Technical advisories are notices that report major issues with ZITADEL Self-Hosted or the ZITADEL Cloud platform that could potentially impact security or stability in production environments.
Users are strongly encouraged to evaluate these advisories and consider the recommended mitigation actions independently from their version upgrade schedule.
This change improves command (create, update, delete) performance of ZITADEL.
Sequences are no longer unique inside an instance.
From now on sequences are upcounting per aggregate id.
For example sequences of newly created users begin at 1.
Existing sequences remain untouched.
</td>
<td>2.39.0</td>
<td>2023-10-14</td>
</tr>
<tr>
<td>
<a href="./advisory/a10005">A-10005</a>
</td>
<td>Expected downtime during upgrade</td>
<td>Expected downtime during upgrade</td>
<td>
Migrating to versions >= 2.39 from < 2.39 will cause down time during setup starts and the new version is started.
This is caused by storage optimisations which replace the `eventstore.events` database table with the new `eventstore.events2` table.
All existing events are migrated during the execution of the `zitadel setup` command.
New events will be inserted into the new `eventstore.events2` table. The old table `evetstore.events` is renamed to `eventstore.events_old` and will be dropped in a future release of ZITADEL.
Versions >= 2.39.0 require the cockroach database user of ZITADEL to be granted to the `VIEWACTIVITY` grant. This can either be reached by grant the role manually or execute the `zitadel init` command.
Upcoming Versions require the SYSTEM_OWNER role to be available in the permission role mappings. Self-hosting ZITADEL users who define custom permission role mappings need to make sure their system users don't lose access to the system API.
If you want to stay up to date on our technical advisories, we recommend subscribing to the mailing list.
Go to <a href="https://zitadel.com/technical-advisory">the subscription form</a> and add your email address.
As ZITADEL Cloud customer, you can also login to the <a href="https://zitadel.cloud">ZITADEL Customer Portal</a> and enable the Technical Advisory <a href="https://zitadel.cloud/admin/notifications">Notifications</a> in your settings.
A breaking behavior change refers to a modification or update that changes the behavior of ZITADEL.
This change does not necessarily affect the APIs or any functions you are calling, so it may not require an update to your code.
However, if you rely on specific results or behaviors, they may no longer be guaranteed after the change is implemented.
Therefore, it is important to be aware of breaking behavior changes and their potential impact on your use of ZITADEL, and to take appropriate action if needed to ensure continued functionality.
ZITADEL is built for [zero downtime upgrades](/docs/concepts/architecture/solution#zero-downtime-updates) at upgrades can be executed without downtime by just updating to a more recent version.
When deploying certain changes a zero downtime upgrade might not be possible, for example to guarantee data integrity.
In such cases we will issue a technical advisory to make you aware of this unexpected behavior.
