# Release Notes ## ESS 2.7.0 (Released 2026-01-13) ### Data Views API A new Data Views API has been introduced to enable fine-grained access control over JSON resources through GraphQL-based filtering. Data subjects can now create filtered "view resources" that expose only specific fields from their source data, allowing selective sharing without exposing sensitive information. The Data Views API enables: * **Reusable View Definitions**: Create GraphQL-based filters that define what data to expose * **Automatic Synchronization**: View resources automatically update when source data changes * **Flexible Filtering**: Support for field selection, nested objects, numeric comparisons, date ranges, and array membership * **Two Binding Types**: Filter individual resources (VIEW\_RESOURCE) or entire containers (VIEW\_CONTAINER) * **Privacy Protection**: Source resources are protected from deletion while view bindings exist For more information, see [Data Views API](https://docs.inrupt.com/ess/latest/services/service-pod-management/data-views-api). ### Prune Improvements Enhanced pruning capabilities with improved performance and scalability through batch iteration processing. The pruning process now operates in multiple configurable iterations with smaller batch sizes, reducing peak system load and memory consumption. Key improvements include: * **Batch Iteration Processing**: Prune jobs now process resources in smaller batches across multiple iterations, reducing resource consumption per cycle * **Configurable Iteration Control**: New `MAX_ITERATIONS` parameter (default: 100, Kubernetes deployment: 1000) controls total processing time per job run * **Data Views Support**: Soft-deleted View Definitions and View Bindings are now included in the pruning process * **Fine-tuned Performance**: New `ITERATION_DELAY_MS` parameter allows configurable delays between iterations to further reduce system load For more information, see [Pruning Configuration](https://docs.inrupt.com/ess/latest/administration/resource-deletions). ### Access Grant Metrics New Access Grant Metrics feature for monitoring Access Request and Access Grant lifecycle. Prometheus metrics are now exposed for tracking requests by status (pending, granted, denied, canceled, expired) and grants by status (active, expired, revoked). For more information, see [Access Grant Metrics](https://docs.inrupt.com/ess/administration/ess-metrics#access-grant-metrics). ### Security Enhancements * **Database SSL/TLS Support**: New kustomizer component for providing database CA bundles to services, enabling SSL/TLS enforcement on database connections. See [Database SSL/TLS Configuration](https://docs.inrupt.com/ess/latest/installation/customize-configurations/customization-security/configure-database-ssl). * **Kafka SSL Support**: New kustomizer component for configuring Kafka clients to enforce SSL on broker connections. See [Kafka SSL Configuration](https://docs.inrupt.com/ess/latest/installation/customize-configurations/customization-security/kafka-ssl). ## Changelogs For changelogs, see [2.7 Changelogs](https://docs.inrupt.com/ess/latest/releases/changelog).