Change8

v3.13.0

Breaking Changes
📦 mlflowView on GitHub →
5 breaking23 features🐛 17 fixes🔧 8 symbols

Summary

MLflow 3.13.0 introduces a major overhaul with a full Role-Based Access Control (RBAC) system and Admin UI, alongside new features for trace archival and enhanced AI Gateway/Assistant support. This release contains breaking changes related to the permission APIs and the removal of MLServer as a serving backend.

⚠️ Breaking Changes

  • The permission system was overhauled into a unified Role-Based Access Control (RBAC) model. Legacy per-resource permission tables, REST endpoints, and client methods are removed. Code relying on old per-resource permission APIs must migrate to the new role-based APIs. The `default_permission` now acts as a floor instead of an override, and a workspace `USE` grant is sufficient to create experiments and registered models.
  • MLServer is no longer available as a pyfunc serving backend. The deprecated `enable_mlserver` option is removed; `mlflow models serve` now exclusively uses the built-in scoring server.
  • `mlflow autolog claude` no longer installs the old Python autolog hook. Claude Code tracing is now provided by an official plugin that must be installed separately.
  • The default optimizer used by `judge.align()` is now MemAlign, which may cause existing alignment workflows to produce different judges unless an optimizer is explicitly passed.
  • Pointing the tracking or model registry store at a local file-system path raises an error by default. Set `MLFLOW_ALLOW_FILE_STORE=true` environment variable to retain file-based store usage.

Migration Steps

  1. Migrate code that relied on the old per-resource permission APIs to use the new role-based APIs.
  2. If using file-system paths for tracking or model registry stores, set the environment variable `MLFLOW_ALLOW_FILE_STORE=true` to maintain this behavior.
  3. If using `mlflow autolog claude`, ensure the official Claude plugin is installed separately to receive tracing.

✨ New Features

  • Full Role-Based Access Control (RBAC) system with reusable roles and workspace-scoped grants, managed via a new web Admin UI for self-hosted MLflow.
  • Trace Retention & Auto Archival feature to automatically move aged trace span data from the SQL backend to object storage while keeping traces readable.
  • One-click observability & governance setup for coding agents (Claude Code, OpenAI Codex, Gemini CLI) via the AI Gateway.
  • New engines for MLflow Assistant, supporting local Ollama models, OpenAI Codex CLI, or any MLflow AI Gateway endpoint.
  • Official, production-ready Helm chart for deploying the MLflow tracking server to Kubernetes clusters.
  • Support for routing the Hermes Agent runtime through the AI Gateway, capturing end-to-end traces via OpenTelemetry.
  • Span log levels (Python-`logging`-style severity) added to traces, with a 'Minimum log level' filter in the trace UI.
  • Support for AI Gateway as a backend for MLflow Assistant.
  • Unified per-user permission APIs: `grant`, `revoke`, `get`, `list` under `/mlflow/users/permissions/*`.
  • Addition of `mlflow.genai.test_agent` for automated agent stress-testing.
  • Raw proxy endpoint added to AI Gateway: `/gateway/proxy/{endpoint_name}/{path}`.
  • Addition of Ollama as an assistant provider.
  • Reader/writer instance routing added for database replicas in Model Registry/Tracking.
  • Workspace trace archival configuration plumbing added.
  • Promoted `prompt` to a first-class RBAC `resource_type`.
  • Forward Usage tab MetricsFilter metric filters to chart View traces links by translating to Traces page URL DSL.
  • Addition of `Link` entity and `LiveSpan.add_link()` for OpenTelemetry Span Links.
  • Support for Google ADK and third-party scorers in Evaluation.
  • Trace `Runner.run_streamed()` in OpenAI Agents SDK autolog.
  • SageMaker build network option support.
  • Backend authentication endpoints added for Admin UI.
  • Support for multiple assessments per trace in MemAlign optimizer.
  • Inclusion of `workspace` in webhook delivery envelopes when workspaces are enabled.

🐛 Bug Fixes

  • Warning added on submit if a direct-grant draft is unsaved in the UI.
  • Cleared archive-now requests for non-archivable leftovers.
  • Forwarded MLflow client telemetry from inside Databricks workloads.
  • Dropped vestigial `directPermissions` parallel pass and hid synthetic `__user_<id>__` roles on Account/UserDetail.
  • Tightened response format JSON schema type for Gateway.
  • Fixed return value of `<console>` for `mlflow.source.name` when `sys.argv[0]` is empty.
  • Fixed UnicodeEncodeError on artifact download when the filename contains non-ASCII characters.
  • Preserved pdfjs-dist bundles in webpack build (`craco.config.js`).
  • Improved misleading DB SDK authentication error message.
  • Made `mlflow.get_trace` V4 retry policy configurable.
  • Released `_post_import_hooks_lock` before firing hooks.
  • Extended `prompt` resource_type to after-request handlers in RBAC.
  • Surfaced mlflow version mismatch error when deserializing scorers.
  • Shipped compiled `dist/` in @mlflow/mlflow-openclaw package to enable `openclaw plugins install`.
  • Fixed ended `LiveSpan` state mutation.
  • Fixed Databricks unified auth support when `MLFLOW_ENABLE_DB_SDK=true`.
  • Seeded default RBAC roles and granted creator on workspace creation.

Affected Symbols

mlflow.models.servemlflow autolog claudejudge.align()mlflow.get_traceRunner.run_streamed()mlflow.source.nameLiveSpan.add_link()prompt