Add ES/OS and RDBMS audit log exporter handlers for batch creation (#41146)
Migrate Operate single instance modification to V2 API (#41143)
Mark batch operation as completed/failed on deletion (#41138)
Create HistoryDeletionRecord and HistoryDeletionIntent (#41135)
Add frontend playwright tests for the Operate PI details audit log UI (#41131)
Add audit log acceptance tests (#41129)
Ensure process and decision audit log data is archived for cleanup by ES/OS archiver jobs (#41128)
Implement an Audit Log RDMBS schema (#41126)
Implement RDBMS exporter handler for process instance modification (#41125)
Include authorization claims in Zeebe event and rejection records (#41124)
Implement Java client search user task audit log command (#41123)
Implement Java client get audit log entry command (#41122)
Implement Java client search audit log command (#41121)
Implement composite permission support for audit log querying (#41120)
Implement Audit log atomic permissions for operator operations (#41117)
Implement Audit Log ES/OS secondary storage schema (#41116)
Delete process instance data from RDBMS (#41110)
Delete process instance data from Opensearch (#41109)
Delete process instance data from Elasticsearch (#41105)
Virtual threads as a plugin/autoconfiguration for the Spring Boot Starter (#41070)
Retrieve process instances from secondary storage for deletion batch operation (#41011)
Add support for flow node modification inside multi-instance adhoc subprocesses (#40989)
Hint author/reviewer to check whether changes applied to either java client need to be applied to the other as well (#40982)
Subscription re-creation & cleanup for root-level start events on (re)deployment (#40951)
Subscription deletion for boundary, intermediate catch & event subprocess start events (#40950)
VariableBehaviour integration for conditional evaluation on variable changes (#40948)
Immediate evaluation on subscription creation (#40947)
Implement trigger processor for conditional catch events (#40946)
Subscription creation for root-level conditional start events (#40945)
Subscription creation for boundary, intermediate catch & event subprocess start events (#40944)
Implement state representation for condition subscriptions (#40943)
Define protocol records & intents for condition subscriptions (#40941)
Transformation to executable model (ExecutableConditional & transformers) (#40940)
XML model & validation for BPMN Conditional Events (#40939)
Job throw error and cancel processors use TypedRecordProcessor (#40924)
Support conditional events in batch process instance modification mode in Operate (#40885)
Support conditional events in Operate instance history (#40882)
Add process instance deletion batch endpoint (#40853)
Add delete process instance batch operation type (#40850)
API user can use #innerInstance suffix on migration request (#40738)
Update adHocSubProcessElements variable on AHSP migration (#40737)
Enable Ad-Hoc Sub-Process migration (#40736)
Add broker health/liveness check that fails on lease renewal failure (#40685)
Stabilize the integration-tests/qa-update (#40668)
Poll resolved incident until resolved in exported data (#40618)
Open and filter incident table via element id (#40617)
Define minimum supported OpenSearch version in ITs (#40612)
Replace OpenSearch Rest High Level Client in Optimize (#40609)
Upgrade OS Java Client to v3.2.0 in Optimize (#40602)
Upgrade OS Java Client to v3.2.0 in Operate/Tasklist/Zeebe (#40597)
Implement Process Instance Modification audit log handler (#40543)
[Frontend] Identity provides an audit log tab for ADMIN operations (#40531)
Guid user how to do user assignment in the UI (#40512)
Implement v2 sorting mechanism (#40510)
Refactor and move entity validation from REST API (#40506)
Align c8Run testing with main branch of Connectors (#40501)
Cleanup and remove V1 code (#40492)
Remove operations display from the process instances list (#40491)
Integrate v2 data into actions and operations (#40488)
Refactor data fetching logic (#40487)
Post-migration cleanup for Process instances list (#40485)
Implement FlowNodeInstanceState filter logic (#40482)
Implement state filter transformation (#40479)
Implement core filter transformation (#40478)
Integrate node id provider with the application (#40476)
Consolidate and reuse filter implementations (#40474)
Setup feature flag and page structure (#40473)
Migrate FlowNodeMetadata store (#40425)
Enable Ad-Hoc Sub-Process Multi-Instance migration (#40419)
C8Run: improve startup output (#40378)
C8Run --help / help command (#40375)
Remove task authorization feature flag (#40370)
Fix flakiness in JobBasedAdHocSubProcessTest.shouldRejectAdHocJobCompletionWhenAdHocSubProcessNotActive (#40334)
[Improvement] Automate creating the upgrade plan for Optimize release (#40258)
Simplify wording and improve accessibility for "Show end date" / "Show execution count" toggles (#40253)
[PoC] Modify elements in one instance of a multi-instance subprocess (#40226)
Refactor IdentitySetupInitializer (#40169)
Extend Operate with incidents testing resources (#40149)
Write missing tests for RDBMS readers/writers (#40139)
Enable property-based authorization checks in search layer (#40128)
Enable composite authorization evaluation in search layer (#40126)
Adjust exporters to support new resourcePropertyName field in Authorization record (#40116)
[Engine] Enforce authorization checks for user task assignment/unassignment and claiming/self-unassignment (#40115)
[Engine] Enable property-based authorization checks (#40114)
[Engine] Enable composite authorization evaluation (#40112)
Provide default task-worker role authorizations (#40089)
Adjust REST-API and CamundaClient to support property-based authorization (#40079)
Use configurable ID pattern in frontend validation (#40026)
Add User-task property-based authorization to the UI (#40024)
Implement version list support for process definition statistics endpoint (#39997)
Extend Operate with multiple message subscription testing resources (#39966)
C8run RDBMS support for alpha3 (#39961)
Add validation for the global task listeners configuration (#39931)
Add support for "generic" global task listeners (#39928)
Allow ordering global task listeners with respect to local ones (#39925)
Initial implementation of global task listeners (#39924)
Fail test if the RecordingExporter is not short-circuited (#39897)
FlowControl memory usage can be improved (#39881)
Add developer documentation on handling default roles (#39836)
Migrate Identity to NPM to align with the other frontend apps in the monorepo (#39754)
Investigate Auth0 rate limiting on SaaS (#39706)
Add a dedicated apps_integration default role (#39687)
Add pagination for incident table v2 (#39639)
Add advanced filtering support to Process Instance Incident Search API (#39637)
Add a new statistics endpoint to the Message Subscription API (#39613)
Implement "incident metadata popover -> incidents table" UI changes (#39591)
Migrate IncidentOperation component to be v2 compatible (#39550)
Enable IS_INCIDENTS_PANEL_V2 feature flag and cleanup old code (#39548)
Limit visible operation entries in the list (#39367)
Lower severity for incident update task (#39202)
Creation of the API layers, creating the controller calling the previously created function (#39060)
Define new icons and colors for new decision instance states (#38966)
Operate UI tolerates RDBMS as a data layer with partial V1 usage (#38964)
Identify long running DL tests for splitting into smaller chunks (#38904)
Remove code related to GET decision-instance and GET drd-data v1 endpoints (#38717)
Log CamundaAuthentication conversion in DefaultCamundaAuthenticationProvider (#38622)
Remove enableIdentitySetup feature flag from external configuration (#38597)
Check existence of user and groups when adding them to tenant or role. (#38530)
In AuthorizationCreateProcessor and AuthorizationUpdateProcessor check for existence of entity (#38529)
Passing the flags of local user management and local group management to the engine (#38527)
Extend Operate with root cause decision testing resources (#38517)
Use single process instance incident resolution endpoint (#38411)
Prevent index prefixes using/starting with invalid characters (#38393)
On user update ensure only mandatory fields are verified (#38340)
On user creation only username and password should be mandatory (#38324)
E2E - Tasklist - Refactor V2 support coverage (#38266)
Add a redirect from /swagger for better UX (#38040)
Reduce the scheduled rate of the persistentWebSessionDeletionTaskExecutor job (#37986)
Reduce the initial delay of the persistentWebSessionDeletionTaskExecutor job to 5 minutes (#37984)
Test and fix OIDC client and anonymous access to Operate and Tasklist V1 APIs (#37975)
Unified Config: migrate number of shards property (#37972)
Improve correlated message subscription API and data (#37909)
Fix unassignGroupFromTenantCommand pattern (#37871)
Remove gatewayAddress and usePlaintext from camunda-client config and builders. (#37818)
Implement RDBMS search client for correlated messages (#37737)
Implement ES/OS search client for correlated messages (#37735)
Add golden tests for all Zeebe records as regression guard to PR CI (#37713)
Add API Gateway Request Validation Test Generator (#37654)
reintroduce a dedicated zeebe-client-java based on the zeebe-client-java state from stable/8.7 (#37637)
Remove schema update test exclusion for correlated message ES/OS index (#37598)
Validate the length of Identity entity IDs (#37590)
Clean-up data-layer tests after the upgrade to 8.9.0-SNAPSHOT (#37532)
Export message correlations to RDBMS (#37530)
Roll back single instance incident resolution to v1 endpoints (#37503)
Export message correlations to ES/OS (#37494)
Fix and Re-Enable Optimize E2E Tests (#37480)
Clean up message subscription search API (#37432)
Remove Operate V1 internal API not needed anymore with 8.8 (#37386)
Validate that no OIDC configuration is present when basic auth is set as the authentication mode (#37287)
[Unified Configuration] Network properties (#37281)
TasklistV1ApiUserTaskPermissionsIT is flaky (#37201)
Run ArchUnit tests in CI (#37176)
Use the unified configuration in backup manager (#37130)
Ensure Spring Boot 3.5.x support for stable/8.6 & stable/8.7 (#37112)
Use query key factory for queries (#37111)
Improve the setup of Tasklist's BackupRestoreTest (#37053)
Review and Implement ITs for Tasklist V1 controllers to check permissions (#37008)
Java Client Support for Process Definition Statistics (#36703)
Implement Process Definition Statistics Endpoint (RDBMS Backend) (#36702)
Allow Archiver to be disabled by configuration (#36331)
[CPT] Improve failure messages for remote runtime (#36203)
Use unified configuration in IT tests (#36058)
Seperate Broker authorizations from CamundaAuthentication (#36036)
Provide generic utility to create record value implementations from ValueType (#35864)
[CI] Add check that rejects dynamic mapping (#35859)
Add newMappingRulesByTenantSearchRequest command to Java Client (#35821)
Add updateMappingRule command to Java Client (#35819)
Add searchMappingRules command to Java Client (#35818)
Add getMappingRule command to Java Client (#35817)
Add deleteMappingRuleCommand command to Java Client (#35770)
Add unassignClientFromTenant command to Java Client (#35768)
Prevent heartbeat warn logs from flooding the system (#35680)
Lower log level of CsrfProtectionRequestMatcher (#35621)
Investigate whether standalone decision instances can be archived (#35555)
Migrate metadata popover: root cause process instance (#35529)
Migrate metadata popover: root cause decision instance (#35528)
Separate Out Identity and Data Layer owned Unit Tests into dedicated Unified CI Jobs (#35047)
Milestone [#8] - Load data settings from the UC (#34912)
Milestone [#7] - Load API settings from the UC (#34911)
Milestone [#3] - Load the cluster settings from the UC (#34906)
Milestone [#2] - Load the secondary-storage settings from the UC (#34902)
Improve authentication error handling (#34896)
Fix/Remove Optimize Schema Integrity Tests (#34369)
Metrics : getting started guide for dev handbook (#34027)
Use batch operation search API endpoint to poll for process instance operation status (#33512)
Migrate metadata popover: message subscription data (#33219)
Migrate metadata popover: business rule task data (#33217)
Migrate metadata popover: incident data (#33213)
Setup TanStack query for message subscriptions search endpoint (#33206)
Investigate better default bulk delay for Camunda Exporter (#33165)
Use delete process instance C8 API endpoint in instances list view (#33063)
Use delete resource C8 API endpoint for decision definition deletion (#33052)
Use delete process instance C8 API endpoint in instance details view (#33014)
Make max terms by query configurable in Tasklist (#32600)
Remove API mock and integrate with BE (#31963)
Ensure all record values are covered by the CompactRecordLogger (#31825)
Configure identity e2e tests to run in OIDC mode (#31750)
Use delete resource C8 API endpoint for process definition deletion (#31690)
Exclude database drivers from release artifact (#31267)
bpmnXML should not be requested when serving /v1/process-definitions/search endpoint (#30372)
Migrate URL path params to v2 (#29418)
Use search decision instances C8 API endpoint for DRD data in Operate UI (#28392)
Use process definitions statistics endpoint for left dashboard panel in Operate UI (#27402)
Use statistics endpoints to calculate core statistics in dashboard of Operate UI (#27401)
Use get decision instance C8 API endpoint for decision detail view in Operate UI (#27347)
Use decision instances search C8 API endpoint for decision instances list in Operate UI (#27346)
Use decision definitions search C8 API endpoint for decisions view in Operate UI (#27343)
Use incidents search C8 API endpoint for incidents panel in Operate UI (#27325)
Use process definitions C8 API endpoint for process and version filter dropdowns in Operate UI (#27307)
Use process instances C8 API endpoint for filter and instances list in Operate UI (#27279)
Update opensearch-java client to include the fix for eager_global_ordinals (#26085)
Add a new CORRECTED event for UserTask records (#24756)
Fix version validation for patch release builds (#21499)
Backups use partition count from ClusterConfiguration (#21470)
Update @carbon/react dependency once bugfix was provided for Carbon (#18851)

Documentation

Client returns null if businessId not set (#46722)
Update openApi spec to reflect role/tenant/group update changes (#44649)
Document 504 response scenarios for Complete user task API and related endpoints (#44179)
Clarify FAILED state in V2 Task API as legacy/job-worker-based only (#42698)
Build and run instructions are out of sync in contributing guide and copilot instructions (#36122)
Metrics : getting started guide for dev handbook (#34027)
[CPT] I can read how to contribute to the testing library (#19266)