v0.0.51

June 19, 2025

Summary

This release brings a few major improvements, with one clear objective: supporting serverless functions in Rust or TypeScript directly within CI workflows using GitHub Actions.

🚀 Satellite

TL;DR: You can now build, publish, and deploy serverless functions through CI. More context and the full story can be found in the announcement blog post.

With this release, it's now possible to:

Build serverless functions written in TypeScript or Rust
Automatically publish them to a Satellite
Either propose or directly apply upgrades

This is powered by a new change-based deployment flow, built by reusing the CDN functionality integrated into the Console last year. (Speaking of which, the Console gets an update too.)

👥 New Role: Submitter

[!IMPORTANT] The notion of "Controllers" has been replaced by the term "Access Keys". Using "Controllers" with the roles "Admin" and "Read+Write" — now called "Administrator" and "Editor" — was confusing, particularly for ICP-savvy developers, as "Controller" has a different meaning on the Internet Computer. This change is visual and in the documentation — i.e. not technical for now.

To support CI/CD workflows without giving away too much power, we've introduced a new role:

Administrator – Full control: can deploy, upgrade, stop, or delete any module.
Editor – Ideal for CI pipelines. Can deploy and publish functions, but can’t upgrade or delete modules.
Submitter 🆕 – The most cautious role. Can propose changes but cannot apply them. A human or script with privileges must still review and approve them.

📦 CDN

To support this new workflow, every Satellite now includes a reserved collection called #_juno/releases. Think of it as a staging area for changes — whether submitted manually or via CI.

When serverless functions or frontend assets are published:

If the access key (previously named "Controller") has permission to apply changes (e.g. Editor or Administrator), the update goes live immediately.
If the key only has Submitter access, the change is pending and not available on the web or through the live end points, waiting for manual approval in the Console or CLI.

[!NOTE] The CDN is accessible on the web, just like your frontend app or Storage. However, all uploaded WASM containers are protected — they're stored using secure tokens, ensuring that only authorized access is allowed.

🛠️ CLI

The CLI has been updated to reflect all of this. Here are the key highlights:

[!TIP] Any CLI command now accept the --mode flag, which is handy if you want to target a specific environment. This means that you can now run the exact same commands against your local setup during development. e.g. juno deploy --mode development

Frontend Deployments

juno deploy – Uses the new change-based flow by default.
juno deploy --no-apply – Propose a deployment without applying it.
juno deploy --immediate – Skip the change flow and deploy directly (legacy-compatible).

🧪 Serverless Functions

There’s a new top-level command: juno functions (alias: juno fn). Commands related to building and upgrading serverless functions have been moved here from juno dev (backwards-compatible via aliases).

juno functions build – Build your Rust or TypeScript serverless functions.
juno functions upgrade – With admin privileges: upgrade a function using the latest build or a WASM available in the CDN.
juno functions publish – Publish your WASM to the CDN. Combine with --no-apply to only submit the change (ideal for CI).

🔄 Changes Flow

To manage proposed changes, use the new juno changes command:

juno changes list – View pending changes.
juno changes apply – Approve and apply a pending change (frontend or functions).

🔔 Monitoring

If your modules are observed by Mission Control for automatic top-ups, failures might occur (e.g., not enough ICP or cycles available). To help surface those issues:

You'll now receive an email notification when a top-up fails.
To avoid noise, you'll receive at most one notification per module per day.

🖥️ Console UI

This release also includes a number of improvements to the Juno Console. Here’s what’s new:

📦 Upgrade Dock

The new Upgrade Dock shows all upgrades proposed by Juno in one place, so you no longer have to check each module individually to find what needs updating.

upgrade-dock

📝 Changes

There's now a new Changes tab showing your own proposed updates:

Frontend deployments
WASM container upgrades for your serverless functions

When applying a function change, the Console will walk you through a chained wizard allowing you to apply the change and upgrade the function in a single flow.

changes

🔄 CDN in Functions

In the Functions view, a new CDN tab lets you:

View version history
Switch or roll back to a different version

[!NOTE] downgrading to older versions of the Satellite is intentionally blocked to prevent compatibility issues as we always move forward.

cdn

🗃️ System Collections in Storage

The Storage view now lets you show system collections, such as:

Your deployed frontend (collection #dapp)
The new #_juno/releases collection

This is useful for cleanup tasks — you can inspect and manually delete files that are no longer needed.

system-collections

Overview

Module	Version	Breaking changes
Console	v0.1.0	⚠️ ️
Mission Control	v0.1.0	️
Observatory	v0.1.0	️
Orbiter	v0.2.2	️
Satellite	v0.1.0	⚠️ ️
Sputnik	v0.1.1	️

Crates	Version	Breaking changes
`junobuild-cdn`	v0.2.0	🆕
`junobuild-collections`	v0.2.0	⚠️️
`junobuild-satellite`	v0.2.0	⚠️
`junobuild-shared`	v0.2.0
`junobuild-storage`	v0.2.0	️

Library	Version	Breaking changes
`@junobuild/admin`	v0.5.0	⚠️
`@junobuild/analytics`	v0.2.2
`@junobuild/cdn`	v0.1.1	🆕
`@junobuild/cli-tools`	v0.2.1	⚠️
`@junobuild/console`	-	❌ Deprecated by `cdn` lib.️
`@junobuild/core`	v0.1.15
`@junobuild/core-standalone`	v0.1.15
`@junobuild/errors`	v0.1.0
`@junobuild/functions`	v0.1.1
`@junobuild/storage`	v0.2.0	⚠️

CLI	Version	Breaking changes
`@junobuild/cli`	v0.5.1	⚠️

Docker	Version	Breaking changes
`@junobuild/skylab`	v0.1.1
`@junobuild/satellite`	v0.1.1
`@junobuild/console`	v0.1.1

GitHub Action	Version	Breaking changes
`junobuild/juno-action`	v0.3.5	🆕

Changes

Here is a list of changes included in this release:

Console (Backend)

The Console backend has been improved as follows:

Breaking Changes ⚠️

Freed stable memory used for proposals to accommodate breaking changes introduced in the new CDN types.
Renamed endpoints related to proposals and asset uploads to align with similar patterns used in the Satellite module.
Added validation for the description field when uploading new asset segments.
Deprecated the version endpoint (now replaced by metadata embedded in the WASM custom section).

Features

Added support to reject, list, and count proposals.
Included the "Submit" role in the related Controller enum for access control.
Introduced a new endpoint to list controllers (helpful for testing).
Added descriptive labels for common error types.
Integrated shared utility build_regex.
Updated get_config to be a query call for better performance.

Refactoring

Extracted and modularized CDN capabilities into a new crate: junobuild-cdn.
Split and reorganized API lifecycles and endpoints into dedicated modules.

Console (Frontend)

The Console UI/UX has been improved as follows:

Features

New Upgrade Dock routes to discover all upgrades provided by Juno in a single view.
New Changes view to list and apply changes submitted by the developers.
New CDN view under Functions to allow developer to switch and rollback serverless functions.
"Controllers" visually renamed to "Access Keys".
"Read+Write" scope renamed to "Editor" role.
Add support for access key role "Submitter".
"Controllers" as collection permission renamed to "Restricted".
Support for listing, applying or rejecting changes.
Chain applying changes with upgrading modules in the related wizard.
Navigation improved by always displaying the "Satellite" in the menu and providing a fallback link if none is selected.
Unify loaders and fetch versions of the modules on each routes.
Add an option to filters users by key in the Authentication view.
Add an option to display system collection in the storage. Useful for accessing the frontend assets or the CDN assets.
Update list of subnets.
Display "Default URL" instead of satellite ID in overview.
Inline overview columns.

Styles

Setup a global transition effect between pages.

Fix

Max action for cycles in top-up was not amending for the appropriate fees.

Refactoring

Various refactoring to accommodate the new features.
Few Svelte v5 migration leftovers.
Review common code related to handling versions and initiating upgrades.

Build

Update dependencies.
Bump and resolve eslint warnings and errors.

Satellite

The Satellite has been updated as follows:

Breaking Changes ⚠️

Added a new parameter to list_rules to optionally include system collections in the results.
Deprecated the version endpoint (now replaced by metadata embedded in the WASM custom section).

Features

Added CDN support and related new endpoints.
Enabled skipping storage hooks for internal system collections.
Introduced the new #_juno/releases collection as a staging area for proposed changes.
Introduced the Submit access key role and allowed it to write to specific system collections like #_juno/releases and #dapp.
Allowed the Submit role to list assets and read memory size, enabling asset proposal workflows.
Improved error reporting with new constants and labels.
Added validation to ensure asset paths and keys conform to the CDN proposal system.
Prevented overwriting headers and enforced precedence when using token-based access.
Blocked indexing and caching by crawlers for token-protected resources.

Refactoring

Modularized API endpoints and lifecycle logic for better maintainability.
Renamed guards and assertions related to access control for clarity.
Moved CDN and storage logic into a unified internal package.
Centralized and cleaned up asset key assertion logic.
Renamed shared initial controller setup functions to clarify admin behavior.

Mission Control

Mission Control has been updated as follows:

Breaking Changes ⚠️

Deprecated the version endpoint (now replaced by metadata embedded in the WASM custom section).

Features

Added support for sending at most one notification per day (if enabled) to developers when top-up monitoring fails.
Included the Submit role in the related Controller enum for improved access control.

Refactoring

Split and reorganized API lifecycles and endpoints into dedicated modules for better maintainability.

Orbiter

The Orbiter has been updated as follows:

Features

Included the Submit role in the related Controller enum to support the updated access control model.

Refactors

Reviewed and updated permission guard naming for clarity and consistency.

Observatory

The Observatory has been updated as follows:

Features

Added support for sending email notifications on funding errors (including a new email template).
Included the Submit role in the related Controller enum to support the updated access control model.

Refactors

Reviewed and updated permission guard naming for clarity and consistency.
Split and reorganized API lifecycles and endpoints into dedicated modules.

Sputnik

The Sputnik has been updated as follows:

Features

Inherited the latest Satellite crate features, including CDN support.
Updated the LLRT polyfill for blob sources.
Included the Submit role in the related Controller enum to support the updated access control model.