* feat(authz): remove unnecessary dependency injection for role setter
* feat(authz): deprecate role module
* feat(authz): deprecate role module
* feat(authz): split between server and sql actions
* feat(authz): add bootstrap for managed role transactions
* feat(authz): update and add integration tests
* feat(authz): match names for factory and migration
* feat(authz): fix integration tests
* feat(authz): reduce calls on organisation creeation
* fix: make size and count included in json if zero
* fix: make forgot password api fields required
* fix: openapi spec
* fix: error message casing for frontend
* chore: fix openapi spec
* fix: openapi specs
* feat(authz): initial commit for migrating rbac to openfga
* feat(authz): make the role updates idempotant
* feat(authz): split role module into role and grant
* feat(authz): some naming changes
* feat(authz): integrate the grant module
* feat(authz): add support for migrating existing user role
* feat(authz): add support for migrating existing user role
* feat(authz): figure out the * selector
* feat(authz): merge main
* feat(authz): merge main
* feat(authz): address couple of todos
* feat(authz): address couple of todos
* feat(authz): fix tests and revert public dashboard change
* feat(authz): fix tests and revert public dashboard change
* feat(authz): add open api spec
* feat(authz): add open api spec
* feat(authz): add api key changes and missing migration
* feat(authz): split role into getter and setter
* feat(authz): add integration tests for authz register
* feat(authz): add more tests for user invite and delete
* feat(authz): update user tests
* feat(authz): rename grant to granter
* feat(authz): address review comments
* feat(authz): address review comments
* feat(authz): address review comments
* feat(authz): add the migration for existing roles
* feat(authz): go mod tidy
* feat(authz): fix integration tests
* feat(authz): handle community changes
* feat(authz): handle community changes
* feat(authz): role selectors for open claims
* feat(authz): role selectors for open claims
* feat(authz): prevent duplicate entries for changelog
* feat(authz): scafolding for rbac migration
* feat(authz): scafolding for rbac migration
* feat(authz): scafolding for rbac migration
* feat(authz): scafolding for rbac migration
* feat(authz): scafolding for rbac migration
* feat(dashboard): add public dashboard APIs to open-api spec
* feat(dashboard): split the ee and pkg modules
* feat(dashboard): commit open api spec
* feat(dashboard): fix signoz module test
* feat(dashboard): add license checks
* feat(dashboard): merge main
* feat(dashboard): add anonymous scheme
* feat(authz): add stats reporting for public dashboards
* feat(authz): add stats reporting for public dashboards
* feat(authz): add stats reporting for public dashboards
* feat(authz): base setup for public shareable dashboards
* feat(authz): add support for public masking
* feat(authz): added public path for gettable public dashboard
* feat(authz): checkpoint-1 for widget query to query range conversion
* feat(authz): checkpoint-2 for widget query to query range conversion
* feat(authz): fix widget index issue
* feat(authz): better handling for dashboard json and query
* feat(authz): use the default time range if timerange is disabled
* feat(authz): use the default time range if timerange is disabled
* feat(authz): add authz changes
* feat(authz): integrate role with dashboard anonymous access
* feat(authz): integrate the new middleware
* feat(authz): integrate the new middleware
* feat(authz): add back licensing
* feat(authz): renaming selector callback
* feat(authz): self review
* feat(authz): self review
* feat(authz): change to promql
* feat(authz): openfga sql migration
* feat(authz): formatting and naming
* feat(authz): formatting and naming
* feat(authz): extract function for store and model id
* feat(authz): reorder the provider
* fix: removing duplicate creation of user if user does not exist already
* test: adding api test case
* fix: updated test cases
* fix: remove unnecessary logging and clean up connection params API
* feat: add gateway fixture and integrate with signoz for connection parameters
* feat: add cloudintegrations to the test job matrix in integrationci.yaml
* fix: remove outdated comments from make_http_mocks fixture
* fix: remove deprecated ZeusURL from build configurations
This PR fulfills the requirements of #9069 by:
- Adding a golangci-lint directive (forbidigo) to disallow all fmt.Errorf usages.
- Replacing existing fmt.Errorf instances with structured errors from github.com/SigNoz/signoz/pkg/errors for consistent error classification and lint compliance.
- Verified lint and build integrity.
## 📄 Summary
- Instead of relying on JWT for session management, we are adding another token system: opaque. This gives the benefits of expiration and revocation.
- We are now ensuring that emails are regex checked throughout the backend.
- Support has been added for OIDC protocol
* feat(authz): address tenant isolation for authz
* feat(authz): handle role module self registry
* feat(authz): keep role / user / resource sync in naming
* feat(authz): rename orgId to orgID
* feat(authz): add the missing / for user
* feat(authz): remove embedding for pkgopenfgaauthz service
This introduces a new Raw Data Export module to the codebase, enabling users to export raw log data via a dedicated API endpoint. The changes include the implementation of the module and handler, integration with existing infrastructure, configuration updates, and adjustments to tests and module wiring.
## 📄 Summary
implement strong controls for password. Now the password requirement is :
password must be at least 12 characters long, should contain at least one uppercase letter [A-Z], one lowercase letter [a-z], one number [0-9], and one symbol
* feat: adding support for 1.26 semconv
* feat: adding support for 1.26 semconv
* feat: adding support for 1.26 semconv
* feat: adding support for 1.26 semconv
* feat: added native support for 1.26
* feat: added native support for 1.26
* feat: adding support for 1.26 semconv
* feat: adding support for 1.26 semconv
* feat: adding support for 1.26 semconv
* feat: resolved conflicts
* feat: resolved conflicts
* feat: resolved conflicts
* feat: resolved conflicts
* feat: resolved conflicts
## 📄 Summary
To reliably migrate the alerts and dashboards, we need access to the telemetrystore to fetch some metadata and while doing migration, I need to log some stuff to fix stuff later.
Key changes:
- Modified the migration to include telemetrystore and a logging provider (open to using a standard logger instead)
- To avoid the previous issues with imported dashboards failing during migration, I've ensured that imported JSON files are automatically transformed when migration is active
- Implemented detailed logic to handle dashboard migration cleanly and prevent unnecessary errors
- Separated the core migration logic from SQL migration code, as users from the dot metrics migration requested shareable code snippets for local migrations. This modular approach allows others to easily reuse the migration functionality.
Known: I didn't register the migration yet in this PR, and will not merge this yet, so please review with that in mid.
* fix: prevent creation of funnels with duplicate names
- Fixed Update method to validate duplicate names before updating
- Added proper duplicate name validation that excludes the current funnel being updated
- Fixed incorrect error wrapping in Update method that was marking all errors as "already exists"
- Fixed typo in error message ("funnelr" -> "funnel")
- Added comprehensive tests for duplicate name validation in both Create and Update operations
- Used internal errors package for consistent error handling
The funnel API now properly prevents creating or updating funnels with duplicate names
within the same organization, resolving issues where duplicate funnels could be created
but would fail during retrieval.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* fix: returning error instance
* fix: implement database transactions for funnel creation and updates
- Wrap check-and-create operations in Bun transactions to prevent race conditions
- Apply transaction pattern to both Create() and Update() methods
- Ensures atomic operations when checking for duplicate funnel names
- Prevents concurrent requests from creating duplicate funnels
- Follows existing transaction patterns from user store implementation
Addresses PR feedback for race condition prevention
---------
Co-authored-by: Ankit Nayan <ankitnayan@Ankits-MacBook-Pro.local>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Shaheer Kochai <ashaheerki@gmail.com>
* feat: refactor tracefunnel to support dynamic multi-step funnels
Replace hardcoded 2-step and 3-step funnel functions with dynamic
implementations that support unlimited steps. Add comprehensive tests
for multi-step funnel functionality while maintaining backward
compatibility.
Key changes:
- Add dynamic query builders for n-step funnels
- Update all query functions to use new builders
- Remove old hardcoded functions
- Add tests for 1-6 step funnels
- Maintain temporal ordering logic
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* feat: add duration calculation for latency_pointer='end' in funnel qu… (#8632)
* feat: add duration calculation for latency_pointer='end' in funnel queries
- Updated BuildFunnelOverviewQuery and BuildFunnelStepOverviewQuery to calculate end time
when latency_pointer is 'end'
- Modified BuildFunnelTopSlowTracesQuery and BuildFunnelTopSlowErrorTracesQuery to support
latency pointer parameters
- Added comprehensive tests for latency pointer functionality in
clickhouse_queries_latency_test.go
- When latency_pointer is 'end', the query now adds span duration to timestamp for
accurate latency calculations
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* do matching after lowercase conversion
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
---------
Co-authored-by: Ankit Nayan <ankitnayan@Ankits-MacBook-Pro.local>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
* fix: apply remaining changes from PR #8615 for ClickHouse 25.5 compatibility
- Updated BuildTracesFilter to BuildTracesFilterQuery with false parameter in query.go
- Updated test files to expect resource_string_service$$name instead of serviceName
- Fixed function reference in query_test.go
These changes complete the ClickHouse 25.5 compatibility updates while maintaining
the dynamic multi-step funnel functionality.
* fix: replace durationNano with duration_nano for ClickHouse compatibility
- Updated all SQL queries in clickhouse_queries.go to use duration_nano column name
- Updated test expectations in clickhouse_queries_latency_test.go
- Ensures consistency with ClickHouse snake_case column naming convention
* refactor: code formatting and add TODO comment
- Remove trailing whitespace in query.go
- Add TODO comment for GetErroredTraces function regarding product improvement
- Add newline at end of file for proper formatting
---------
Co-authored-by: Ankit Nayan <ankitnayan@Ankits-MacBook-Pro.local>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
