Skip to main content
Version: Next

v0.1.7 — Omnibus catch-up (v0.0.83 → v0.1.7)

Released: 2026-06-14. Omnibus snapshot covering 24 tagged releases (v0.0.83 → v0.1.7, ~487 commits, 2026-05-21 → 2026-06-13).

This is a single catch-up release note for the v0.0.83…v0.1.7 span — the docs were last snapshotted at v0.0.82. Per-version raw changelogs live in docs/_release-notes-staging/<version>/raw-notes.md (compare ranges, head commits, and full commit bodies) for anyone who wants the commit-level detail behind each summary below.

The headline themes: a public Python SDK and CLI (honeyframeapi), a native dbt-free build engine with a pluggable metadata catalog, a much deeper Flow authoring surface (new visual recipes, a full prepare-processor catalog, lenses, buildable zones), reusable dashboard cards and dashboard templates, continued Cobuild planner growth, project bundles with cross-install promotion, and a round of security hardening.

Developer — SDK, CLI & API

honeyframeapi Python client (public PyPI debut, 0.1.0). Honeyframe now ships a first-party, dataikuapi-style Python SDK. Install it with pip install honeyframeapi. The internal 0.4.x development series was reset to 0.1.0 for the public PyPI release, so 0.1.0 is the first version available publicly. The package ships a PEP 561 py.typed marker and is mypy-clean, so editors and type-checkers see the full surface. The client injects Authorization / X-Org-Id / X-Project-Id automatically, maps HTTP errors to typed exceptions, refreshes JWTs on 401, and retries idempotent (GET/HEAD/OPTIONS) requests on transient 502/503/504 and transport errors with bounded backoff — writes are never auto-retried.

Resource handles at dataikuapi parity. The SDK exposes typed handles for projects, datasets, connectors, scenarios, jobs, recipes, assets, agents, bundles, and managed folders. New data round-trip helpers: Project.upload_dataframe / upload_file (create managed Parquet datasets from local data) and Dataset.to_csv / to_parquet (local export that respects server-side data-policy/PII masking — exports can't see more than the caller can browse). Lineage introspection via Dataset.upstream() / downstream() and Project.dag(). Engine detection via Project.engine() / uses_dbt(). Project bundle handles (create_bundle / list_bundles / bundle(v).activate() / download()), managed-folder handles (list/upload/download), dataset metrics & checks wrappers, generic recipe authoring (Recipe.save(recipe_type=, steps=)), and a Webapp resource that can publish a dashboard and mint/revoke token-gated public share links from code.

honeyframe CLI. The package installs a honeyframe console script (kubectl/gh-style flags after the subcommand, --format json|csv). Commands cover whoami / version / projects / datasets / sql, PAT management (pat create|list|revoke), scenarios (scenario list|run), and the full warehouse loop (engine, lineage, upload, export).

Personal Access Tokens (PAT). New long-lived hf_… credentials for the SDK, CLI, and scripts — no password and no 60-minute JWT expiry. Mint/list/revoke from the platform UI (avatar menu → Personal Access Tokens) or via POST/GET/DELETE /api/auth/tokens. The raw secret is shown once and stored only as a SHA-256 hash; the auth middleware branches on the hf_ prefix to resolve the owning user, stamps last_used_at, and audit-logs mint/revoke. PATs replace the older dedicated-user service-account workaround.

Authoring the warehouse through the API. A new governed POST /api/sql endpoint (project-scoped, SELECT-guarded, statement-timeout enforced) backs client.sql() / project.sql(). Warehouse DDL goes through dbt authoring: project.dbt (DbtIDE) wraps /api/dbt/* for write/read/list/delete files, create_model, run/test/build/compile, and git (status/commit/push). Together with engine detection this completes the end-to-end loop — detect engine → upload → author → run → read → lineage → publish — on both dbt and native-engine installs.

See Developer → SDK for the full reference.

Flow & Recipes

New visual recipes. The visual recipe palette gained Pivot (long→wide via portable conditional aggregation, with a Fetch from data button that auto-discovers spread values), Top-N (per-group top-K), Window (running totals / rank / lag-lead), Sample (first/random row subsets for fast iteration on large tables), Distinct (whole-row or DISTINCT ON dedup with a deterministic tiebreaker), Fuzzy Join (trigram / Levenshtein / normalized-exact matching, with a cartesian guard and row-explosion warnings), and Generate Statistics (one-row-per-column profiling — fill rates, null/distinct counts, min/max). The codegen layer now refuses a keyless join rather than emitting a silent cartesian product.

A full Prepare processor catalog. Prepare recipes are now a linear pipeline of discrete, engine-portable processors covering routine cleanup without dropping to SQL: pad, normalize_whitespace, replace_text, concat_columns, coalesce_columns, extract_pattern, map_values, hash_column (deterministic MD5 pseudonym), flag_valid, split_column, fill_null, cast_type, trim_whitespace, date_extract, round_number, bucket_numeric, window_row_number, and clean_column_names.

New recipe types: SQL Script, Export, and document-AI. A SQL Script recipe runs a multi-statement script verbatim in one transaction, with injection-safe project-variable binding. An Export recipe is a terminal sink that writes a dataset to csv/parquet/xlsx in a managed folder. Three document-AI recipes — Classify Text, Summarize Text, and Parse Documents (folder → {file, extracted_text, parsed_json}) — round out the AI surface. Folders are now first-class flow inputs (a Folder palette block), and project variables (:name / ${name}, parameter-bound) are referenced across SQL recipes and scenario steps.

Native build engine. Orgs can run on a native engine profile that executes recipes directly without dbt. POST /api/flow/build-native is the native dbt run — dependency-order build with stop-on-failure — and supports ?select= (dbt-style partial rebuild), ?background=true (returns a run_id to poll), and ?dry_run=true (plan preview without touching the warehouse). Readiness and bulk convert-to-SQL endpoints, plus a guarded engine flip, make the migration safe.

Lens system. An Apply a view dropdown recolors the whole canvas by one dimension without altering the graph: the Cost lens heatmaps nodes (and recipe blocks) by total compute with a per-DAG-relative 5-stop scale, top-3 hot glow, and a 14-day trend drawer; Tags, Recipe Engines, and Schema lenses are also available.

Flow zones become a build unit. Zones can now be built — single-zone ▶ Build, or multi-zone selection running one build across several — each with a per-zone build-history drawer and health rollup. Zone shares add virtual "ghost" references of a node into another zone without moving its recipe or storage; the source zone keeps build ownership.

Canvas UX overhaul. A categorized, searchable recipe picker (with Recent and keyboard nav), autosave layout, minimap, live edge animation, focus mode, collapse-all-zones, health chips, cost strips, and 14-day sparklines. Builds stream per-model progress over SSE, and Cobuild now updates the canvas live as plans execute (new-node flash, tool-call flash, selection-aware). Hand-written dbt models render in the Dataiku dataset→recipe→dataset shape via synthesized read-only recipe nodes plus on-canvas SQL-peek pills and ƒx edge chips.

See Flow and Recipes for details.

Catalog, Connectors, Datasets, Dashboards & Cobuild

dbt-decoupling: a pluggable catalog and a native build engine. The metadata layer no longer reads the dbt manifest directly. A ModelCatalog abstraction now backs lineage, dataset listing, governance/PII summaries, and the DAG, with two implementations: a manifest-backed DbtManifestCatalog (byte-identical for existing dbt tenants) and a NativeCatalog backed by the honeyframe.datasets registry, information_schema columns, and a first-class honeyframe.dataset_edges table. On native tenants, recipe runs and Flow Builder canvas saves auto-write dependency edges, so native orgs get DAG lineage without a manifest. Each org's adapter set is configured via a catalog_config JSONB list (GET/PUT /api/catalog/config), and the engine profile (dbt | native) via GET/PUT /api/catalog/engine.

Connectors: rotation, usage visibility, notification sinks, and SAP HANA. Credentials now support versioned rotation with a dry-run health check, an audit-only secret history, and re-tested rollback (/rotate, /secret-history, /rollback/{id}). Each connector card shows a usage rollup — datasets, agent tools, and last-used freshness — via /usage. The legacy Settings → Notification Channels surface folded into Connectors as three sink types (slack_webhook, webhook, smtp_email), with a one-time backfill; notifications now dispatch through data_connectors. A new saphana source connector makes SAP HANA (on-prem and HANA Cloud) a usable live connection rather than a read-only catalog adapter.

Datasets: snapshots, rollback, and registry-driven visibility. Each successful build records a recoverable snapshot (with an auto-computed data-quality summary), and Rollback restores a dataset to a prior build. The list view gained a downstream consumer-count badge. A visibility fix made honeyframe.datasets the source of truth for dataset existence, so a model built by a CLI dbt run surfaces immediately (row/column counts backfilled from the live DB) instead of showing "0 datasets" until a manifest redeploy + restart.

Dashboards: reusable cards as a first-class library. Card templates split into Stamp (one-time copy) and Link (a live template_id FK that fans template edits out to every linked card). A Metabase-style Card Library page (/card-library) renders live previews per tile, plus param defaults, tags, single-level folders, org/private visibility, per-edit versioning with a diff/restore viewer, pin/sort, and bulk actions.

Dashboards: template instance fan-out. The 1 → many pattern extends to whole dashboards — stamp a layout as a template, then bulk-instantiate up to 200 parameterized instances, each binding its own params (which slot between policy and caller at render time). Sync to instances propagates card add/update/remove to every linked instance while preserving each instance's layout, fronted by a dry-run sync-preview confirm. A /dashboard-templates browse page lists every template with instances.

Dashboards: authoring and rendering. A schema-aware Monaco SQL editor replaced the plain textarea in card and library editors. Calculated fields landed in the visual query builder (server-validated via sqlglot, with interactive on-blur validation). Chart conditional formatting (chart_rules), structured reference/target lines, and donut center totals were added and wired into the live editor; opt-in cross-filter drills only sibling cards on declared columns; a responsive grid restacks cards to full-width single-column on mobile/tablet in View mode; and pie/donut sizing became responsive with a chart_size display option.

Cobuild: planner, inline cards, and selection awareness. The planner toolset grew document-extraction tools (create_extract_document_recipe, reextract_failed_documents), discover_pivot_values, get_lineage, and save_card_template. Tool results render inline as cards (lineage trace, saved-template deep link, selection-derived suggested actions); plan cards show per-step status from the trace. The chat is selection-aware, surfacing quick-action chips tailored to recipes, agents, knowledge bases, dashboards, or heterogeneous selections, with @asset mentions in the follow-up composer, plus thread retitling, row counts, and llm_enrich materialization. Scenarios gained build_zone and detect_anomalies (cost-budget) step types.

See Connectors, Datasets, Dashboards, and Cobuild.

Security, Governance & Operations

Superadmin hardening. A defect that auto-granted global is_superadmin to every first-time SSO sign-in (Google, Microsoft, generic OIDC, SAML) was fixed — SSO auto-create now inserts users with is_superadmin = FALSE, leaving the seeded role (default viewer) as the only privilege. A static test asserts this across every SSO insert path so the bug class can't regress. Separately, PATCH /api/users/{id} gained an is_superadmin field whose writes are gated behind the caller's superadmin status (org-admin is not sufficient), with self-revoke blocked so the last superadmin can't lock the platform out.

Permissions model. No new permission_type strings were added between v0.0.83 and v0.1.7; the catalog (org.admin, project.edit, project.view, connector.read/edit, dashboard.edit, feature.agent_builder, feature.chat) is unchanged — only coverage grew as routers migrate off require_role. The sidebar now mirrors the backend gates: the Data Management group (Connectors/Datasets/Storage) is hidden from viewers, who previously saw these entries and hit 403s. Audit logging gained only viewer-side UX polish — no new events, categories, or schema.

Engine profile / deployment. Organizations now carry an engine_profile (dbt default, or native). The native engine compiles recipes straight to CREATE TABLE AS / CREATE OR REPLACE VIEW against the warehouse (Postgres + DuckDB) with no dbt toolchain. Self-hosted can provision born-native via setup-customer.sh --engine native (the column is folded into init_schema so it exists on fresh installs); Cloud/Enterprise accept it on POST /api/organizations. Flipping an existing org to native is guarded by an org-wide recipe-readiness check (409 unless ?force).

Governance / project lifecycle. Project bundles add a versioned lifecycle over project export/import: immutable numbered snapshots, activate (clone into a new project), blue-green deploy (replace an existing project transactionally, soft-archiving prior contents, stable slug), and cross-install push to a registered remote node whose PAT is AES-GCM-encrypted and never returned by the API. In-place re-keying is intentionally unsupported; blue-green is the safe equivalent.

Operations / startup resilience. A systemd OOM watchdog catches silent cgroup-OOM restart loops via a stdlib-only oneshot timer that emits a HONEYFRAME-OOM-ALERT SIEM marker. Startup was hardened with bounded lock_timeout/statement_timeout on the init_schema DDL connection plus a branded nginx maintenance page (flag-file + 502/503/504 fallback, driven by honeyframe update/rollback/maintenance). The scheduler now reaps orphaned running job_runs on boot so a restart doesn't wedge cron recipes.

See Security, Governance, and Deployment tiers.

Upgrade notes

  • Several releases in this span ship schema migrations that auto-apply on first boot of the new binary (honeyframe update). Notable additions: flow_recipes.version (optimistic locking), honeyframe.dataset_edges (native lineage), engine_profile on organizations, dataset build snapshots, card/dashboard template tables, project bundles, and PAT storage. Migrations are idempotent; pre-upgrade install + DB snapshots are taken automatically and rollback is honeyframe update --rollback.
  • Action recommended: if you authenticate the SDK/CLI or any scripts with a dedicated service-account user, migrate them to Personal Access Tokens (hf_…). See Developer → Authentication.
  • The native engine is opt-in. Existing dbt orgs are unaffected; the default engine_profile remains dbt.