26.7.0 Janus released
Janus is the latest entry in our quarterly rollup series. It branches off from our main rolling Voyager development into a fixed target for our partners to qualify and build upon.
This Quarterly release is named after Saturn's moon Janus. Fun fact: Janus takes its name from the Roman god of gates, doorways, beginnings, and endings — fitting for a moon caught in one of the Solar System's strangest orbital arrangements. This small, potato-shaped, heavily cratered moon shares its orbit with a sister moon, Epimetheus, and about every four years the two moons drift close enough that they swap orbits with each other — a co-orbital dance found nowhere else in the Solar System. Keep an eye out for Epimetheus; that name may sound familiar again later this year.
Comet 26.7.0 Janus focuses on smarter administration and faster performance across the platform. Highlights include Model Context Protocol (MCP) support for agent-based workflows, Comet Server webhook notifications that render natively as Slack messages, saved job searches in the Comet Management Console, and a new Storage Template option to prevent end-user edits of template-provisioned Storage Vaults. This release also delivers performance improvements across our Comet Management Console, the Comet Backup desktop app, and Office 365 Protected Items.
As always for a new quarterly release, there are two changelogs for 26.7.0 depending on whether you are coming from the previous quarterly release or the previous Voyager release:
Changes compared to 26.4.5 (Phoebe)
Notice
Comet Backup on macOS now requires macOS 12 "Monterey" or later
Any users of macOS 10.13 "High Sierra", 10.14 "Mojave", 10.15 "Catalina", and 11 "Big Sur" should remain on the Comet 26.4.x "Phoebe" quarterly series.
New Features
Model Context Protocol (MCP) support
Self-Hosted Management Console Only
Comet Server can now act as a Model Context Protocol (MCP) server, letting you connect AI assistants and agent tooling directly to your Comet Server. Over 100 tools are available covering users, jobs, storage, policies, devices, and server settings, so you can automate routine administration and reporting with the AI tooling of your choice. Tools are read-only by default, with write access available on an opt-in basis.
Comet Server webhook notifications as Slack messages
Comet Server webhooks can now be formatted as Slack messages. Point a webhook at a Slack Incoming Webhook URL and job notifications render natively in your chosen Slack channel, with no middleware or custom integration needed. This can be configured when adding or editing a webhook in the Comet Management Console.
Enhancements
2FA status visible in User list
The Users list in the Comet Management Console now shows each user's two-factor authentication (2FA) status, so admins can audit 2FA coverage across all their accounts at a glance instead of opening each user's detail page.


Saved job searches in the Comet Management Console
Job searches in the Comet Management Console can now be saved and recalled, so the filtered views you check regularly are one click away instead of being rebuilt each time.


Storage Template lock option for provisioned Storage Vaults
A new "Prevent users from editing the Storage Vaults created from this template" option is available in Storage Template settings in the Comet Management Console. Storage Vaults provisioned from a template with this option enabled cannot be modified by the end user in either the Comet Management Console or the Comet Backup desktop app, even when the account policy would otherwise permit editing Storage Vaults — so centrally provisioned storage stays exactly as you configured it.
Policy default schedules applied to policy default Protected Items
Policy default schedules are now automatically applied to policy default Protected Items that have no schedules of their own, ensuring devices covered by a Policy always end up with a backup schedule in place. For enforced Protected Items, schedules are always applied; for unenforced Protected Items, schedules are applied at Protected Item creation time. Default schedules are shown in a greyed-out, non-interactive state so they can be told apart from explicitly configured schedules.


Linux Sandboxing always enabled for home directory restores
Linux Sandboxing is now permanently enabled for Files and Folders restores to home directories, improving security by keeping restore file writes isolated from the rest of the system.
Improved Missed Backup log details
Missed Backup log entries now record whether the target device was online at the time the backup was expected to run, so you can quickly tell whether a backup was missed because the device was offline or for another reason.
Faster Files and Folders restores on Linux
The Linux restore sandbox has received multiple performance optimisations, and is now bypassed entirely for restores outside home directories where it is not required — making Files and Folders restores on Linux faster.
Improved Office 365 backup memory efficiency
Office 365 calendar and mail backups now stream events and messages as they are processed, rather than collecting them all in memory before starting. This reduces peak memory usage when backing up large mailboxes.
Faster Comet Server web interface load times (COMET-1680)
The Comet Management Console now loads quicker on initial startup, reducing the time admins and users spend waiting to access the web interface.
Additional Impossible Cloud regions available as Storage Vaults (COMET-59652)
Comet now supports the eu-west-3 and us-east-1 regions when configuring an Impossible Cloud Storage Vault, giving admins additional options for data residency and lower-latency backups in those geographies.
Other enhancements
- Added support for ML-KEM post-quantum encryption in TLS, helping protect data in transit against future quantum computing threats (COMET-59543)
- Improved overall performance and reduced memory usage across Comet Server and the Comet Backup client applications (COMET-5034)
- The pre-built macOS Comet Backup Agent installer now comes with the server URL pre-filled, so end users only need to enter their credentials to log in
- Cross-device restores in the Comet Backup desktop client now show a temporary Protected Item entry for the restore, so you can see and monitor the restore's progress
- The Comet Backup desktop client's granular restore wizard now displays disk partition sizes, matching the Comet Management Console and making it easier to pick the right partition to restore
- Improved the speed of Office 365 backup jobs
- Improved the performance of Comet Server user APIs, particularly with larger user profiles, for a more responsive Comet Management Console on busy servers
- Improved performance of the Comet Backup desktop app when rendering main screen charts (COMET-59908)
- Added an in-process DNS cache, on by default for Linux and macOS which typically lack an OS-level DNS cache, cutting repeated DNS lookups during backup and storage operations
- The Comet Backup desktop app now communicates with its background service more directly, making the app more responsive (COMET-1951)
- Bulk Update Campaigns now skip devices whose operating system is not supported by the new software version, rather than upgrading them to a version they cannot run
- Bulk Update Campaigns now send the update to busy devices as soon as their running backup job finishes, so campaigns complete sooner without interrupting backups
- Improved performance when making settings changes in the Comet Backup desktop application (COMET-59860)
- The Storage Template Test Connection action now performs a full end-to-end test by provisioning a temporary Storage Vault and removing it again, so storage permission problems are caught when the template is configured rather than when a user first requests storage
- Improved high DPI display support for Comet Backup on legacy x86_64 macOS machines (COMET-59362)
- Email reports can now be given an optional Name, shown in the report list in both the Comet Management Console and the Comet Backup desktop app, making it easier to tell apart multiple reports of the same type
- Added a User / Account column to the Storage Buckets page of the Comet Management Console, showing which user accounts use each bucket according to the latest Constellation report with links to each user's detail page, making it easier to audit storage usage
Bug Fixes
- Fixed an issue with Comet API to prevent Admin with enforced policies from creating a policy and/or assigning an existing policy
- Fixed an issue causing VMware virtual disk crashing when restoring root level files
- Fixed an issue causing a second password entry to be required when logging into the Comet Backup desktop app (COMET-5855)
- Fixed an issue causing client-side jobs to not run on schedule in some rare edge cases (COMET-59428)
- Fixed an issue with performance when managing the comet-stats.db database under high server load (COMET-59682)
- Fixed an issue with invalid paths in macOS codesigning using SSH in Comet Core
- Fixed an issue with validating certain types of Relic codesigning responses (COMET-59589)
- Fixed an issue with generating the Linux Recovery Media on a Linux distribution that uses tmpfs (COMET-59078)
- Fixed an issue with cross-restore from Proxmox to Hyper-V or VMware when a CD-ROM was present in the backup source
- Fixed an issue causing the Comet Backup desktop app job log to show some jobs as in progress when they were actually finished
- Fixed an issue with timestamp boundaries when calculating the time to create Missed backup job entries
- Fixed an issue causing the VM list to be empty when restoring from a VMware backup that had no disks
- Fixed an issue causing user profiles to become inaccessible when virtual disk drivers report extremely large partition sizes in Disk Image backups
- Fixed an issue causing Office 365 calendar backups to get stuck due to a bug in the Microsoft Graph API
- Fixed an issue causing a resource leak in Office 365 backups
- Fixed an issue causing a memory leak in Office 365 backups
- Fixed an issue causing Office 365 calendar incremental backups to fail to fall back to a full backup when the previous snapshot was corrupted
- Fixed an issue causing Office 365 backup cancellation to produce excessive log output
- Fixed an issue causing Office 365 mail folder byte statistics to be incorrectly calculated as zero
- Fixed an issue causing Comet Server event dispatch to connected clients to be blocked in some conditions
- Fixed an issue with Protected Item dialog table overflow behaviour when a large number of rows are rendered
- Fixed a cosmetic issue with inconsistent reporting of Proxmox VM memory sizes
- Fixed a cosmetic issue with "osascript" popups when logging into Comet Backup on macOS (COMET-5854)
- Fixed an issue with incorrect timezone calculations in the Comet Server web interface (COMET-1680)
- Fixed an issue with adding new admin users
- Fixed an issue causing live connected devices to fail to reconnect after a password change in the Comet Management Console
- Fixed an issue with starting sessions
- Fixed an issue with obtaining TOTP codes
- Fixed an issue causing Office 365 backups to potentially skip "calendars" and "contacts" in some cases where duplicate items are found
- Fixed an issue causing the configure button to be shown while performing a cross-device restore on a Comet Backup desktop client with no Protected Item available to edit
- Fixed an issue in the Comet Backup desktop app where scheduled backup jobs could run immediately instead of at their scheduled time, which could cause scheduled backups to be missed
- Fixed an issue that could cause excessive server log messages when deleting user accounts (COMET-59992)
- Proxmox backup and restore now works for volumes in linked clones
- Fixed an issue with live connection APIs when logged in to the Comet Management Console as an end-user (COMET-59967)
- Fixed an issue with user quota enforcement (COMET-59983)
- Fixed an issue with multi-factor Authentication in Comet Management Console to prevent TOTP codes from being used in the same time window
- Fixed an issue with missing "Other devices" usage information in the chart screen in the Comet Backup desktop app
- Fixed an issue causing the MSI Backup Agent download to start twice from the Download Backup Agent page of the Comet Management Console with unauthenticated downloads disabled
- Fixed an issue causing concurrent backup jobs to fail with "No encryption key is available" on the first backup to a newly created Storage Vault
- Fixed an issue causing the list of connected devices to be displayed in an arbitrary order in the Run Backup and Restore dialogs of the Comet Management Console; the list is now sorted alphabetically by device name
- Fixed an issue causing "ResizeObserver" messages to appear in the Comet Management Console web interface when using incompatible browser extensions (COMET-60074)
- Fixed an issue causing Disk Image backups to spuriously warn that data "may be corrupt or inconsistent" when a volume's Volume Shadow Copy was read without exclusive access; a shadow copy is immutable, so the read is consistent and the warning is no longer shown
- Fixed an issue causing Comet to reinitialize Storage Vaults and wipe encryption keys in some cases of temporary network connection loss
- Fixed an issue causing retention to fail rather than retry when S3-compatible Storage Vault are interrupted
- Fixed an issue causing the retention-pass status of a non-editable Storage Vault to be reverted when a backup job tried to clear it, which previously left the status stuck and forced a redundant retention pass to re-run on every subsequent backup job
- Fixed an issue causing device registration to fail in the Comet Backup desktop app when TOTP is enabled, instead of prompting for a TOTP code
- Fixed an issue causing the Comet Backup desktop app to repeatedly prompt to log in after a TOTP-authenticated device registration
- Fixed an issue causing a Policy "latest Storage Vault" backup schedule on an existing Protected Item to swap to a newer Storage Vault in certain circumstances
- Fixed an issue causing installation of the macOS client on unsupported older versions to be allowed (COMET-60125)
- Fixed an issue where the Storage Vault content analysis at the end of a retention pass could fail permanently once concurrent jobs had left duplicate packindex files for a snapshot
- Fixed Linux Disk Image snapshot driver installation on systems where the default temp directory is mounted
noexec - Fixed Linux Recovery Media ISO generation on systems where the default temp directory is mounted
noexecornodev - Fixed an issue with rate limit message handling on S3-compatible storage locations (COMET-59536)
Changes compared to 26.5.4
Bug Fixes
- Fixed an issue where the Storage Vault content analysis at the end of a retention pass could fail permanently once concurrent jobs had left duplicate packindex files for a snapshot (COMET-60135)
- Fixed Linux Disk Image snapshot driver installation on systems where the default temp directory is mounted
noexec(COMET-60027) - Fixed Linux Recovery Media ISO generation on systems where the default temp directory is mounted
noexecornodev(COMET-60027) - Fixed an issue with rate limit message handling on S3-compatible storage locations (COMET-59536)
- Fixed an issue where restoring a Proxmox virtual machine onto ZFS storage could fail with "dataset already exists" if a leftover disk volume from a previous restore or an earlier VM with the same VM ID was present on the storage pool (COMET-60116)