2023.2.11 Maintenance Release
  • 18 Dec 2024
  • Dark
    Light
  • PDF

2023.2.11 Maintenance Release

  • Dark
    Light
  • PDF

Article summary

Release Notes

Bug Fixes

This maintenance release of IAP includes fixes for bugs that were reported to Itential Product Support.

Key ID Release Note
ENG-2698 When the Itential Platform application unexpectantly stops working while processing service requests, the workflow tasks would remain in an indefinite running state and not return an error. Implemented error handling transition logic to error the tasks and alert users that a service stopped running.
ENG-2882 Fixed an issue in JSON Golden Configuration which would cause JSON key-checking rule values to always be treated as string. The key-checking value is now saved as the same type as the value in the JSON.
ENG-2932 When importing a pre-built workflow to overwrite an existing workflow, the imported workflow remains in a draft state with validation errors or warnings until manually saved by the user. Applied a fix to processing workflows from pre-builts to always update the warnings and errors with the latest validation output.
ENG-2965 When providing a template without an id property to the update legacy template API endpoints, the resulting template is unusable in IAP. Updated the update/create legacy template endpoints to ensure the id property matches the provided name to prevent issues using the template. The update legacy template endpoints will return an error if no id is provided.
ENG-3034 When creating a JSON Form with a multi-select dropdown dependency, the dropdown fields would not populate correctly or display any options. Updated the rodeo-ui to ensure that any JSON Form with a dropdown dependency that contains special characters now functions correctly.
ENG-3143 Fixed the migration scripts for Configuration Manager to automatically execute on IAP startup.
ENG-3320 Some child job loop configurations involving JSTs would incorrectly report validation errors in the workflow validation API. Updated the validation method to correctly format JST related child job properties when validating a workflow.
ENG-3888 When creating a callback function in JST Designer via method card, connecting a constant value input to a non-constant value parameter causes the function to be generated incorrectly. Consequently, the function's incoming schema is incorrect and is deselected from the method as incompatible. Applied a fix in JST Designer to ensure the function is generated correctly.
ENG-4705 Transformation functions do not render as expected in JST Designer if there is a function within the transformation that contains double quotes in its name. Fixed the rendering issues when opening functions in JST Designer.
ENG-4715 When setting an operand source type to null in the evaluation task and then saving the task, it incorrectly displays the type as object instead of null. Updated the source type dropdown to display null if the value is null.
ENG-4854 If you open a corrupted transformation when you already have a transformation open in Automation Studio, and then attempt to delete the transformation, it will delete the document you already had open. Updated the delete transformation dialog to display and delete the correct transformation document.
ENG-4874 When checking the adapter status in the API after a JSON RPC connectivity issue, the adapter will display as degraded until it is restarted, regardless of current connectivity. Applied a fix in the NSO adapter that was causing the adapter to remain degraded even when connectivity was restored so that the adapter now returns to a connected state without needing a restart.
ENG-4941 When configuring the form elements in a dynamic form, there is no longer a UI crash when configuring a file upload field and then a dropdown on a JSON Form.
ENG-5832 When running compliance plans through a workflow, the compliance plan instance would not return properly. Fixed an aggregation issue with Compliance Plans in Configuration Manager that would prevent plan instances executed via workflows from displaying in the "Reports" tab.
ENG-6301 Improved the URL sanitation that occurs when navigating to assets with special characters in Projects.
ENG-6311 When using the export and import API in the Service Catalog on IAP version 2023.2, the operation fails due to an issue with the ObjectId reference in the updated MongoDB driver. Corrected the ObjectId reference, ensuring that the export and import API in the Service Catalog functions as expected.
ENG-6465 The runComplianceForDevice task would not run compliance for a Golden Config tree if the specified device only existed in the device group. Updated runComplianceForDevice to include devices that are only defined in a device group.
ENG-6499 When upgrading a workflow that has a JST with a reference to a named job variable and a child job that contains a JST with a reference to a job variable that shares the same name, trying to run the workflow in versions 2023.2 and later will cause a validation error on the schema. Fixed the shared-nested JST input job variable name schema validation collision that occurs during workflow upgrade in IAP/2023.2 and later that was causing schema validation errors when attempting to run that upgraded workflow.
ENG-6688 When using the Golden Configuration feature in Compliance Manager to audit device configurations, line disparities were noted in the compliance report. Fixed an issue in Golden Configuration that would cause incorrect compliance failures when a line contained regular expressions.

Improvements

This section highlights featured improvements to functionality in this maintenance release.

Key ID Release Note
ENG-5601 The workflow task runAction used duplicated code that was supported separately. Modified components to remove duplicate code in runAction to ensure consistent support, and resolved bugs involving the runAction task.
ENG-6829 IAP users with access to the LDAP adapter can now configure that adapter to perform single depth search in IAP Enterprise. Existing adapters will default to having a search scope of sub, keeping in line with their previous behavior.

Security Changes

This section highlights fixes and measures to prevent and minimize security risks and vulnerabilities.

Key ID Release Note
ENG-2633 Versions of lodash prior to 4.17.21 are susceptible to Code Injection via template. Updated package-json in Itential Job Manager to resolve security vulnerability in package.
ENG-2819 Versions of semver prior to 7.0.0 are susceptible to ReDos (Regular Expression Denial of Service). Updated package-json and package-lock.json in Itential Core service to resolve ReDoS security vulnerability in semver package.
ENG-2820 Versions of semver prior to 7.0.0 are susceptible to ReDos (Regular Expression Denial of Service). Updated package-lock.json in Itential Core audit-trail to resolve ReDoS security vulnerability in semver package.
ENG-2822 Versions of fast-json-patch prior to 2.2.1 are vulnerable to prototype pollution. Fixed the vulnerability in @itential/lib-yang_parser by removing the dependency on fast-json-patch.
ENG-2824 Versions of micro-match prior to 4.0.8 are vulnerable to Inefficient Regular Expression (RegEx) Complexity. Updated package-lock.json in Itential Core iap-ui to resolve security vulnerability.
ENG-3331 Versions of pug-code-gen prior to 3.0.3 are vulnerable to Improper Control of Generation of Code ('Code Injection'). Updated package-json and package-lock.json in Itential Core pronghorn-core to resolve security vulnerability.

2023.2.11 Release Versions

Automation Platform Versions

component version
@itential/adapter-automation_gateway 4.31.4-2023.2.1
@itential/adapter-azure_aaa 1.7.5-2023.2.0
@itential/adapter-email 4.2.20-2023.2.0
@itential/adapter-ldap 2.14.3-2023.2.2
@itential/adapter-local_aaa 4.5.2-2023.2.0
@itential/adapter-nso 7.9.4-2023.2.12
@itential/adapter-radius 2.2.2-2023.2.0
@itential/app-admin_essentials 5.4.10-2023.2.17
@itential/app-ag_manager 1.20.3-2023.2.1
@itential/app-automation_catalog 2.13.7-2023.2.1
@itential/app-automation_studio 4.69.3-2023.2.159
@itential/app-configuration_manager 3.117.5-2023.2.23
@itential/app-form_builder 4.15.3-2023.2.4
@itential/app-json_forms 1.42.3-2023.2.19
@itential/app-jst 1.15.11-2023.2.8
@itential/app-lifecycle_manager 1.38.4-2023.2.15
@itential/app-mop 6.21.1-2023.2.14
@itential/app-nso_manager 2.25.2-2023.2.2
@itential/app-operations_manager 1.215.10-2023.2.46
@itential/app-service_catalog 3.14.1-2023.2.3
@itential/app-service_management 3.0.2-2023.2.3
@itential/app-template_builder 2.9.1-2023.2.8
@itential/app-workflow_builder 5.55.2-2023.2.13
@itential/app-workflow_engine 11.9.6-2023.2.35
@itential/database 2.0.8
@itential/iap-ui 1.14.3-2023.2.7
@itential/itential-utils 3.2.1
@itential/logger 3.1.2
@itential/network 4.1.5
@itential/pronghorn-core 15.8.10-2023.2.51
@itential/search 1.3.3-2023.2.0
@itential/service 3.1.15
@itential/tags 3.2.2-2023.2.0

Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.