AxonFlow v9.6.1 Release Notes
v9.6.1 is a patch release on top of v9.6.0. It fixes a bug in the audit-search API where a session_id filter was silently ignored, so drilling from a session-summary bucket into that session's individual records returned the wrong rows. There are no new capabilities and no configuration changes, so it is a drop-in upgrade from v9.6.0.
Fixed
session_id filter on the audit-search API is now applied
The session-summary API returns per-session aggregates, and the intended way to see a bucket's individual records is to drill into that session through the audit-search API with a session_id filter. On v9.6.0 that filter was silently dropped: the search handler accepted the request and returned 200, but ignored session_id and returned the tenant's records across all sessions in the time range rather than the one requested.
v9.6.1 wires the filter through, so a search by session_id returns exactly that session's records. It is applied as a parameterized, tenant-scoped condition on the same audit store, so it can only ever narrow results within your own tenant.
Tenant isolation was never affected. The bug was confined to the session_id sub-filter; the tenant scope that every audit query enforces was always applied, so a drill-down never returned another tenant's data. The impact was limited to a single tenant's own records being under-filtered.
Who is affected: anyone on v9.6.0 using the audit-search API — or the session-summary drill-down that depends on it — with a session_id filter. Aggregates from the session-summary endpoint itself were correct on v9.6.0 and are unchanged.
Upgrading
v9.6.1 is a drop-in upgrade from v9.6.0. There are no migrations and no configuration changes.
# Community
docker compose pull && docker compose up -d
# Enterprise
docker compose -f docker-compose.yml -f docker-compose.enterprise.yml pull
docker compose -f docker-compose.yml -f docker-compose.enterprise.yml up -d
In-VPC Enterprise (AWS CFN)
Redeploy with the v9.6.1 images. No migration runs on startup.
