2023.2.9 Maintenance Release

Article summary

Did you find this summary helpful?

Thank you for your feedback

Release Notes

This maintenance release of IP includes fixes for bugs that were reported to Itential Product Support.

Key ID	Release Note
ENG-340	When doing load configuration for offline NSO devices in Configuration Manager, `getConfig` API will cause or return status code 200, a positive status code with `Mappi` errors. Fixed this false positive issue by keeping checks on `Mappi` errors and returning the correct status code.
ENG-2697	When viewing workflows and browsing tasks, the workflow will no longer flag tasks as changed and lose some variable references. Save will also not be enabled if no changes are made.
ENG-3195	When doing unit tests in `adapter-nso`, saw an unnecessary empty device string check added inside the `BuildTemplateAction` function. This will not cause any issues, but this is not a required check. Removed unnecessary empty string checks to enhance code quality by removing unnecessary checks.
ENG-3933	Updated styling in the editor to fix a bug that prevented the Methods panel from reopening after closing. Customers can now open/close the method panel in Automation Studio/JST-Designer as expected.
ENG-4407	The Evaluation (Eval) task was missing an editable description field. To resolve, added a Details tab with an editable description field to the Eval task.
ENG-4687	When adding/creating assets in Projects, the navigation UI would not work properly when special characters (e.g., `/` and `?` ) were in the asset name. Added URL sanitization (URI encoding) to properly handle links to assets with special characters.

This section highlights fixes and measures to prevent and minimize security risks and vulnerabilities.

Key ID	Release Note
ENG-2597	Updated the `node-ip` library to resolve a SSRF security vulnerability in IP Workflow Builder.
ENG-2635	The `ip` package is flagged as vulnerable in the database module. Fixed vulnerability caused by ip package by overriding the socks dependency in the database module.
ENG-2821	The `ip` package was flagged as vulnerable in the database module. Fixed vulnerability caused by `ip` package by overriding the socks dependency in the database module
ENG-3417	When bind requests are made in the LDAP adapter, a request timeout will cause sensitive information to be logged. Fixed logging of sensitive information on a request timeout in the LDAP adapter by removing the argument containing sensitive information from the `timeout` event handler.

component	version
@itential/adapter-automation_gateway	4.31.4-2023.2.1
@itential/adapter-azure_aaa	1.7.5-2023.2.0
@itential/adapter-email	4.2.20-2023.2.0
@itential/adapter-ldap	2.14.3-2023.2.1
@itential/adapter-local_aaa	4.5.2-2023.2.0
@itential/adapter-nso	7.9.4-2023.2.10
@itential/adapter-radius	2.2.2-2023.2.0
@itential/app-admin_essentials	5.4.10-2023.2.17
@itential/app-ag_manager	1.20.3-2023.2.1
@itential/app-automation_catalog	2.13.7-2023.2.0
@itential/app-automation_studio	4.69.3-2023.2.143
@itential/app-configuration_manager	3.117.5-2023.2.16
@itential/app-form_builder	4.15.3-2023.2.4
@itential/app-json_forms	1.42.3-2023.2.19
@itential/app-jst	1.15.11-2023.2.8
@itential/app-lifecycle_manager	1.38.4-2023.2.15
@itential/app-mop	6.21.1-2023.2.13
@itential/app-nso_manager	2.25.2-2023.2.2
@itential/app-operations_manager	1.215.10-2023.2.41
@itential/app-service_catalog	3.14.1-2023.2.2
@itential/app-service_management	3.0.2-2023.2.3
@itential/app-template_builder	2.9.1-2023.2.8
@itential/app-workflow_builder	5.55.2-2023.2.13
@itential/app-workflow_engine	11.9.6-2023.2.33
@itential/database	2.0.7
@itential/IP-ui	1.14.3-2023.2.6
@itential/itential-utils	3.2.1
@itential/logger	3.1.2
@itential/network	4.1.5
@itential/pronghorn-core	15.8.10-2023.2.44
@itential/search	1.3.3-2023.2.0
@itential/service	3.1.12
@itential/tags	3.2.2-2023.2.0

Was this article helpful?

Table of contents