This 2023.2.21 release includes important updates and fixes to the Platform.
Bug Fixes
Key ID
Release Note
ENG-2891
Removed and hid unusable shortcuts for transformations within a Project, preventing users from performimg actions that should not be performed in a Project.
ENG-4213
When the Platform was configured to authenticate users via SAML SSO, a user who was logged out from a page in the Platform would not be redirected to their original location after logging back in. Support was added for persistent redirect links across SAML SSO login flows to ensure users are restored to their original location after logging out and logging back in.
ENG-7728
Fixed an issue where the status for each job was not reflected in the output objects from the childJob task when either parallel or sequential looping was enabled.
ENG-7900
In certain circumstances, the Workflow Builder Canvas would display duplicate task definitions in the task palette. This change provides a fix that eliminates possible race conditions and ensures no duplicates are added.
ENG-7955
A race condition issue during prebuilt imports has been resolved. This problem arose when multiple workflows in the prebuilt contained the same group, which would previously cause errors in the import API. The fix ensures smoother operation without errors.
ENG-8062
When configuring Azure/EntraID as an Identity Provider (IdP) in the Platform, the SSO test connection failed due to a required Password, ProtectedTransport authentication method. To resolve this issue, added a "Disable Expected Auth" toggle to the SSO configuration page that gives administrators the option to control the disableAuthnContext configuration property that disables checking of AuthnContext in an SSO/SAML response.
ENG-8815
A bug that caused child job loops to remain stuck in a running state even after all child jobs were cancelled has been successfully fixed, ensuring that the system behaves as expected.
ENG-10315
A critical bug has been fixed regarding the convertTimezone task and other related time tasks. Previously, these tasks would incorrectly default to using the current date and time rather than the correct input time. This issue has now been rectified.
ENG-10352
A series of fixes have been implemented to address multiple issues that occurred when utilizing an incoming or outgoing JST schema. These issues have been resolved to ensure proper functionality at runtime.
ENG-10751
Resolved a JST bug that allowed references to deleted steps to persist within the context of other steps, ensuring that the integrity of the workflow remains intact and that users are not misled by outdated references.
ENG-11043
Fixed an issue preventing the restart of services that crash due to memory exhaustion.
ENG-12023
Added checks for iap_id and Redis connection to ensure smooth shutdowns when exiting the Platform early in the startup process and when exiting the Platform after Redis shuts down.
ENG-12405
Copying command templates between Projects changed the created and lastUpdated fields to a date string instead of an integer, preventing users from saving the Command Template. Fixed the date formatting for JSON schemas when copying assets into a project space.
ENG-12445
When importing a pre-built automation with GBAC assigned, the imported automation does not appear in the Operations Manager side navigation bar. Fixed pre-built automation import to ensure all GBAC id are strings and the automation is displayed in the side navigation bar.
ENG-12480
The login API calls from IAG adapters were displaying password and token as plaintext credentials in the IAG adapter logs. To mask sensitive credentials in Itential Platform logs, updated the adapter-utils dependency version.
ENG-12529
The Command Template Builder UI previously lacked the Maximum Accepted Percentage (%) selector when performing a comparison evaluation by percentage. This issue has been rectified by re-adding the selector to the UI, ensuring its availability for use in command templates.
ENG-12616
When adding users to a Group via UI, the save button was greyed out (disabled). Implemented functionality in the Edit Group dialog so that when modifying group members through the Admin Essentials UI, the save button will now be enabled on member change.
ENG-12865
An important fix has been implemented to address a significant issue where deeply nested objects or large arrays of objects, when used as inputs to tasks, could lead to the task being stuck in a running state. This was accompanied by a "Maximum Call Stack" error being logged, which has now been resolved.
Improvements
Key ID
Release Note
ENG-10707
The codebase has undergone a thorough cleanup, which involved removing unused dependencies and eliminating dead code, thereby improving overall performance and maintainability.
ENG-11500
Added @itential/app-gateway_manager to container images.
ENG-12003
Introduced a new UUID property to workflow data for enhanced identification.
ENG-12523
The NSO adapter has been updated to incorporate a global-timeout setting, which acts as a boolean flag. When set to 'true', this global-timeout setting allows services to bypass local timeout values and instead adhere to the global timeout configuration. If the global-timeout is not activated or is set to 'false', the system will revert to either a custom value or the default timeout of 60 seconds, as specified by the user.
ENG-12595
Added workflowId and projectId properties to the jobStart event in Workflow Engine. These unique identifiers help to correlate workflow executions (jobs), and protect against unexpected event duplication.
ENG-12662
Added a task summary and description to Workflow Engine events. This metadata is automatically added to task events handled via the eventSystem, allowing users to easily understand the purpose and details of each event.
ENG-13038
A new feature has been introduced that allows users to expand and collapse buttons for trigger editing within automations, enhancing the user experience and functionality.
Security Changes
Key ID
Release Note
ENG-11009
When running security scans, it showed affected versions of app-operations_manager in the Platform were vulnerable to Regular Expression Denial of Service (ReDoS) risks. Upgraded semver to latest version to resolve this vulnerability.
ENG-12785
When running security scans, it showed affected versions of the tar-fs and undici packages in Admin Essentials were vulnerable to security risks. Upgraded the tar-fs package dependency to 2.1.3 and the undici package to 5.29.0 to resolve this vulnerability.
ENG-12833
Upgraded the ssh2 package in adapter-nso to version 1.16.0 to address a Command Injection security vulnerability present in version 0.8.9 of the dependency.