This is a hotfix release addressing the database migration issue introduced in 26.3.0. If you got hit by that, this is the fix — no configuration changes required.

Optional: Disable Relay's DNS Caching

A few users have reported that the relay container fails to authenticate against web after a fresh install or restart. The culprit is DNS caching that the Relay team enabled via Hickory DNS, it can cause stale resolution under certain networking setups.

If you're running into this, you can work around it by applying the patch from PR #4213. We're likely making this the default in the next release, so consider this a heads-up.

Notable Changes

• Size Analysis is GA (demo video here) — the feature is now generally available, though we're holding off on including it in the default self-hosted install until the Emerge-related dependencies stabilize. Looking to experiment? You can enable it manually in the meantime.

• Reduced downtime during upgrades — we've reordered the installation sequence (PR #4202) so Docker images are pulled before the Compose stack is taken down. If you're on a slower connection, you should notice meaningfully less downtime on future upgrades.

• Graduated feature flags cleanup — since late February, there's been an ongoing effort to remove a large batch of graduated feature flags. Worth a look if you want to know which features are now enabled by default in self-hosted.

Questions or want to talk through your setup? We're on Sentry's Discord — always happy to chat.

New Features ✨

• Reorder pull images by @aldy505 in #4202

Bug Fixes 🐛

• Manual image tags rollback to nightly by @aldy505 in #4204

Internal Changes 🔧

Deps

• Bump actions/setup-node from 6.2.0 to 6.3.0 by @dependabot in #4206
• Bump getsentry/craft from 2.21.7 to 2.23.2 by @dependabot in #4207
• Bump minimatch from 9.0.5 to 9.0.7 in /_integration-test/nodejs by @dependabot in #4189

Heya folks! This is just a fix-up for version bump issue on self-hosted repository for the 26.2.0 release. Nothing much changed.

As always, if you run into any issues or have questions about your setup, hop into our Discord—we're always happy to help troubleshoot.

Bug Fixes 🐛

Release

• Restore version bumping for releases by @BYK in #4191
• Be explicit about pre release and post release command by @hubertdeng123 in #4190

Other

• Prevent script injection vulnerability in get-compose-action by @fix-it-felix-sentry in #4179

Internal Changes 🔧

• (deps) Bump getsentry/craft from 2.21.4 to 2.21.7 by @dependabot in #4188

Other

• Use docker-compose shipped in GHA runners by @aminvakil in #4184

Quick heads-up: If you're wondering where the mid-month release went—we got delayed by a combination of US holidays, Lunar New Year celebrations, and some unexpected hiccups in our new release process built on Craft. It's now fully sorted, and here's what you're getting.

What's New

Data Forwarding is Live

Data forwarding is now available without any feature flags. You'll find it in Organization Settings → Data Forwarding.

This lets you forward processed error events to third-party providers—currently Segment, Amazon SQS, and Splunk. Useful if you're analyzing errors alongside other datasets, empowering teams outside engineering, or building business intelligence workflows. Note that only error events are forwarded; spans and logs aren't supported yet.

Important Fixes

Missing Feature Flag for Metrics Alerts

If metrics alerts haven't been working for you, check that your sentry.conf.py includes the necessary feature flags from sentry.conf.example.py. Specifically, compare the feature flags section and add anything that's missing.

Nodestore S3 Writes Fixed

We noticed a bug regarding Nodestore writes that was caused by an unbounded boto3 dependency. Fixed in getsentry/sentry-nodestore-s3#3. If you're using S3 for Nodestore, this update should resolve any intermittent write failures you may have seen.

Maintenance

Nginx and Seaweedfs Bumps

We've updated both Nginx and Seaweedfs to their latest versions. These are minor version bumps with no breaking changes, but because the image tags changed, you'll end up with orphaned images. Run docker image prune --all after updating to clear out the old ones and reclaim disk space.

As always, if you run into any issues or have questions about your setup, hop into our Discord—we're always happy to help troubleshoot.

New Features ✨

• Updates seaweedfs image to 4.09 by @ronaldorcampos in #4173
• Provide blank environment variables for AWS SES relay by @aldy505 in #4164

Bug Fixes 🐛

• (test) Add Authority Key Identifier to SSL certificates by @oioki in #4162
• Add "organizations:on-demand-metrics-extraction" ff to enable metric alerts by @mzglinski in #4170

Internal Changes 🔧

Deps

• Bump getsentry/craft from 2.21.2 to 2.21.4 by @dependabot in #4172
• Bump getsentry/craft from 2.20.1 to 2.21.2 by @dependabot in #4166
• Bump getsentry/action-release from 3.4.0 to 3.5.0 by @dependabot in #4133
• Bump actions/checkout from 6.0.0 to 6.0.2 by @dependabot in #4155
• Bump actions/setup-python from 6.1.0 to 6.2.0 by @dependabot in #4154
• Bump getsentry/craft from 2.19.0 to 2.20.1 by @dependabot in #4152
• Bump actions/setup-node from 6.1.0 to 6.2.0 by @dependabot in #4153
• Bump astral-sh/setup-uv from 7.1.6 to 7.2.0 by @dependabot in #4132
• Bump codecov/test-results-action from 1.1.1 to 1.2.1 by @dependabot in #4115
• Bump codecov/codecov-action from 5.5.1 to 5.5.2 by @dependabot in #4102
• Bump urllib3 from 2.5.0 to 2.6.3 by @dependabot in #4150

Other

• (craft) Update minVersion from 0.23.1 to 2.21.6 by @BYK in #4177
• (deps-dev) Bump cryptography from 46.0.3 to 46.0.5 by @dependabot in #4168
• Fix changelog-preview for external contributors by @BYK in #4158

Other

• Bump nginx 1.29.5 by @aminvakil in #4167
• Allow configuring Sentry taskworker concurrency via env by @madest92 in #4149

New Features ✨

• Switch nodestore-s3 package to getsentry org by @aldy505 in #4119

Build / dependencies / internal 🔧

• (deps) Bump astral-sh/setup-uv from 7.1.5 to 7.1.6 by @dependabot in #4100

Other

• Include SDK version 10 when using local JS SDK assets by @hsgt-brice in #4130

TL;DR: Skip 25.12.0 and upgrade directly to this version. We caught a migration bug shortly after the previous release—details below.

What's Fixed

Migration bug from 25.12.0 — We shipped a migration issue in the previous release that could cause upgrade problems. This patch resolves it cleanly. If you're still on 25.11.x or earlier, you can upgrade straight to 25.12.1 without touching 25.12.0.

SeaweedFS error noise — Fixed those persistent "failed to assign filer id" errors (#4074) by bumping the SeaweedFS version in the Docker Compose file. The logs should be much quieter now.

Action Required

None. No configuration changes needed—just pull and deploy.

This is our last release of 2025. Thanks for running self-hosted Sentry, and have a great holiday season!

Questions or issues? We're on Discord and happy to help.

Build / dependencies / internal 🔧

• chore(deps): bump seaweedfs version to 3.97 by @kostirez1 in #4120

Quiet release. Just maintenance.

This release keeps us aligned with upstream Sentry and fixes an installation script bug that caused errors when running the script multiple times. It was a minor Bash scripting slip-up on our end—fixed in #4076.

No breaking changes, no configuration updates required.

Questions or issues? We're on Discord and happy to help.

New Features ✨

• feat(release): Manually run post release script by @hubertdeng123 in #4073

• feat: bump action-setup-venv to use working-directory by @aldy505 in #4098

Bug Fixes 🐛

• fix: Provide useful info on permission errors by @BYK in #4096
• fix: missing 'SENTRY_SYSTEM_SECRET_KEY' declaration on Docker Compose block by @aldy505 in #4087
• fix: grep seaweedfs bucket name instead of using awk by @aldy505 in #4076

Build / dependencies / internal 🔧

Deps

• build(deps): bump actions/create-github-app-token from 2.2.0 to 2.2.1 by @dependabot in #4090

• build(deps): bump actions/setup-node from 4.4.0 to 6.1.0 by @dependabot in #4091

• build(deps): bump astral-sh/setup-uv from 7.1.4 to 7.1.5 by @dependabot in #4093

• chore: guard unit-test.sh from being invoked by users by @aldy505 in #4085

• chore: ask installation type on problem report template by @aldy505 in #4086

Other

• Revert "Revert "ref: migrate to uv (#4061)"" by @aldy505 in #4097
• Revert "ref: migrate to uv (#4061)" by @BYK in #4094
• test: integration test for user feedback by @aldy505 in #3880
• ref: migrate to uv by @aldy505 in #4061
• Add shm_size configuration back to postgres by @max-wittig in #4072

TL;DR: If you're not using profiling, you can skip this one.

Profiling Storage Fix

We've fixed a profiling storage issue where profiles were consistently returning "not found" due to a missing configuration. If you're running profiling, you'll need to update both your sentry/config.yml and docker-compose.yml files. From now on, we'll be storing profiles data on SeaweedFS, you can see for yourself if it's storage-consuming later on 😉.

For those using external storage: make sure vroom and filestore-profiles point to the same bucket. The profiles need to end up in the same place they're being retrieved from, straightforward, but easy to miss if your configuration split them.

What's Actually Happening Under the Hood

The profiling team has been working on vroomrs (mentioned a few releases back), and it's now doing the heavy lifting. The ingest-profiles container now processes profiles immediately via vroomrs and writes them directly to your bucket. This streamlines the pipeline and eliminates the storage mismatch that was causing the "not found" errors.

Community Contribution

(Probably not) Worth calling out: @copilot made their first contribution to the project! Okay jokes aside, we still write Bash scripts by hand.

Need help with the update? We're always happy to discuss your setup over on Discord.

Build / dependencies / internal 🔧

• chore: remove some more unused directories by @aldy505 in #4046
• build(deps): bump actions/create-github-app-token from 2.1.4 to 2.2.0 by @dependabot in #4058
• build(deps): bump actions/checkout from 5 to 6 by @dependabot in #4059
• chore: uptime checker is missing on the release issue by @aldy505 in #4047

Bug Fixes 🐛

• fix(profiling): Ingest profile file path by @Zylphrex in #4060
• fix: ensure seaweedfs lifecycle policy is set correctly by @kodebach in #4040
• fix: missing SYMBOLICATOR_STATSD_ADDR environment var for symbolicator-cleanup by @aldy505 in #4042

Other

• Add dcx shortcut for docker compose exec with HTTP proxy env vars by @copilot-swe-agent in #4067

No major fireworks, just solid, necessary maintenance and performance tweaks that keep things running smoothly.

Say Goodbye to the Old System Overview Page

This one is a necessary cleanup. Since we moved the underlying system from Celery to Taskbroker, the old "System Overview" page in Sentry’s /managed/ section just doesn't provide accurate or useful data anymore. It's now gone (PR #102988). Don't fret that it's missing! If you want to monitor the health of your self-hosted Sentry, you should be using StatsD and external monitoring tools. It gives you far better and more reliable data. Check out the documentation here if you haven't set up proper monitoring yet.

If symbolicator-cleanup container is unhealthy, you might want to snuck in this commit to fix it.

The Profiling Fix

There was a small snag with profiling: a crucial feature flag was missing, which prevented processing via vroomrs (the fast, Rust-based profiling library) from being properly enabled. This has been fixed now (issue #4012). If you use profiling, this means your profiles are back to being processed with that desirable Rust speed and efficiency. It was a minor internal slip-up, but an important one for performance folks.

Relay Gets Leaner

Relay—the component that handles receiving and processing your event data—got an update to reduce its CPU and memory usage. This improvement specifically benefits users running Relay in "proxy mode". While most self-hosted users default to "processing mode", if you happen to be running a complex setup with a separate ingest box, this update should save you some resources. Efficiency is always a good thing, regardless of your architecture size.

Questions or need to discuss these changes? Join us on Sentry's Discord! We're always happy to help and discuss your setup.

Various fixes & improvements

• feat: statsd configuration through environment variables (#4031) by @aldy505
• ref: sound SENTRY_DISALLOWED_IPS on the configuration file (#3981) by @aldy505
• fix: broken link to Errors-Only Mode docs (#4032) by @mariansimecek
• Fix Clickhouse max_server_memory_usage_to_ram_ratio setting (#4025) by @otoriphoenix
• Increase default max_suspicious_broken_parts to 100 (#4011) by @stevenobird
• fix(install): add migrate-pgbouncer.sh to install.sh (#4030) by @kodebach
• fix: remove snuba uptime results consumer (#4027) by @aldy505

TL;DR: Symbolicator migrated to distroless images for better security. We've completed the Celery replacement by removing cron and worker containers, and consolidated Snuba consumers into the Event Analytics Platform dataset. No configuration changes required.

Symbolicator Now Uses Distroless Images

We've migrated Symbolicator from Debian to distroless base images. These streamlined containers strip away unnecessary components like package managers, shells, and other OS distribution elements – enhancing security by reducing the attack surface.

Container Consolidation & Dataset Migration

Following last month's announcement, we've now removed the cron and worker containers entirely – taskbroker and taskworker handle everything. We've published comprehensive scaling documentation to help you optimize these services for your workload.

We've also retired the snuba-spans consumer in favor of three focused replacements: process-spans, process-segments, and snuba-eap-items-consumer. This consolidation routes most products (errors, spans, uptime monitoring, and logs) into the Event Analytics Platform (EAP) dataset – making cross-product correlation faster and more efficient.

Other Notable Changes

• Reference architectures: We've added a new Reference Architectures section to the documentation to help you plan and scale your deployment.
• Enhanced data scrubbing: Relay now automatically scrubs otp and two_factor as sensitive values (PR #5250).
• Trace waterfall cleanup: We've removed the "No instrumentation" placeholder from trace waterfalls (PR #101408).
• Pre-release features: Looking to experiment? Check out Native OTLP Ingestion (#3830) and Trace Metrics (#3993) – both available for early testing on self-hosted instances.

Questions or need to discuss these changes? Join us on Sentry's Discord! We're always happy to help and discuss your setup.

Various fixes & improvements

• fix: geoip standalone script should check on CONTAINER_ENGINE variable first (#3982) by @aldy505
• fix: missing -dir flag for seaweedfs (#3991) by @aldy505
• Remove symbolicator volume once (#3994) by @aminvakil
• Remove symbolicator external volume (#3992) by @aminvakil
• chore(spans): Remove old snuba-spans consumer (#3989) by @jjbayer
• Bump redis 6.2.20-alpine (#3988) by @aminvakil
• ref: add continue-on-error for codecov action on self-hosted integration tests (#3978) by @aldy505
• ref: use dedicated healthcheck command for symbolicator & remove cron for symbolicator-cleanup (#3979) by @aldy505
• fix(actions): include arch and compose_profiles information on cache keys (#3974) by @aldy505
• ref: Remove proxy_next_upstream directives (#3973) by @aminvakil
• fix: Unset the proxy when performing the seaweedfs health check (#3959) by @SteppingHat
• fix: logic error in s3 install script (#3965) by @kodebach
• Fix swap allocation in integration test (#3972) by @aminvakil
• chore(tasks) Remove reference to celery (#3962) by @markstory
• Respect uppercase proxy variables (#3949) by @aminvakil
• chore(tasks): Remove the worker and cron containers (#3946) by @markstory
• fix: install behind a proxy (#3944) by @moroine