Skip to main content

Release 2025.38.0

· 6 min read
meshcloud

Release period: 2025-08-27 to 2025-09-03

This release includes the following issues:

  • Workload Identity Federation Configuration Security Enhancement
  • Remove expansion option for Building Block Steps if no further details available
  • Fixed Building Block Definition Parent Selection in Platform Builder
  • Updated color theme in meshPanel
  • Move Marketplace Pricing Information to a Dedicated Card Element
  • Return HTTP 401 When Token Decoding Fails
  • Rate Limiting for meshObject API Endpoints
  • Increase Email Signature Character Limit
  • Display Platform UUID in Platform Control Plane
  • Terraform Building Blocks With Nested Inputs/Outputs
  • Enable Hierarchical Organizational Unit Assignments for AWS
  • Enable Hierarchical Management Group Assignments for Azure
  • meshStack Copilot "Get Help" Button For Platform Description Fields
  • Improved Tenant Identification in meshPanel

Ticket Details

Workload Identity Federation Configuration Security Enhancement

Audience: User

Description

Workload Identity Federation (WIF) configuration details are now fetched securely from an authenticated endpoint instead of being exposed in the browser environment. This improves security by ensuring that WIF configuration data like issuer URLs, audiences, and thumbprints are only accessible to authenticated users.

Remove expansion option for Building Block Steps if no further details available

Audience: User

Description

Being able to expand steps that did not contain any additional information was confusing before. Therefore the expansion option was now removed for those cases.

Fixed Building Block Definition Parent Selection in Platform Builder

Audience: User

Description

We fixed an issue where child building blocks definitions could not properly select their parent building block definitions in the platform builder area when the parent belonged to a different workspace.

Updated color theme in meshPanel

Audience: User

Description

We have updated the color theme in meshPanel to provide a more modern and consistent visual experience. The changes improve the overall look and feel of the interface while maintaining readability and accessibility.

Move Marketplace Pricing Information to a Dedicated Card Element

Audience: User

Description

The pricing information in marketplace service details has been moved from the main content area to a dedicated card on the right side of the page.

Return HTTP 401 When Token Decoding Fails

Audience: User

Description

The API now returns a proper HTTP 401 Unauthorized response when token decoding fails, instead of a HTTP 500 Internal Server Error. This improves error handling and provides clearer feedback to you when authentication fails due to invalid tokens.

Rate Limiting for meshObject API Endpoints

Audience: User

Description

We are currently evaluating rate limiting for meshObject API read endpoints in QA environments to improve system stability and prevent abuse. The rate limits are applied to the meshObject API endpoints. This feature helps ensure fair resource usage across all API consumers and maintains consistent performance under high load conditions. We plan to roll out this feature to production environments in the upcoming week.

How to use

Once enabled in production, rate limits will automatically be applied to meshObject API endpoints with default limits of 2 concurrent requests per user and 80 requests per minute in total per endpoint. API responses will include HTTP 429 (Too Many Requests) status codes when limits are exceeded. No configuration changes will be required on your end - the limits are designed to accommodate normal usage patterns while protecting against excessive usage. If you need higher limits please contact our support.

Increase Email Signature Character Limit

Audience: Customer

Description

This change increases the character limit for the email signature field from 200 to 500 characters, allowing for more detailed signatures.

Display Platform UUID in Platform Control Plane

Audience: User

Description

The platform control plane in meshPanel now displays the meshStack Platform ID (UUID) alongside other platform information. This provides platform operators with a direct way to access the unique identifier for their platform, which is useful for API operations and troubleshooting.

Terraform Building Blocks With Nested Inputs/Outputs

Audience: Operator

Description

When creating a Terraform building block definition inputs and outputs are automatically imported from Git. To simplify the process, meshStack will ignore inputs and outputs found in subdirectories, as they are not directly relevant to the building block.

Enable Hierarchical Organizational Unit Assignments for AWS

Audience: User

Description

AWS platforms now support hierarchical organizational unit assignment for accounts. When enabled, accounts can be placed in child organizational units below the organizational unit defined in the landing zone, allowing for more granular and flexible account organization within the AWS Organizations hierarchy.

How to use

Platform operators can enable this feature by configuring the "Allow Hierarchical Organizational Unit Assignment" setting in the AWS platform configuration. When enabled, accounts living in an organizational unit below the one defined in the landing zone will remain in their current organizational unit. This provides greater flexibility for organizing accounts in complex AWS Organizations structures while maintaining proper governance.

Enable Hierarchical Management Group Assignments for Azure

Audience: User

Description

Azure platforms now support hierarchical management group assignment for subscriptions. When enabled, subscriptions can be placed in child management groups below the management group defined in the landing zone, allowing for more granular and flexible subscription organization within the Azure management hierarchy.

How to use

Platform operators can enable this feature by configuring the "Allow Hierarchical Management Group Assignment" setting in the Azure platform configuration. When enabled, subscriptions living in a management group below the one defined in the landing zone will remain in their current management group. This provides greater flexibility for organizing subscriptions in complex Azure management group structures while maintaining proper governance.

meshStack Copilot "Get Help" Button For Platform Description Fields

Audience: User

Description

A new "Get Help" copilot button has been added to platform description input fields during both platform creation and platform editing. This button provides contextual assistance for writing effective platform descriptions. When clicked, it opens copilot with a pre-filled message suggesting how to create a meaningful platform description.

Improved Tenant Identification in meshPanel

Audience: User

Description

We have improved how tenant identifiers are displayed throughout meshPanel to provide clearer distinction between different types of tenant IDs. The tenant control plane now clearly shows the "meshStack Tenant ID" (UUID), "Platform Tenant ID" (cloud platform specific ID), and "Tenant name" separately. This makes it easier for you to understand and work with tenant identifications, especially when using APIs or troubleshooting tenant-related issues.