Connect Claude Code, Codex & Cursor to your Postgres statistics: pganalyze MCP Server is now in Public Preview
Logo

2026.05.0 Release

Docker tag: quay.io/pganalyze/enterprise:v2026.05.0

Notes

  • This release requires a database migration when coming from older releases, be sure to follow the recommended upgrade steps
  • Important: If you are currently running v2023.08.0 or older, please reach out to us to walk you through the upgrade process.
  • If you're running the pganalyze-collector separately, it's required to use at least version 0.60.0 (released October 2024) to ensure logs are uploaded in the correct format.
  • The Enterprise Server container image is now published as a multi-architecture container image for both x86-64 and ARM64

Features

  • pganalyze MCP Server (Preview)
    • The new MCP Server is now available, allowing you to easily query pganalyze data from AI tools of choice, such as Claude Code. It is enabled by default, but can be disabled per organization by going to "Settings", "API Access".
    • Learn more details in the announcement and documentation.
    • Note the MCP Server usage is not rate limited for Enterprise Server installs.
  • Server Groups for Postgres clusters and Cluster-Wide Query Performance
    • pganalyze now automatically detects server groups based on the Postgres cluster relationship, or when manually setting them in the collector. Server Groups are shown as their own distinct resource in the navigation's server dropdown, Dashboard, Query Performance, and Settings pages. Learn more in the blog post.
  • Query Advisor: Introduce insight to show queries spilling to disk due to low work_mem
    • Detects Sort and Hash nodes that fall back to using temporary files because work_mem was too small. The legacy "Sort Spills to Disk" and "Too Many Hash Batches" annotations on EXPLAIN plans are now hidden for Query Advisor users to avoid duplication.
  • System statistics: Support 100 day retention
  • Update combined collector from v0.69.0 to v0.70.2
  • Connections: Improve how Connection Traces listing responds to date range selection
    • Previously, the selected focus timestamp (the highlighted timestamp within the current date range) had inconsistent behavior when the date range is updated, or the focus timestamp itself is updated by clicking on the Wait Events or Connection States graphs.
    • This standardizes its behavior: when a labeled date range is selected (e.g., Last 24h), the selected focus timestamp for the Connection Traces listing is cleared. When an unlabeled date range is selected (whether from the date picker or by dragging on the graph), if the focus timestamp falls within the new range, it remains unchanged. If it does not, it is reset to the value of the end of the range
  • Collector Settings: Add collector settings page, with error and connection history
    • The collector settings previously lived on the server settings page. Now on their own page, we also show a history of collector or data processing errors, as well as a connection history to make it easier to see if there are issues with your collector.
  • Database Dashboard: Show check-up status of all available checks
    • The check-up widget on the database dashboard now covers all check types. Previously, only some checks were shown. Each check group now also displays the number of active issues.
  • Show Enterprise Server version in sidebar
    • This links to the Enterprise Server changelog that shows the latest available version and the updates in each release.
  • Automated EXPLAIN: Improve plan parsing when auto_explain.log_format=text
    • This adds support for JIT output changes in newer Postgres versions and fixes worker detail parsing when auto_explain.log_timing is disabled.
  • Query Advisor: Improve rewriting for more complex expressions/queries
  • pganalyze Workbooks: Show full list at organization, server group, server or database scope
    • Workbooks are now reachable from the side navigation at every scope, with a New Workbook button that prompts for a server and database when needed.

Bugfixes and other improvements

  • Stop processing/storing logs via S3-compatible storage
    • Since collector release 0.60.0 all log upload happens directly through the snapshot API. Uploading logs from older collector versions is now no longer supported.
  • Query Details: Interpolate I/O and CPU time breakdown in time series if there are no calls for the given time slice
    • Since when there are no calls to a query, these values cannot be calculated, this was previously displayed in the same way as missing data, which could be confusing. Now we interpolate based on query stats before and after these periods of inactivity.
  • Indexing Engine: Handle schema names that include single quotes
  • Query details: Fix bug causing crash in CPU/IO graph due to track_io_timing=off
  • JWT tokens: Set "aud" audience field to a non-null value
  • Checks & Alerts: Do not alert about AlloyDB replicas with fsync=off
    • Also downgrade the alert to a warning if running on a non-AlloyDB replica: this is still worth addressing (since an untimely crash could lead to having to rebuild the replica), but it's unlikely to be a critical issue.
  • Query Performance: Change statement type filter to exclude DML when only SELECT is checked
    • Previously, any queries that included a SELECT component (like "INSERT ... SELECT" or even "INSERT ... VALUES") were returned. Limiting to SELECT-only is more in line with what users expect from a filter like this.
  • Persist table sort order in query string
    • This allows users to navigate back to a page of sorted results (e.g., in the Query Performance list) and maintain the sort order.
  • Restore right-aligned column headers in some tables
    • The right-alignment was accidentally dropped recently.
  • Expire organization invitations after seven days
    • Invitations now expire after seven days. Invitations can be resent (before or after they expire) which resets the expiration timer.
  • Index Advisor: Fix multiple issues where query analysis fails with "internal error"
  • VACUUM Advisor: Fix missing bloat data / incorrect last autovacuum date in per-table bloat table
  • EXPLAIN: Fix occasional errors in comparison when "Select plans" is clicked
    • Currently, clicking "Select plans" on a plan comparison page can lead to an error when the already-selected plans have aged out of the selected date range. This change fixes that error and omits pre-selecting the existing plans in the list in that case (selection can be canceled to return to the previously-selected plans).
  • Navigation: Show the primary/replica role badge directly next to the server name for consistency
  • Query Tags: Improve parsing and skip invalid tags
    • Tags using = as the key-value delimiter while also using : in the tag value are now properly parsed. For example /* requestId=service:job:task */ is now parsed as a requestId tag with the value service:job:task. Previously it would be parsed as a requestId=service tag with the value job:task. Additionally, tags now have stricter requirements.
    • Tags whose key or value are empty are now skipped. Tag keys must only contain alphanumeric characters, periods, underscores, and dashes, matching the regular expression [a-zA-Z0-9._-].
  • EXPLAIN: Standardize metric selection between grid view and plan comparison
  • Plan Statistics: Avoid overhead of updating internal table too frequently when pg_stat_plans is used
  • Accessibility: Improve color-contrast of grey text
  • Query Performance: Track nested query stats using toplevel field
    • In this release this is mainly an internal storage change that will be improved upon in future releases.

Security

  • Routine security updates to packages in the base image and library dependencies
  • Updates dependencies for security issues that might have been flagged by scanners, but are not exploitable in our assessment
    • Javascript libraries: CVE-2026-45736, CVE-2026-45149, CVE-2026-6321, CVE-2026-6322, CVE-2026-41238, CVE-2026-41239, CVE-2026-41240, GHSA-39q2-94rc-95cp, CVE-2026-41305, CVE-2026-39363, CVE-2026-39364, CVE-2026-4800, GHSA-36jr-mh4h-2g58, CVE-2020-7788, CVE-2025-64756, CVE-2021-29060, CVE-2026-29063, CVE-2026-33671, GHSA-h8r8-wccr-v5f2, CVE-2025-69873, CVE-2026-33532, CVE-2026-24001, CVE-2026-33311, CVE-2026-33228, CVE-2026-29036, CVE-2026-33671, CVE-2026-27903
    • Ruby gems: CVE-2026-45363, CVE-2025-67202, CVE-2026-42246, CVE-2026-42256, CVE-2026-42257, CVE-2026-42258, CVE-2026-42245, CVE-2026-40295, CVE-2026-44312, GHSA-3h96-34p3-xm76, GHSA-c4rq-3m3g-8wgx, GHSA-v2fc-qm4h-8hqv, CVE-2026-35611, CVE-2026-41676, CVE-2026-41677, CVE-2026-41678, CVE-2026-41681, GHSA-hppc-g8h3-xhp3, CVE-2026-39324, CVE-2026-33946, CVE-2026-33306, CVE-2026-33210, CVE-2026-32700

GraphQL API changes

  • Remove getQueryTagSummaryForQuery resolver
    • Query tag summary is now available as a field on QueryType, so you can fetch it via getQueryDetails instead
  • Add getBatchIndexRecommendations resolver for batch index recommendations
Couldn't find what you were looking for or want to talk about something specific?
Start a conversation with us →