Platform 6.3.3 Maintenance Release

Platform 6.3.3 is a maintenance release that includes critical bug fixes, security updates, and feature enhancements. This release addresses customer-reported issues to enhance platform stability and reliability.

Enhancements

Feature	Description
Project Description Field (ENG-19847)	Added optional description field to project creation flows in Studio, enabling better project documentation and organization.
Lifecycle Management Action Descriptions (ENG-18926)	Enabled setting description field for Lifecycle Management Action assets to improve asset documentation and searchability.
Golden Configuration Asset Descriptions (ENG-18925)	Enabled setting description field for Golden Configuration assets in Configuration Manager, enhancing configuration documentation capabilities.

Bug Fixes

Issue	Description
Asset Movement from Project to Global (ENG-20126)	Fixed issue where moving an asset from project to global space did not update the asset correctly. Ensured proper asset metadata and reference updates during migration.
Workflow Import Validation Errors (ENG-19989)	Resolved validation errors occurring when importing workflows in Platform 6.3.2. Improved import validation logic to handle edge cases.
Custom Application Functionality (ENG-19874)	Fixed Custom Application not working properly in 6.3 and addressed additional issues that occurred when the application did work. Improved application initialization and runtime stability.
Task Node Deselection (ENG-19709)	Fixed issue where task node was automatically deselected when opening task details. Maintained selection state for improved user experience.
Asset Duplication in Projects (ENG-19549)	Resolved issue where assets were being duplicated within projects, causing import errors in Platform 6. Implemented proper asset uniqueness validation.
Project Performance with External References (ENG-19433)	Improved project loading and performance when large numbers of external references exist. Optimized reference resolution and caching mechanisms.
Project Loading COLLSCANS (ENG-19332)	Fixed issue where loading projects with many components caused spikes in database COLLSCANS leading to platform slowness. Added proper database indexes and optimized queries.
JSON Form Data Binding Schema Error (ENG-18622)	Resolved issue where Data Binding in JSON Form gave incorrect schema error consistently. Corrected schema validation logic.
Eval Null Value Handling (ENG-18487)	Fixed issue where Eval task incorrectly handled null values. Improved null checking and value coercion logic.
Child JST Renaming on Import (ENG-18187)	Resolved issue where referenced child JST was renamed upon workflow import. Preserved original JST names during import operations.
JST Designer User Function Cleanup (ENG-17989)	Fixed JST Designer failure to clean up assignments from user functions, which created irrecoverably broken JST documents. Implemented proper cleanup routines.
Evaluation Task Job Variable Input (ENG-17802)	Corrected issue where Evaluation task job variable input was not functioning properly. Restored proper variable binding and evaluation.
AGManager Adapter Discovery (ENG-17775)	Fixed AGManager error on discoverAll where automation gateway adapter could not be found. Improved adapter registration and discovery mechanisms.
Task Summary Loading State (ENG-17550)	Resolved issue where Task Summary remained stuck in loading state on running workflows. Improved state management and error handling.
LCM Special Character Sanitization (ENG-17240)	Fixed LCM failure to sanitize special characters when invalid regex exists in action names for workflows. Enhanced input validation and sanitization.
Redis TLS Configuration (ENG-16926)	Resolved inability to configure Itential Platform to use TLS with Redis and Redis Sentinel. Implemented proper TLS configuration support.
Operations Manager Job View Crash (ENG-16816)	Fixed Operations Manager (Job View) crash when viewing child iteration of cancelled jobs or jobs without valid Job object values. Added proper null checking and error handling.
JST Import from Project (ENG-15667)	Resolved issue where Automation and JSON Form could not be imported if using a JST from a project. Fixed cross-scope JST reference resolution.
Legacy Forms Export/Import (ENG-15611)	Fixed issue in 23.2 UAT where Legacy Forms failed to export/import. Ensured backward compatibility for form migration.
renderJsonSchema Binding Schema (ENG-13749)	Fixed bindingSchema parameter in renderJsonSchema task that was not working correctly. Restored proper schema binding functionality.
JSON Form Field Dependency Update (ENG-12016)	Resolved issue where JSON Form with field dependency did not update selected field properly. Improved dependency tracking and field updates.
JST Designer Duplicate Schema IDs (ENG-11207)	Fixed JST designer not warning users about duplicate schema `$id` values, which allowed saves but caused misbehavior. Implemented duplicate ID detection and validation.

Security Fixes

This release includes important security updates that address vulnerabilities in third-party packages and platform components.

Key ID	Release Note
ReDoS in ajv (NSO Adapter) (ENG-19908)	Updated ajv package in NSO adapter to resolve Regular Expression Denial of Service (ReDoS) vulnerability. Enhanced regex validation patterns.
ReDoS in minimatch (NSO Adapter) (ENG-19907)	Updated minimatch package in NSO adapter to address Regular Expression Denial of Service (ReDoS) vulnerability. Improved pattern matching performance.
Prototype Pollution in lodash (Service Management) (ENG-19905)	Updated lodash package in app-service_management to resolve prototype pollution vulnerability. Enhanced object property validation.
ReDoS in ajv (Service Management) (ENG-19903)	Updated ajv package in app-service_management to address Regular Expression Denial of Service (ReDoS) vulnerability. Improved schema validation performance.
Prototype Pollution in lodash (NSO Manager) (ENG-19899)	Updated lodash package in app-nso_manager to resolve prototype pollution vulnerability. Implemented proper input sanitization.
ReDoS in ajv (NSO Manager) (ENG-19898)	Updated ajv package in app-nso_manager to address Regular Expression Denial of Service (ReDoS) vulnerability. Enhanced validation efficiency.
ReDoS in minimatch (NSO Manager) (ENG-19897)	Updated minimatch package in app-nso_manager to resolve Regular Expression Denial of Service (ReDoS) vulnerability. Improved glob pattern handling.
Resource Allocation in axios (NSO Manager 2023.2) (ENG-19473)	Updated axios package to address Allocation of Resources Without Limits or Throttling vulnerability. Implemented proper request throttling.
Prototype Pollution in axios (NSO Manager) (ENG-19472)	Updated axios package in app-nso_manager to resolve prototype pollution vulnerability. Enhanced HTTP request validation.
Prototype Pollution in csvtojson (ENG-16644)	Updated csvtojson package to address prototype pollution vulnerability. Improved CSV parsing security.
Predictable Value Range in form-data (NSO Manager) (ENG-15022)	Updated form-data package to address Predictable Value Range from Previous Values vulnerability. Enhanced boundary generation randomness.