2026.3 Release Notes
Last updated: June 29, 2026
For a list of release dates and Sisense's end of support schedule, see Sisense Version Release and Support Schedule.
For information about the Sisense gradual rollout process, as well as an explanation of how the versions and release notes relate to content added during the rollout, see Sisense Gradual Rollout Process.
Regarding Salesforce Security Updates to the "Use Any API Client" Permission:
-
For customers using Sisense connections to Salesforce, it is important to note a significant Salesforce change and steps that you may have to take for continued correct functionality. See Salesforce “Use Any API Client” Permission Changes: Sisense Impact & Migration Guide.
Regarding Upgrading:
-
Version L2025.4 Service Pack 1 contains an important fix. Therefore, it is strongly recommended to upgrade to SP1 or newer.
-
Customers currently running Sisense versions older than L2025.2.0.249 cannot directly upgrade to versions L2025.3 or newer. You must first upgrade your Sisense installation to version L2025.2.0.249 or L2025.2.0.496. Only after completing this intermediate upgrade can you proceed to version L2025.3 or newer. This important change is due to Sisense upgrading to MongoDB 8 starting from Sisense version L2025.3.
-
To download the latest Sisense version, or to upgrade to an older version, see that version’s Release Notes and contact your Sisense Customer Success Manager for the version package.
-
To upgrade to this version of Sisense:
-
Read the Release Notes of all the versions following your current version, up to and including the version to which you are upgrading.
-
Run a system backup before upgrading. See Backing up and Restoring Sisense.
-
Follow the upgrade procedure in Upgrading Sisense.
-
Privacy and Security Information
This release contains several security related updates. We highly recommend upgrading to this latest release to take advantage of any security-related updates and benefit from the Sisense support and warranty. In addition, Sisense strongly recommends regularly testing and auditing your environment after upgrading, and periodically during your subscription term, to ensure all privacy and security settings remain in place.
Customers are responsible for controlling and monitoring your environments and are therefore in the best position to ensure the correct security settings are in place for how you use Sisense products.
Due to the complexity of Sisense products, we strongly suggest that all customers ensure that you understand how all of the privacy and security settings within Sisense work.
If you use Sisense to store/process sensitive data, it is your responsibility to review and test your implementation to ensure you are not inadvertently sharing data with unauthorized third parties. For more information on data security rules, see Data Access Security.
BREAKING CHANGES - WARNING!
The following is a cumulative list of potentially breaking changes from approximately the past 12 months, and may also include warnings about upcoming changes:
Customers using the GenericJDBC connector with a custom dialect Java file will need to recompile and potentially update your code.
All custom dialect files must be recompiled after the upgrade because the underlying Calcite JAR has changed. Even if no code changes are needed, the old compiled .class file may not work correctly with the new Calcite runtime.
To recompile: re-upload the dialect .java source file through the connector management CLI. The system will compile it against the new Calcite JARs automatically.
Breaking API Changes
The following changes may require code modifications in custom dialect files.
1. Operator Comparison Pattern
This was observed for LOG10 but may affect other operators compared using identity (==). The safe approach is to use name-based comparison.
Before:
if (call.getOperator() == SqlStdOperatorTable.LOG10) { ... }
After:
if (call.getOperator().getName().equalsIgnoreCase("LOG10")) { ... }
Reason: Calcite changed SqlStdOperatorTable from a reflective scan to an immutable multi-map (CALCITE-6024), which altered operator object resolution order. Identity comparison (==) is no longer reliable for matching operators.
2. SqlSelect Constructor - New qualify Parameter
The SqlSelect constructor gained a new qualify parameter (for the SQL QUALIFY clause). The old constructor without qualify still works but is deprecated.
Before (still compiles, but deprecated):
new SqlSelect(pos, null, selectList, from, where, groupBy, having,
windowDecls, orderBy, offset, fetch, hints);
// 12 parameters
After (recommended):
new SqlSelect(pos, null, selectList, from, where, groupBy, having,
windowDecls, null, orderBy, offset, fetch, hints);
// ^^^^ new 'qualify' parameter (null = not used)
// 13 parameters
3. rewriteSingleValueExpr() Signature Change
If the dialect overrides rewriteSingleValueExpr(), the method signature has changed.
Before:
@Override
public SqlNode rewriteSingleValueExpr(SqlNode aggCall) { ... }
After:
@Override
public SqlNode rewriteSingleValueExpr(SqlNode aggCall, RelDataType relDataType) { ... }
Add import: import org.apache.calcite.rel.type.RelDataType;
4. SqlExtractFunction Constructor
The default (no-arg) constructor was removed.
Before:
SqlExtractFunction extractCall = new SqlExtractFunction();
After:
SqlExtractFunction extractCall = new SqlExtractFunction("EXTRACT");
5. SqlSampleSpec API Change
If the dialect handles TABLESAMPLE, the getter method was replaced with direct field access.
Before:
Float pct = ((SqlSampleSpec.SqlTableSampleSpec) spec).getSamplePercentage();
After:
Float pct = ((SqlSampleSpec.SqlTableSampleSpec) spec).sampleRate.floatValue();
6. CTE (WITH clause) Body Framing
If the dialect customizes WITH clause unparsing, the CTE body must now be wrapped in a WITH_BODY frame.
Before:
with.body.unparse(writer, 0, 0);
After:
SqlWriter.Frame bodyFrame = writer.startList(SqlWriter.FrameTypeEnum.WITH_BODY);
with.body.unparse(writer, 0, 0);
writer.endList(bodyFrame);
Without the WITH_BODY frame, the CTE body gets extra parentheses, producing invalid SQL.
Security
The move to Apache Calcite 1.36.0 addresses all known security vulnerabilities, including CVE-2022-39135 (CRITICAL, CVSS 9.8 - XML External Entity injection). Calcite 1.36.0 has zero known CVEs.
The Report Manager URL has now changed from /reportManager/main.html#/reports to /app/report-manager#/reports. This is necessary only for when embedding the Report Manager directly by URL.
2026.3.0 Release Overview
Cloud Availability
This release is currently only available to cloud customers. It will be released shortly for on-premise availability as well.
As the content is still in progress, it is recommended that you check back here occasionally for the latest updates.
The content below describes the new features, improvements, and bug fixes included in the July 2026, 2026.3.0 release.
What's New
The following table lists the high-level impact (or potential impact, if any) of new features, and how to handle it if upgrading to version 2026.3.0 or newer. Continue reading the Release Notes below the table for a detailed explanation of these features, as well as improvements and fixes.
| Feature | Issues and Actions to Consider |
|---|---|
|
|
|
|
|
|
|
|
Compose SDK Version
Compose SDK version used in this Sisense release: 2.30.0
Impersonate User (Log In As User)
Administrators can now start an authenticated session as another user directly from Admin > User Management to reproduce issues and verify per-user configuration exactly as that user sees it.
Key highlights:
-
One-click access - Select Log in as user from the Users grid to start an impersonation session. A confirmation modal requires a reason before proceeding.
-
Strict role-based authorization - Only System Admins, Admins, and Tenant Admins can initiate impersonation, and only for users with a strictly lower privilege tier. Tenant Admins are restricted to users within their own tenant.
-
Supports all authentication types - Local, Active Directory, and SSO (SAML/OIDC) users are all valid targets.
-
Full audit trail - Every session start, stop, and action performed during impersonation is recorded in the audit log with the real administrator's identity (
impersonatedBy), along with the reason provided. -
Built-in safeguards - Sessions are time-limited (default 30 minutes, max 40), rate-limited per administrator, and capped at 3 concurrent sessions. Password changes, API token creation, and MFA resets are blocked during impersonation.
-
Persistent visual indicator - A banner is displayed throughout the session confirming impersonation is active, with a one-click "Return to admin" option.
-
Admin opt-out - The feature is enabled by default and can be toggled off under Settings > Security > Authentication Settings > "Enable impersonation for Admins".
Sisense Intelligence Search (Beta)
Sisense Intelligence Search lets you find existing widgets across all of your accessible dashboards using natural language. Instead of navigating dashboard by dashboard or recreating visualizations that already exist, you can describe what you are looking for and get a ranked list of relevant widgets. The search is currently powered by a hybrid search — both vector-based semantic search (so results reflect intent rather than exact keyword matches), not an LLM (no credits consumed) and a lexical search. A future version is planned to be powered only by a vector-based semantic search.
What You Can Do
-
Search by intent - type a topic like "revenue" or "financial overview" and get back matching widgets from across dashboards, with widget name, parent dashboard, and data source.
-
Act on results - preview a widget, jump to its source dashboard, or pull selected widgets into a new dashboard (create action gated to Designers per Role-Based Access Control (RBAC) ). A future version is planned to include pulling widgets into existing dashboards as well.
-
Embedded support - available as an iframe-embeddable surface for embedded customers.
What's New in Beta
This feature was first introduced as Preview in release 2026.2.2. The current Beta milestone addresses post-Preview feedback and hardens the experience:
-
Sharper, higher-quality results. Relevance ranking now applies a confidence threshold that hides weak matches rather than padding the list with off-topic results. Exact and strong matches are clearly separated from loosely related "similar" widgets, so you can act on the top of the list instead of sifting through everything.
-
A more polished experience. Search now includes clear empty, no-results, and not-indexed states, along with filtering and query chips to refine what you see. Indexing runs invisibly in the background, so search stays available even while your data is being updated.
-
Smarter permissions for Viewers. Viewers now see only the actions they are allowed to take — search, preview results, use Find similar, and open dashboards they have read-only access to — with no surprise permission errors. Edit and create actions remain unavailable to Viewers, and gating follows per-dashboard share level rather than system role alone.
How it Works
-
Search is powered by a vector database over widget metadata (title, axis labels, metrics, categories, descriptions). No LLM is involved and no credits are consumed.
-
When an Admin enables the feature (in Admin > Sisense Intelligence), a full re-index of all published dashboards is triggered automatically. Re-indexing also occurs when a dashboard is republished. A scheduled index refresh keeps data model changes in sync over time.
-
Results respect data permissions - users only see widgets they are allowed to view.
-
Richer widget metadata (descriptive titles, axis labels) produces better match quality.
Current Limitations
-
Compose SDK hook/component is planned for the future, but is not yet included.
-
Knowledge-graph integration for usage-based ranking, search across dashboards/data sources/tables, and analytics-tab integration are planned for the future, but are not yet included.
What's Improved
Compose SDK Mode
-
CSDK Mode now supports Sisense Intelligence Narratives.
Dashboards
-
Several improvements have been made to dashboard semantic search:
-
Unpublished dashboards no longer appear in search results
-
Duplicate entries are removed from search results
-
Overall faster search results
-
New retry mechanism ensures a more complete and up-to-date search index
-
Filters
-
Previously, when the "N/A" value was enabled or disabled in a filter, charts sometimes displayed incorrect results and data was shifted across columns. This has been fixed and "N/A" is correctly positioned on the x-axis and that data remains aligned with its corresponding columns regardless of the filter state.
Infra
-
RKE and Kubernetes are upgraded to version 1.36 (latest).
Report Manager
-
Reporting Groups (Beta) - The Report Manager can now group recipients who would receive identical report output and generate the report once per group, instead of once per recipient, reducing generation time and resource usage for large recipient lists. A separate copy is still delivered to each recipient; only the generation step is shared.
Administrators can enable this optimization via the configuration toggle in the Report Manager Global Options > Reporting Groups Enabled (BETA).
Grouping criteria: Recipients are grouped when they share the same data-security rules, dashboard personalization, data model access, user parameters, and language settings.
Sisense Intelligence
-
The
GET /api/v2/ai/llm/models/providersendpoint has been updated to return a structured catalog of supported LLM providers and their available models, replacing the previous flat array of provider name strings.-
The endpoint now returns a rich JSON response that includes provider name, display name, and a list of supported models (with name and display name) for each provider.
-
The response accurately reflects the officially supported providers, OpenAI and Azure OpenAI, removing previously listed but unsupported entries.
-
Supported models include GPT-4.1, GPT-4o, GPT-4.1 Mini, and GPT-4o Mini.
Example response:
Copy{
"providers": [
{
"provider": "openai",
"name": "OpenAI",
"models": [
{ "model": "gpt-4.1", "name": "GPT-4.1" },
{ "model": "gpt-4o", "name": "GPT-4o" },
{ "model": "gpt-4.1-mini", "name": "GPT-4.1 Mini" },
{ "model": "gpt-4o-mini", "name": "GPT-4o Mini" }
]
},
{
"provider": "azure",
"name": "Azure OpenAI",
"models": [
{ "model": "gpt-4.1", "name": "GPT-4.1" },
{ "model": "gpt-4o", "name": "GPT-4o" },
{ "model": "gpt-4.1-mini", "name": "GPT-4.1 Mini" },
{ "model": "gpt-4o-mini", "name": "GPT-4o Mini" }
]
}
]
} -
-
The LLM providers list on the System Information page is now dynamically fetched via API, ensuring it always reflects the most up-to-date available providers.
-
AI models, indexes, and related assets now stay automatically in sync when schema changes are made. Previously, changes to your data model could lead to inconsistent natural language query (NLQ) results or failed enrichment processes.
With this improvement, the system automatically detects and resolves mismatches caused by schema changes, ensuring that your Sisense Intelligence features, including NLQ, chatbot, and data enrichment, continue to work reliably without manual intervention.
Impact:
-
More accurate and consistent NLQ results
-
Fewer errors when building or updating AI models
-
No more manual troubleshooting of broken enrichment flows after schema changes
-
What's Fixed
Add-ons
-
JTD - Previously, importing a dashboard built on an ElastiCube into an environment with a Live model of the same name caused the dashboard to incorrectly query the Live model instead of reporting a missing ElastiCube. This led to broken UI elements and non-functional "Jump to Dashboard" (JTD) settings. The system now correctly validates the data source type (Live vs. ElastiCube), ensuring that if the required ElastiCube is not found, an error is displayed rather than querying the wrong data source.
Analytical Engine
-
Previously, the "Analytical Engine Settings" option remained visible at the model level even when the global system configuration was set to enforce Analytical Engine only (`AE_ONLY`). This fix ensures that redundant model-level toggles are correctly hidden when the Analytical Engine is globally enforced, providing a consistent user interface across all models.
Build
-
Previously, in Linux multi-node environments, stale database farm files were not automatically cleared from the local storage path (
/opt/sisense/local_storage) following abnormal pod terminations, such as Out-of-Memory (OOM) events. This could lead to disk space exhaustion on application and query nodes, potentially causing subsequent build failures. A proactive cleanup mechanism has been implemented to identify and remove these orphaned directories during pod startup, ensuring disk space is reclaimed before new extractions begin. -
Previously, dashboards displayed an incorrect "Last Successful Build" timestamp even after an ElastiCube build completed successfully. This occurred due to a processing bottleneck in the message queue. The system now retrieves the build date directly from the database to ensure the timestamp accurately reflects the most recent successful build.
Data Sources & Perspectives
-
Previously, when working with a live model, selecting "Change Table" incorrectly opened the "Change Connection" screen instead of the "Edit Table" window. This has been fixed and the "Change Table" action now correctly opens the edit table window with the current table's SQL query pre-loaded, allowing for direct modification.
Exporting Dashboards
-
Previously, exporting a dashboard (as a PDF or an image) or republishing it in Shared View did not reflect the current filter state when "Update on Every Change" was disabled; the system would revert to the last published version of the dashboard. This has been fixed and the user's current filter state is correctly captured and applied during export and republishing actions.
Formulas
-
Previously, using the `ALL()` function in a formula alongside a date break-by would result in a SQL error (e.g., `types double and timestamp are not equal`) when the
AllInMeasuredValueIgnoreFieldInPathsetting was enabled. This fix ensures that the query structure remains valid and contiguous when dimensions are excluded by the `ALL()` function, allowing date-based grouping to function correctly.
Report Manager
-
Previously, in multi-tenant environments, CSV and Excel report generation failed when the ExportModification plugin was active. This has been fixed and reports retain their custom layout and formatting for tenants without delivery failures.
Services
-
Previously, RabbitMQ queues related to the deprecated Acceleration feature (
sisense.acceleration.service.delete_dashboardandsisense.acceleration.service.delete_ecm) were not fully decommissioned. This caused messages to accumulate indefinitely in these queues without active consumers, potentially impacting RabbitMQ performance and triggering unnecessary alerts. These queues have now been removed to ensure proper system cleanup and stability.
Sisense Intelligence
-
Previously, Administrators and System Administrators encountered an error when attempting to open the assistant on dashboards that were not explicitly shared with them. This fix ensures that privileged roles can access the assistant on any dashboard they have permission to view, regardless of the "Share the assistant" toggle setting, maintaining consistency with general platform permissions. Row-Level Security (RLS) remains fully enforced within the assistant to ensure data exposure remains consistent with standard dashboard access.
-
Previously, the "Enable Assistant" toggle was unavailable on dashboards built from data models with names containing a plus (+) character. This was caused by incorrect URL encoding of the data model name, which prevented the system from verifying the assistant's status for that model. This has now been fixed and works as expected.
-
Previously, in Sisense Intelligence Search, users with Viewer-only permissions could access the widget editor by clicking "view widget" in search results. The "view widget" action now correctly enforces Role-Based Access Control (RBAC), providing Viewers with a read-only preview or navigating them to the source dashboard instead of opening the editor.
-
Previously, the assistant would return a "500 Internal Server Error" when processing queries on extremely large data models (e.g., hundreds of tables and thousands of columns). This occurred because the AI model's response exceeded its output limit while identifying relevant columns, resulting in a truncated response that the system could not parse. This fix increases the allowed response size and improves error handling to ensure the assistant remains stable and provides clearer guidance when dealing with very complex schemas.
-
Previously, in on-prem deployments where the `similarity-service` was marked as ready before it could accept traffic, there were connection timeouts (`ETIMEDOUT`) and migration failures in the `ai-integration` service during startup. This has been resolved by adding proper readiness and liveness probes to the Helm charts for the AI-stack components, ensuring services are fully initialized before receiving requests.
-
Previously, in Sisense Intelligence Search, performing a search that returned no matches failed to update the UI, leaving the initial landing page visible. This fix introduces a dedicated "no results" state that provides clear feedback and suggestions when no matching widgets or dashboards are found, ensuring that you can distinguish between a search with zero results and a system that is still loading.
-
The Narrative button in the assistant UI was previously displayed for on-prem (non-managed) deployments, even though the Narrative feature is not supported in those environments. Clicking the button had no effect. The button is now correctly hidden for on-prem deployments.
Widgets
-
Previously, in Compose SDK (CSDK) dashboard mode, when duplicating a widget via the header menu, the widget could not be edited without refreshing the page. This has been fixed and duplicated widgets are synchronized between the React and AngularJS layers, allowing immediate access to the edit toolbar and proper identification of the new widget's server ID.