Skip to main content

Mango 5.7.x Release Notes

Release notes for all Mango 5.7.x patch releases. The latest release in this series is 5.7.1 (May 13, 2026).

Mango 5.7.1 — May 13, 2026

radix-tsl

  • Upgraded the ClickHouse JDBC driver to the official upstream com.clickhouse:clickhouse-jdbc:0.9.8 (from the internal ru.yandex.clickhouse:0.3.1-radix fork) and tuned default ClickHouse table settings, improving ingest, compression, and aggregation performance on ClickHouse-backed installations. The new DDL defaults are:
    • index_granularity = 1024 (was 8192) — smaller granules, faster chart and rollup queries, at the cost of a larger primary-key index held in RAM.
    • parts_to_throw_insert = 3000 (was 1000) — tolerates higher-cardinality ingest before ClickHouse rejects writes.
    • deduplicate_merge_projection_mode removed (no longer needed with the new deduplication path).
  • These settings only take effect on newly-created tables. Existing installations are not migrated automatically — to pick up the new defaults you must create a new data / aggregates table with the updated DDL, copy data across, and rename. Plan for the RAM impact of the smaller index_granularity before migrating (the primary-key index is always resident in memory and is ~8× larger at granularity 1024 than at 8192).
  • Duplicate point values written into ClickHouse are now deduplicated cleanly without the previous full-table merge cost. If you previously added a custom projection on the data table to work around aggregation slowness, it can be removed.
  • Aggregation now runs in chunks so it shares the server cleanly with ingest, queries, and background merges instead of stalling them. Chunk width is tunable via the new db.tsl.clickhouse.aggregation.chunkSize property (default 100000 series IDs per chunk).
  • New db.tsl.clickhouse.aggregation.schedule and db.tsl.timescale.aggregation.schedule properties let you run the aggregation task less often than the aggregation period (e.g. once per hour with a 15-minute period) to reduce steady-state CPU and IO load.
  • Each sweep batches all unprocessed windows since the last run, so a longer schedule only delays the appearance of new aggregate values — no data is lost.
  • Defaults to the existing behavior (one sweep per aggregation.period), so existing installations need no change.

core, excel-reports

  • Excel report rollups now work on TSL-backed installations.
  • Fixes a bug where Excel report rollup cells and the script rollupQuery() callback returned empty / 0 on installations using TSL (ClickHouse) for point value storage. Rollups now read from the pre-aggregated store directly.
  • Note: not every rollup type is supported by TSL — test your existing report templates and rollup scripts after upgrade to confirm they produce the expected output.
  • The "raw data" mode of an Excel report (Rollup = None) and the overall-statistics sidebar still require raw values, so those columns remain empty on TSL-backed stores.
Mango 5.7.0 — April 28, 2026

access-control

  • New validations added to the license in the BE and FE. The user is now notified when attempt to add a new camera and attempt view the live feed from a camera without license.

access-control, maintenance-events

  • Events can now be uniquely identified by a combination of event type and reference type, improving event tracking and querying.

bacnet-ds

  • BBMD registration failures can now be handled by a single handler, simplifying error handling and improving BACnet network management.

  • A community contribution allowing simplified enhancement of character encoding support to BACnet4J has been reviewed and incorporated, improving internationalization.

  • No change made as the reported problem was not reproducible.

  • Fixed a bug where alarm acknowledgements (and other event handling) was only being routed to intrinsic types. They are now also being routed to algorithmic and alarm types.

  • BACnetArray objects can now be resized by writing to index 0, aligning with the BACnet specification for array size management.

  • BACnet read-all-properties requests now include proprietary (vendor-specific) properties in the response, improving interoperability with third-party devices.

  • Community-reported issues in the BACnet4J GitHub repository have been reviewed, with applicable fixes incorporated into this release.

  • Removed the sending of a NAK from BACnet4J as this is not required according to the BACnet specification section 5.4.4.2 / 5.4.5.4.

  • Previously in BACnet4J there was the possibility of an infinite loop while parsing APDU data if that data were specifically malformed. This has been changed so that the code will raise an exception instead.

  • Previously attempting to write e.g. state text to a multistate object would fail because BACnet4J was incorrectly casting the value to a list instead of the required array. This would have been the case for any writable BACnetArray property. The code has been changed so that the proper type is now used. This may cause problems in client code though, where properties that were previously returned as SequenceOf are now being returned as BACnetArray, especially if methods in SequenceOf such as add() or remove() are subsequently used. These methods result in an error with a BACnetArray since this type has restrictions regarding how it can be resized.

  • Dependabot dependency update PRs for BACnet4J have been reviewed and merged, bringing the commons-lang3 library up to date with the latest security patches.

  • There were a number of instances where calling code can get stuck waiting for a ServiceFuture that will never be completed. A set of changes have been implemented to address all possible ways that a ServiceFutureImpl can be created and returned, but not completed, by the DefaultTransport. These changes include:

    • A seemingly forgotten initialization check in one of the overloads for LocalDevice::send.
    • Prevents requests from being added to the outgoing queue in DefaultTransport after terminate() has been called.
    • Prevents orphaned futures due to receiving duplicate SegmentAcks.
    • Prevents orphaned futures due to a timeout after receiving the first two segment windows of a ComplexAck.
    • Completes all futures in the delayedOutgoing queue in DefaultTransport during terminate().
    • Guard against spurious wakeups in ServiceFutureImpl::get.
    • Completion of a ServiceFutureImpl notifies all threads waiting on ServiceFutureImpl::get.

    Also, logic has been added in RequestUtils for handling RejectAPDUException the same way AbortAPDUException is handled when RejectReason is RejectReason.bufferOverflow.

bacnet-ds, http-ds, modbus-ds, mqtt-client-ds, persistent-pub-ds

  • Fixed a bug where exporting published points would result in missing data in the exported file.

chronicle-point-value-cache

  • The chroniclePointValueCache module now uses Chronicle Map's recoverPersistedTo automatically whenever an existing database file is found on startup, rather than requiring recover=true to be set explicitly. This means the cache will self-heal after a JVM crash that left segment write locks set in the file — previously this would prevent the cache from opening and required manual intervention (deleting the file or setting the recovery flag). The chroniclePointValueCache.recover property defaults to true and can be set to false to opt out of recovery and always open with createPersistedTo instead.

cloud-connect

  • Fixed a bug where a single Cloud Connect client with an invalid character (such as whitespace) in its GUID would cause the entire Client List to fail with an HTTP 500 error. Leading and trailing whitespace in the GUID is now trimmed, and if the client URL still cannot be constructed the affected client is listed without a URL instead of breaking the list for all other clients.

controlcore-ds, envcan-ds, log4j-ds, mango-iotools, mangoes-configuration

Breaking Change

The following modules have been removed in 5.7.0 and must be marked for deletion in the UI before upgrading (Mango uninstalls them on the next restart) to avoid startup errors: Control Core (controlcore-ds), Environment Canada Data Source (envcan-ds), log4jDS (log4j-ds), MangoIOTools (mango-iotools), and MangoES Configuration (mangoes-configuration). Existing data sources backed by these modules will not load after the upgrade.

  • The following modules have been removed and will not be supported in Mango 5.7.0. Before upgrading, mark the Control Core, Environment Canada Data Source, log4jDS, MangoES Configuration, and MangoIOTools modules for deletion under Administration > Modules; Mango will uninstall them on the next restart.

core

  • PropertyConverter implementations have been reviewed and made consistent, reducing the risk of serialization/deserialization bugs across modules.
  • The Mango Docker image has been rebased onto Azul's official Docker Hub azul-zulu base image (Debian 13). The mango user and group inside the container remain at UID/GID 1000, so existing data volumes and bind mounts require no changes.
Breaking Change

The default permission for gRPC services flipped from superadmin-only to all-users. Review your gRPC service permissions and tighten them where appropriate via the Default service permission configuration before upgrading. Services that declare their own permission (such as com.radixiot.mango.persistent.v2.PersistentTcp) are unaffected and still require superadmin.

  • gRPC services are now accessible to all users by default, rather than only superadmin users. Note that some gRPC services such as com.radixiot.mango.persistent.v2.PersistentTcp have their own permission configuration and still require superadmin permission.

  • Dependency Upgrades (5.7.0)

    Major Library Updates

    • Spring Framework 6.2 → 7.0
    • Spring Security 6.5 → 7.0
    • Jetty 12.1 (EE10 → EE11)
    • H2 (embedded DB) 2.3.232 → 2.4.240
    • Jackson 2.19 → 3.1.2 (groupId moved to tools.jackson; jackson-annotations stays on the 2.x line)
    • Log4j2 2.25.2 → 2.25.4
    • gRPC 1.76 → 1.80
    • jOOQ 3.19.27 → 3.19.31
    • PostgreSQL driver 42.7.8 → 42.7.10
    • BouncyCastle 1.81 → 1.84

    H2 Database File Migration

    H2 2.4.240 uses a different internal database format (build 240) than the previous version (build 232). On first startup, Mango will automatically migrate the database by:

    1. Dumping the old database to a compressed SQL file in the backup directory.
    2. Restoring the dump into a new database file named for the new build.

    The dump file is retained in the backup directory after the upgrade. If Mango finds an existing dump file on startup (e.g. from a previous failed upgrade), it will abort and log an error pointing to the backup file location.

    This also fixes a performance regression introduced in H2 2.4.240 for bulk point value deletes.

    Configuration Changes (mango.properties)

    The Jetty default servlet file-mapping property has been replaced:

    • Old (boolean, still supported for backwards compatibility): web.defaultServlet.useFileMappedBuffer=true
    • New (minimum file size in bytes): web.defaultServlet.minMappedFileSize=-

    A value of -1 delegates to Jetty's default threshold (1 MB), meaning only files larger than 1 MB will be served using memory-mapped buffers. Set to Integer.MAX_VALUE to disable memory mapping entirely. On Windows, memory mapping is disabled by default to avoid file locking issues.

    Breaking Change

    Module and plugin developers: Spring Framework 7.0, Spring Security 7.0, Jetty EE11 (jakarta.servlet 6.1), and Jackson 3 are major version upgrades. Third-party modules and plugins must be recompiled against the new APIs and reviewed for breaking changes (see the bullets below). Modules built against the 5.6.x APIs will not load in 5.7.0.

    Key breaking changes:

    • Jetty has moved from EE10 to EE11 (jakarta.servlet 6.1). Modules that directly use Jetty or servlet APIs will need to be updated.
    • Spring Security now tracks authentication factors via FactorGrantedAuthority. Sessions authenticated with a username and password carry a PASSWORD_AUTHORITY granted authority. Custom security expressions or authentication providers that inspect the authentication object may need to be updated.
    • Spring JDBC template method signatures changed: the Object[] args array forms of JdbcTemplate.queryForObject and JdbcTemplate.query were removed in Spring 7. Migrate to the varargs forms or to the equivalent methods on NamedParameterJdbcTemplate.

  • The gRPC-Web proxy now uses a dedicated grpcweb client channel so its timeouts can be configured independently of the default in-process gRPC channel. Unary and streaming gRPC methods now have separate configurable deadlines (grpc.channel.<name>.deadline and grpc.channel.<name>.streaming-deadline), and individual gRPC methods can declare their own default deadline in their proto definitions via the com.radixiot.mango.grpc.deadline method option. The default-channel and gRPC-Web channel each carry their own pair of deadline defaults:

    PropertyDefault
    grpc.channel.default.deadline (in-process unary)30 seconds
    grpc.channel.default.streaming-deadline (in-process streaming)1 minute
    grpc.channel.grpcweb.deadline (gRPC-Web unary)30 seconds
    grpc.channel.grpcweb.streaming-deadline (gRPC-Web streaming)10 minutes

    Streaming methods may opt out entirely — for example, StreamPointValues has no deadline, so long-lived real-time streams are no longer cut off.

  • gRPC client channels (including the gRPC publisher, the gRPC-Web gateway, and any channels obtained from the certificate utilities) now run on Mango's shared executor pools instead of gRPC's internal pools. This ensures the Spring Security authentication context is propagated correctly from the client to the server on in-process gRPC calls, and consolidates gRPC thread usage under Mango's centralized thread pool management. The StreamEvents gRPC method is also now configured with no deadline so long-running event streams are not cut off.

  • Module/script developers: Internal refactor — the legacy ModuleRegistry has been removed and module definitions (data sources, publishers, event detectors, event handlers, system actions, permissions, etc.) are now managed directly by Spring as beans. Module developers can now use constructor injection in their definitions and obtain them through the corresponding registry beans (DataSourceDefinitionRegistry, PublisherDefinitionRegistry, EventDetectorRegistry, EventHandlerRegistry, SystemActionRegistry, SystemInfoRegistry, PermissionRegistry). The @ConditionalDefinition annotation has been removed in favor of Spring's standard Condition mechanism, and AbstractTimer no longer extends Clock (use InstantSource or the injected timeSource instead).

  • Module/script developers: Large internal refactor of Mango's startup to move initialization out of the static Common/Lifecycle classes and into the Spring application context. CoreModule.INSTANCE and many Common static fields and methods have been removed (including Common.envProps, Common.getVersion(), Common.getTranslations(), Common.getLocale(), and the module classloader accessors); dependencies such as MangoProperties, Translations, AbstractTimer, Freemarker, the JSON context, and the Jetty web server are now obtained via Spring injection instead of global singletons. The Providers registry, SimulationTimerProvider, PropagatingEvent, and the static startup/shutdown task lists have also been removed. Async request processing has been corrected for Jetty 12 and Spring 6. The test framework now uses the same Spring-driven bootstrap as production, so tests more accurately reflect runtime behavior.

  • Module/script developers: Module ModuleElementDefinition classes now receive their dependencies via constructor injection rather than field injection, allowing final fields and making the dependency graph explicit. Supporting cleanup: Common.envProps and Common.paths have been removed in favor of the injected Spring Environment/MangoProperties and path beans; the loadOrder module property has been removed (Spring now determines construction order); the Module class has been simplified and upgrade logic moved to ModulesLifecycle; the InstantSource clock/timer reference was renamed to timeSource; and the database schema definition comparator now correctly considers transitive dependencies when ordering schema upgrades.

  • Changed the audit change detection code to allow the normal JSON conversion to convert to maps of string and JsonValue. This will automatically include the use of ClassConverter implementations, as well futureproof the code against other (albeit unlikely) serialization innovations. This greatly simplifies the difference-finding engine, but required the addition of equals/hashcode methods to all JsonValue subclasses.

  • Extensions of AbstractEventTypeModel will need to be refactored to replace fromVo/toVo methods with a rest mapper extending AbstractEventTypeModelMapping.

  • BaseEventTypeModel no longer has a generic type, and AbstractEventTypeModel now only has 2 generic types (from 3).

  • Common.getBean and <Dao>.getInstance have been deprecated. Use Spring injection instead.

  • IDataPoint.getExtendedName() behavior changed. In 5.6.5 and earlier, the no-argument call returned a string that filtered the data point's tags through the DEFAULT_DISPLAY_TAGS system setting. In 5.7 the no-argument call returns all tags from the data point's tag map, ignoring the system setting. To preserve the previous filtered behavior, call the new getExtendedName(SystemSettingsDao) overload. You can also pass a comma-delimited list of tag names directly, e.g. getExtendedName("k1,k2,k3").

  • Long-lived gRPC streams are now tracked and automatically cancelled when the associated user is modified or deleted. This is because the user permissions may be different, and so the gRPC stream access may have changed. The stream can be reconnected by the client, depending on the changes made to the user.

  • A new gRPC endpoint has been added for creating user comments on events, enabling comment functionality in gRPC-based clients.

  • Fixed file store path validation to correctly handle symbolic links, preventing access errors when the file store directory or its files are accessed through symlinks.

  • From 5.7.0 Mango now fetches and installs upgrades directly from a Maven repository. Triggering an upgrade in the UI resolves the bundle, verifies it, and installs it automatically. Official Radix IoT releases are available at https://maven.radixiot.run/mango.

    • All downloaded artifacts are verified using PGP signatures before installation. Radix IoT's public key is bundled in the core JAR and applied automatically to official releases.
    • Signature and checksum validation can each be set to fail (default), warn, or ignore via store.upgrade.signaturePolicy and store.upgrade.checksumPolicy.
    • Modules uploaded manually via the REST API are now subject to the same signature check, controlled separately by store.upload.signaturePolicy (defaults to fail). Set it to warn or ignore when testing locally-built, unsigned modules during development.
    • Private, password-protected repositories are supported for distributing custom bundles and modules. Configure the repository URL, artifact ID, credentials, and a custom signing key in mango.properties using store.upgrade.url, store.upgrade.artifactId, store.upgrade.username/password, and store.upgrade.additionalSignatureKey.
    • Upgrade versions are filtered by release channel — only stable versions are offered by default. Pre-release channels (alpha, beta, rc) can be enabled in the UI. Use store.upgrade.maxVersion to cap the highest version offered.

  • The jdk.management module has been added to the Mango Docker image, enabling JMX monitoring and management capabilities in containerized deployments.

Breaking Change

MySQL row-by-row result streaming has been removed. Setting db.fetchSize=Integer.MIN_VALUE in mango.properties no longer triggers row-by-row streaming on MySQL — that property value is now invalid. MySQL deployments will use cursor-based fetching (useCursorFetch=true) with whatever positive db.fetchSize is configured (default 100). Audit your mango.properties for db.fetchSize=Integer.MIN_VALUE or any negative value before upgrading.

  • MySQL row-by-row result streaming removed — the legacy MySQL streaming mode (returning Integer.MIN_VALUE as fetch size to trigger row-by-row streaming) has been dropped. MySQL now always uses cursor-based fetching (useCursorFetch=true) when a positive db.fetchSize is configured.
  • Added configurable connect and read timeouts for OAuth2/OIDC HTTP clients — new properties oauth2.client.connectTimeout (default: 30s) and oauth2.client.readTimeout (default: 30s) apply to all OAuth2/OIDC HTTP clients.

core, haystack-ds-pub, http-ds

Breaking Change

CSRF protection is now enforced on /httpds and /haystack for HTTP-session-authenticated requests. Clients that authenticate with a session cookie must include the X-XSRF-TOKEN header (matching the XSRF-TOKEN cookie) on every state-changing request. Clients that authenticate with a JWT in the Authorization header are unaffected. Update HTTP clients to send the CSRF header, or switch them to JWT authentication, before upgrading.

  • Remove CSRF protection exceptions for the HTTP DS (/httpds) and Haystack (/haystack) servlets. The standard Mango CSRF protection mechanisms (XSRF-TOKEN cookie and X-XSRF-TOKEN header) are now required to access these endpoints when using HTTP session authentication.

core, lang-de, lang-en, lang-es, lang-fi, lang-nl, lang-pt, lang-zh

Breaking Change

All standalone language modules (lang-de, lang-en, lang-es, lang-fi, lang-nl, lang-pt, lang-zh) have been removed and must be marked for deletion in the UI before upgrading (Mango uninstalls them on the next restart). Translations are now bundled with each module.

  • All language modules have been removed. Translation files are now distributed with each module. The following languages are now distributed with Mango and have been (largely) machine translated:
    • Czech
    • Dutch
    • Finnish
    • French
    • German
    • Portuguese
    • Simplified Chinese
    • Spanish
  • Mango now supports customizing and overriding UI translations without modifying core installation files. Administrators can place custom .properties files in the <mango_paths_data>/translations/ directory to override any built-in text strings — useful for renaming terminology, adjusting labels to match organizational conventions, or supporting locales not included out of the box. Override files follow the standard Java resource bundle naming convention: i18n.properties applies to all locales, while locale-specific files such as i18n_fr.properties or i18n_es_MX.properties apply only to the matching locale. Override files take precedence over the defaults shipped with Mango and its modules.

core, ma-bootstrap

  • Fixed a startup failure that prevented Mango from booting when launched through MangoBootstrap, caused by a conflict between Mango's custom classloader and the common ForkJoinPool. The bootstrap now uses a Java agent to append library JARs directly to the system classloader. Fork mode also now honors the bin/mango.vmoptions file (or a custom VM options file via the paths.vm.options property) and forwards mango.* system properties to the forked process.

core, mango-api

  • Mango JWT authentication tokens can now be created and renewed using an existing Mango JWT token, enabling automated scripts to maintain fresh short-lived credentials without requiring username/password re-authentication. This behavior is opt-in and must be enabled by setting authentication.mango-jwt.allowTokenCreation=true in mango.properties. When enabled, only password and Mango JWT authentication are permitted to create tokens — OAuth2/OIDC authenticated sessions are blocked.
  • The validity period of a newly created token cannot exceed the validity period of the token used to create it (an error is returned if a longer expiry is requested); superadmin users creating tokens for other users are subject to the same duration limit. All Mango JWT tokens now include a not before (nbf) claim, which is used to calculate the allowed validity period.

core, mango-nosql-database

  • TimeoutTask (note the lowercase "out" — the class is no longer named TimeOutTask) is now a final class and its API has changed. Constructors now require a String name argument and accept Duration/Instant (the previous long delay / Date date overloads have been removed). TimeoutClient is now a @FunctionalInterface, and its single abstract method is taskRun(Instant scheduledTime) — the Task task parameter has been removed. The default rejected() handler no longer auto-routes through Common.backgroundProcessing; if you use this class in your private module code, schedule the task explicitly via the BackgroundProcessing interface and handle rejection yourself if needed.
  • The POST /rest/latest/mango-nosql/reload-links REST API now returns an error if you try and use priority=LOW — the only accepted values are MEDIUM and HIGH. The error response is Low priority reload links is not supported.

core, meta-ds, scripting-ds

Breaking Change

Script authors: Static fields and methods on the Common class — including Common.runtimeManager, Common.eventManager, Common.backgroundProcessing, Common.timer, Common.serialPortManager, Common.getBean(), Common.getRuntimeContext(), Common.getHttpClient() — have been removed. DAO getInstance() / instance accessors are also gone. Existing Meta and Scripting data source scripts that rely on these will fail to evaluate after upgrading. Migrate to the new services and runtimeContext script variables (see bullets below) before upgrading.

  • Provide runtimeContext script variable for use in legacy Nashorn scripting environment (Meta data source, scripting data source); this can be used to obtain Spring beans, e.g. runtimeContext.getBean(DesiredClass.class), as a replacement for the removed Common.getBean() method. Only scripts with the "superadmin" role can access this variable by default.
  • Provide a services script variable to access all services in the legacy Nashorn scripting environment. All scripts have access to this by default.
  • Remove static fields and methods from the Common class; if you rely on this class in your scripts you will need to test and verify that the fields/methods you use are still present.
    • Removed static fields/methods include but are not limited to: runtimeManager, eventManager, backgroundProcessing, timer, serialPortManager.
    • Removed static fields/methods include but are not limited to: getBean(), getRuntimeContext(), getHttpClient().
    • Your scripts should be modified to access services via the services variable, or getting a Spring bean via runtimeContext.getBean() (superadmin role scripts only).
    • DBUpgrade classes are now scanned by Spring and automatically injected with dependencies. Please ensure your DBUpgrade classes are in a package which is scanned by Spring (e.g. com.radixiot.mango) or configure scanning for your package.
  • Remove DAO getInstance() methods. If you previously accessed DAOs in scripts using DAO.getInstance() or DAO.instance you must modify your scripts to use the new runtimeContext variable, e.g. runtimeContext.getBean(DataPointDao.class), or use the service instead, e.g. services.dataPointService.

ems

  • Fixed issues regarding platform manager dropdown options and how it would not auto select based on cases like no item selected, no cookies, no url params.

excel-reports

  • Add optional bookend support to Excel Report time series; when enabled, synthetic values are inserted at the start and end of each time period to ensure the report spans the full configured range.
  • Fixed bug in Excel Reports when filling cells with a Formula was not working; now we clear the formula before setting the value.

haystack-ds-pub, http-ds

Breaking Change

The HTTP DS endpoint at /httpds now requires a system permission. The default is superadmin-only, so HTTP clients that previously POSTed unauthenticated to /httpds will receive 403 Forbidden after upgrade. Update those clients to authenticate with a JWT in the Authorization header and grant their user the http.ds.server permission, or configure the permission to allow anonymous access if the original behavior is required. Per-point "Set point value" permission is also enforced.

  • The HTTP receiver datasource endpoint located at /httpds now requires a system permission to access it. This permission defaults to superadmin only but can be configured to allow access to anonymous (unauthenticated) users. In addition to this top level system permission, the "Set point value" permission is checked for each point which is being set. Users should update their HTTP clients which are sending data to /httpds to use a JWT authentication token in the "Authorization" header. Please consult the built-in help for more information.
  • Fix several bugs in the Haystack servlet located at /haystack which prevented it from working.

mango-nosql-database

  • Improve the performance of the "reload links" functionality of the NoSQL (ias-tsdb) database.
  • Upgrade ias-tsdb to version 1.9.0.

mqtt-client-ds

  • Fixed missing validation of CA certificates, client certificates, and private keys when saving an MQTT data source, preventing misconfigurations from being silently accepted.

opc-ua

  • A new OPC UA data source module has been added, enabling Mango to connect to and collect data from OPC UA servers.
  • A data source supporting OPC UA was added.
  • The REST API to manage OPC UA data sources has been added.
  • Provide the server-side functionality for an OPC UA node explorer feature.
  • The OPC UA node explorer now individually retrieves the child nodes of a given node instead of starting an indeterminate retrieval of all nodes of a server in a single request.
  • OPC UA data source configuration now allows the fetching of a list of server endpoints, instead of separate security policy and security mode dropdowns, simplifying setup.
  • OPC UA data sources now support a configurable timeout setting, giving users control over how long the system waits for device responses.
  • A new certificate file store UI has been added, allowing users to manage SSL/TLS certificates directly from the Mango interface.

persistent-pub-ds

  • Fixed an issue where the gRPC publisher could silently stop forwarding point-lifecycle events (such as point initialization/termination) to the data source. Data sources now reliably receive these events.
  • Fixed gRPC publisher reconnect delay bug that caused publishers to skip delays after 1000+ failures.
  • gRPC data source disconnect errors when no linked data source created converted to warning.

snmp-ds

  • Provided a default starting OID (1.3.6.1) for the SNMP walk so the field no longer needs to be filled in manually for typical use.

ui

  • Fixed width on Events Page when view is 975px or less.
  • Fixed issue where some event types were not filtered correctly based on the event selection.
  • Fixed missing chart boundary values when point's default rollup is None.
  • Fixed bug in menu items where a system permission description would be saved instead of the key.
  • Changed name in admin home > system card > modules text to "Module upgrades available".

watchlist

  • Fixes a problem where Jackson fails to serialize data that includes seroJson's JsonValue subclasses.

Documentation updated for 5.7.1

  • TSL Module Configuration — new db.tsl.clickhouse.aggregation.chunkSize, db.tsl.clickhouse.aggregation.schedule, and db.tsl.timescale.aggregation.schedule properties; ClickHouse DDL defaults retuned (index_granularity=1024, parts_to_throw_insert=3000) with manual-migration caveat; upstream com.clickhouse:clickhouse-jdbc:0.9.8 driver swap.
  • Mango Properties Reference — new TSL Aggregation subsection listing the new db.tsl.*.aggregation.schedule and db.tsl.clickhouse.aggregation.chunkSize properties.
  • Creating Excel Reports — Excel report rollup cells and rollupQuery() script callback now work on TSL-backed installations; raw-data mode (Rollup = None) and overall-statistics sidebar still require raw values.
  • Rollups and Statistics — new "TSL-Backed Storage and Rollups" section explaining which rollups read from the TSL pre-aggregate store vs. require raw values.

Documentation updated for 5.7.0

The following pages have been updated to reflect 5.7.0 changes. Use this list as a jumping-off point when reviewing what's new or migrating from 5.6.

New pages

  • Customizing UI Translations — drop i18n .properties files into <paths.data>/translations/ to override or extend Mango's built-in UI translations.
  • OPC UA Data Source — new open-source OPC UA data source built on Eclipse Milo (replaces the prior closed-source placeholder).

Pages with 5.7 behavior changes

Security & authentication

Configuration & operations

  • Mango Properties Reference — new store.upgrade.*, grpc.channel.*, oauth2.client.{connect,read}Timeout, authentication.mango-jwt.allowTokenCreation, web.enabled, systemSettings.language; deprecated web.defaultServlet.useFileMappedBuffer; removed db.fetchSize=Integer.MIN_VALUE and db.in.maxOperands.
  • How to Upgrade Mango — Maven-based upgrade flow with PGP signature verification.
  • Upgrade to v5 — new "Before upgrading to Mango 5.7" pre-upgrade checklist.
  • Docker Installation — image rebased onto Azul Zulu (Debian 13); jdk.management added.
  • Ways to Launch Mango — fork mode honors bin/mango.vmoptions and paths.vm.options.

Scripting & module development

  • Custom Module Overview — new "Migrating modules from Mango 5.6" section covering Spring 7 / Jetty EE11 / Jackson 3 / Common removals / TimeoutTask API changes.
  • Meta Data Source — new runtimeContext, services, log, setTimeout, setInterval Nashorn bindings.
  • Global Scripts — full Common static-field/method removal list with migration guidance.
  • Persistent Point Value CachechroniclePointValueCache.recover defaults to true; new sameLibraryVersion property.

Data sources & reports