diff --git a/.github/workflows/scripts/run-migration-tests.sh b/.github/workflows/scripts/run-migration-tests.sh
index 565dbb2c58..85f901cfd5 100755
--- a/.github/workflows/scripts/run-migration-tests.sh
+++ b/.github/workflows/scripts/run-migration-tests.sh
@@ -1239,6 +1239,11 @@ append_dynamic_columns_postgres() {
echo "UPDATE config_client SET mcp_disable_auto_tool_inject = false WHERE id = 1;" >> "$output_file"
fi
+ # config_client.whitelisted_routes_json (added in v1.5.0)
+ if column_exists_postgres "config_client" "whitelisted_routes_json"; then
+ echo "UPDATE config_client SET whitelisted_routes_json = '[]' WHERE id = 1;" >> "$output_file"
+ fi
+
# governance_virtual_key_provider_configs.allow_all_keys (added in v1.5.0)
# vk-migration-test-1 has a key in the join table, so old behavior was restricted to that key -> allow_all_keys=false
# vk-migration-test-2 has no key rows, so old "empty=allow-all" semantics -> allow_all_keys=true
diff --git a/core/changelog.md b/core/changelog.md
index 23129e1ea1..925afec240 100644
--- a/core/changelog.md
+++ b/core/changelog.md
@@ -1,2 +1,19 @@
-- feat: add model alias support
-- refactor: standardize extra fields handling for all providers
+- feat: add Fireworks AI as a first-class provider (thanks [@ivanetchart](https://github.com/ivanetchart)!)
+- feat: add realtime provider interfaces, schemas, and engine hooks
+- feat: add session log storage and realtime request normalization
+- feat: add per-user OAuth consent flow with identity selection and MCP authentication
+- feat: add IsSet method to EnvVar and improve provider auth validation
+- feat: add support for tracking userId, teamId, customerId, and businessUnitId
+- feat: add prompts plugin with direct key header resolver
+- feat: add embeddings, image gen, edit and variation to bedrock
+- feat: allow path whitelisting from security config
+- fix: auto-redact env-backed values in EnvVar JSON serialization
+- fix: bedrock tool choice conversion to auto
+- fix: MCP tool logs not being captured correctly
+- fix: preserve explicit empty tool parameter schemas for openai passthrough
+- fix: correct SigV4 service name for bedrock agent runtime rerank
+- fix: include raw model ID in list-models output alongside aliases
+- fix: vertex endpoint correction
+- fix: bedrock streaming retry for retryable AWS exceptions and stale connections
+- fix: thinking budget validation for gemini models
+- fix: add empty arguments guard in bedrock utils
diff --git a/core/version b/core/version
index bc80560fad..8e03717dca 100644
--- a/core/version
+++ b/core/version
@@ -1 +1 @@
-1.5.0
+1.5.1
\ No newline at end of file
diff --git a/framework/changelog.md b/framework/changelog.md
index e69de29bb2..9925e68f00 100644
--- a/framework/changelog.md
+++ b/framework/changelog.md
@@ -0,0 +1,16 @@
+- feat: add per-user OAuth consent flow with identity selection and MCP authentication
+- feat: add access profiles for fine-grained permission control
+- feat: add user level OAuth for MCP gateway
+- feat: add IsSet method to EnvVar and improve provider auth validation
+- feat: add session log storage and realtime request normalization
+- feat: add support for tracking userId, teamId, customerId, and businessUnitId
+- feat: add prompts plugin with direct key header resolver
+- feat: add Fireworks AI provider support (thanks [@ivanetchart](https://github.com/ivanetchart)!)
+- feat: add sorting and CSV export to virtual keys table
+- feat: allow path whitelisting from security config
+- fix: auto-redact env-backed values in EnvVar JSON serialization
+- fix: MCP tool logs not being captured correctly
+- fix: SQLite migration connections and error handling
+- fix: disable SQLite foreign key checks during migration
+- fix: add retry mechanism to model catalog pricing sync lock
+- fix: increases buffer size for custom plugin installs from URLs
diff --git a/framework/modelcatalog/overrides_test.go b/framework/modelcatalog/overrides_test.go
index 2497310345..8593aad89a 100644
--- a/framework/modelcatalog/overrides_test.go
+++ b/framework/modelcatalog/overrides_test.go
@@ -129,7 +129,7 @@ func TestGetPricing_AppliesOverrideAfterFallbackResolution(t *testing.T) {
assert.Equal(t, 7.0, pricing.InputCostPerToken)
}
-func TestGetPricing_DeploymentLookupUsesRequestedModelForOverrideMatching(t *testing.T) {
+func TestGetPricing_DeploymentLookupUsesResolvedModelForOverrideMatching(t *testing.T) {
mc := newTestCatalog(nil, nil)
mc.logger = noOpLogger{}
mc.pricingData[makeKey("dep-gpt4o", "openai", "chat")] = configstoreTables.TableModelPricing{
@@ -143,16 +143,18 @@ func TestGetPricing_DeploymentLookupUsesRequestedModelForOverrideMatching(t *tes
providerID := "openai"
require.NoError(t, mc.SetPricingOverrides([]configstoreTables.TablePricingOverride{
{
- ID: "requested-model-override",
+ ID: "resolved-model-override",
ScopeKind: string(ScopeKindProvider),
ProviderID: &providerID,
MatchType: string(MatchTypeExact),
- Pattern: "gpt-4o",
+ Pattern: "dep-gpt4o",
RequestTypes: []schemas.RequestType{schemas.ChatCompletionRequest},
PricingPatchJSON: `{"input_cost_per_token":7}`,
},
}))
+ // Override pattern matches the resolved model name ("dep-gpt4o"), not the
+ // originally requested name ("gpt-4o"), because resolved model has priority.
pricing := mc.resolvePricing("openai", "gpt-4o", "dep-gpt4o", schemas.ChatCompletionRequest, PricingLookupScopes{Provider: "openai"})
require.NotNil(t, pricing)
require.NotNil(t, pricing.InputCostPerToken)
diff --git a/framework/modelcatalog/pricing_test.go b/framework/modelcatalog/pricing_test.go
index 4fc185e7b4..8a4c176092 100644
--- a/framework/modelcatalog/pricing_test.go
+++ b/framework/modelcatalog/pricing_test.go
@@ -1230,16 +1230,17 @@ func TestResolvePricing_DeploymentFallback(t *testing.T) {
assert.Equal(t, 0.000005, derefF(p.InputCostPerToken))
}
-func TestResolvePricing_ModelFoundDirectly(t *testing.T) {
+func TestResolvePricing_ResolvedModelHasPriority(t *testing.T) {
mc := testCatalogWithPricing(map[string]configstoreTables.TableModelPricing{
makeKey("gpt-4o", "openai", "chat"): chatPricing(0.000005, 0.000015),
makeKey("my-deployment", "openai", "chat"): chatPricing(0.000001, 0.000002),
})
- // Model found directly — doesn't fall back to deployment
+ // Resolved model ("my-deployment") is looked up first and has priority
+ // over the originally requested model ("gpt-4o").
p := mc.resolvePricing("openai", "gpt-4o", "my-deployment", schemas.ChatCompletionRequest, PricingLookupScopes{})
require.NotNil(t, p)
- assert.Equal(t, 0.000005, derefF(p.InputCostPerToken))
+ assert.Equal(t, 0.000001, derefF(p.InputCostPerToken))
}
func TestResolvePricing_NothingFound(t *testing.T) {
diff --git a/framework/version b/framework/version
index f0bb29e763..6261a05bb0 100644
--- a/framework/version
+++ b/framework/version
@@ -1 +1 @@
-1.3.0
+1.3.1
\ No newline at end of file
diff --git a/plugins/governance/changelog.md b/plugins/governance/changelog.md
index 8a63788ea5..657710e664 100644
--- a/plugins/governance/changelog.md
+++ b/plugins/governance/changelog.md
@@ -1 +1,5 @@
-- fix: preseve routing rule targets for genai and bedrock paths for vk level provider load balancing
\ No newline at end of file
+- feat: add realtime WebSocket, WebRTC, and client secret handlers
+- feat: add access profiles for fine-grained permission control
+- feat: add support for tracking userId, teamId, customerId, and businessUnitId
+- fix: SQLite migration connections and error handling + vk not found message
+- fix: preserve routing rule targets for genai and bedrock paths
diff --git a/plugins/governance/version b/plugins/governance/version
index bc80560fad..8e03717dca 100644
--- a/plugins/governance/version
+++ b/plugins/governance/version
@@ -1 +1 @@
-1.5.0
+1.5.1
\ No newline at end of file
diff --git a/plugins/jsonparser/changelog.md b/plugins/jsonparser/changelog.md
index e69de29bb2..9d094203da 100644
--- a/plugins/jsonparser/changelog.md
+++ b/plugins/jsonparser/changelog.md
@@ -0,0 +1 @@
+- chore: upgraded core to v1.5.1 and framework to v1.3.1
diff --git a/plugins/jsonparser/version b/plugins/jsonparser/version
index bc80560fad..8e03717dca 100644
--- a/plugins/jsonparser/version
+++ b/plugins/jsonparser/version
@@ -1 +1 @@
-1.5.0
+1.5.1
\ No newline at end of file
diff --git a/plugins/litellmcompat/changelog.md b/plugins/litellmcompat/changelog.md
index e69de29bb2..9d094203da 100644
--- a/plugins/litellmcompat/changelog.md
+++ b/plugins/litellmcompat/changelog.md
@@ -0,0 +1 @@
+- chore: upgraded core to v1.5.1 and framework to v1.3.1
diff --git a/plugins/litellmcompat/version b/plugins/litellmcompat/version
index 6e8bf73aa5..6da28dde76 100644
--- a/plugins/litellmcompat/version
+++ b/plugins/litellmcompat/version
@@ -1 +1 @@
-0.1.0
+0.1.1
\ No newline at end of file
diff --git a/plugins/logging/changelog.md b/plugins/logging/changelog.md
index e69de29bb2..c7ab9d714c 100644
--- a/plugins/logging/changelog.md
+++ b/plugins/logging/changelog.md
@@ -0,0 +1,4 @@
+- feat: add realtime turn logging
+- feat: add support for tracking userId, teamId, customerId, and businessUnitId
+- feat: allow path whitelisting from security config
+- fix: MCP tool logs not being captured correctly
diff --git a/plugins/logging/version b/plugins/logging/version
index bc80560fad..8e03717dca 100644
--- a/plugins/logging/version
+++ b/plugins/logging/version
@@ -1 +1 @@
-1.5.0
+1.5.1
\ No newline at end of file
diff --git a/plugins/maxim/changelog.md b/plugins/maxim/changelog.md
index e69de29bb2..d22c95cca2 100644
--- a/plugins/maxim/changelog.md
+++ b/plugins/maxim/changelog.md
@@ -0,0 +1,4 @@
+- feat: add per-user OAuth consent flow with identity selection and MCP authentication
+- feat: add support for image generation requests
+- feat: add realtime turn logging
+- feat: add support for tracking userId, teamId, customerId, and businessUnitId
diff --git a/plugins/maxim/version b/plugins/maxim/version
index dc1e644a10..2eda823ff5 100644
--- a/plugins/maxim/version
+++ b/plugins/maxim/version
@@ -1 +1 @@
-1.6.0
+1.6.1
\ No newline at end of file
diff --git a/plugins/mocker/changelog.md b/plugins/mocker/changelog.md
index e69de29bb2..9d094203da 100644
--- a/plugins/mocker/changelog.md
+++ b/plugins/mocker/changelog.md
@@ -0,0 +1 @@
+- chore: upgraded core to v1.5.1 and framework to v1.3.1
diff --git a/plugins/mocker/version b/plugins/mocker/version
index bc80560fad..8e03717dca 100644
--- a/plugins/mocker/version
+++ b/plugins/mocker/version
@@ -1 +1 @@
-1.5.0
+1.5.1
\ No newline at end of file
diff --git a/plugins/otel/changelog.md b/plugins/otel/changelog.md
index e69de29bb2..9d094203da 100644
--- a/plugins/otel/changelog.md
+++ b/plugins/otel/changelog.md
@@ -0,0 +1 @@
+- chore: upgraded core to v1.5.1 and framework to v1.3.1
diff --git a/plugins/otel/version b/plugins/otel/version
index 26aaba0e86..cb174d58a5 100644
--- a/plugins/otel/version
+++ b/plugins/otel/version
@@ -1 +1 @@
-1.2.0
+1.2.1
\ No newline at end of file
diff --git a/plugins/prompts/changelog.md b/plugins/prompts/changelog.md
new file mode 100644
index 0000000000..f16b46ac0c
--- /dev/null
+++ b/plugins/prompts/changelog.md
@@ -0,0 +1,3 @@
+- feat: add prompts plugin with direct key header resolver
+- feat: add per-user OAuth consent flow with identity selection and MCP authentication
+- feat: add selective message inclusion when committing prompt sessions
diff --git a/plugins/prompts/version b/plugins/prompts/version
index afaf360d37..7f207341d5 100644
--- a/plugins/prompts/version
+++ b/plugins/prompts/version
@@ -1 +1 @@
-1.0.0
\ No newline at end of file
+1.0.1
\ No newline at end of file
diff --git a/plugins/semanticcache/changelog.md b/plugins/semanticcache/changelog.md
index e69de29bb2..9d094203da 100644
--- a/plugins/semanticcache/changelog.md
+++ b/plugins/semanticcache/changelog.md
@@ -0,0 +1 @@
+- chore: upgraded core to v1.5.1 and framework to v1.3.1
diff --git a/plugins/semanticcache/version b/plugins/semanticcache/version
index bc80560fad..8e03717dca 100644
--- a/plugins/semanticcache/version
+++ b/plugins/semanticcache/version
@@ -1 +1 @@
-1.5.0
+1.5.1
\ No newline at end of file
diff --git a/plugins/telemetry/changelog.md b/plugins/telemetry/changelog.md
index e69de29bb2..9d094203da 100644
--- a/plugins/telemetry/changelog.md
+++ b/plugins/telemetry/changelog.md
@@ -0,0 +1 @@
+- chore: upgraded core to v1.5.1 and framework to v1.3.1
diff --git a/plugins/telemetry/version b/plugins/telemetry/version
index bc80560fad..8e03717dca 100644
--- a/plugins/telemetry/version
+++ b/plugins/telemetry/version
@@ -1 +1 @@
-1.5.0
+1.5.1
\ No newline at end of file
diff --git a/transports/changelog.md b/transports/changelog.md
index 832e1150c9..5c565957e1 100644
--- a/transports/changelog.md
+++ b/transports/changelog.md
@@ -1,15 +1,30 @@
-- feat: add support for chaining routing rules
-- feat: add routing tree UI to better visualize routing rules
-- feat: add model alias — keys now support a top-level `aliases` field mapping any model name to a provider-specific identifier (Azure deployment names, Bedrock inference profile ARNs, Vertex endpoints, Replicate model slugs, fine-tuned model IDs, etc.). The original model name is preserved and returned alongside the resolved identifier in every response. Breaking changes: see below.
-- fix: preseve routing rule targets for genai and bedrock paths for vk level provider load balancing
+## ✨ Features
-
-**This release contains 4 breaking changes** related to model aliasing. See the [v1.5.0 Migration Guide](/migration-guides/v1.5.0#breaking-change-9-provider-deployments-removed-migrate-to-aliases) for full before/after examples and migration instructions.
-
+- **Realtime Support** — Add WebSocket, WebRTC, and client secret handlers with session state management and transport context helpers
+- **Fireworks AI Provider** — Add Fireworks AI as a first-class provider with native completions, responses, embeddings, and image generations (thanks [@ivanetchart](https://github.com/ivanetchart)!)
+- **Per-User OAuth Consent** — Add per-user OAuth consent flow with identity selection and MCP authentication
+- **Prompts Plugin** — New prompts plugin with direct key header resolver and selective message inclusion when committing prompt sessions
+- **Access Profiles** — Add access profiles for fine-grained permission control
+- **Bedrock Embeddings & Image Gen** — Add embeddings, image gen, edit and variation support to Bedrock
+- **EnvVar Improvements** — Add IsSet method to EnvVar and auto-redact env-backed values in JSON serialization
+- **Logging Tracking Fields** — Add support for tracking userId, teamId, customerId, and businessUnitId in logging
+- **Virtual Keys Export** — Add sorting and CSV export to virtual keys table
+- **Path Whitelisting** — Allow path whitelisting from security config
+- **Server Bootstrap Timer** — Add server bootstrap timer for startup diagnostics
-| # | Breaking Change | Affected |
-|---|---|---|
-| [9](/migration-guides/v1.5.0#breaking-change-9-provider-deployments-removed-migrate-to-aliases) | `deployments` removed from `azure_key_config`, `vertex_key_config`, `bedrock_key_config`, `replicate_key_config` — use top-level `aliases` | `config.json` |
-| [9](/migration-guides/v1.5.0#breaking-change-9-provider-deployments-removed-migrate-to-aliases) | `replicate_key_config.deployments` replaced by `replicate_key_config.use_deployments_endpoint` (bool) | `config.json` |
-| [10](/migration-guides/v1.5.0#breaking-change-10-go-sdk-extrafields-model-fields-renamed) | `BifrostResponseExtraFields.ModelRequested` → `OriginalModelRequested` + `ResolvedModelUsed` | Go SDK |
-| [11](/migration-guides/v1.5.0#breaking-change-11-go-sdk-streamaccumulatorresult-field-renamed) | `StreamAccumulatorResult.Model` → `RequestedModel` + `ResolvedModel` | Go SDK |
+## 🐞 Fixed
+
+- **Bedrock Tool Choice** — Fix bedrock tool choice conversion to auto
+- **Bedrock Streaming Retries** — Retry retryable AWS exceptions and stale/closed-connection errors in bedrock streaming
+- **Bedrock SigV4 Service** — Correct SigV4 service name for agent runtime rerank
+- **MCP Tool Logs** — Fix MCP tool logs not being captured correctly
+- **Routing Rule Targets** — Preserve routing rule targets for genai and bedrock paths
+- **Provider Budget Duplication** — Fix provider level multiline budget duplication issue
+- **Vertex Endpoint** — Fix vertex endpoint correction
+- **Gemini Thinking Budget** — Fix thinking budget validation for gemini models
+- **SQLite Migrations** — Fix SQLite migration connections, error handling, and disable foreign key checks during migration
+- **Tool Parameter Schemas** — Preserve explicit empty tool parameter schemas for openai passthrough
+- **List Models Output** — Include raw model ID in list-models output alongside aliases
+- **Config Schema** — Fix config schema for bedrock key config
+- **Data Race Fix** — Fix race in data reading from fasthttp request for integrations
+- **Model Listing** — Unify /api/models and /api/models/details listing behavior
diff --git a/transports/version b/transports/version
index bf68dbe537..a03dd36205 100644
--- a/transports/version
+++ b/transports/version
@@ -1 +1 @@
-1.5.0-prerelease1
+1.5.0-prerelease2
\ No newline at end of file
diff --git a/ui/app/_fallbacks/enterprise/components/user-groups/businessUnitsView.tsx b/ui/app/_fallbacks/enterprise/components/user-groups/businessUnitsView.tsx
index 57ad4e35d5..2a74a92e3a 100644
--- a/ui/app/_fallbacks/enterprise/components/user-groups/businessUnitsView.tsx
+++ b/ui/app/_fallbacks/enterprise/components/user-groups/businessUnitsView.tsx
@@ -1,4 +1,4 @@
-import { Users } from "lucide-react";
+import { Building2, Users } from "lucide-react";
import ContactUsView from "../views/contactUsView";
export function BusinessUnitsView() {
@@ -7,8 +7,8 @@ export function BusinessUnitsView() {
}
- title="Unlock advanced governance"
+ icon={}
+ title="Unlock business units & advanced governance"
description="Manage users, business units with our enterprise-grade governance. This feature is part of the Bifrost enterprise license."
readmeLink="https://docs.getbifrost.ai/enterprise/advanced-governance"
/>
diff --git a/ui/components/sidebar.tsx b/ui/components/sidebar.tsx
index 0617662acf..f331a0d740 100644
--- a/ui/components/sidebar.tsx
+++ b/ui/components/sidebar.tsx
@@ -532,10 +532,10 @@ export default function AppSidebar() {
hasAccess: hasMCPGatewayAccess,
},
{
- title: "Virtual MCP Servers",
+ title: "Tool Groups",
url: "/workspace/mcp-tool-groups",
icon: ToolCase,
- description: "Virtual MCP servers",
+ description: "Tool Groups",
hasAccess: hasMCPGatewayAccess,
},
{