RStudio Connect 1.6.10

  • BREAKING: HTTP.ForceSecure now sets the Strict-Transport-Security header on all web connections.
  • BREAKING: when Authorization.UsersListingMinRole is set to administrator, then only administrators will be able to manage app ACLs, group membership, email subscription, and list users.
  • NOTICE: A post-install data update to the historical records may require several minutes to complete. RStudio Connect will be unavailable during this process.
  • Troubleshooting proxied authentication is easier when ProxyAuth.Logging is enabled. It generates verbose logging with received HTTP headers and cookies.
  • It is now possible to fully manage users via the Connect Server API. For more details, see the Connect Server API Documentation
  • Content is now listed in order by recently deployed time.
  • A new setting RegisterOnFirstLogin, which, if set to false, can be used to prevent the creation of users upon their first login attempt. Default value is true. This setting is applicable for the following providers: PAM, Proxy, OAuth2, and LDAP. See the Admin Guide for more details.
  • Packrat has been updated for better package cache reuse across a variety of deployment sources. Existing deployments and already installed package versions are not affected.
  • Worker exit logging includes the name of the terminating signal.
  • The startup warning given when the server is licensed for TensorFlow Model API support but libtensorflow.so is not available has been simplified. See the Admin Guide for instructions to enable TensorFlow API support.
  • Content has an associated image that can be configured in the Info tab. The content image is only available in the Info tab. Future releases will include the image and description for content in additional views. Users who cannot view content will be unable to view the associated image.
  • The size limit for images associated with content is 10mb by default. This setting is configurable with Applications.MaxAppImageSize.
  • Added new logging to aid in the detection of instabilities involving at least one LDAP server in a multiple LDAP configuration. The following error messages indicate RStudio Connect may be unstable to some users due to LDAP failures:
    • Search results may be incomplete.
    • Access granted via groups may not work.
    • Not all group members could be retrieved.
  • The Shiny application usage API allows administrators and publishers to obtain information about who is visiting their applications and the length of their session. See the User Guide for details relating to publishers’ access to shiny application usage information. See the Admin Guide for more general details concerning the information captured and how it may be accessed. See the API documentation for more specific details on using the API.
  • An issue was identified and corrected regarding how RStudio Connect records visits to a Shiny application. Data recorded prior to the 1.6.10 release may contain extraneous records that will skew any analysis performed on the data. The data will correctly reflect which users used which applications but not necessarily the number of times or time spent. You may use the from filter on the new API to exclude the problematic data, if desired.

RStudio Connect 1.6.8.2

  • Corrected an issue where LDAP configurations using LDAP.UniqueIDAttribute or LDAP.GroupUniqueIdAttribute with any value other than the default of "DN" failed to start on new installations.

RStudio Connect 1.6.8.1

  • NOTICE: It is now possible to specify the minimum TLS version using the HTTPS.MinimumTLS configuration setting.

RStudio Connect 1.6.8

  • BREAKING: LDAP.WhitelistedLoginGroup has been removed from the configuration and replaced by LDAP.PermittedLoginGroup.
  • BREAKING: Applications.EnvironmentBlacklist has been removed from the configuration and replaced by Applications.ProhibitedEnvironment.
  • BREAKING: A non-blank Server.SenderEmail that is not a valid email address will now prevent RStudio Connect from starting.
  • NOTICE: Specific TLS ciphers may be prohibited using the HTTPS.ProhibitedCiphers configuration flag. Additionally, a list of enabled ciphers will print when the RStudio Connect node starts.
  • NOTICE: The LDAP authentication provider no longer relies exclusively on distinguished names (DN) for group identification. Existing installations should continue to work as previously. It is strongly recommended that administrators migrate their group identification attribute using the new setting LDAP.GroupUniqueIdAttribute, configured with a value suitable for the organization’s LDAP server. A warning will be logged if the setting is not present or if the default value of "DN" is used. In an upcoming release to be determined, the new setting will be required on startup. See the LDAP and Active Directory section in the Admin Guide for information about configuring the LDAP.GroupUniqueIdAttribute and migrating groups.
  • NOTICE: LDAP groups will become inaccessible to users or be duplicated in the uncommon case where a groups’s distinguished name (DN) changes. See the Command Line Interface (CLI) section for usermanager in the Admin Guide for instructions on how this condition can be detected and the affected groups repaired.
  • The title associated with content can be edited in the Info tab. NOTE: The RStudio IDE may not reflect changes to title at this time.
  • Content has an associated description that can be edited in the Info tab. Administrators can view this description even when not explicitly a viewer of the content itself.
  • It is now possible to create local users for password, PAM, and proxy providers via the Connect Server API. For more details, see the Connect Server API Documentation
  • It is now possible to update user information via the Connect Server API. For more details, see the Connect Server API Documentation
  • RStudio Connect may be configured to suppress the display of version and build numbers using the new Server.HideVersion setting.
  • R Markdown reports have access to metadata such as their subscription URL via environment variables. The list of available variables and more details are available in the User Guide
  • The usermanager list CLI will list the users’ or groups’ distinguished names (DN) if the configured authentication provider is LDAP.
  • The usermanager alter CLI also accepts --user-guid to identify a user with a blank username. GUIDs may be obtained with usermanager list.
  • The usermanager list and usermanager alter CLI now support --groups and other options to support managing groups and repairing access to LDAP groups in Connect.
  • R Markdown reports are allowed to produce output files nested beneath the rendering working directory. Subdirectories were previously prohibited.
  • The xhr-streaming SockJS transport has been disabled for the Microsoft Edge browser to fix an issue involving Shiny application unresponsiveness.

RStudio Connect 1.6.6.1

  • Fixed a regression introduced in the 1.6.0 release where some deployment errors were not recognized and reported by the RStudio IDE.

RStudio Connect 1.6.6

  • BREAKING: All URLs referring to users and groups now use GUIDs. Any bookmark to a user or a group needs to be updated. For the password authentication provider, user confirmation emails sent before upgrading will no longer work. Users needing to confirm their accounts should request a password reset.
  • BREAKING: usermanager alter --force flag has been renamed to --force-demoting.
  • NOTICE: The Applications.EnvironmentBlacklist configuration setting has been deprecated in favor of the Applications.ProhibitedEnvironment setting. Applications.EnvironmentBlacklist will be removed in the next release.
  • NOTICE: The LDAP.WhitelistedLoginGroup configuration setting has been deprecated in favor of the LDAP.PermittedLoginGroup. setting. LDAP.WhitelistedLoginGroup will be removed in the next release.
  • NOTICE: The LDAP authentication provider no longer relies exclusively on distinguished names (DN) for user identification. Existing installations should continue to work as previously. It is strongly recommended that administrators migrate their user identification attribute using the new setting LDAP.UniqueIdAttribute, configured with a value suitable for the organization’s LDAP server. A warning will be logged if the setting is not present or if the default value of "DN" is used. In an upcoming release to be determined, the new setting will be required on startup. See the LDAP and Active Directory section in the Admin Guide for information about configuring the LDAP.UniqueIdAttribute and migrating users.
  • NOTICE: LDAP users will become inaccessible or duplicated in the uncommon case where a user’s distinguished name (DN) changes. See the Command Line Interface (CLI) section for usermanager in the Admin Guide for instructions on how this condition can be detected and the affected users repaired.
  • It is now possible to list local users via the Connect Server API. For more details, see the Connect Server API Documentation and the Connect Server API Cookbook
  • It is now possible to prohibit certain user roles, such as “viewer”, from listing users other than themselves by using the new setting Authorization.UsersListingMinRole. Limited users still have access to the lists of collaborators and viewers on content they can view, as well as access to those users’ profiles.
  • The usermanager alter CLI now accepts --yes to skip confirmation making it easier to be used by scripts. This flag should be used with caution.
  • The usermanager alter CLI also accepts --user-id to identify a user with a blank username. IDs may be obtained with usermanager list.
  • The usermanager alter CLI now supports --lock and --unlock to manage a user’s locked state.
  • Connect now validates that its configured temporary directory can contain executable content. This helps to identify situations when /tmp or the alternative temporary directory is mounted with the noexec option. Customize Server.TempDir if the default temporary directory cannot be used for executable content. See the Admin Guide for more information about the temporary directory given to R processes.
  • External fonts in the UI are eliminated. The default font-family has been updated, with the exception of the Google OAuth login page.
  • Emailing and opening reports in solo view previously emailed or opened the most recent version of the report. Now, these tasks will email or open a historical report as well.
  • RStudio Connect may now be configured to restrict which types of content access controls are available to users and admins using the settings Applications.MostPermissiveAccessType and Applications.AdminMostPermissiveAccessType respectively. All access types, including “Anyone”, are permitted by default. See the Admin Guide for details and examples.
  • Information about user logins, RMD and static content usage and node up-time are now recorded to the instrumentation database. To learn more about the types of historical events that are logged, see the Admin Guide.
  • RStudio Connect may be configured to set the Secure flag on all cookies issued from its HTTP listener using the new HTTP.ForceSecure flag. This provides extra security when running RStudio Connect behind a HTTPS-terminating proxy.
  • Images and plots may now be embedded in custom HTML email. See the User Guide for details and examples.
  • TensorFlow support has been updated for TensorFlow 1.9. Please update libtensorflow.so to the latest version for full functionality.

RStudio Connect 1.6.4.2

  • SECURITY: An important security issue was fixed. Customers should update at their earliest convenience.

RStudio Connect 1.6.4.1

  • NOTICE: When using the PostgreSQL database provider, RStudio Connect would intermittently cause an error page to appear when user sessions expired. This should no longer occur.

RStudio Connect 1.6.4

  • BREAKING: Pandoc 2 is used with rmarkdown versions 1.9 or higher. Pandoc 1 is still used for older rmarkdown. The pandoc and pandoc-citeproc commands in the PATH correspond to these versions. Content that does not use rmarkdown will have the newer pandoc available.
  • BREAKING: RStudio Connect now renders documents in a temporary directory containing the report source. Processes concurrently rendering the same source no longer risk simultaneously writing to the same on-disk location. R Markdown documents can no longer assume that files written during a render will be present the next time the report executes.
  • Support for Ubuntu 18.04.
  • The systemctl reload command is supported by the RStudio Connect systemd service definition (Red Hat/CentOS 7, SUSE 12, Ubuntu 16.04, and Ubuntu 18.04).
  • The RStudio Connect Ubuntu installers now depend on mime-support. The Red Hat Enterprise Linux/CentOS/SUSE Linux Enterprise depend on the /etc/mime.types file (satisfied by either the mailcap or aaa_base packages).
  • Primary documents no longer trigger a download on each visit if they cannot be displayed by browsers. RStudio Connect identifies that the client browser is unable to show the file and shows a download page. This change makes it easier to publish and manage R Markdown documents which produce output files that are not browser-friendly, such as Word documents or PowerPoint presentations.
  • R Markdown reports can customize the body of the message when emailed. The body can be text or HTML. Set the body in code by using the rmarkdown::output_metadata$set function to give a value to rsc_email_body_text or rsc_email_body_html. Set a default value for rsc_email_body_text or rsc_email_body_html in the rmd_output_metadata section of the YAML header. See the User Guide for more information. Requires rmarkdown version 1.8.6 or newer.
  • Log downloads include the full process output and are not size-limited. The RStudio Connect dashboard continues to show only the most recent log output from a process.
  • Administrators can filter the users list by multiple account statuses. Non-administrators cannot filter by account status.
  • The users list displays the last day each user was active.
  • When using password authentication ‘unconfirmed’ status is displayed in the users list and the user’s profile.
  • R installation scanning now reads through symbolic links beneath the /opt/R and /opt/local/R directories. More information is available in the Admin Guide
  • Information about a user visiting and leaving a Shiny app is now recorded in the database. The information recorded is not currently exposed in either the dashboard or an API; this will be addressed in an upcoming release. See the Admin Guide for more information.
  • The RStudio Connect Dashboard now includes interactive labels for tag filters in the content listing view.

RStudio Connect 1.6.2

  • SECURITY: The X-Frame-Options HTTP header again defaults to DENY for all Connect resources that are not user content. RStudio Connect version 1.4.2 incorrectly removed the header from some responses.
  • NOTICE: The configuration setting DiscoveryEndpoint for [OAuth2] has been deprecated and it should be removed from the configuration file. A warning will be issued during startup in the rstudio-connect.log if the setting is present. In upcoming releases the presence of this setting may prevent RStudio Connect from starting up.
  • BUGFIX: The startup check for a valid Applications.Supervisor now allows supervisors that create output.
  • The content list in the RStudio Connect Dashboard now retains filter selections when the user navigates to another part of the dashboard and returns. Filters can only be cleared using the “Reset all filters” link.
  • Environment variables set during PAM session creation will now be injected into the sandboxed R environment. This should simplify locating a Kerberos ticket when the PAM service creating the ticket forwards the ticket filename as an environment variable.
  • TensorFlow support has been updated for TensorFlow 1.8. Please update libtensorflow.so to the latest version for full functionality.
  • R Markdown reports have access to the default subject through the RSC_EMAIL_SUBJECT environment variable. A report’s R code chunks can add context to your email subject while still preserving that default, published report name. See the User Guide for more information. Requires rmarkdown version 1.8.6 or newer.
  • R Markdown reports can indicate that the generated report should not be attached to email messages. Use the rmarkdown::output_metadata$set function to give a logical (Boolean) value to rsc_email_suppress_report_attachment. Set a default value for rsc_email_suppress_report_attachment in the rmd_output_metadata section of the R Markdown YAML header. See the User Guide for more information. Requires rmarkdown version 1.8.6 or newer.
  • R Markdown reports can indicate that email should not be sent after a scheduled rendering. Use the rmarkdown::output_metadata$set function to give a logical (Boolean) value to rsc_email_suppress_scheduled. Set a default value for rsc_email_suppress_scheduled in the rmd_output_metadata section of the R Markdown YAML header. See the User Guide for more information. Requires rmarkdown version 1.8.6 or newer.
  • Public API documentation (accessible via the Connect Server API Reference link on the Documentation tab of the Connect dashboard) is now provided in Swagger and HTML forms only; support for API Blueprint has been removed. The Swagger document is available in JSON and YAML formats. This brings numerous content enhancements to the HTML page. See the Connect Server API Reference
  • Audit Logs are now accessible via the Connect Server API. For more details, see the Connect Server API Documentation and the Connect Server API Cookbook
  • Administrators can filter the users list to see locked and inactive users as well as licensed accounts. Non-administrators cannot filter by account status.
  • Users are now represented by a monogram icon and no longer use Gravatar.
  • The new configuration setting Authentication.Notice may be used to display a message to the user at the login page, the user information completion page, and the user registration page.
  • Additional validation to ensure that Server.Address is a well-formed URL with protocol and host. URLs like http://connect.company.com:3939/ and https://proxy.company.com/connect/ are accepted.
  • The R_LIBS environment variable is configured for R processes running deployed content. The R_LIBS environment variable helps child R processes use the R package library associated with that content.

RStudio Connect 1.6.0

  • BREAKING: RStudio Connect no longer supports Internet Explorer 10.
  • BREAKING: RStudio Connect no longer supports Ubuntu 12.04.
  • SUSE Enterprise Linux 12 SP3+ Support (previously Beta).
  • TensorFlow Model API deployment support (previously Beta).
  • TensorFlow support has been updated for TensorFlow 1.7. Please update libtensorflow.so to the latest version for full functionality.
  • Beta public support for the Connect Server API. Current functionality includes querying available R versions.
  • The categorization of content can not change after initial deployment. A single-file static content deployment cannot become a site. A plot cannot become a static report. Content with different characteristics must be deployed to a separate location.
  • A report without parameters cannot be converted into a parameterized report after initial deployment. The parameterized version must be deployed as a separate piece of content.
  • The default value for the Server.CompilationConcurrency setting is derived from the number of available CPUs with the formula max(1, min(8, (cpus-1)/2)). This property controls the number of concurrent C/C++ compilations during R package installation. This change makes it less likely for package installs to encounter memory capacity issues on lightweight hosts while allowing more concurrency on high-capacity servers. The Admin Guide contains more information about package management.
  • The user list can be filtered by role and locked status.
  • The Admin Metrics page includes graphs for active logins and active Shiny users.
  • The Scheduler.MaxProcessesLimit setting specifies highest value allowed for the per-application MaxProcesses setting. The default value is 20, meaning an application cannot be configured with a MaxProcesses setting greater than 20. Applications without a custom MaxProcesses setting still default to using Scheduler.MaxProcesses (with a default of 3).
  • The default value for Scheduler.MinProcessesLimit has been reduced from 20 to 10. This setting specifies the highest value permitted for the per-application MinProcesses setting.
  • The list of currently installed R versions is now shown to administrators and publishers at the bottom of the left navigation bar.
  • Forward X-Forwarded-For HTTP header into Shiny sessions so that the header can be accessed on the Shiny session via session$request[["HTTP_X_FORWARDED_FOR"]].
  • Login links are now hidden in 404 errors and in the Welcome page when proxied authentication is used.
  • LDAP DNs can now be altered by the usermanager CLI.
  • R Markdown reports can specify output files that will be available via HTTP. Set a list of output file names in code by using the rmarkdown::output_metadata$set function to give a value to rsc_output_files. Set a default value for rsc_output_files in the rmd_output_metadata section of the YAML header. See the User Guide for more information. Requires rmarkdown version 1.8.6 or newer.
  • R Markdown reports can specify files that should be attached to emailed reports. Email-attachment files will also be available via HTTP, because they are also output files. Configuration is similar to rsc_output_files, except the name is rsc_email_attachments. See the User Guide for more information. Requires rmarkdown version 1.8.6 or newer.
  • The Applications.RunAs setting is now verified to exist and have execution permissions during server startup. If the verification fails, the server will not start.
  • The Applications.Supervisor setting, if specified, is now verified during server startup. If the verification fails, the server will not start.

RStudio Connect 1.5.14

  • BREAKING: Applications.ConnectionTimeout and Applications.ReadTimeout have been removed from the configuration. They have been replaced with Scheduler.ConnectionTimeout and Scheduler.ReadTimeout respectively.
  • Beta support for deploying RStudio Connect on SuSE Linux Enterprise Server version 12sp3 and higher.
  • KNOWN ISSUE: On SuSE, the license-manager prints warnings stating libcrypto.so.10 has no version information available.
  • Beta support for hosting TensorFlow Model APIs. Hosting of TensorFlow Model APIs is available on Standard and Enterprise licenses. See the Admin Guide for more information. If you believe there has been a mistake for your license, please contact RStudio Support (support@rstudio.com).
  • Plumber API support (previously in Beta).
  • The license expiration warning shown to publishers and administrators in the dashboard can be turned off. When Licensing.ExpirationUIWarning is disabled, expiration messages are not shown.
  • Environment variables for executable content can be configured in the RStudio Connect Dashboard. Values assigned to environment variables are available from within your R code using the Sys.getenv function. Environment variables are a good way to specify configuration that you do not wish to embed in your code. For example, you may use them to supply keys to HTTP APIs, database credentials, or other kinds of sensitive data.
  • R Markdown reports can control the subject line when emailed. Set the subject in code by using the rmarkdown::output_metadata$set function to give a value to rsc_email_subject. Set a default value for rsc_email_subject in the rmd_output_metadata section of the YAML header. See the User Guide for more information. Requires rmarkdown version 1.8.6 or newer.
  • The -unstable flag has been removed from the migrate utility’s rebuild-packrat command
  • KNOWN ISSUE: The migrate rebuild-packrat -force command causes scheduled reports to send failure email if they execute while the migration is running.

RStudio Connect 1.5.12.1

  • NOTICE: The license-manager installed with the RStudio Connect 1.5.12 release recorded licensing information incorrectly. This issue only affects installations where the initial activation of a license was performed using the 1.5.12 version of the license-manager. You are unaffected if you had a previous release and upgraded to 1.5.12.

    You can determine if you are affected by this issue by running the following command as a non-elevated user (not as root):

    /opt/rstudio-connect/bin/license-manager verify

    If this command fails to show your licensing details, you are experiencing this issue. Please contact RStudio Support (support@rstudio.com) for help with your license activation.

RStudio Connect 1.5.12

  • BREAKING: RequireExternalUsernames and AdminEditableUsernames have been removed from the configuration. Please remove these (if set) from your configuration file.
  • BREAKING: The Applications.ConnectionTimeout configuration setting has been deprecated in favor of the Scheduler.ConnectionTimeout setting. Applications.ConnectionTimeout will be removed in the next release.
  • BREAKING: The Applications.ReadTimeout configuration setting has been deprecated in favor of the Scheduler.ReadTimeout setting. Applications.ReadTimeout will be removed in the next release.
  • NOTICE: Multi-host clustered installations MUST fully shut-down running instances of RStudio Connect before attempting to perform an upgrade. Update one host at a time.
  • NOTICE: We recommend backing-up your RStudio Connect data prior to performing any update.
  • KNOWN ISSUE: With Web Sudo Mode enabled, a user who fails to complete their account information in the provided WebSudoModeDuration will be redirected to the login page, and sent back to the user completion page with none of their previous work saved. Thus, a Web Sudo duration below 1 minute could be frustrating for new users. This is planned to be fixed in the next release.
  • KNOWN ISSUE: In LDAP Authentication mode, a user without an email address in their LDAP record will be presented a user completion page and asked to enter their email address, which will be subsequently rejected with an error indicating that their email address is managed by the authentication provider. This may cause some minor confusion among users.
  • The directory hierarchy containing rendered outputs has been restructured. Directories of the form {Server.DataDir}/reports/APP_ID.VARIANT_ID are now of the form {Server.DataDir}/reports/v2/APP_ID/VARIANT_ID/RENDERING_ID. This directory change is internal to how RStudio Connect manages rendered documents. All content continues to be available and accessible. The directory hierarchy transformation occurs when RStudio Connect starts.
  • RStudio Connect retains previous R Markdown document renderings after new ones are produced. This means that yesterday’s version of a nightly report is still available. Renderings are kept until they are older than the configured Applications.RenderingSweepAge or the associated report has more than Applications.RenderingSweepLimit renderings. Renderings are swept at regular intervals according to Applications.RenderingSweepFrequency. The active rendering is always retained.
  • Users can view previous R Markdown document renderings in the RStudio Connect dashboard. The “History” menu item lists the available renderings associated with a report. Selecting one of those renderings shows the document at that point-in-time. History is also available for Parameterized reports. Each parameterized output has its own associated rendering history. Historical renderings are subject to the same access control rules as the active document rendering.
  • Users can view previous versions of deployed static content (documents published without source, plots, and HTML) in the RStudio Connect dashboard. The “History” menu lists the deployments for that content. Selecting a deployment shows the content at that point-in-time. This older content can be activated via the “Source Versions” menu. Historical content is subject to the same access control rules as current content.
  • A new configuration option has been added to password authentication provider. This configuration, UserInfoEditableBy, sets the permissions of who is able to edit the user attributes for a given user. See configuration documentation for more info.
  • Links between documents in a multi-document Shiny R Markdown deployment no longer bind the linked target document to the same process as the linking document. If your Shiny R Markdown documents rely on shared in-process state, disable the Applications.ShinyIsolation setting.
  • The usermanager cli now allows you to manage more user attributes other than user role.
  • The RStudio Connect dashboard shows a notification to administrators and publishers as license expiration nears.
  • The RStudio Connect dashboard permits customization of idle, init, connection, and read timeouts. These settings override the corresponding application settings from the Scheduler configuration section.
  • SECURITY: Added support for Web Sudo Mode, which is enabled by default in the Password, PAM, and LDAP authentication providers. After a configurable WebSudoModeDuration, a user will be asked to re-enter their password when attempting to undertake sensitive actions: Altering users, altering their API keys, and creating/claiming tokens (pairing with the IDE). This limits the destructive capabilities of an attacker who obtains access to a user’s active web session; for example: by discovering unsecured hardware where a user has logged in and left the device unattended.

RStudio Connect 1.5.10

  • BREAKING: Shiny R Markdown documents are executed with a cleaner R environment. RStudio Connect 1.5.8 and earlier define variables in the environment used to execute Shiny R Markdown documents. Together with rmarkdown version 1.7, this could cause the definitions of some functions to be incorrectly masked (such as dplyr::filter). Users of these RStudio Connect versions should use rmarkdown versions prior to 1.7, as earlier rmarkdown versions did not expose its calling environment. The change to how rmarkdown prepares its environment was tracked by Issue #1124
  • BREAKING: Enabling both Authorization.AdminEditableUsernames and the provider-specific RequireExternalUsernames flag is an invalid configuration and will cause RStudio Connect to fail to start. Authorization.AdminEditableUsernames is now disabled by default.
  • Due to a change in the way RStudio Connect tracks web sessions, users will be required to log in again after upgrading RStudio Connect because their sessions will be invalidated. Connections to RStudio Desktop, RStudio Server, and RStudio Server Pro are unaffected.
  • The /tmp and /var/tmp directories are no longer fully masked during R execution. Processes each use a distinct temporary directory that is available via the TMPDIR environment variable. Applications requiring a temporary file or directory are encouraged to utilize this environment variable or the R functions tempdir and tempfile. See the Admin Guide to learn more about the R execution environment.
  • Connect can be made to use an alternative temporary directory by setting Server.TempDir. A common reason to set this flag is when /tmp or equivalent is mounted with the noexec option. The default value for this setting is to use the directory specified by the TMPDIR environment variable, falling back to /tmp. See the Admin Guide for more information about the temporary directory given to R processes.
  • BREAKING: There was an issue where the RStudio IDE could fail to deploy to an RStudio Connect server behind an authenticated proxy (Authentication.Provider configured as proxy). Users deploying to this server configuration must update to use at least version 0.8.7 of the rsconnect package. Server administrators should ensure that the authentication proxy is configured according to the rules laid forth in the Admin Guide.
  • Proxied authentication supports anonymous access by treating requests with no authentication information as an anonymous user. Also reject any request that contains both X-Auth-Token and X-Auth-Username which might indicate a malicious/forged request.
  • Improved scheduled report processing. If Connect or its server is halted while a report is running, work is re-attempted once Connect is restarted or on another Connect node (in a cluster).
  • Configuration error messages include the section and field name which fails to process.
  • Fixed issues where links in some Shiny applications and Shiny R Markdown documents were broken or caused application load issues.
  • The SQLite database provider now periodically snapshots the database while running. By default, 3 backups are retained and a new backup is taken every 24 hours. To disable this, change the SQLite.Backup configuration option to false.
  • BUGFIX: Do not permit partial database initialization. The RStudio Connect database could be incompletely initialized if the server was stopped immediately after installation (as is common in some provisioning environments).
  • Improved error logging for OAuth and configuration file issues.
  • BUGFIX: Don’t display the Sign Up link if Password.SelfRegistration is false.
  • BUGFIX: Properly capture the standard output and standard error for R processes that emit very long lines (longer than 64k characters).

RStudio Connect 1.5.8

  • BREAKING: The format of the RStudio Connect package file names have changed. Debian package file names have the form rstudio-connect_1.2.3-7_amd64.deb. RPM package file names have the form rstudio-connect-1.2.3-7.x86_64.rpm. In addition, the RPM meta-data will have a “version” of “1.2.3” and a “release” of “7” for this file name. Previously, the RPM would have had a “version” of “1.2.3-7”.
  • Enabled support for Shiny reconnects. Users of shiny applications are less likely to be interrupted during brief network hiccups. The Client.ReconnectTimeout property specifies how long that session is maintained when there is connectivity trouble. The default setting is 15s. See this article to learn more about reconnecting to Shiny applications. Disable this feature by giving the Client.ReconnectTimeout property a value of 0.
  • The browseURL R function is disabled when executing deployed content. Use techniques like the Shiny shiny::tags$a function to expose links to application visitors.
  • The LDAP.UserFilterBase and LDAP.GroupFilterBase settings allow more flexibility when searching for user and group objects in complicated LDAP hierarchies. They default to the LDAP filter clauses objectClass={UserObjectClass} and objectClass={GroupObjectClass}, respectively.

    If users are identified by two separate objectClass values, you might use the configuration:

    [LDAP]
    UserFilterBase = &(objectClass=user)(objectClass=statistician)

    You can disqualify an objectClass value with the configuration:

    [LDAP]
    UserFilterBase = &(objectClass=user)(!(objectClass=computer))
  • The OAuth2.ClientSecret and OAuth2.ClientSecretFile properties are now mutually exclusive. It is an error if both are configured.
  • LDAP configuration’s BindDN password can now be stored in an external file using the new BindPasswordFile field. The file specified in that field can be given more restricted permissions (e.g., 0600 on Unix) for added security.
  • Previously, usernames could not be edited when using the LDAP authentication provider by default or if the Authentication.RequireExternalUsernames flag was set to true. Now, user email, first name, and last name are also not editable for this configuration.
  • KNOWN ISSUE: Using the LDAP authentication provider, with Authentication.RequireExternalUsernames set to false, a user will not be able to create an account if the authentication provider has no entry for the user’s LDAP.UsernameAttribute field.
  • Connect administrators now receive email as license expiration nears. Email is sent when the license is sixty days from expiring. Disable this behavior through the Licensing.Expiration setting.
  • Resolved a bug in the version of the rebuild-packrat command-line tool that was released in v1.5.6. Previously, the migration utility would render static content inaccessible. This release fixes this behavior and adds support for running this CLI tool while the RStudio Connect server is online. However, due to the discovery of new defects, the utility is disabled by default and is not recommended for production use until further notice. Those wishing to attempt to use the utility anyway should do so on a staging server that can be safely lost, and all content should be thoroughly tested after it has completed. See the Admin Guide for more details.
  • Faster LDAP group membership lookups by requiring fewer connections to the LDAP server.
  • Fixed an issue with account confirmations and password resets for servers using non-UTC time zones.
  • Updated Packrat to handle old Packrat caches better. This should improve functionality for early users of RStudio Connect.
  • LDAP now updates user email, first name, and last name every time a user logs in.
  • BREAKING: Changed the default value for PAM.AuthenticatedSessionService to su. Previously, on some distributions of Linux, setting PAM.ForwardPassword to true could present PAM errors to users when running applications as the current user if the AuthenticatedSessionService was not configured. System administrators who had previously edited the rstudio-connect PAM service for use in ForwardPassword mode should update the PAM.AuthenticatedSessionService configuration option. See the Admin Guide

RStudio Connect 1.5.6.2

  • Additional improvements to SMTP mail sending.
  • Disabled the migration utility by default due to its failure to successfully migrate static content. The utility may be run at the user’s own risk with a documented command line flag. A fix will be released with a subsequent release.

RStudio Connect 1.5.6.1

  • Fix an issue when performing the “LOGIN” SMTP authentication mechanism.

RStudio Connect 1.5.6

  • BREAKING: Running content as the current user is now disabled for content other than Shiny Applications or Shiny R Markdown Documents. Reports will execute as the application RunAs, falling back to the system Applications.RunAs if none is specified.
  • Content deployment no longer requires explicit publishing. New content is available immediately after it is deployed and visible only to the owner. Enable the Applications.ExplicitPublishing setting to revert this behavior.
  • Support for running R in authenticated PAM sessions that use the cached credentials of the current user. This can be used to expose resources requiring Kerberos authentication to running R processes securely and seamlessly. See the Admin Guide
  • Heterogeneous server migrations are now supported, allowing administrators to upgrade their distribution or change to a different (supported) Linux distribution. See the Admin Guide for more details.
  • Admins are now able to toggle the content filtering settings to enumerate all content on the server so that they can manage settings, regardless of whether or not they have visibility into that content. The permissions here are unchanged; the admin will not be able to view the content itself without adding themselves as a viewer or collaborator of the content, which is an audited action.
  • In highly available deployments, runtime settings of content now propagates to all nodes in the cluster, ensuring that applications are run with the appropriate configuration. The only remaining exception is if you change which Unix account runs the content, that change will still not cause all nodes in the cluster to terminate their existing processes which may be running as a now-outdated user.
  • The migrate CLI now supports rebuilding the Packrat cache for all deployed content and manually checking the permissions of the working directories of all content. See the Admin Guide for more details.
  • Shiny error sanitization is enabled by default. Disable the Applications.ShinyErrorSanitization setting to revert this behavior. See this article for more information about Shiny error sanitization.
  • Improved LDAP group lookup performance on large LDAP servers that don’t support memberof. Additionally, improved LDAP logging and error handling.
  • The LDAP.WhitelistedLoginGroup property is now documented and is no longer case-sensitive.
  • User creation is now consistently audited across all authentication providers.
  • Check content working directories for permission errors on server startup.
  • On a failed attempt to deploy content, the browser will now immediately show the logs tab of the content.
  • SECURITY: Duplicate proxy authentication headers are now rejected with a generic authentication failure. Administrators have always been advised to configure their proxy to delete existing auth headers from incoming requests, and should continue to do so. See the Admin Guide for more details.
  • SECURITY: Increased the strictness of URL redirects, ensuring that only valid Connect URLs are eligible targets of a redirect.
  • SECURITY: Added support for a challenge-response (CAPTCHA) to help mitigate brute-force attacks on users’ passwords. Set [Authentication].ChallengeResponseEnabled to true to enable this feature.
  • The subject prefix for all outgoing emails is now configurable using the [Server].EmailSubjectPrefix setting. The default is still [RStudio Connect].
  • Known Issue: Ubuntu Trusty (14.04): systemd-logind was mistakenly identifying R processes as lost children of a closed login session and terminating them, yielding error code 129. The admin guide has been updated with a workaround. See the Admin Guide for more details.
  • Relaxed email validation at signup to support more TLDs.

RStudio Connect 1.5.4

  • Each user can now create and manage personal API keys. These keys allow users to make authenticated requests to the server programmatically. For instance, users could leverage an API key to send requests to an authenticated Plumber API.
  • Experimental support for Shiny reconnects. Turn this feature on by configuring Client.ReconnectTimeout. Reconnects allow clients that get disconnected from their Shiny session to reconnect to an existing Shiny session. This ensures that Shiny users aren’t interrupted if there’s a network hiccup.
  • Experimental support for a multi-node, highly available, load-balanced RStudio Connect deployment. This new feature is experimental and does have the following known bugs:
    1. If you delete an application or variant, all running instances of that application will continue to run until they stop on their own (either the process completes or it’s been idle for a long enough period of time)
    2. If you change who runs this application on the server while an application is running, the current processes may continue to run as the previous user, while new processes will start with the intended user. Because of this, it is possible to see a mixture of R processes running as different users for the same application. Processes started using the previously configured user may remain running until Connect is restarted.
    3. Application runtime settings such as max processes, min processes, connection per process, load factor, and idle timeout may not take immediate effect across all nodes. New processes will use the updated settings. Existing processes will eventually see the changes; this is dependent on the amount of traffic targeted to that content. This will be especially noticeable when an application has a non-zero minimum number of processes.
  • Authentication sessions used by Connect are more secure. This change requires all users to re-authenticate the first time they visit an upgraded server running this version.
  • Session inactivity can optionally invalidate a login session. See the Authentication.Inactivity setting for more details.
  • Support external R packages. This allows you to install an R package in the global system library and have deployed content use that package rather than trying to rebuild the package itself. This can be used as a workaround for packages that can’t be installed correctly using Packrat, but should be viewed as a last resort, since this practice decreases the reproducibility and isolation of your content. See the Admin Guide for more details.
  • Display a warning to users when an RStudio Connect server is not using HTTPS. This behavior can be disabled using the HTTP.NoWarning setting.
  • Upgraded to a new version of our license managing software which should minimize issues with licensing and also report errors more clearly.
  • Added experimental support for floating licenses which can be used to support transient servers that might be running in a Docker or virtualized environment. Please contact RStudio Support (support@rstudio.com) if you’re interested in helping test this feature.
  • Connect now kills all of its child processes when the server is stopped or restarted. Document rendering processes will no longer continue running in the background.
  • Added caching for LDAP group queries. This will make it much faster for users who inherit access to content by group membership to access content.
  • When searching for a user, we now perform a search for the whole query rather than just searching for the individual words in the query. This will improve search performance in environments which use multi-word user properties.
  • Make a “best-effort” attempt at supporting HTTP proxies that do not provide the X-RSC-Request HTTP header which was previously required. See the Admin Guide for more details.
  • Delete any incoming Authorization HTTP header before proxying the request to a Shiny application or Plumber API. This avoids leaking sensitive headers to applications.
  • Administrators are no longer permitted to upload or deploy bundles unless they are either an owner or collaborator for the content they’re publishing to.
  • Automatically display the Swagger UI for Plumber APIs that don’t define their own GET handler for /.
  • Support caching of PAM passwords to inject into PAM sessions to facilitate environments like Kerberos that require injecting passwords. See the Admin Guide for more details.
  • Provide ways of injecting http_proxy and https_proxy information into R processes. By default, if these are visible as environment variables to the main Connect process, they’ll also be set for each child R process. See the Admin Guide for additional information.
  • RStudio Connect detects when the version of R has changed and communicates the need to restart the server.
  • If a user is abruptly logged out while active on the dashboard, they’ll now be forwarded to the login page.
  • Prompt users for their existing password when they go to change passwords.
  • Improved the presentation of graphs on the Admin’s Metrics page.
  • Formalize that versions of R version 3.1.0 and above are supported.
  • Upgrade Pandoc to version 1.19.2.1

RStudio Connect 1.5.2

  • BREAKING: Any private variants configured to send email to users other than the owner of the variant will no longer receive those emails.
  • BREAKING: The LDAP, PAM, and Proxy authentication providers now require by default that a valid username is received from the provider. If a valid username is not received from the provider, an error will be thrown. If you wish to revert to the less restrictive behavior where the user is prompted for a valid username, please use the RequireExternalUsernames = false configuration setting for your auth provider.
  • PostgreSQL support (previously in Beta).
  • Beta support for hosting Plumber APIs. Hosting of Plumber APIs is available on Standard and Enterprise licenses. See the Admin Guide for more information. If you believe there has been a mistake for your license, please contact RStudio Support (support@rstudio.com).
  • Relaxed the username requirements for the LDAP, PAM, and Proxy authentication providers. These providers now accept any username, excepting a list of prohibited usernames. See the Admin Guide for details.
  • Added basic content search.
  • SECURITY: LDAP authentication forbids empty passwords.
  • Made authentication cookies used by Connect more secure which will require all users to re-authenticate the first time they visit this version.
  • Upgraded the licensing system to offer better stability in a wider variety of environments.
  • Allow users to run the usermanager command while the Connect server is still online if using a PostgreSQL database.
  • Populate the session$groups field in a Shiny application when using built-in password authentication.
  • BUGFIX: Shiny applications now properly rebuild when they encounter an unexpected version of R at runtime.
  • Redesigned admin metrics to load much more quickly and consume fewer resources while open.
  • Redesigned some pages including login, registration, password reset, admin settings, user management, and group management pages.
  • BUGFIX: Increase the number of allowed open file handles for Connect and its subprocesses when using systemd.
  • The Authorization.DefaultUserRole setting can no longer be configured as “administrator”.
  • The Applications.RunAs setting can no longer be configured as “root”.
  • Introduce Server.MinRsconnectVersion and Server.MaxRsconnectVersion to enable administrators to control which versions of the rsconnect client should be able to use the server.
  • Added a healthcheck endpoint. See the Admin Guide for more details.
  • Added experimental support for running Highly Available (HA) configurations. Please contact RStudio Support (support@rstudio.com) if you are interested in helping to test this feature.

RStudio Connect 1.5.0

  • Introduced tags as a mechanism for organizing and filtering for content. Administrators will be able to define a tag schema by visiting the “Admin” section then clicking the “Tags” page. More details here.
  • Overhauled the default landing page.
  • Added support for custom landing pages which enable organizations to provide a custom HTML page that will be visible at the root URL to logged out users. See full details here.
  • SECURITY: Fixed an issue where accounts could be created with a role that conflicted with Authorization.DefaultUserRole.
  • SECURITY: Fixed an issue where unprivileged users were permitted to edit other user information.
  • SECURITY: Added protections against Cross-Site Request Forgery (CSRF/XSRF). All users will need to login again on their next visit.
  • BUGFIX: Systems using the systemd init system should no longer see the R processes associated with Shiny applications outlive the Connect process.
  • Authentication.Lifetime now enables customized session durations. The default continues to be 30 days from the time of login.
  • Optionally prevent self-registration when using password authentication. The setting Password.SelfRegistration specifies if self-registration is permitted. Administrators must create all user accounts when this setting is disabled.
  • Renamed the “Performance” tab on Shiny applications to “Runtime.”
  • Allow user and group names to contain periods.
  • Added support for the config package. More details available here.
  • Further improve database performance in high-traffic environments.
  • Formally documented the configuration options that support reloading via HUP. A setting will now mention Reloadable: true in its documentation if it supports reloading.
  • Added experimental support for using PostgreSQL instead of SQLite as Connect’s database. If you’re interested in helping test this feature, please contact RStudio Support (support@rstudio.com).

RStudio Connect 1.4.6

  • BREAKING: Changed the default for Authorization.DefaultUserRole from publisher to viewer. New users will have a viewer account instead of a publisher account until promoted. The user roles documentation explains the differences. To restore the previous behavior, set DefaultUserRole = publisher.
  • On-disk Shiny bookmark state is supported and enabled by default. Use the Applications.ShinyBookmarking setting to disable this feature. Configuring Shiny applications to use server bookmarking is described in this article.
  • BUGFIX: Restored functionality of the Applications.ViewerOnDemandReports and Applications.ViewerCustomizedReports which were both inadvertently broken in the previous release.
  • Begin storing R jobs in the database. This makes server startup and other operations that involve listing R jobs notably faster. This migration will run when you update to 1.4.6 and may take a few minutes to complete if you have a very busy server that has run a lot of R jobs.
  • Package installs are permitted to limit the number of concurrent compilation processes. This is controlled with the Server.CompilationConcurrency setting and passed as the value to the make flag -jNUM. The default is to permit four concurrent processes. Decrease this setting in low memory environments.
  • The /etc/rstudio-connect/rstudio-connect.gcfg file is installed with more restrictive permissions.
  • Log file downloads include a more descriptive file name by default. Previously, we used the naming convention <jobId>.log, which resulted in file names like GBFCaiPE6tegbrEM.log. Now, we use the naming convention rstudio-connect.<appId>.<reportId>.<bundleId>.<jobType>.<jobId>.log, which results in file names like rstudio-connect.34.259.15.packrat_restore.GBFCaiPE6tegbrEM.log.
  • Bundle the admin guide and user guide in the product. You can access both from the Documentation tab.
  • Implemented improved, pop-out filtering panel when filtering content, which offers a better experience on small/mobile screens.
  • Improvements to the parameterized report pane when the viewer does not have the authority to render custom versions of the document.
  • Improve database performance in high-traffic environments.
  • KNOWN ISSUE: Systems using the systemd init system may see R processes continue running when RStudio Connect is stopped. This allows Connect to support long-running document rendering. Shiny processes are incorrectly allowed to continue running as well. These leftover Shiny processes are forcibly terminated when Connect restarts.

RStudio Connect 1.4.4.1

  • SECURITY: fixed a vulnerability in the token authentication system that allowed for the creation of invalid tokens. See this article for more details.

RStudio Connect 1.4.4

  • Introduced a “Source Versions” view for deployed content that allows collaborators on content to list all of the versions of that content that they have published. Collaborators may also activate other versions of the content, delete old versions, or view the activation logs associated with a particular version. See the Admin Guide for more details.
  • Allow automatic removal of older application bundles. The setting Applications.BundleRetentionLimit specifies the minimum number of bundles retained per application. This setting defaults to 0; bundles are not automatically removed. A non-zero value indicates the number of inactive bundles to preserve. The oldest bundles are removed first. Active bundles are always preserved.
  • Limit the concurrency of scheduled reports. This is configured with the Applications.ScheduleConcurrency setting. By default, two scheduled reports are permitted to execute at the same time. Some tasks may be slightly delayed when there are multiple long-running reports already in flight. Increase this limit if your hardware can support more concurrent report execution. Using too high a value could affect the resources available for interactive processes, including Shiny applications.
  • Notify users if they’re taking an action that would cause them to lose unsaved information while customizing a parameterized R Markdown report.
  • The report-emailing dialog is simpler and more informative.
  • Added a “Print” menu option for more easily printing content from within the dashboard.
  • A viewer-only account (not a publisher) that is a member of a group selected as a collaborator for an application is now properly downgraded to a viewer for that application. Previously, they were denied access to the application.
  • When a collaborator for an application is downgraded to a viewer-only user account, their application access is properly downgraded. Previously, they were denied access to the application.
  • Better cleanup on disk when applications are deleted.
  • Improved the “too many users” LDAP error handling.
  • Documented user permissions in the Admin Guide

RStudio Connect 1.4.2

  • Overhaul of the parameterized report interface. You can now manage the parameters in the sidebar and quickly iterate through different versions of your report.
  • Added the notion of “personal” report versions for parameterized reports. You can now create a private version of a parameterized report that is only visible to you. This report can still be scheduled and emailed.
  • Users can now filter content to include only items that they can edit or items they can view.
  • Content is set to private (“Just Me”) by default. Users can change the visibility of their content before publishing as before.
  • Show progress indicator when updating a report.
  • Only count a user against the license when that user logs in.
  • The Applications.RunAsCurrentUser property permits execution of content by a Unix account associated with the currently logged-in user. Requires PAM authentication. See the Admin Guide for more details.
  • Added support for global “System Messages” that can display an HTML message to your users either on the logged out or logged in landing pages. See the Admin Guide for more details.
  • Updated packrat to gain more transparency on package build errors.
  • Updated the list of SSL ciphers to correspond with modern best-practices.

RStudio Connect 1.4.0

  • SECURITY: Added missing protection against replay attacks when interacting from the IDE.
  • Redesigned the navigation of the dashboard to leverage dual-level top navigation bars.
  • Added support for PAM sessions. This allows you to opt-in to having your R processes spawned via PAM. See the Admin Guide for more details.
  • Allow administrators to change the username of any user on the system. See the Admin Guide for more details.
  • Program supervisor support. Administrators may configure a command which is able to alter the environment used to execute R. See the Admin Guide for instructions and sample supervisor configurations.
  • Added access logs in the Apache Combined Log Format for all HTTP requests that hit the server. See the Admin Guide for more details.
  • Expanded the directory permission checks introduced in v1.2.0.
  • Introduced a new router for the dashboard which should minimize flickers while loading pages.
  • Added support for anonymous LDAP binds. See the AnonymousBind feature in the Admin Guide.
  • Significantly reduced the memory consumption of the Connect server.
  • Bumped the minimum officially supported version of the IDE to 1.0.0.
  • Fixed a bug in the LDAP implementation that could lead to users being created in an “unconfirmed” state which would make it impossible for them to sign in.
  • Include more events in the audit log such as the manipulation of vanity paths.
  • Connect restricts the total number of verified user accounts and concurrent Shiny users according to the product license. See the Admin Guide for details.

RStudio Connect 1.2.1

  • Stop masking the contents of /home by default. There are many environments where a shared /home is used and Connect cannot detect these situations. The file-system permissions of /home are responsible for determining if a RunAs user has access to files within the /home hierarchy.

    Revert to prior behavior by enabling Applications.HomeMounting. This specifies that the contents of /home should be hidden from R processes with additional bind mounts. The existing /home will have the home directory of the RunAs user mounted over it. If RunAs does not have a home directory, an empty temporary directory will mask /home instead. Launched R processes can discover this location through the the HOME environment variable.

RStudio Connect 1.2.0

  • BREAKING: Default the X-Frame-Options HTTP header to DENY for all Connect resources that are not user content. User content does not have this header set and can still be embedded in external iframes by default. See the Server.FrameOptionsContent and Server.FrameOptionsDashboard settings.
  • Introduce a new page under the “Admin” tab for audit logs. These logs track important changes in the system. To see exactly what is logged, see the Admin Guide
  • Automatically correct ownership and permissions for the R library directory and Packrat cache directory on startup. This helps to ensure that directory permissions are appropriately configured for the current Applications.RunAs user.
  • We now instruct browser clients not to cache content that was cached before the most recent server restart or reload. This ensures that clients do not retain a version of a file that may have been obtained when the server was configured differently.
  • Added a new command-line utility to help manage Connect users. The tool is available at /opt/rstudio-connect/bin/usermanager and currently has two functions: list and alter. It requires root privileges to execute, but will enable system administrators who find themselves unable to access their admin account on Connect to recover admin privileges.
  • When requesting an update to a report, automatically reload the report when the new version is available.
  • More informative 404 pages and more consistent error pages when viewing content that either doesn’t exist or that you don’t have access to.
  • Configured the X-Frame-Options header to prohibit the embedding of the RSC dashboard inside an iframe. See the Admin Guide for details.
  • Set the X-Content-Type-Options header to nosniff by default. Learn more here in the Admin Guide
  • Mark session cookies as HTTPOnly.
  • Added a “Permanent” mode for HTTPS that instructs clients to refuse to attempt a connection to this server in the future unless it is HTTPS. See the Admin Guide for details.
  • Support the configuration of custom headers. These can be used to manage CSP or CORS policies, for instance. See the Admin Guide for details.
  • Static content will redirect to the primary file if it is not named index.html. This is different from the previous approach, which served a primary file of any name from the application root URL.
  • Synchronize the client-side Shiny code across Connect, Shiny Server, and Shiny Server Pro.
  • Better instrumentation and environment checks of deploys to help identify configuration issues.
  • Prohibit removing the last administrator.
  • Enforce group membership when specifying an application-specific RunAs.

RStudio Connect 1.0.0

  • BREAKING: Removed support for the Server.RPath setting as announced in the previous release. Please use Server.RVersion instead. See the Admin Guide for details.
  • BREAKING: Removed the Server.RVersionMultiple setting as documented in the previous release.
  • Formally added LDAP group support, no longer experimental.
  • Added support for Ubuntu 16.04.
  • Support for private package repositories. Requires version 0.99.1285 or greater of the RStudio IDE. See the Admin Guide for details.
  • Add details to the source of conflicts when unable to add a vanity URL.
  • Allow anonymous user to enumerate and switch between the existing variants of a parameterized report.
  • Improved the consistency of the admin user experience by ensuring that admins are able to manage even the content that they aren’t allowed to see. Of course administrators have the option of adding themselves as a viewer to any content, but this is an audited action.
  • Improved styling of various error pages and the Google OAuth login page.
  • Added support for application “titles” – user friendly representations of text that gives more flexibility to content names given in the IDE. This requires at least version 1.0.12 of the RStudio IDE.
  • Version information in download links has slightly changed. The new form is rstudio-connect-X.Y.Z-B instead of rstudio-connect-X.Y.Z.B
  • Various improvements to security and the dashboard interface.

RStudio Connect 0.5.0

  • BREAKING: Removed support for the Server.RunAs setting as announced in the previous release. This setting is now managed in Applications.RunAs.
  • BREAKING: Support for multiple R versions has altered how Connect discovers a compatible R version. This may affect installations where multiple R versions are already available. See the Admin Guide for more information as well as instructions for suppressing this auto-discovery.
  • BREAKING: If using LDAP for authentication, UserObjectClass is now a required attribute.
  • Support multiple versions of R. Different content can use different versions of R without conflict; an appropriate version is chosen when content is deployed. Configuring your system to use multiple R installations is described in the Admin Guide. The algorithms which determine how Connect chooses an R version for each content deployment is described in the R Version Matching section.
  • The Server.RPath configuration setting has been deprecated in favor of the Server.RVersion property. Server.RPath will be removed in the next release. See the Admin Guide for details about Server.RVersion.
  • Added a work-around to support private R packages. See the Admin Guide for additional details.
  • Restrict the ability to login to the server using LDAP groups. See the docs for the LDAP.WhitelistedLoginGroup setting in the Admin Guide
  • For parameterized reports, add a drop-down selector at the top of the page that allows you to quickly switch between different variants of the report you’re inspecting.
  • UI enhancements – primarily around content tables, iconography, and Shiny performance settings.
  • Allow anonymous users to access content at the embedded dashboard link.
  • Introduced the Authentication.Name config setting. This allows admins to specify a meaningful name for your authentication provider that will be presented on sign-in pages to give your users context.
  • Display counts of different user types on metrics page
  • Included version of Pandoc upgraded to version 1.17.2.
  • Bugfix: Parameterized report configuration no longer generates a “Too Many Connections” error on IE10/11.
  • Bugfix: reports now render at the appropriate time on servers which are not on UTC time.

RStudio Connect 0.4.5

  • BREAKING: Forbid report viewers from regenerating R Markdown reports and from customizing parameterized R Markdown reports. Report collaborators are still able to generate ad-hoc reports. Two new configuration options in the Applications section can override this behavior: ViewerOnDemandReports and ViewerCustomizedReports.
  • Redesigned the interface to be more unified, displaying settings and the content itself on same page.
  • Don’t set the /<username>/<appname> path for content by default. Instead, reference the content by its numerical ID by default.
  • Support configurable “vanity URLs” on content that enables admins to set custom paths for content. All existing content which was available under the /<username>/<appname> scheme have that vanity URL pre-configured for backwards compatability.
  • Allow users to configure which Linux account should execute a given application – users can now select to run R as users other than the rstudio-connect user.
  • Offer a “download” button when viewing application logs.
  • Provide a logrotate configuration for /var/log/rstudio-connect.log where logrotate is available.
  • Add a “miscellaneous” section to the CPU graph that tracks all CPU activity outside of system and user usage.
  • Better cache control for web assets.
  • Bump bundled pandoc to 1.17.0.2
  • Move RunAs configuration option from the Server section to the Applications section. Both are currently supported, but Server.RunAs will be removed in the next release.

RStudio Connect 0.4.4

  • Redesign the dashboard UI.
  • Optimize the delivery of the client-side assets used in the dashboard. Now bundle most assets into a single, minified resource and use proper caching techniques to avoid redundant downloads.
  • Show a table of all running R processes Connect has spawned on the Admin > Metrics page complete with CPU and RAM information. Improved robustness of the real-time data feed on that page.
  • Prohibit applications from changing their type.
  • Don’t allow user deletion. Instead, allow “locking” of a user which prohibits the user from logging in or deploying new content.
  • Set the “Reply-To” header on outgoing emails to be the email address of the user sending the report.
  • Kill all running R processes associated with some content when that content is deleted.
  • Bugfix: Better IE compatibility for real-time streaming of metrics and rendering of gauges.
  • Bugfix: Improved behavior when running Connect behind a path-altering proxy.
  • Bugfix: Improved caching logic for the dashboard. Users of RStudio Connect may need to clear or otherwise reset their browser cache.

RStudio Connect 0.4.3

  • Tune the runtime parameters of Shiny applications to control things like maximum processes per app or maximum connections per process. See the Admin Guide’s chapters on Process Management and Configuration.
  • Track historical data about your system including CPU and RAM. Initially, you can view historical data on your CPU and RAM usage in the new metrics page. See the Admin Guide for details.
  • Support deployment of sites including Bookdown. See https://bookdown.org for more information.
  • Support TLS and StartTLS on connections to LDAP servers. See the Admin Guide for more details.
  • Usernames which differ only by case are now disqualified. Existing accounts are unaffected. If both johndoe and JohnDoe accounts have been created accidentally, we recommend removing the JohnDoe account and use johndoe going forward. If you use password auth and attempt to login to one of these johndoe accounts, you will be logged in to the oldest of the two. Other authentication strategies will send the username through as provided and allow the external system to make the decision about case sensitivity.
  • If Metrics are enabled, Connect attempts ensure the correct directory ownership and privileges for running rserver-monitor. This includes ensuring that all users have execute permission (0701) on the main Connect data directory. If you have customized the Connect or metrics data directory location, please ensure that the metrics user has permission to cd into the metrics directory.
  • Combined the CentOS/RedHat 6 and 7 builds. There is now a single installer for either platform.
  • Bugfix: correct behavior when running behind a proxy. See the Admin Guide for more details.

RStudio Connect 0.4.2-1218

  • PAM authentication. Users can now use Pluggable Authentication Modules by configuring the pam auth provider. This will allow Connect to leverage local server accounts.
  • Proxied authentication. Allow an external authentication provider to proxy all Connect traffic, appending an HTTP header that has the username of the current user.
  • Don’t copy Shiny output to server log.
  • Use the externally-provided username without prompting when creating an account unless it’s an invalid username.
  • API endpoint to view all running R processes spawned by Connect.
  • Various UI bugfixes and improvements.

RStudio Connect 0.4.2-1093

  • Password-based authentication. Connect can host the usernames and passwords in an internal database, complete with password reset and new user registration functions.
  • LDAP and Active Directory authentication. Connect to an external server to authenticate users and to query for users in your organization when sharing content.
  • Publishing of Shiny, R Markdown, and Shiny from the RStudio IDE.
  • Scheduled execution and email delivery of R Markdown. Allows R Markdown reports published with source code to be scheduled for execution on the server. Email recipients can also be configured.
  • Control of parameterized R Markdown reports. Variants can be executed once or scheduled for repeated execution.