Pantheon release notes

Teams using Pantheon's Secrets Manager to set variables like API tokens can now do so through the site dashboard. Previously this feature only had a command line user interface through a Terminus plugin. Secrets Manager works with WordPress, Drupal, and Next.js sites hosted on Pantheon. It does not work with the sunsetting Front-End Sites product.

Secrets Managers encrypts values at rest and then makes them available to your application's code as it runs. Secrets Manager is suitable for setting variables that are truly sensitive like a password, token, or key that allows Next.js to read from a back-end CMS as well as variables that might not be sensitive like a Google Tag Manager ID.

What's new?

• Create new site-owned secrets from the site dashboard
• Create new site-owned secrets in bulk from the site dashboard by either:
  • manually adding multiple keys at once of the same type and scope
  • or importing secrets from .env files (e.g., Next.js sites)
• Manage existing site-owned secrets from the site dashboard:
  • Edit default secret value and/or secret scope
  • Add/edit/delete environment overrides

For details, see related documentation.

Pantheon has released a new version of our WP SAML Auth WordPress plugin. This update focuses on modernizing PHP support and providing developers with more granular control over SAML configurations.

What's New

• PHP 8.4 Compatibility: Full support for PHP 8.4 has been added.
• Updated PHP Requirements: The minimum supported PHP version has been increased to 7.4 to ensure better security and performance.
• WordPress 6.9 Compatibility: Confirmed compatibility with WordPress 6.9.
• Enhanced Configuration: Added the wp_saml_auth_internal_config filter, allowing developers to customize the OneLogin SAML configuration.
• SimpleSAMLphp 2.x Support: Improved auto-detection for SimpleSAMLphp 2.x and optimized autoloader discovery to skip redundant processes when the SimpleSAML\Auth\Simple class is already loaded.

Bug Fixes

Settings Page Warnings: Fixed a warning message on the plugin's settings page that appeared for users not utilizing SimpleSAML.

Important: Compatibility & Testing

While this update improves autoloader discovery, it changes how the plugin interacts with the local environment. We strongly recommend testing in a lower environment before upgrading especially if you use:

• Non-Standard Installations: Custom SimpleSAMLphp installations located in non-standard directories.
• Manual Autoloaders: Custom autoloader code that manually handles the loading of SimpleSAMLphp.

Action required

We encourage you to upgrade to the latest version of WP SAML Auth as soon as possible to take advantage of the latest features and compatibility updates. updating to get the latest features and compatibility updates.

If you have questions or concerns, please open issues in the queue for the plugin.

PHP versions 8.3.27 and 8.4.14, are now available on the platform. These updates bring the latest bug fixes, improving performance and security for your sites. The latest versions have already rolled out to all sites.

PHP 8.4 is only available with the new PHP Runtime Generation 2.

The PHP 8.4 upgrade process automatically includes an upgrade to PHP Runtime Generation 2 if your site hasn't been upgraded already.

Important PHP version information

• PHP 8.1 and 8.2 are currently receiving security-only updates.
• For more details, see the full list of PHP supported versions.

For the best performance and security, Pantheon recommends running PHP 8.2 and above.

Editorial note: The date has been moved from January 19 to January 26.

Tika 1.18 and 1.21 will no longer be available starting January 26, 2026. Impacted sites must upgrade to Tika 3.2 which is available via PHP Runtime Generation 2.

The Apache Tika toolkit detects and extracts metadata and structured text content from various documents using existing parser libraries. On the Pantheon platform, our customers tend to use Tika to parse PDF content for searching with Solr.

Action Required

For most customers, we expect the upgrade to be seamless and not require any manual intervention. But if your site has a custom Tika integration, we recommend you follow our documentation for upgrading to Tika 3 as soon as possible to ensure your site continues to operate as expected.

Sites which have not upgraded to Tika 3 as of January 26, 2026, will be automatically upgraded. Setting tika_version: 1 in pantheon.yml will be ignored after that date. Symlinks from the 1.xx jar filepaths (/srv/bin/tika-app-1.xx.jar) will point to the new Tika 3 jar (/opt/pantheon/tika/tika.jar). These symlinks will be removed later in 2026.

PHP versions 8.3.26 and 8.4.13, are now available on the platform. These updates bring the latest bug fixes, improving performance and security for your sites. Updates will be applied automatically over the next few days, so no manual action is required.

PHP 8.4 is only available with the new PHP Runtime Generation 2. To upgrade your site, set the following in your pantheon.yml file:

The PHP 8.4 upgrade process automatically includes an upgrade to PHP Runtime Generation 2.

Important PHP version information

• PHP 8.1 and 8.2 are currently receiving security-only updates.
• For more details, see the full list of PHP supported versions.

For the best performance and security, Pantheon recommends running PHP 8.2 and above.

Starting today, the session length for users logged into the Pantheon Dashboard has been reduced from 24 hours to 14 hours - regardless of session activity.

Key Changes

• Previously, Pantheon Dashboard sessions expired after 24 hours of inactivity.
• Previously, session lengths were inconsistent in some places of the Pantheon Dashboard leading to random logout and authentication requests.
• Reducing session lengths to 14 hours across the Pantheon Dashboard provides various security benefits and stronger protection for your accounts.

Terminus sessions are not impacted. See related documentation for more information.

PHP versions 8.3.25 and 8.4.12, and are now available on the platform. These updates brings the latest bug fixes, improving performance and security for your sites. Updates will be applied automatically over the next few days, so no manual action is required.

PHP 8.4 is only available with the new PHP Runtime Generation 2. To upgrade your site, set the following in your pantheon.yml file:

The PHP 8.4 upgrade process automatically includes an upgrade to PHP Runtime Generation 2.

Important PHP version information

• PHP 8.1 and 8.2 are currently receiving security-only updates.
• For more details, see the full list of PHP supported versions.

For the best performance and security, Pantheon recommends running PHP 8.2 and above.

Editorial note: The date has been moved from November 12 to December 9.

Sites running Drupal 9.4+ will no longer be able to access Solr 3 via Pantheon Search services starting December 9, 2025. 

After this date, affected sites will not be able to fetch Solr search results or index new content using Solr 3. Views or blocks that rely on Solr-powered Search API indexes may fail to load, return no results, or throw errors.

To find out which version of Solr your site is running, go to your site in the Pantheon Dashboard > Status. Look for the Solr value in the Software Versions block. 

This follows our recent announcement of Pantheon Search no longer being available for Drupal 8-9.3.

Action Required

Affected Drupal sites will need to upgrade to Solr 8 and search_api_pantheon 8.2+. A Solr upgrade guide is available in our documentation.

Alternatively, Pantheon Search can be disabled, and site owners may choose to implement Drupal’s built-in database search or a third-party search service provider.