LoginSign Up
← Back to all sparks
Rocket.Chat logo

Rocket.Chat

COMMS
Velocity5.0

Open-source team communication platform

rocket.chat

Rocket.Chat pours its energy into enterprise access governance while grinding through 8.5 release candidates.

enterprise-securityabacaccess-controlpresence-enginerelease-candidatesopen-source
Current state
Rocket.Chat is stabilizing its 8.5 line through a long run of release candidates, most of which only bump the underlying Meteor monorepo with no user-visible change. The substantive work sits in the 8.6.0-rc.0 and 8.5.0-rc.0 baselines: attribute-based access control (ABAC), phishing-resistant MFA, hardened OAuth, and a re-architected presence engine. The team's attention is clearly on enterprise security and governance rather than end-user chat features.
Where it's heading
The direction is enterprise hardening. ABAC now reads attributes from an external store (Virtru) alongside the internal one, OAuth login is being made phishing-resistant, and presence is moving to a unified, priority-based claim system. The high release-candidate count points to a deliberate, stability-first cadence rather than feature rushes.
Prediction
8.6.0 will likely ship as a stable release consolidating the presence engine and external ABAC store, with further ABAC administration controls and additional attribute-store backends as the probable next steps.

Recent moves

  1. 6d ago

    8.6.0-rc.0: unified presence engine and external ABAC store

    The first 8.6 release candidate lays the backend foundation for a unified, priority-based presence engine and lets ABAC decisions read attributes from Virtru as an external store. Both extend the enterprise-governance arc rather than touching the chat surface, with a confirmation modal added when switching attribute stores.

    View source ↗
  2. 17d ago

    8.5.0-rc.6: Meteor dependency bump

    A patch release candidate that only bumps the Meteor monorepo version and dependent typings packages. No user-visible change; part of the 8.5 stabilization run.

    View source ↗
  3. 17d ago

    8.5.0-rc.5: Meteor dependency bump

    Another stabilization patch in the 8.5 candidate series, bumping the Meteor version with no user-facing effect. One of several near-identical RC bumps in this window.

    View source ↗
  4. 22d ago

    8.5.0-rc.4: Meteor dependency bump

    A version-bump-only release candidate continuing the 8.5 stabilization pass. No behavior change for users.

    View source ↗
  5. 23d ago

    8.5.0-rc.3: bot agents skip chat-limit lock

    Mostly a Meteor bump, plus a narrow fix letting bot agents bypass the chat-limits locking mechanism since they aren't subject to those limits. Minor and internal to the omnichannel flow.

    View source ↗
  6. 29d ago

    8.5.0-rc.2: Meteor dependency bump

    A version-bump-only candidate in the 8.5 series, with no user-visible change. Reinforces the stability-first cadence on this line.

    View source ↗