Skip to content
CircleCI
View entire changelog

Server 4.9.0 Released

New feature

Server 4.9.0 Changelog

Before Upgrading

See the CircleCI server 4.9 release notes and upgrade guide for this release.

NOTE: Vault is being deprecated and will no longer be supported in server 5.0. Refer to our script for steps to migrate to Tink.

What’s New in Release 4.9.0

The v4.9 release introduces serial groups for job serialization, automatic retries for workflows and steps, and improved caching with Zstd compression.

NEW FEATURES

  • Serial Groups: A native mechanism for serializing job execution across workflows. Jobs can now be configured to run sequentially using the serial-group key, preventing race conditions in deployments and other concurrent operations. For more information, see the docs.

  • Automatic Workflow Reruns: Workflows can now be configured to automatically rerun on failure using the max_auto_reruns configuration key. For more information, see the changelog.

  • Automatic Step Retries: Individual steps within jobs can now be configured to automatically retry on failure. For more information, see the changelog.

  • Faster Checkout with Blobless Method: The checkout step now supports a method option that enables blobless checkout for faster repository cloning. For more information, see the changelog.

  • Zstd Cache Compression: Cache compression now uses Zstd by default, providing faster compression and decompression with better compression ratios. For more information, see the changelog.

  • Job-level Cache Retention Controls: Cache retention can now be configured at the job level, allowing more granular control over cache lifecycle. For more information, see the changelog.

  • OIDC Token Reliability Improvements: Enhanced retry handling for OIDC token generation, improving reliability in environments with transient network issues. For more information, see the changelog.

  • Configurable Max Run Time: Build jobs now support a configurable maximum run time through the builds_service.customMaxRunTime Helm value, allowing operators to override the default 5-hour limit.

  • Dark Mode: Users can now enable “Dark mode” through the CircleCI web app, see the changelog.

CHANGES

  • Some CircleCI job statuses that were previously marked as skipped were changed to failed, see the changelog.
  • Reduced time to start jobs for very large and complex workflows, see the changelog.
  • Personal Access Token (PAT) management has been migrated to the authentication-service. PATs are automatically migrated during the upgrade process.
  • Context APIs are now served by the CIAM gateway for improved performance and scalability.
  • Redis has been updated to the version 6.2.20 to address CVE-2025-49844.
  • The feature-flags service has been removed as it is not required for Server installations.
  • Deleting contexts double configuration now asks for the name of the context, see the changelog.
  • Branches now displayed in branch picker regardless of trigger settings, see the the changelog.
  • Workflow start time & duration are now copyable from CircleCI web app, see the changelog.

BUG FIXES

  • Fixed incorrect trigger event display for scheduled workflows. For more information, see the changelog.
  • Fixed an issue where pipelines showed errors when all workflows are filtered out. For more information, see the changelog.
  • Fixed branch filter dropdown functionality. For more information, see the changelog.
  • Fixed bug in scheduled pipelines trigger event column, see the changelog.
  • Fixed project count on “User homepage”, see the changelog.

NEW SERVICES

New services introduced with this release:

  • lock-job-provider - Provides job serialization capabilities for serial groups feature (includes internalapi and consumer components)
  • no-op-job-provider - Handles no-operation job types used by serial groups

SERVICE CHANGES

  • feature-flags - The feature flags service has been removed as it is not utilized by execution services in Server.

DATABASE MIGRATIONS

The following databases will run migrations when upgrading to this version:

  • authentication-service
  • insights-service
  • lock-job-provider
  • no-op-job-provider
  • oidc-tasks-service
  • permissions-service
  • runner-admin

KNOWN ISSUES

Using a custom signed certificate will result in an x509 error for Docker, Machinem, and Runner jobs. A fix will be provided shortly in the future.

To learn more about Server 4.9 installation, migration, or operations please review our documentation.

Server

Previous changes

OIDC tokens now include workflow-id and job-id claims    

Enhancement

Insights Snapshot Badge EOL Date Confirmed: January 12, 2026    

Deprecation