We're pleased to announce the release of Fess 15.5.1.

This release focuses on significant improvements to the AI Search Mode, introducing an abstracted LLM client layer, expanded model support, and enhanced configurability for both OpenAI and Gemini providers.

🔧 Improvements

AI Search Mode

• Introduced an abstracted LLM client layer with configurable system/user prompts, locale-aware responses, and unified context handling across providers
• Added per-provider configurable max tokens setting and support for OpenAI reasoning models (o-series)
• Added Gemini thinking budget support and updated the streaming response parser for compatibility with Gemini 3
• Fixed token parameter handling to use max_completion_tokens for newer OpenAI models, ensuring correct behavior with the latest API specifications

We recommend upgrading to Fess 15.5.1 to take advantage of the improved AI Search Mode with broader model support and enhanced configurability.

📜 Documentation
📦 Docker Image: GitHub Packages - codelibs/fess
💬 Community Forum: discuss.codelibs.org

Thank you for using Fess!

We're pleased to announce the release of Fess 15.5.0.

This release introduces an experimental AI Search Mode with OpenAI and Gemini support, a new Index Export Job for generating HTML files from search documents, CPU load-based request throttling, and a comprehensive set of security hardening improvements.

🚀 Highlights

• AI Search Mode (Experimental)
  New AI-powered search mode that combines large language models with Fess search. Users can interact with indexed content through a conversational interface, getting intelligent answers grounded in your search index. Supports both OpenAI and Google Gemini as LLM providers. This feature is experimental and disabled by default.

• Index Export Job
  New job to export search documents as HTML files, with a strategy pattern architecture supporting extensible export formats.

• CPU Load-based Request Control
  Automatic request throttling based on server CPU load, returning HTTP 429 responses when the system is under heavy load to protect availability.

🔧 Improvements

• AI Search Mode

  • Replaced keyword-based search with Lucene query generation for more accurate results
  • Improved UI with Atlassian Design System patterns
  • Added search progress messages for better user feedback
  • Added periodic availability checking for LLM clients
  • Migrated LLM HTTP client from OkHttp to Apache HttpClient 5 for improved reliability

• Security Enhancements

  • Added password policy validation for user creation and password changes
  • Prevented path traversal vulnerabilities in admin log download, design file upload, and JSP editing
  • Prevented LDAP injection in principal and filter construction
  • Enabled Kryo registration requirement to prevent remote code execution
  • Upgraded SAML default signature algorithm from SHA-1 to SHA-256
  • Used atomic file operations to prevent TOCTOU race conditions
  • Cleared plaintext passwords from memory after use
  • Added deprecation warnings for weak cryptographic algorithms
  • Masked sensitive values in environment variables and system properties logging
  • Reduced sensitive information in SAML logout warning logs
  • Added script execution audit logging

• Crawling & Indexing

  • Added configurable MIME type extension overrides
  • Deduplicated anchor URLs in crawler transformer
  • Fixed MIME type regex pattern escaping for special characters
  • Applied configured default exclude patterns in web crawler wizard

• Administration & Configuration

  • Improved admin error messages with contextual details
  • Migrated web authentication to WebAuthenticationConfig API
  • Expanded file path validation to support multiple allowed directories
  • Unified "algorism" terminology to "algorithm" across the codebase

🐛 Bug Fixes

• Fixed file path validation in admin to support multiple allowed directories

We recommend upgrading to Fess 15.5.0 to take advantage of enhanced security, improved system reliability, and the new experimental AI Search Mode.

📜 Documentation
📦 Docker Image: GitHub Packages - codelibs/fess
💬 Community Forum: discuss.codelibs.org

Thank you for using Fess!

We're pleased to announce the release of Fess 15.4.0.

This release brings support for OpenSearch 3.4, major new features for cloud storage integration, enhanced security, and numerous improvements across the platform.

🚀 Highlights

• OpenSearch 3.4 Support
  Fess is now compatible with OpenSearch 3.4, enabling use of the latest OpenSearch features and performance improvements.

• Cloud Storage Crawling (S3 & GCS)
  Added S3 and GCS protocol support for file crawling, allowing you to index documents directly from Amazon S3 and Google Cloud Storage buckets.

• Storage Abstraction Layer
  New storage abstraction layer with S3 and GCS support, providing flexible storage options for thumbnails and other generated files.

• API Rate Limiting
  Added configurable rate limiting for API requests to protect your Fess instance from excessive load.

• New Language Support
  Added support for Hindi, Indonesian, and Turkish languages.

🔧 Improvements

• Security Enhancements

  • Prevented ReDoS vulnerabilities and improved cookie security
  • Enhanced SSO implementations with security improvements
  • Improved Action classes with security enhancements

• SSO & Authentication

  • Renamed Azure AD to Microsoft Entra ID
  • Added configurable base URL for SSO authenticators
  • Added lazy loading for parent group lookup in EntraIdAuthenticator
  • Improved LDAP authentication error handling and resource management

• Thumbnail Generation

  • Improved thumbnail generation with ImageMagick v7 support and SVG handling

• Network

  • Added IPv6 address support for URL construction
  • Added proxy configuration support to startup scripts

• Code Quality

  • Improved thread safety in ProcessHelper and rank fusion implementation
  • Enhanced data store handling with thread safety and resource management
  • Improved exception handling and Throwable support
  • Modernized JavaScript implementations with ES5 compatibility
  • Added multilingual support to online help

• Developer Experience

  • Improved log message format and added logging guidelines
  • Added integration tests for Search API endpoints

We recommend upgrading to Fess 15.4.0 to take advantage of the latest OpenSearch support, cloud storage integration, and enhanced security features.

📜 Documentation
📦 Docker Image: GitHub Packages - codelibs/fess
💬 Community Forum: discuss.codelibs.org

Thank you for using Fess!

We’re releasing Fess 15.3.2, a minor update that resolves an HTML parsing issue caused by a library bug.

🛠 Fixes

• HTML Parsing Fix
  Fixed an issue where certain HTML documents could not be parsed correctly during crawling.
  This was addressed by updating and patching the nekohtml library to restore expected behavior.

We recommend updating to Fess 15.3.2 if you encountered issues with HTML parsing during crawl operations.

📜 Documentation
📦 Docker Image: GitHub Packages - codelibs/fess
💬 Community Forum: discuss.codelibs.org

Thank you for using Fess!

We’re releasing Fess 15.3.1, a patch update that includes a critical fix for differential crawling and updates to the latest OpenSearch dependencies.

🛠 Fixes and Improvements

• Fixed Differential Crawling Issue
  Renamed internal configuration files from "Elasticsearch" to "OpenSearch" to resolve an issue where differential crawling was not working as expected.
  (#2927)

• Updated OpenSearch Dependencies
  Updated OpenSearch and related plugins to their latest versions to ensure compatibility and improved performance.
  (#2928)

We recommend all users upgrade to Fess 15.3.1, especially if you rely on differential crawling or are using the latest version of OpenSearch.

📜 Documentation
📦 Docker Image: GitHub Packages - codelibs/fess
💬 Community Forum: discuss.codelibs.org

Thank you for using Fess!

We’re pleased to announce the release of Fess 15.3.0.

This release adds support for OpenSearch 3.3 and updates several core dependencies to improve compatibility with modern environments.

🚀 Highlights

• OpenSearch 3.3 Support
  Fess is now compatible with OpenSearch 3.3, enabling use of the latest OpenSearch features and performance improvements.

• Dependency Updates

  • Updated jcifs to a newer version for better SMB/CIFS protocol support in modern Java environments
  • Updated nekohtml and related libraries to improve HTML parsing stability and compatibility

These updates enhance system stability, security, and compatibility across different platforms and runtime environments.

We recommend upgrading to Fess 15.3.0 to take advantage of the latest OpenSearch support and improved dependency compatibility.

📜 Documentation
📦 Docker Image: GitHub Packages - codelibs/fess
💬 Community Forum: discuss.codelibs.org

Thank you for using Fess!

We’re pleased to announce the release of Fess 15.2.0.

This version adds compatibility with OpenSearch 3.2 and includes an update to the Azure AD authentication integration.

🚀 Highlights

• OpenSearch 3.2 Support
  Fess is now compatible with OpenSearch 3.2, ensuring smooth integration with the latest OpenSearch features and enhancements.

• Azure AD Authentication Update
  Migrated from the deprecated ADAL4J to MSAL4J for Azure Active Directory authentication.
  This update improves security, maintainability, and ensures continued support with Microsoft's modern authentication standards.

We recommend upgrading to Fess 15.2.0 if you're using Azure AD integration or planning to adopt OpenSearch 3.2.

📜 Documentation
📦 Docker Image: GitHub Packages - codelibs/fess
💬 Community Forum: discuss.codelibs.org

Thank you for using Fess!

We’re pleased to announce the release of Fess 15.1.0. This version adds support for OpenSearch 3.1 and includes several improvements in SSO handling, thumbnail processing, and crawling control.

🚀 Highlights

• OpenSearch 3.1 Support
  Fess is now compatible with OpenSearch 3.1, ensuring seamless integration with the latest APIs.
  (#2893)

🔧 Notable Improvements

• SSO Enhancements

  • Preserved and restored search parameters via cookies during SSO flow. (#2895)
  • Encoded search parameters in SSO redirect URLs. (#2900)
  • Refactored redirect logic in SsoAction and improved debug logging. (#2896)
  • Added null checks for IdP Single Logout Service URL. (#2909)

• Thumbnail Generation

  • Improved error handling and logging during thumbnail generation. (#2899, #2908)

• Crawling Control

  • Added support for excluding URLs from crawling using regular expressions. (#2906)
  • Updated URL exclusion logic to use full-pattern matching. (#2907)

• UI and Localization

  • Clarified label translations and added new localization files. (#2897)
  • Refined UI labels for improved consistency and clarity. (#2892)

We recommend upgrading to Fess 15.1.0 to benefit from the improved integration with OpenSearch 3.1 and the latest enhancements in crawling and authentication.

Thank you for using Fess!

Fess 15.0.0

We’re excited to announce the release of Fess 15.0.0, a major update that introduces support for OpenSearch 3.0 and brings numerous improvements across the system—from build optimization to UI enhancements and better cloud integration.

Highlights

• OpenSearch 3.0 Support
  Fess is now fully compatible with OpenSearch 3.0. This includes updated plugin support (opensearch-analysis-fess), API migrations, and refactored internal packages to reflect the OpenSearch transition.

• UI and UX Enhancements

  • Upgraded to Bootstrap 5.3, jQuery 3.7.1, and AdminLTE 3.2
  • Improved accessibility (ARIA references, labels, lang attribute on <html>)
  • Cleaner print view for search results
  • Updated index settings display for AWS/cloud compatibility

• Improved Configuration and Codebase

  • Added comments to fess_config.properties to improve readability
  • Removed deprecated code and obsolete admin upgrade paths
  • Refactored admin API HTTP methods to follow RESTful conventions
  • Cleaned up Maven warnings and suppressed unnecessary log output

• Crawler and Logging Improvements

  • Optimized search log queue and batch processing
  • Introduced URL crawl order configuration
  • Enhanced HTML link extraction with tag-based rules
  • Kryo serialization support for crawler temp data
  • Added logging improvements including exception detail inclusion

• Security and Integration

  • Introduced configurable response headers with HttpHeaderSecurityFilter
  • Added support for sAMAccountName in LDAP role mapping
  • Hardened request handling and improved serialization via DataSerializer

• Build & Test Environment Updates

  • Now builds against Java 21 and Tomcat 10.1
  • Updated GitHub Actions and test environments (e.g., macOS 14)

We recommend reviewing your current configuration and upgrading to Fess 15.0.0 to take full advantage of the OpenSearch 3.x series and modern Java ecosystem.

• Documentation
• Docker Image
• Forum
• Issue Tracker

Thank you for using Fess!

Fess 14.19.2

We’re releasing Fess 14.19.2, a minor update that includes security enhancements and improvements to file crawling behavior and cookie handling.

🔒 Security Fixes

• CVE-2025-48382: Fixed insecure temporary file permissions used during processing.
  This update improves file system security when handling temporary data on all platforms.

🔧 Improvements

• Controlled Recursion for File List Crawling
  Added depth control for recursive file list crawling to improve resource usage and prevent unexpected deep traversal.
  (#2878)

• Secure Cookie Refactoring
  Refactored cookie security logic by introducing isSecureCookie() for consistent handling of secure attributes.
  (#2880)

We recommend all users update to this version, especially those using file crawling features or deploying Fess in shared environments.

For more details, please visit the documentation or join the discussion on the community forum.

Thank you for using Fess!