Changelog

December 2025

Wednesday, December 31, 2025
consolecliperformancesecretsself-hosting

December 2025

December was a stability and reliability month. We resolved a series of secret referencing edge cases across both Console and CLI, shipped a significant backend performance optimization, improved Docker images for self-hosted deployments, and fixed several bugs. Here's the recap.

Secret Referencing Fixes

We identified and fixed a series of edge cases in the secret referencing engine across both the Console and CLI:

  • Cross-environment references from within folders — Fixed an issue where references to secrets in other environments would fail to resolve when the referencing secret was inside a folder
  • Cross-app references without a defined environment — The CLI now correctly requires cross-app secret references to include an explicit environment, preventing ambiguous resolutions
  • Double-brace syntax detection — References using ${{VAR}} syntax (common in GitHub Actions templates) are now properly ignored by the Phase referencing engine instead of being treated as invalid Phase references
  • Inconsistent string matching — Fixed string matching issues in the CLI's secret referencing engine that could cause incorrect substitutions

These fixes affect both the Console reference resolution and the CLI's phase run / phase shell commands.

Available in Console v2.56.0, v2.56.1, and CLI v1.21.2.

Backend Performance — Dynamic Gunicorn Workers

The Phase backend now dynamically sets the number of gunicorn workers based on available CPU cores (cores × 2 + 1). Internal benchmarks showed approximately 25% faster response times for large secret fetches.

Additionally, SSE (Server-Sent Events) environment crypto computations have been optimized, reducing the computational overhead for real-time secret sync events.

Available in Console v2.56.0.

Production Docker Improvements

Several improvements to the Docker images for self-hosted deployments:

  • Frontend STOPSIGNAL — Added STOPSIGNAL to the frontend Dockerfile for cleaner and faster container shutdown behavior

These changes result in smaller, more reliable container images.

Available in Console v2.56.2.

Bulk User Invites

Admins can now invite multiple users to their organization more efficiently. The invite flow has been streamlined to support batch operations.

Other improvements and fixes

  • Fix role validation for invites — Fixed a mismatch between the frontend (allowing custom roles) and backend (hardcoded role whitelist) when creating member invites
  • Fix invite emails without sender name — The "Invited by" field now correctly falls back to the inviting user's email when their OAuth account has no display name
  • Fix WebAuth error handling — Enhanced error handling in the WebAuth component for malformed URLs
  • Fix AWS IAM external identities region — Fixed region configuration for AWS IAM external identity authentication
  • Fix email invite handler — Corrected the invite handler to properly fall back to user email addresses
  • CLI build improvements — Upgraded macOS builds to macos-15 runners and fixed ASCII art text escaping
  • Security patches — Updated Django to 4.2.27, urllib3 to 2.6.0, and other dependency updates

All features are live on Phase Cloud and available in the latest releases for self-hosted users.

As always, we'd love your feedback — come say hi on Slack or GitHub.

Request a feature

We build features based on community requests and feedback.
Looking for a specific feature or have a use-case in mind? Reach out to us!

CLOUD

The fastest and easiest way to get started with Phase. Spin up an app in seconds. Hosted in the 🇪🇺

SELF-HOSTED

Run Phase on your own infrastructure and maintain full control. Perfect for customers with strict compliance requirements.