.png?sv=2022-11-02&spr=https&st=2024-11-21T06%3A58%3A06Z&se=2024-11-21T07%3A08%3A06Z&sr=c&sp=r&sig=ycr3C7Ix3fTEbI3v5M%2FP3hzEyfShO7cvxLdMSiOM5YE%3D){kind=logo}
2023.2.11 Maintenance Release
- 20 Nov 2024
-
DarkLight
-
PDF
2023.2.11 Maintenance Release
- Updated on 20 Nov 2024
-
DarkLight
-
PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Release Notes
Bug Fixes
This maintenance release of IAP includes fixes for bugs that were reported to Itential Product Support.
| Key ID | Release Note |
|---|---|
| ENG-2698 | When the Itential Platform application unexpectantly stops working while processing service requests, the workflow tasks would remain in an indefinite running state and not return an error. Implemented error handling transition logic to error the tasks and alert users that a service stopped running. |
| ENG-2882 | Fixed an issue in JSON Golden Configuration which would cause JSON key-checking rule values to always be treated as string. The key-checking value is now saved as the same type as the value in the JSON. |
| ENG-2932 | When importing a pre-built workflow to overwrite an existing workflow, the imported workflow remains in a draft state with validation errors or warnings until manually saved by the user. Applied a fix to processing workflows from pre-builts to always update the warnings and errors with the latest validation output. |
| ENG-2965 | When providing a template without an id property to the update legacy template API endpoints, the resulting template is unusable in IAP. Updated the update/create legacy template endpoints to ensure the id property matches the provided name to prevent issues using the template. The update legacy template endpoints will return an error if no id is provided. |
| ENG-3034 | When creating a JSON Form with a multi-select dropdown dependency, the dropdown fields would not populate correctly or display any options. Updated the rodeo-ui to ensure that any JSON Form with a dropdown dependency that contains special characters now functions correctly. |
| ENG-3143 | Fixed the migration scripts for Configuration Manager to automatically execute on IAP startup. |
| ENG-3320 | Some child job loop configurations involving JSTs would incorrectly report validation errors in the workflow validation API. Updated the validation method to correctly format JST related child job properties when validating a workflow. |
| ENG-4705 | Transformation functions do not render as expected in JST Designer if there is a function within the transformation that contains double quotes in its name. Fixed the rendering issues when opening functions in JST Designer. |
| ENG-4715 | When setting an operand source type to null in the evaluation task and then saving the task, it incorrectly displays the type as object instead of null. Updated the source type dropdown to display null if the value is null. |
| ENG-4854 | If you open a corrupted transformation when you already have a transformation open in Automation Studio, and then attempt to delete the transformation, it will delete the document you already had open. Updated the delete transformation dialog to display and delete the correct transformation document. |
| ENG-4874 | When checking the adapter status in the API after a JSON RPC connectivity issue, the adapter will display as degraded until it is restarted, regardless of current connectivity. Applied a fix in the NSO adapter that was causing the adapter to remain degraded even when connectivity was restored so that the adapter now returns to a connected state without needing a restart. |
| ENG-4941 | When configuring the form elements in a dynamic form, there is no longer a UI crash when configuring a file upload field and then a dropdown on a JSON Form. |
| ENG-5832 | When running compliance plans through a workflow, the compliance plan instance would not return properly. Fixed an aggregation issue with Compliance Plans in Configuration Manager that would prevent plan instances executed via workflows from displaying in the "Reports" tab. |
| ENG-6301 | Improved the URL sanitation that occurs when navigating to assets with special characters in Projects. |
| ENG-6465 | The runComplianceForDevice task would not run compliance for a Golden Config tree if the specified device only existed in the device group. Updated runComplianceForDevice to include devices that are only defined in a device group. |
| ENG-6499 | When upgrading a workflow that has a JST with a reference to a named job variable and a child job that contains a JST with a reference to a job variable that shares the same name, trying to run the workflow in versions 2023.2 and later will cause a validation error on the schema. Fixed the shared-nested JST input job variable name schema validation collision that occurs during workflow upgrade in IAP/2023.2 and later that was causing schema validation errors when attempting to run that upgraded workflow. |
| ENG-6688 | When using the Golden Configuration feature in Compliance Manager to audit device configurations, line disparities were noted in the compliance report. Fixed an issue in Golden Configuration that would cause incorrect compliance failures when a line contained regular expressions. |
Improvements
This section highlights featured improvements to functionality in this maintenance release.
| Key ID | Release Note |
|---|---|
| ENG-5601 | The workflow task runAction used duplicated code that was supported separately. Modified components to remove duplicate code in runAction to ensure consistent support, and resolved bugs involving the runAction task. |
| ENG-6829 | IAP users with access to the LDAP adapter can now configure that adapter to perform single depth search in IAP Enterprise. Existing adapters will default to having a search scope of sub, keeping in line with their previous behavior. |
Security Changes
This section highlights fixes and measures to prevent and minimize security risks and vulnerabilities.
| Key ID | Release Note |
|---|---|
| ENG-2633 | Versions of lodash prior to 4.17.21 are susceptible to Code Injection via template. Updated package-json in Itential Job Manager to resolve security vulnerability in package. |
| ENG-2819 | Versions of semver prior to 7.0.0 are susceptible to ReDos (Regular Expression Denial of Service). Updated package-json and package-lock.json in Itential Core service to resolve ReDoS security vulnerability in semver package. |
| ENG-2820 | Versions of semver prior to 7.0.0 are susceptible to ReDos (Regular Expression Denial of Service). Updated package-lock.json in Itential Core audit-trail to resolve ReDoS security vulnerability in semver package. |
| ENG-2822 | Versions of fast-json-patch prior to 2.2.1 are vulnerable to prototype pollution. Fixed the vulnerability in @itential/lib-yang_parser by removing the dependency on fast-json-patch. |
| ENG-2824 | Versions of micro-match prior to 4.0.8 are vulnerable to Inefficient Regular Expression (RegEx) Complexity. Updated package-lock.json in Itential Core iap-ui to resolve security vulnerability. |
| ENG-3331 | Versions of pug-code-gen prior to 3.0.3 are vulnerable to Improper Control of Generation of Code ('Code Injection'). Updated package-json and package-lock.json in Itential Core pronghorn-core to resolve security vulnerability. |
2023.2.11 Release Versions
Automation Platform Versions
| component | version |
|---|---|
| @itential/adapter-automation_gateway | 4.31.4-2023.2.1 |
| @itential/adapter-azure_aaa | 1.7.5-2023.2.0 |
| @itential/adapter-email | 4.2.20-2023.2.0 |
| @itential/adapter-ldap | 2.14.3-2023.2.2 |
| @itential/adapter-local_aaa | 4.5.2-2023.2.0 |
| @itential/adapter-nso | 7.9.4-2023.2.12 |
| @itential/adapter-radius | 2.2.2-2023.2.0 |
| @itential/app-admin_essentials | 5.4.10-2023.2.17 |
| @itential/app-ag_manager | 1.20.3-2023.2.1 |
| @itential/app-automation_catalog | 2.13.7-2023.2.1 |
| @itential/app-automation_studio | 4.69.3-2023.2.159 |
| @itential/app-configuration_manager | 3.117.5-2023.2.23 |
| @itential/app-form_builder | 4.15.3-2023.2.4 |
| @itential/app-json_forms | 1.42.3-2023.2.19 |
| @itential/app-jst | 1.15.11-2023.2.8 |
| @itential/app-lifecycle_manager | 1.38.4-2023.2.15 |
| @itential/app-mop | 6.21.1-2023.2.14 |
| @itential/app-nso_manager | 2.25.2-2023.2.2 |
| @itential/app-operations_manager | 1.215.10-2023.2.46 |
| @itential/app-service_catalog | 3.14.1-2023.2.3 |
| @itential/app-service_management | 3.0.2-2023.2.3 |
| @itential/app-template_builder | 2.9.1-2023.2.8 |
| @itential/app-workflow_builder | 5.55.2-2023.2.13 |
| @itential/app-workflow_engine | 11.9.6-2023.2.35 |
| @itential/database | 2.0.8 |
| @itential/iap-ui | 1.14.3-2023.2.7 |
| @itential/itential-utils | 3.2.1 |
| @itential/logger | 3.1.2 |
| @itential/network | 4.1.5 |
| @itential/pronghorn-core | 15.8.10-2023.2.51 |
| @itential/search | 1.3.3-2023.2.0 |
| @itential/service | 3.1.15 |
| @itential/tags | 3.2.2-2023.2.0 |
Was this article helpful?
