Release Notes

v2.37.0

Date: 28.04.2026

New Features & Improvements

• ⭐ Native Web Search: Web Search can now be enabled for Model-Providers that support it natively (Google and Anthropic). The supported models are indicated with a Globe-Icon in the Model Picker. Web Search cannot be combined with Data from Collections, Spaces, or File Upload.
• ⭐ Space Owner Group Management: Space owners can now also manage group membership, giving them more control over who has access wo which data.
• Ingestion Error Details: You can now see more detailed information when a file or content ingestion fails, making it easier to understand and resolve issues.
• Confluence Source Details: Files and content sourced from Confluence now show the page title and Confluence icon, making it easier to identify where information originates.
• Minor Performance Improvements due to improved caching.

Bug Fixes

• File Download from Sources: Source references in chat responses now support direct file downloads again, so you can easily access the original documents.
• Voice Input (Speech-to-Text): Fixed an issue where voice input / speech-to-text was not working correctly.

Security Improvements

• Chat Deletion Privacy: Fixed an issue where deleting a chat could unintentionally expose internal system details in the error response.
• Secure Session Cookies: Session cookies are now set with a stricter security prefix, improving protection against certain cookie-based attacks.
• Sensitive Information Protection: Several improvements have been made to prevent internal system details from being exposed in error messages or API responses.
• XML Upload Security: Hardened the processing of uploaded XML files to prevent a class of security vulnerabilities (XXE attacks).
• SVG Upload Disabled. SVGs can no longer be uploaded since they provide a possible attack vectors without much benefit for the user.

v2.36.1

Date: 21.04.2026

New Features & Improvements

• ⭐ Ingestion Error Details: When a file fails to be processed, you can now see a clear error message explaining what went wrong, making it easier to understand and resolve upload issues.
• Accessibility: Various accessibility Improvements.
• Performance Improvements: Introduced some optimizations of Database requests, caching improvements, and HTTP client optimization which will improve overall system responsiveness.

Bug Fixes

• Space Switch – Chat Behaviour: Switching between spaces now correctly resets and updates the chat context, so conversations always reflect the selected space.
• Space Switch – Models Loading: Switching spaces immediately after logging in no longer results in models failing to load due to a timing issue.
• Document Search in Legacy Chats: Older chats now correctly search through documents again as expected.

v2.35.2

Date: 15.04.2026

New Features & Improvements

• ⭐ Confluence Integration: Data can now be synced directly from Confluence into Spaces.
• File Deletion Status: You can now see clear status feedback when deleting uploaded files, so you always know whether a deletion was successful.
• Improved German Language Detection: Speech-to-text now has improving transcription reliability when the spoken language is not english.
• Cohere Model Support: Cohere models are now available as an option for embeddings and language model interactions, giving you more choice when configuring your AI setup.
• Reranker Support: Search results from your document collections can now be reranked for improved relevance, delivering more accurate answers to your questions.
• Accessibility – Focus Handling: Various Accessibililty Improvements.

Bug Fixes

• UI Not Updating on Space Switch: Switching Spaces should now update the UI in all cases.
• Chat Search and Rename: Improved reliability for Searching through and renaming chats.
• Confidential Space Confirmation Dialog: A confirmation dialog is now properly shown when switching to a confidential workspace in privacy mode, preventing accidental switches without acknowledgement.
• Models Not Loading After Workspace Switch: Models now load correctly the first time you switch workspaces after logging in, resolving an issue where no models appeared until a manual refresh.

v2.33.1

Date: 31.03.2026

New Features & Improvements

-Updated the chat interface to show the space collection directly in the conversation view instead of relying on the space banner, creating a clearer user experience. -Improved the German translation across the product for a more consistent localized experience. -Updated the privacy policy label to include the required “Data privacy” icon. -Improved accessibility by ensuring important controls are displayed appropriately when users hover with the mouse.

Bug fixes

• Fixed an issue where default prompt suggestions could show “Undefined”.
• Fixed an error where a model object could not be found in certain situations.
• Fixed an issue where the pipeline type of a saved ingestion or RAG configuration was not displayed.
• Fixed chat context behavior so spaces that are no longer confidential are handled correctly without requiring a new user session.
• Prevented inactive models from being listed or used in chat from the backend side as well.
• Fixed an issue where models available in a space but missing in the middleware API key setup could not be used.
• Fixed an issue where administrators could not be assigned to groups.

v2.30.2

Date: 18.03.2026

Improvements

• Lightweight Privacy Mode: Confidential chats can no longer be shared.
• Accessibility Enhancements: Improved keyboard navigation and focus handling in pop-up dialogs, making the interface more accessible for users relying on keyboard controls and screen readers.

Bug Fixes

• Group Permission Access: Fixed an issue where users could not properly access knowledge bases, models, and prompts shared through groups.
• Full Document RAG Support: Restored support for using full document context in Chats.
• IAM: Fixed an Issue where users from external identity providers could see an error on first login.
• Lightweight Privacy Mode: Switching between confidential and non-confidential spaces now correctly updates privacy mode indicators and model availability.
• Chats: “My Space” chats now properly send requests without carrying over space names from previously selected spaces.
• Chats: Collection management in space-based chats now correctly prevents adding collections when not applicable.
• Lightweight Privacy Mode: Resolved an issue where sometimes Non-Telekom models were incorrectly available when switching from confidential to non-confidential spaces.

Security Improvements

• Authorization Verification: Added resource-level authorization checks for audio and image generation endpoints to ensure proper access control (under verification) to improve security.

v2.28.2

Date: 04.03.2026

New Features & Improvements

• ⭐ Lightweight Privacy Mode: Spaces can now be marked as “confidential.” When this flag is enabled, Smartchat ensures that data from these spaces is only processed using models hosted on Open Telekom Cloud, providing an additional layer of control for sensitive information and supporting stricter privacy requirements.
• Cancel Ingestion Tasks – Administrators can now cancel ingestion tasks that are already queued or in progress.
• Knowledge Management Performance Improvements – Several backend optimizations improve the responsiveness and overall performance of knowledge management operations.
• Faster Deletion Tasks – Deletion now happens immediately and does not longer need to be queued, increasing time-sensitivity of data removal.
• Redis Security Improvements – Internal improvements to the Redis service security.

Bug Fixes

• Model Visibility Issues Resolved – Fixed a problem where custom models could become visible in situations where they should not have been.
• Spaces–Groups Synchronization Fix – Fixed an issue where synchronization between spaces and groups could fail silently, which in some cases also affected model visibility.
• Chat Streaming Stability – Resolved an issue where chat streaming via WebSocket could stop working after switching away from and returning to a browser tab.
• Advanced Model Parameters Applied Correctly – Addressed an issue where advanced model parameters were not being applied as expected.
• Admin Panel Space Owner View – Fixed a bug where the space-owner view in the admin panel could occasionally appear empty.
• Ingestion Job Loop Prevention – Resolved an issue that could cause failed ingestion jobs to enter an infinite retry loop.
• File Upload Compatibility – Fixed an issue where uploading files with an apostrophe (’) in the filename could break the ingestion process.
• “Use Full Document” Switch Restored – The “Use full document” option has been restored and now functions correctly again.

v2.xx.x

Date: 25.02.2026

Improvements

• Model Deprecation – Disabled custom models no longer appear in the selection dialog. Users are also informed about models that will soon be unavailable and are provided with alternative recommendations.
• Workspace Model Optimisation – Custom AI models load faster.
• Accessibility – Improvements to page structure and regions, ARIA status for buttons, drag‑and‑drop alternatives, and better rendering at high zoom levels.

Bug Fixes

• The system prompt of custom models is now correctly taken into account.
• Issues with synchronising Spaces and Groups have been resolved.
• Various security & stability patches for dependencies and db

v2.xx.x

Date: 03.02.2026

New Features & Improvements

• 🎉 Rolled out a major rewrite of the Collections feature, delivering significant performance improvements. This update enables Smartchat to handle large volumes of file uploads from many more users simultaneously, without noticeable slowdowns.
• Updated llamaindex to a newer version, improving stability and future compatibility.
• Enhanced accessibility by adjusting message display timing in accordance with accessibility guidelines.
• Added an option for specific customer setups to prevent password reset via Keycloak when an external identity provider is active.

Bug Fixes

• Improved handling of disabled features so that the application no longer returns unnecessary authorization errors (401) when certain APIs are called while features are turned off.
• Fixed an issue where source information and Space badges were not reliably saved in Space-based chats, ensuring better traceability of sources in chats.
• Resolved a retrieval query pipeline issue caused by recent data model changes.
• Refined security middleware behavior to better match PSA requirements, ensuring all relevant endpoints remain accessible and fully functional.

v2.xx.x

Date: 20.01.2026

New Features & Improvements

• UI enhancement: Indication of IDP-managed external user accounts in the Admin Panel user list.
• Externally managed IDP users can no longer be updated manually.
• Administrators can configure Space attributes that allow automatic assignment of users based on matching groups or roles from the underlying IDP (e.g. Active Directory or Entra ID).

Bug Fixes

• Files that were stuck in a pending state can now be correctly marked as “removing”.
• API documentation pages are now accessible again.
• User creation via external IDPs is no longer blocked by settings intended only for local user creation.
• Legacy ingested files now correctly include the file_name field in their metadata.

Security Improvements

• Disabled and blacklisted non-required routes to reduce the overall attack surface.
• Switched the SmartChat login method to POST to prevent OAuth authorization codes and state parameters from being transmitted via URL. ⚠️ Important: This change requires users to clear their local browser cache; otherwise, login may fail due to the old method being used.
• Removed authentication tokens from localStorage.
• Improved JSON validation for user input data.
• Enhanced user input validation in the WebSocket event handler.
• Added X-Frame-Options (DENY / SAMEORIGIN) to protect against clickjacking attacks.
• Enabled mandatory 2FA for App Owners, Space Owners, and SmartChat Admins in Keycloak.

v2.16.0

Date: 07.01.2026

Bug Fixes

• Fixed issue causing 400 Bad Request when updating custom models in chat.
• Fixed chat request issue when session ID is not specified.
• Fixed “No User Found” message display in Smartchat for users without valid cookies.

Security Enhancements

• Improved security checks for permissions, sessions, and data requests to close potential attack vectors.
• Deactivation of insecure or unnecessary features as well as general system hardening for increased protection and stability.

v2.14.1

Date: 16.12.2025

New Features & Improvements

• Users whose permissions are managed via Active Directory are now clearly labeled in the admin panel.

Security Enhancements

• Improved security checks for permissions, sessions, and data requests to close potential attack vectors.
• Deactivation of insecure or unnecessary features as well as general system hardening for increased protection and stability.

v2.13.0

Date: 04.12.2025

New Features & Improvements

• Improved Accessibility
• Individually uploaded files are now prioritized over automatically synchronized ones.
• Introduction of monitoring for background processes (Celery Metrics Exporter) to improve system stability and observability.
• Improved session management: A unified session timeout logic ensures a consistent login duration of 8 or 4 hours (depending on the security level), without requiring reauthentication via Keycloak.
• Improved user and space management
• Automatic role assignment from Keycloak attributes during space assignments.
• Space Owners can batch-assign users to a space.
• Direct user creation for Space Owners can be disabled once AD/SSO is enabled.
• Legacy server-side code execution has been disabled.
• Improved file upload handling: File status is updated when the background process reaches a timeout.

Bug Fixes

• Files can now be deleted again after a failed deletion attempt.
• Prevention of a “dual authentication state” error.