On-Premises Release Notes

On-Premises 1.x.x

1.37.3

Release date

December 17, 2025

Features

Bi-Directional Contract Testing

  • We added support for paths that contain colons : in Bi-Directional Contract Testing (BDCT).

API

  • We updated the /audit endpoint to support additional query parameters, allowing more flexible filtering of audit events. You can now filter using:

    • from

    • since

    • userUUID

    • userEmail

    • type

    • sortDirection

    See the updated API documentation.

Fixes

General

  • We updated all dependencies to resolve open CVEs.

  • We fixed an issue where a SCIM/SAML user that had been deactivated then provisioned again was unable to login.

  • We fixed an issue with can-i-deploy and bi-directional contract testing, where a V4 Pact with either mixed HTTP and non-HTTP interactions, or only non-HTTP interactions, was incorrectly considered safe to release without a corresponding Pact verification for the non-HTTP interactions.

  • We fixed an issue with V4 pacts where interaction and message counts were not properly counted.

Migration Notes

  • This release includes time-consuming data migrations related to the V4 Pact fixes described above.

  • We added a new has_messages boolean field to the pact_versions table. This field is set to false by default.

  • We strongly recommend performing a manual database migration before upgrading your on-premises instance to avoid extended startup times.

Further background

  • Pact V4 does not include a dedicated messages collection. Instead, it uses a single interactions collection, where each interaction has a type value of one of the following:

    • Synchronous/HTTP

    • Asynchronous/Messages

    • Synchronous/Messages

    Refer to the Pact specification for details.

  • The migration process must inspect all existing Pact versions to correctly determine whether messages are present. This requires evaluating the Pact specification version and the interaction types contained within each Pact.

  • These changes ensure that existing V4 Pacts behave correctly when using can-i-deploy and that metrics and reporting related to message-based interactions are accurate.

1.37.2

Release date

August 19, 2025

Features

General features

  • We removed redundant metadata from the root span emitted by OpenTelemetry instrumentation.

  • We added a delete action for requests on the /pacticipants/:pacticipant_name/versions/:pacticipant_version_number endpoint for users with appropriate permissions.

Bi-Directional Contract Testing (BDCT)

  • Now we support discriminator.mapping to improve schema compatibility in BDCT workflows.

  • We published new BDCT API endpoints:

    • /contracts/bi-directional/provider/{providerName}/version/{providerVersionNumber}/consumer/{consumerName}/version/{consumerVersionNumber}/cross-contract-verification-results

    • /contracts/bi-directional/provider/{providerName}/version/{providerVersionNumber}/consumer/{consumerName}/version/{consumerVersionNumber}/consumer-contract-verification-results

    • /contracts/bi-directional/provider/{providerName}/version/{providerVersionNumber}/consumer/{consumerName}/version/{consumerVersionNumber}/provider-contract-verification-results

    • /contracts/bi-directional/provider/{providerName}/version/{providerVersionNumber}/consumer/{consumerName}/version/{consumerVersionNumber}/provider-contract

    • /contracts/bi-directional/provider/{providerName}/version/{providerVersionNumber}/consumer/{consumerName}/version/{consumerVersionNumber}/consumer-contract

    • /contracts/bi-directional/provider/{providerName}/version/{providerVersionNumber}/cross-contract-verification-results

    • /contracts/bi-directional/provider/{providerName}/version/{providerVersionNumber}/consumer-contract-verification-results

    • /contracts/bi-directional/provider/{providerName}/version/{providerVersionNumber}/consumer-contract

    • /contracts/bi-directional/provider/{providerName}/version/{providerVersionNumber}/provider-contract-verification-results

    • /contracts/bi-directional/provider/{providerName}/version/{providerVersionNumber}/provider-contract

    See the API documentation for details on using these endpoints.

Fixes

  • We addressed security vulnerabilities by updating affected packages. See CVE advisories for more information.

Migration notes

  • You do not have to take any migration steps for this release.

On-Premises 2.x.x

2.4.0

Release date

December 17, 2025

Features

User Interface enhanced

  • We added a warning that displays when WebGL is not available on the network diagram page.

  • We added a notice when a consumer contract is not a valid Pact file.

    Note

    Swagger Contract Testing supports consumer contracts that are not Pact files. However, most users typically upload a Pact file.

  • We improved the robustness of pacticipant pages when a pacticipant cannot be found.

  • We improved the contract details view to present bi-directional contract information more clearly and consistently. See the updated Contract Details and Bi-Directional Contract Testing documentation.

  • We now show the release version, rather than the release SHA, as the version in PactFlow on-premises.

Bi-Directional Contract Testing

  • We added support for paths that include colons : in Bi-Directional Contract Testing (BDCT).

API

  • We updated the /audit endpoint to support additional query parameters, allowing more flexible filtering of audit events. You can now filter using:

    • from

    • since

    • userUUID

    • userEmail

    • type

    • sortDirection

    See the updated API documentation.

Fixes

User Interface

  • We fixed an issue that could cause the UI become unresponsive when handling large contracts.

  • We fixed an error that occurred when loading a page after a favorited application had been removed.

  • We fixed an issue where verification results did not appear in certain edge cases.

  • We fixed a crash that occurred on some compatibility tiles under specific error conditions.

  • We improved rendering performance for very large provider self-verification results.

General

  • We updated all dependencies to resolve open CVEs.

  • We fixed an issue where a SCIM/SAML user who had been deactivated and then reprovisioned was unable to log in.

  • We fixed an issue with can-i-deploy and bi-directional contract testing where a V4 Pact with either mixed HTTP and non-HTTP interactions, or only non-HTTP interactions, was incorrectly considered safe to release without a corresponding Pact verification for the non-HTTP interactions.

  • We fixed an issue in V4 Pacts where interaction and message counts were not calculated correctly.

Migration Notes

  • This release includes time-consuming data migrations related to the V4 Pact fixes described above.

  • We added a new has_messages boolean field to the pact_versions table. This field is set to false by default.

  • We strongly recommend performing a manual database migration before upgrading your on-premises instance to avoid extended startup times.

Further background

  • Pact V4 does not include a dedicated messages collection. Instead, it uses a single interactions collection, where each interaction has a type value of one of the following:

    • Synchronous/HTTP

    • Asynchronous/Messages

    • Synchronous/Messages

    Refer to the Pact specification for details.

  • The migration process must inspect all existing Pact versions to correctly determine whether messages are present. This requires evaluating the Pact specification version and the interaction types contained within each Pact.

  • These changes ensure that existing V4 Pacts behave correctly when using can-i-deploy and that metrics and reporting related to message-based interactions are accurate.

2.3.0

Release date

October 21, 2025

Features

User Interface enhanced.

  • We improved the dialog text in delete modals when you remove pacts and integrations.

  • The current user is now highlighted in the user list for easier identification.

  • Improved query parameter formatting on the contract details page now displays values exactly as they are sent over the network.

  • Now you can download contracts as attachments directly from the contract details page.

Roles and seat types updated.

To align with our cloud offering, we have updated the following role and permission settings:

  • We renamed the Viewer role to Read-Only, without making any changes to permissions.

  • We renamed the Guest role to Viewer and added the following read-only permissions:

    • user:read:*

    • team:read:*

  • We introduced a new No Access role with no permissions.

New onboarding tutorial.

  • We added an in-app tutorial to help new users learn the basics of contract testing and complete their first verified contract.

Bi-Directional Contract Testing (BDCT) improved.

  • We added support for patterned fields, such as 4XX or 5XX status codes, in BDCT workflows.

  • Now we support nested discriminator.mapping to improve schema compatibility in BDCT workflows.

Fixes

General fixes

  • We fixed an issue where the UI prevented some users with the correct permissions from deleting secrets.

  • We fixed an issue in Bi-Directional Contract Testing (BDCT) to display compatibility check results when a method or path is missing in an OpenAPI document.

  • We fixed an issue where SAML logins redirected over HTTP instead of HTTPS. The correct protocol is now maintained throughout the SAML workflow.

  • We fixed an issue that prevented allOf schemas from being interpreted correctly.

  • We fixed an issue that prevented testing webhooks without a team.

  • We fixed an issue where some users were unable to filter applications in the Teams or Favorites views.

Previous Releases

In this section:
© 2025
Publication date: