This release improves the pipeline detail view with faster loading and a convenient close button for quick navigation. Error messages are now cleaner with collapsible technical details, and we fixed issues where the UI could hang or become unresponsive. This release also includes security hardening for standalone deployments, including server-side token storage, configurable security headers, and Content Security Policy support.
🚀 Features
Section titled “🚀 Features”Add security headers and CSP for standalone deployment
Section titled “Add security headers and CSP for standalone deployment”Jan 22, 2026 · @lava
The platform frontend now supports configurable response headers and Content Security Policy (CSP) for standalone deployments.
Set TENZIR_PLATFORM_UI_ENABLE_RESPONSE_HEADERS_DEFAULT=true to enable default security headers (X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, Cross-Origin-Opener-Policy, Cross-Origin-Resource-Policy). Use TENZIR_PLATFORM_UI_RESPONSE_HEADERS_DEFAULT with a JSON object to override with custom headers.
Set TENZIR_PLATFORM_UI_ENABLE_RESPONSE_HEADERS_HSTS=true to enable HTTP Strict Transport Security for HTTPS deployments.
Set TENZIR_PLATFORM_UI_ENABLE_RESPONSE_HEADERS_CSP=true to enable Content Security Policy, which helps prevent XSS and other injection attacks.
Faster pipeline detail view
Section titled “Faster pipeline detail view”Jan 21, 2026 · @gitryder · #19
We improved how pipeline details load, making the view faster than before when navigating between pipelines. We also added a close button next to the overflow menu on the right so you can quickly exit a pipeline while browsing pipeline details.
Store authentication tokens server-side
Section titled “Store authentication tokens server-side”Jan 20, 2026 · @lava
Authentication tokens (idToken and userKey) are now stored in the server-side session database instead of browser cookies. This improves security by keeping sensitive tokens accessible only via the session cookie identifier, preventing direct client-side access to authentication credentials.
Add optional Caddy reverse proxy for seaweed S3 storage
Section titled “Add optional Caddy reverse proxy for seaweed S3 storage”Jan 19, 2026 · @lava
The seaweed S3 storage component now supports an optional Caddy reverse proxy that improves S3 error handling. Set TENZIR_ENABLE_CADDY=true to enable it. The reverse proxy intercepts 404 responses and returns proper S3-style error messages.
🔧 Changes
Section titled “🔧 Changes”Cleaner error messages
Section titled “Cleaner error messages”Jan 21, 2026 · @gitryder · #37
We now hide technical error details in error messages. You can click “Show error details” to expand them anytime, and use the copy button to share with support.
🐞 Bug Fixes
Section titled “🐞 Bug Fixes”Fix hangup in UI
Section titled “Fix hangup in UI”Jan 26, 2026 · @lava
Fixed a potential infinite hang in the Tenzir UI that could be triggered by a rare race condition where the Tenzir Node returned duplicate pipeline ids.
Fixed pipeline deletion
Section titled “Fixed pipeline deletion”Jan 21, 2026 · @gitryder · #19
We fixed an issue where deleting a pipeline could cause the interface to become unresponsive.