2023.2.32
Platform 2023.2.32 is a maintenance release containing critical security updates and bug fixes to improve platform stability and security.
Bug fixes (2)
| Component | Feature | Description |
|---|---|---|
| Node.js security update (ENG-22038) | Upgraded Node.js base image to v20.20.0 to address security vulnerability. | |
| Tasks stuck in errored state (ENG-19443) | Reduced memory consumption in the Workflow Engine during high-throughput job execution involving forEach loops and sequential/parallel child-workflow loops. |
Security fixes (2)
This release includes important security updates that address vulnerabilities in third-party packages and platform components.
| Component | Feature | Description |
|---|---|---|
| HTTP response splitting in axios (ENG-23095) | Updated axios dependency version to resolve HTTP Response Splitting vulnerability (SNYK-JS-AXIOS-16298058). | |
| XML injection in @xmldom/xmldom (ENG-22666) | Fixed XML Injection vulnerability in @xmldom/xmldom (SNYK-JS-XMLDOMXMLDOM-15869636). |
Component versions
Automation Platform
| Component | Version |
|---|---|
| adapter-automation_gateway | 4.31.4-2023.2.10 |
| adapter-azure_aaa | 1.7.5-2023.2.2 |
| adapter-email | 4.2.20-2023.2.0 |
| adapter-ldap | 2.14.3-2023.2.3 |
| adapter-local_aaa | 4.5.2-2023.2.0 |
| adapter-nso | 7.9.4-2023.2.21 |
| adapter-radius | 2.2.2-2023.2.0 |
| app-admin_essentials | 5.4.10-2023.2.26 |
| app-ag_manager | 1.20.3-2023.2.12 |
| app-automation_catalog | 2.13.7-2023.2.6 |
| app-automation_studio | 4.69.3-2023.2.248 |
| app-configuration_manager | 3.117.5-2023.2.34 |
| app-form_builder | 4.15.3-2023.2.9 |
| app-gateway_manager | 1.7.17 |
| app-json_forms | 1.42.3-2023.2.28 |
| app-jst | 1.15.11-2023.2.20 |
| app-lifecycle_manager | 1.38.4-2023.2.18 |
| app-mop | 6.21.1-2023.2.20 |
| app-nso_manager | 2.25.2-2023.2.6 |
| app-operations_manager | 1.215.10-2023.2.85 |
| app-service_catalog | 3.14.1-2023.2.4 |
| app-service_management | 3.0.2-2023.2.3 |
| app-template_builder | 2.9.1-2023.2.10 |
| app-workflow_builder | 5.55.2-2023.2.26 |
| app-workflow_engine | 11.9.6-2023.2.74 |
| database | 2.3.2 |
| iap-ui | 1.14.3-2023.2.12 |
| itential-utils | 3.3.11 |
| logger | 4.5.0 |
| network | 4.2.5 |
| pronghorn-core | 15.8.10-2023.2.119 |
| search | 1.3.3-2023.2.1 |
| service | 3.4.1 |
| tags | 3.2.2-2023.2.1 |
2023.2.31
Platform 2023.2.31 is a maintenance release containing bug fixes and security updates.
Bug fixes (1)
| Feature | Description |
|---|---|
| viewData inconsistent behavior (ENG-19226) | The viewData task has been updated to improve consistency in how message and body content is parsed and rendered as HTML. |
Security fixes (2)
This release includes important security updates that address vulnerabilities in third-party packages and platform components.
| Feature | Description |
|---|---|
| Algorithmic complexity in minimatch (network) (ENG-20703) | Updated minimatch package to address Inefficient Algorithmic Complexity vulnerability (SNYK-JS-MINIMATCH-15353389). |
| ReDoS in ajv (itential-utils) (ENG-20366) | Fixed ajv Regular Expression Denial of Service (ReDoS) vulnerability by updating package (SNYK-JS-AJV-15274295). |
Component versions
Automation Platform
| Component | Version |
|---|---|
| adapter-automation_gateway | 4.31.4-2023.2.10 |
| adapter-azure_aaa | 1.7.5-2023.2.2 |
| adapter-email | 4.2.20-2023.2.0 |
| adapter-ldap | 2.14.3-2023.2.3 |
| adapter-local_aaa | 4.5.2-2023.2.0 |
| adapter-nso | 7.9.4-2023.2.21 |
| adapter-radius | 2.2.2-2023.2.0 |
| app-admin_essentials | 5.4.10-2023.2.26 |
| app-ag_manager | 1.20.3-2023.2.12 |
| app-automation_catalog | 2.13.7-2023.2.6 |
| app-automation_studio | 4.69.3-2023.2.248 |
| app-configuration_manager | 3.117.5-2023.2.34 |
| app-form_builder | 4.15.3-2023.2.9 |
| app-gateway_manager | 1.7.17 |
| app-json_forms | 1.42.3-2023.2.28 |
| app-jst | 1.15.11-2023.2.20 |
| app-lifecycle_manager | 1.38.4-2023.2.18 |
| app-mop | 6.21.1-2023.2.20 |
| app-nso_manager | 2.25.2-2023.2.6 |
| app-operations_manager | 1.215.10-2023.2.85 |
| app-service_catalog | 3.14.1-2023.2.3 |
| app-service_management | 3.0.2-2023.2.3 |
| app-template_builder | 2.9.1-2023.2.10 |
| app-workflow_builder | 5.55.2-2023.2.26 |
| app-workflow_engine | 11.9.6-2023.2.71 |
| database | 2.3.0 |
| iap-ui | 1.14.3-2023.2.12 |
| itential-utils | 3.3.9 |
| logger | 4.5.0 |
| network | 4.2.5 |
| pronghorn-core | 15.8.10-2023.2.115 |
| search | 1.3.3-2023.2.1 |
| service | 3.4.1 |
| tags | 3.2.2-2023.2.1 |
2023.2.30
Platform 2023.2.30 is a maintenance release containing enhancements, bug fixes, and security updates.
Enhancements (1)
| Feature | Description |
|---|---|
| Enabled setting description field for Golden (Golden Configuration Asset Descriptions (ENG-18925)) | Enabled setting description field for Golden Configuration assets in Configuration Manager, enhancing configuration documentation capabilities. |
Bug fixes (1)
| Feature | Description |
|---|---|
| issue where the eval task incorrectly (Eval Null Value Handling (ENG-18487)) | Fixed issue where the eval task incorrectly handled null values. Improved null checking and value coercion logic. |
Security fixes (1)
| Feature | Description |
|---|---|
| axios package in itential-utils to resolve (Prototype Pollution in axios (ENG-19229)) | Updated axios package in itential-utils to resolve prototype pollution vulnerability. Enhanced input validation to prevent prototype chain manipulation. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| adapter-automation_gateway | 4.31.4-2023.2.8 |
| adapter-azure_aaa | 1.7.5-2023.2.2 |
| adapter-email | 4.2.20-2023.2.0 |
| adapter-ldap | 2.14.3-2023.2.3 |
| adapter-local_aaa | 4.5.2-2023.2.0 |
| adapter-nso | 7.9.4-2023.2.20 |
| adapter-radius | 2.2.2-2023.2.0 |
| app-admin_essentials | 5.4.10-2023.2.25 |
| app-ag_manager | 1.20.3-2023.2.12 |
| app-automation_catalog | 2.13.7-2023.2.6 |
| app-automation_studio | 4.69.3-2023.2.247 |
| app-configuration_manager | 3.117.5-2023.2.33 |
| app-form_builder | 4.15.3-2023.2.8 |
| app-gateway_manager | 1.7.17 |
| app-json_forms | 1.42.3-2023.2.27 |
| app-jst | 1.15.11-2023.2.19 |
| app-lifecycle_manager | 1.38.4-2023.2.17 |
| app-mop | 6.21.1-2023.2.19 |
| app-nso_manager | 2.25.2-2023.2.6 |
| app-operations_manager | 1.215.10-2023.2.83 |
| app-service_catalog | 3.14.1-2023.2.3 |
| app-service_management | 3.0.2-2023.2.3 |
| app-template_builder | 2.9.1-2023.2.9 |
| app-workflow_builder | 5.55.2-2023.2.25 |
| app-workflow_engine | 11.9.6-2023.2.69 |
| database | 2.2.0 |
| iap-ui | 1.14.3-2023.2.12 |
| itential-utils | 3.3.8 |
| logger | 4.5.0 |
| network | 4.2.4 |
| pronghorn-core | 15.8.10-2023.2.114 |
| search | 1.3.3-2023.2.0 |
| service | 3.4.0 |
| tags | 3.2.2-2023.2.0 |
2023.2.29
Platform 2023.2.29 is a maintenance release containing enhancements, bug fixes, and security updates.
Enhancements (1)
| Feature | Description |
|---|---|
| Inventory Manager to the Platform sidebar (ENG-18005) | Added Inventory Manager to the Platform sidebar navigation, making it accessible directly from the main Platform interface. |
Bug fixes (4)
| Feature | Description |
|---|---|
| Input parameter schema in the doProvision (ENG-18195) | Fixed: Input parameter schema in the doProvision workflow task now correctly defines the params property as an object instead of an array, resolving schema validation errors and task execution failures. |
| Integration deletion now works correctly. Resolved (ENG-16275) | Fixed: Integration deletion now works correctly. Resolved an issue where attempting to delete an integration caused the screen to go blank when the confirmation dialog appeared. |
| Updated Scheduler to use new task (ENG-11487) | Fixed: Updated Scheduler to use new task data references. The Scheduler now properly creates task documents with reference pointers to data collections, matching the updated task architecture implemented in 2023.2. |
| Job variables now display correctly in (ENG-4564) | Fixed: Job variables now display correctly in the job view UI. Resolved an issue where job variables appeared empty in the 2023.2 job view interface. |
Security fixes (2)
| Feature | Description |
|---|---|
a security vulnerability in the qs (ENG-18115) | Resolved a security vulnerability in the qs package (CVE-2025-15284) within JST Designer. The vulnerability allowed attackers to bypass array limit protections and exhaust server memory through malicious HTTP requests containing excessive bracket notation parameters. Upgraded to patched version to enforce proper array limits and prevent denial-of-service attacks. For more information, see SNYK-JS-QS-14724253. |
a security vulnerability in the qs (ENG-18105) | Resolved a security vulnerability in the qs package (CVE-2025-15284) within Itential Platform core. The vulnerability allowed attackers to bypass array limit protections and exhaust server memory through malicious HTTP requests containing excessive bracket notation parameters. Upgraded to patched version to enforce proper array limits and prevent denial-of-service attacks. For more information, see SNYK-JS-QS-14724253. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| adapter-automation_gateway | 4.31.4-2023.2.8 |
| adapter-azure_aaa | 1.7.5-2023.2.2 |
| adapter-email | 4.2.20-2023.2.0 |
| adapter-ldap | 2.14.3-2023.2.3 |
| adapter-local_aaa | 4.5.2-2023.2.0 |
| adapter-nso | 7.9.4-2023.2.20 |
| adapter-radius | 2.2.2-2023.2.0 |
| app-admin_essentials | 5.4.10-2023.2.25 |
| app-ag_manager | 1.20.3-2023.2.11 |
| app-automation_catalog | 2.13.7-2023.2.6 |
| app-automation_studio | 4.69.3-2023.2.247 |
| app-configuration_manager | 3.117.5-2023.2.32 |
| app-form_builder | 4.15.3-2023.2.8 |
| app-gateway_manager | 1.7.17 |
| app-json_forms | 1.42.3-2023.2.27 |
| app-jst | 1.15.11-2023.2.19 |
| app-lifecycle_manager | 1.38.4-2023.2.17 |
| app-mop | 6.21.1-2023.2.19 |
| app-nso_manager | 2.25.2-2023.2.5 |
| app-operations_manager | 1.215.10-2023.2.83 |
| app-service_catalog | 3.14.1-2023.2.3 |
| app-service_management | 3.0.2-2023.2.3 |
| app-template_builder | 2.9.1-2023.2.9 |
| app-workflow_builder | 5.55.2-2023.2.25 |
| app-workflow_engine | 11.9.6-2023.2.68 |
| database | 2.2.0 |
| iap-ui | 1.14.3-2023.2.12 |
| itential-utils | 3.3.7 |
| logger | 4.5.0 |
| network | 4.2.4 |
| pronghorn-core | 15.8.10-2023.2.113 |
| search | 1.3.3-2023.2.0 |
| service | 3.4.0 |
| tags | 3.2.2-2023.2.0 |
2023.2.28
Platform 2023.2.28 is a maintenance release containing enhancements, bug fixes, and security updates.
Enhancements (1)
| Feature | Description |
|---|---|
| support for JSON-formatted logging and updated (ENG-15618) | Added support for JSON-formatted logging and updated the logging API to align with the HLD specification, including support for message and context objects. |
Bug fixes (7)
| Feature | Description |
|---|---|
| enhanced logging to the broker and (ENG-7999) | Added enhanced logging to the broker and service layers to improve diagnostics when communicating with Gateway over the device broker. |
| an issue where incoming variable objects (ENG-12302) | Resolved an issue where incoming variable objects set to null in jobs caused Workflow Engine to crash during startup while migrating job documents. |
| a startup hang that occurred when (ENG-13404) | Fixed a startup hang that occurred when service configurations were missing from the filesystem. Platform now filters out these services during initialization and logs which services cannot be loaded. |
| broker logging to provide better diagnostics (ENG-13934) | Enhanced broker logging to provide better diagnostics when adapters are excluded or devices cannot be found during command execution. |
| an issue where Configuration Manager would (ENG-14934) | Resolved an issue where Configuration Manager would crash when invalid configuration was provided. |
| AG Manager to self-manage its configuration (ENG-17458) | Updated AG Manager to self-manage its configuration setup on application start, preventing temporary unavailability of AG Manager tasks duringItential Platform cluster restarts. |
| Excluded AG Manager from Core’s initial (ENG-17558) | Excluded AG Manager from Core’s initial configuration broadcast to prevent temporary loss of methods duringItential Platform cluster restarts. |
Security fixes (1)
| Feature | Description |
|---|---|
| the @micromatch dependency to address a (ENG-9789) | Updated the @micromatch dependency to address a security vulnerability related to inefficient regular expression complexity. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| adapter-automation_gateway | 4.31.4-2023.2.8 |
| adapter-azure_aaa | 1.7.5-2023.2.2 |
| adapter-email | 4.2.20-2023.2.0 |
| adapter-ldap | 2.14.3-2023.2.3 |
| adapter-local_aaa | 4.5.2-2023.2.0 |
| adapter-nso | 7.9.4-2023.2.19 |
| adapter-radius | 2.2.2-2023.2.0 |
| app-admin_essentials | 5.4.10-2023.2.24 |
| app-ag_manager | 1.20.3-2023.2.11 |
| app-automation_catalog | 2.13.7-2023.2.6 |
| app-automation_studio | 4.69.3-2023.2.246 |
| app-configuration_manager | 3.117.5-2023.2.32 |
| app-form_builder | 4.15.3-2023.2.8 |
| app-gateway_manager | 1.7.17 |
| app-json_forms | 1.42.3-2023.2.27 |
| app-jst | 1.15.11-2023.2.19 |
| app-lifecycle_manager | 1.38.4-2023.2.17 |
| app-mop | 6.21.1-2023.2.19 |
| app-nso_manager | 2.25.2-2023.2.5 |
| app-operations_manager | 1.215.10-2023.2.82 |
| app-service_catalog | 3.14.1-2023.2.3 |
| app-service_management | 3.0.2-2023.2.3 |
| app-template_builder | 2.9.1-2023.2.9 |
| app-workflow_builder | 5.55.2-2023.2.25 |
| app-workflow_engine | 11.9.6-2023.2.67 |
| database | 2.2.0 |
| iap-ui | 1.14.3-2023.2.12 |
| itential-utils | 3.3.7 |
| logger | 4.1.0 |
| network | 4.2.4 |
| pronghorn-core | 15.8.10-2023.2.112 |
| search | 1.3.3-2023.2.0 |
| service | 3.4.0 |
| tags | 3.2.2-2023.2.0 |
2023.2.27
Platform 2023.2.27 is a maintenance release containing enhancements, bug fixes, and security updates.
Enhancements (1)
| Feature | Description |
|---|---|
| Gateway Manager now includes finalized discover (ENG-16182) | Gateway Manager now includes finalized discovery changes that improve system functionality and device detection. |
Bug fixes (12)
| Feature | Description |
|---|---|
| Search fields now return correct results (ENG-2890) | Search fields now return correct results. |
| Job variables can no longer be (ENG-3183) | Job variables can no longer be modified when reference view is enabled. |
| Searching for a transformation by ID (ENG-4110) | Searching for a transformation by ID no longer causes the Itential Platform UI to display a blank screen. |
| Project Builder now sorts items alphabetically (ENG-4949) | Project Builder now sorts items alphabetically without case sensitivity. |
| The recent tasks palette now populates (ENG-6662) | The recent tasks palette now populates correctly. |
| ”You are not authorized to access (ENG-7332) | Removed “You are not authorized to access this method” error notifications that appeared unnecessarily in Studio. |
| Integration timeout property now correctly times (ENG-8982) | Integration timeout property now correctly times out requests. This functionality was broken in version 22.1. |
| Renaming a workflow no longer clears (ENG-10398) | Renaming a workflow no longer clears the canvas rendering. |
| Reduced excessive calls to the /myTtl (ENG-15201) | Reduced excessive calls to the /myTtl endpoint to improve system performance. |
| JSON forms now render and display (ENG-15538) | JSON forms now render and display correctly. |
| Automations with Group-Based Access Control groups (ENG-15672) | Automations with Group-Based Access Control groups remain accessible after import when a matching group with the same provenance and name doesn’t exist. |
| Integration models configured without authentication now (ENG-16268) | Integration models configured without authentication now work correctly in Labs. |
Security fixes (3)
| Feature | Description |
|---|---|
| Child jobs launched from the Assets (ENG-15842) | Child jobs launched from the Assets tab now correctly receive incoming variables. |
| the form-data dependency to address a (ENG-15844) | Updated the form-data dependency to address a predictable value range vulnerability. |
| the @node-saml/node-saml dependency to fix an (ENG-15845) | Updated the @node-saml/node-saml dependency to fix an improper cryptographic signature verification issue. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| adapter-automation_gateway | 4.31.4-2023.2.8 |
| adapter-azure_aaa | 1.7.5-2023.2.2 |
| adapter-email | 4.2.20-2023.2.0 |
| adapter-ldap | 2.14.3-2023.2.3 |
| adapter-local_aaa | 4.5.2-2023.2.0 |
| adapter-nso | 7.9.4-2023.2.17 |
| adapter-radius | 2.2.2-2023.2.0 |
| app-admin_essentials | 5.4.10-2023.2.24 |
| app-ag_manager | 1.20.3-2023.2.10 |
| app-automation_catalog | 2.13.7-2023.2.6 |
| app-automation_studio | 4.69.3-2023.2.246 |
| app-configuration_manager | 3.117.5-2023.2.31 |
| app-form_builder | 4.15.3-2023.2.8 |
| app-gateway_manager | 1.7.17 |
| app-json_forms | 1.42.3-2023.2.27 |
| app-jst | 1.15.11-2023.2.19 |
| app-lifecycle_manager | 1.38.4-2023.2.17 |
| app-mop | 6.21.1-2023.2.19 |
| app-nso_manager | 2.25.2-2023.2.5 |
| app-operations_manager | 1.215.10-2023.2.81 |
| app-service_catalog | 3.14.1-2023.2.3 |
| app-service_management | 3.0.2-2023.2.3 |
| app-template_builder | 2.9.1-2023.2.9 |
| app-workflow_builder | 5.55.2-2023.2.25 |
| app-workflow_engine | 11.9.6-2023.2.66 |
| database | 2.2.0 |
| iap-ui | 1.14.3-2023.2.12 |
| itential-utils | 3.3.7 |
| logger | 4.1.0 |
| network | 4.2.4 |
| pronghorn-core | 15.8.10-2023.2.107 |
| search | 1.3.3-2023.2.0 |
| service | 3.3.2 |
| tags | 3.2.2-2023.2.0 |
2023.2.26
Platform 2023.2.26 is a maintenance release containing enhancements, bug fixes, and security updates.
Enhancements (2)
| Feature | Description |
|---|---|
| an issue where service role updates (ENG-15828) | Fixed an issue where service role updates were only processed during initial startup. Role metadata now updates correctly when handling configuration changes via the ADD_CONFIG packet. |
”total_time_ms” field to the webserver.log file, (ENG-15813) | Added “total_time_ms” field to the webserver.log file, which measures the time in milliseconds between when a request enters the webserver and when the response has finished being written to the connection. |
Bug fixes (10)
| Feature | Description |
|---|---|
| error message when duplicate keys cause (ENG-15538) | Updated error message when duplicate keys cause issues. |
| Separated the Platform Event System from (ENG-15227) | Separated the Platform Event System from the HTTP Web Server’s shared process to prevent high event throughput from impacting platform performance. |
| the Operations Manager Jobs page becoming (ENG-15013) | Fixed the Operations Manager Jobs page becoming unusable when many jobs have more than 1,000 ancestor jobs. Updated the page to minimize the number of ancestor jobs retrieved from the database and resolved UI issues in the jobs table. |
| an issue where users cannot draw (ENG-14970) | Fixed an issue where users cannot draw transitions from inside a loop to outside of a loop. |
| additional error handling to prevent crashes (ENG-14483) | Added additional error handling to prevent crashes during AG Manager task executions. |
| an issue where adding an else (ENG-11148) | Fixed an issue where adding an else if conditional path in a JST from the if…else method did not appropriately update subsequent conditional paths, resulting in incorrect evaluation. Added a warning when opening corrupted transformations to notify users and resolved the issue when adding else if conditional paths. |
| Integration Instances incorrectly referring to the (ENG-8932) | Fixed Integration Instances incorrectly referring to the Itential Platform log level when logging request activity. Integration logging now correctly refers to the log settings applied to each individual Integration Instance. |
| an issue where users could create (ENG-4774) | Fixed an issue where users could create Workflow Groups with Project assets. |
| an issue where not all users (ENG-3335) | Fixed an issue where not all users could see applications in the application dropdown in Studio. |
| a search issue that prevented templates (ENG-2571) | Fixed a search issue that prevented templates and transformations containing special characters (e.g., ’*’) from being found. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| adapter-automation_gateway | 4.31.4-2023.2.7 |
| adapter-azure_aaa | 1.7.5-2023.2.2 |
| adapter-email | 4.2.20-2023.2.0 |
| adapter-ldap | 2.14.3-2023.2.3 |
| adapter-local_aaa | 4.5.2-2023.2.0 |
| adapter-nso | 7.9.4-2023.2.17 |
| adapter-radius | 2.2.2-2023.2.0 |
| app-admin_essentials | 5.4.10-2023.2.24 |
| app-ag_manager | 1.20.3-2023.2.4 |
| app-automation_catalog | 2.13.7-2023.2.6 |
| app-automation_studio | 4.69.3-2023.2.236 |
| app-configuration_manager | 3.117.5-2023.2.31 |
| app-form_builder | 4.15.3-2023.2.8 |
| app-gateway_manager | 1.7.17 |
| app-json_forms | 1.42.3-2023.2.27 |
| app-jst | 1.15.11-2023.2.18 |
| app-lifecycle_manager | 1.38.4-2023.2.17 |
| app-mop | 6.21.1-2023.2.19 |
| app-nso_manager | 2.25.2-2023.2.5 |
| app-operations_manager | 1.215.10-2023.2.77 |
| app-service_catalog | 3.14.1-2023.2.3 |
| app-service_management | 3.0.2-2023.2.3 |
| app-template_builder | 2.9.1-2023.2.9 |
| app-workflow_builder | 5.55.2-2023.2.25 |
| app-workflow_engine | 11.9.6-2023.2.66 |
| database | 2.2.0 |
| iap-ui | 1.14.3-2023.2.12 |
| itential-utils | 3.3.7 |
| logger | 4.1.0 |
| network | 4.2.4 |
| pronghorn-core | 15.8.10-2023.2.101 |
| search | 1.3.3-2023.2.0 |
| service | 3.3.2 |
| tags | 3.2.2-2023.2.0 |
2023.2.25
Platform 2023.2.25 is a maintenance release containing enhancements, bug fixes, and security updates.
The 2023.2.25 artifacts have been removed from the Itential Artifact Repository. We apologize for any inconvenience.
Enhancements (3)
| Feature | Description |
|---|---|
| AG Manager dynamic configuration discovery (ENG-5655) | The AG Manager now advertises configuration changes to the platform dynamically and waits for adapters to come online during platform startup, ensuring more reliable resource discovery without requiring restarts. |
| Service role updates via ADD_CONFIG packet (ENG-15828) | Fixed an issue where service role updates were only processed during initial startup. Role metadata now updates correctly when handling configuration changes via the ADD_CONFIG packet. |
| total_time_ms field in webserver.log (ENG-15813) | Added “total_time_ms” field to the webserver.log file, which measures the time in milliseconds between when a request enters the webserver and when the response has finished being written to the connection. |
Bug fixes (9)
| Feature | Description |
|---|---|
| Separated the Platform Event System from (ENG-15227) | Separated the Platform Event System from the HTTP Web Server’s shared process to prevent high event throughput from impacting platform performance. |
| the Operations Manager Jobs page becoming (ENG-15013) | Fixed the Operations Manager Jobs page becoming unusable when many jobs have more than 1,000 ancestor jobs. Updated the page to minimize the number of ancestor jobs retrieved from the database and resolved UI issues in the jobs table. |
| an issue where users cannot draw (ENG-14970) | Fixed an issue where users cannot draw transitions from inside a loop to outside of a loop. |
| additional error handling to prevent crashes (ENG-14483) | Added additional error handling to prevent crashes during AG Manager task executions. |
| an issue where adding an else (ENG-11148) | Fixed an issue where adding an else if conditional path in a JST from the if…else method did not appropriately update subsequent conditional paths, resulting in incorrect evaluation. Added a warning when opening corrupted transformations to notify users and resolved the issue when adding else if conditional paths. |
| Integration Instances incorrectly referring to the (ENG-8932) | Fixed Integration Instances incorrectly referring to the Itential Platform log level when logging request activity. Integration logging now correctly refers to the log settings applied to each individual Integration Instance. |
| an issue where users could create (ENG-4774) | Fixed an issue where users could create Workflow Groups with Project assets. |
| an issue where not all users (ENG-3335) | Fixed an issue where not all users could see applications in the application dropdown in Studio. |
| a search issue that prevented templates (ENG-2571) | Fixed a search issue that prevented templates and transformations containing special characters (e.g., ’*’) from being found. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| adapter-automation_gateway | 4.31.4-2023.2.7 |
| adapter-azure_aaa | 1.7.5-2023.2.2 |
| adapter-email | 4.2.20-2023.2.0 |
| adapter-ldap | 2.14.3-2023.2.3 |
| adapter-local_aaa | 4.5.2-2023.2.0 |
| adapter-nso | 7.9.4-2023.2.17 |
| adapter-radius | 2.2.2-2023.2.0 |
| app-admin_essentials | 5.4.10-2023.2.24 |
| app-ag_manager | 1.20.3-2023.2.5 |
| app-automation_catalog | 2.13.7-2023.2.6 |
| app-automation_studio | 4.69.3-2023.2.236 |
| app-configuration_manager | 3.117.5-2023.2.31 |
| app-form_builder | 4.15.3-2023.2.8 |
| app-gateway_manager | 1.7.17 |
| app-json_forms | 1.42.3-2023.2.27 |
| app-jst | 1.15.11-2023.2.18 |
| app-lifecycle_manager | 1.38.4-2023.2.17 |
| app-mop | 6.21.1-2023.2.19 |
| app-nso_manager | 2.25.2-2023.2.5 |
| app-operations_manager | 1.215.10-2023.2.77 |
| app-service_catalog | 3.14.1-2023.2.3 |
| app-service_management | 3.0.2-2023.2.3 |
| app-template_builder | 2.9.1-2023.2.9 |
| app-workflow_builder | 5.55.2-2023.2.25 |
| app-workflow_engine | 11.9.6-2023.2.66 |
| database | 2.2.0 |
| iap-ui | 1.14.3-2023.2.12 |
| itential-utils | 3.3.7 |
| logger | 4.1.0 |
| network | 4.2.4 |
| pronghorn-core | 15.8.10-2023.2.101 |
| search | 1.3.3-2023.2.0 |
| service | 3.3.2 |
| tags | 3.2.2-2023.2.0 |
2023.2.24
Platform 2023.2.24 is a maintenance release containing enhancements, bug fixes, and security updates.
Enhancements (2)
| Feature | Description |
|---|---|
| JSON Forms dependency on JST library (ENG-12858) | Removed JSON Forms dependency on JST library for dynamic dropdowns. |
| LDAP adapter property to restrict login (ENG-13638) | Added LDAP adapter property to restrict login to custom groups. |
Bug fixes (9)
| Feature | Description |
|---|---|
| Canvas Controls being cut off in (ENG-3420) | Fixed Canvas Controls being cut off in the Projects editor. |
| project table not scrolling with excess (ENG-5029) | Fixed project table not scrolling with excess data on the projects homepage. |
| Read-only banner now displays only for (ENG-5403) | Read-only banner now displays only for users with read-only access. |
| viewing Templates with large outputs in (ENG-10276) | Fixed viewing Templates with large outputs in a Project. |
| loss of assets when importing a (ENG-14005) | Fixed loss of assets when importing a project. |
| Moving assets between projects no longer (ENG-14157) | Moving assets between projects no longer causes issues. |
getTriggers API error when referencing deleted (ENG-14364) | Fixed getTriggers API error when referencing deleted JSON forms. |
/health/status API now correctly identifies CyberArk (ENG-14423) | /health/status API now correctly identifies CyberArk CCP as the secrets provider. |
| jobs with SLA set to 0 (ENG-14521) | Fixed jobs with SLA set to 0 incorrectly firing jobSlaBreach events. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| adapter-automation_gateway | 4.31.4-2023.2.6 |
| adapter-azure_aaa | 1.7.5-2023.2.2 |
| adapter-email | 4.2.20-2023.2.0 |
| adapter-ldap | 2.14.3-2023.2.2 |
| adapter-local_aaa | 4.5.2-2023.2.0 |
| adapter-nso | 7.9.4-2023.2.17 |
| adapter-radius | 2.2.2-2023.2.0 |
| app-admin_essentials | 5.4.10-2023.2.24 |
| app-ag_manager | 1.20.3-2023.2.3 |
| app-automation_catalog | 2.13.7-2023.2.6 |
| app-automation_studio | 4.69.3-2023.2.222 |
| app-configuration_manager | 3.117.5-2023.2.31 |
| app-form_builder | 4.15.3-2023.2.8 |
| app-gateway_manager | 1.7.17 |
| app-json_forms | 1.42.3-2023.2.27 |
| app-jst | 1.15.11-2023.2.16 |
| app-lifecycle_manager | 1.38.4-2023.2.17 |
| app-mop | 6.21.1-2023.2.19 |
| app-nso_manager | 2.25.2-2023.2.5 |
| app-operations_manager | 1.215.10-2023.2.73 |
| app-service_catalog | 3.14.1-2023.2.3 |
| app-service_management | 3.0.2-2023.2.3 |
| app-template_builder | 2.9.1-2023.2.9 |
| app-workflow_builder | 5.55.2-2023.2.24 |
| app-workflow_engine | 11.9.6-2023.2.65 |
| database | 2.1.0 |
| iap-ui | 1.14.3-2023.2.12 |
| itential-utils | 3.3.4 |
| logger | 4.1.0 |
| network | 4.2.2 |
| pronghorn-core | 15.8.10-2023.2.90 |
| search | 1.3.3-2023.2.0 |
| service | 3.3.2 |
| tags | 3.2.2-2023.2.0 |
2023.2.23
Platform 2023.2.23 is a maintenance release containing enhancements, bug fixes, and security updates.
Enhancements (3)
| Feature | Description |
|---|---|
| error handling by adding a tooltip (ENG-9267) | Improved error handling by adding a tooltip to show error information for the error status in a Compliance Plan report. |
| CyberArk CCP secrets provider support (ENG-12789) | Added support for CyberArk CCP as a secrets provider. |
| Gateway Manager connection validation now ensures (ENG-13928) | Gateway Manager connection validation now ensures only one connection exists per cluster ID. |
Bug fixes (8)
| Feature | Description |
|---|---|
Created a new getTimeByTimezone task that (ENG-8589) | Created a new getTimeByTimezone task that presents timezones by location to accommodate for time variations caused by Daylight Savings Time. Additionally, timezone input is now optional and will default to the system’s timezone if not present, also accounting for Daylight Savings Time. |
| Parallel revert infinite loop fix (ENG-8999) | Fixed an issue where jobs that had reverts in parallel could trigger an infinite loop that saturated the CPU. |
| Automation Gateway TimeoutOverflowWarning fix (ENG-10281) | Resolved an issue where the Automation Gateway adapter was producing a large number of TimeoutOverflowWarning errors when throttling is enabled. Added a new iapGetAdapterQueue task for better debugging. |
| A bug was fixed where the (ENG-10848) | A bug was fixed where the internal functions of transformation would disappear upon pressing the backspace key, improving user experience. |
| The strict mode for Studio workflow (ENG-13023) | The strict mode for Studio workflow run validation has been disabled to improve flexibility and usability during workflow execution and prevent workflow error. |
| An issue was resolved in JST (ENG-13291) | An issue was resolved in JST Transformations where adding conditionals to a step that had multiple assignments from the return would lead to a broken reference. Additionally, a fix was implemented to ensure that a new context would properly propagate from a step with multiple assignments. |
| issue where anchors incorrectly remained marked (ENG-13405) | Resolved issue where anchors incorrectly remained marked as assigned when drawing invalid transitions from context variables to parameters across different tasks. |
| an issue where creating a new (ENG-14383) | Fixed an issue where creating a new gateway would succeed, but result in a bad service-group state. |
Security fixes (1)
| Feature | Description |
|---|---|
| Sanitized filename data and replaced direct (ENG-2629) | Sanitized filename data and replaced direct assignment of properties to fix security vulnerabilities. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| adapter-automation_gateway | 4.31.4-2023.2.6 |
| adapter-azure_aaa | 1.7.5-2023.2.2 |
| adapter-email | 4.2.20-2023.2.0 |
| adapter-ldap | 2.14.3-2023.2.2 |
| adapter-local_aaa | 4.5.2-2023.2.0 |
| adapter-nso | 7.9.4-2023.2.17 |
| adapter-radius | 2.2.2-2023.2.0 |
| app-admin_essentials | 5.4.10-2023.2.24 |
| app-ag_manager | 1.20.3-2023.2.3 |
| app-automation_catalog | 2.13.7-2023.2.6 |
| app-automation_studio | 4.69.3-2023.2.222 |
| app-configuration_manager | 3.117.5-2023.2.31 |
| app-form_builder | 4.15.3-2023.2.8 |
| app-gateway_manager | 1.7.14 |
| app-json_forms | 1.42.3-2023.2.27 |
| app-jst | 1.15.11-2023.2.16 |
| app-lifecycle_manager | 1.38.4-2023.2.17 |
| app-mop | 6.21.1-2023.2.19 |
| app-nso_manager | 2.25.2-2023.2.5 |
| app-operations_manager | 1.215.10-2023.2.73 |
| app-service_catalog | 3.14.1-2023.2.3 |
| app-service_management | 3.0.2-2023.2.3 |
| app-template_builder | 2.9.1-2023.2.9 |
| app-workflow_builder | 5.55.2-2023.2.24 |
| app-workflow_engine | 11.9.6-2023.2.65 |
| database | 2.1.0 |
| iap-ui | 1.14.3-2023.2.12 |
| itential-utils | 3.3.4 |
| logger | 4.1.0 |
| network | 4.2.2 |
| pronghorn-core | 15.8.10-2023.2.90 |
| search | 1.3.3-2023.2.0 |
| service | 3.3.2 |
| tags | 3.2.2-2023.2.0 |
2023.2.22
Platform 2023.2.22 is a maintenance release containing enhancements, bug fixes, and security updates.
The 2023.2.22 artifacts have been removed from the Itential Artifact Repository. We apologize for any inconvenience.
Enhancements (1)
| Feature | Description |
|---|---|
| error handling by adding a tooltip (ENG-9267) | Improved error handling by adding a tooltip to show error information for the error status in a Compliance Plan report. |
Bug fixes (7)
| Feature | Description |
|---|---|
Created a new getTimeByTimezone task that (ENG-8589) | Created a new getTimeByTimezone task that presents timezones by location to accommodate for time variations caused by Daylight Savings Time. Additionally, timezone input is now optional and will default to the system’s timezone if not present, also accounting for Daylight Savings Time. |
| an issue where jobs that had (ENG-8999) | Fixed an issue where jobs that had reverts in parallel could trigger an infinite loop that saturated the CPU. |
| Automation Gateway timeout errors (ENG-10281) | Resolved an issue where the Automation Gateway adapter was producing a large number of TimeoutOverflowWarning errors when throttling is enabled. Added a new iapGetAdapterQueue task for better debugging. |
| A bug was fixed where the (ENG-10848) | A bug was fixed where the internal functions of transformation would disappear upon pressing the backspace key, improving user experience. |
| The strict mode for Studio workflow (ENG-13023) | The strict mode for Studio workflow run validation has been disabled to improve flexibility and usability during workflow execution and prevent workflow error. |
| An issue was resolved in JST (ENG-13291) | An issue was resolved in JST Transformations where adding conditionals to a step that had multiple assignments from the return would lead to a broken reference. Additionally, a fix was implemented to ensure that a new context would properly propagate from a step with multiple assignments. |
| issue where anchors incorrectly remained marked (ENG-13405) | Resolved issue where anchors incorrectly remained marked as assigned when drawing invalid transitions from context variables to parameters across different tasks. |
Security fixes (1)
| Feature | Description |
|---|---|
| Sanitized filename data and replaced direct (ENG-2629) | Sanitized filename data and replaced direct assignment of properties to fix security vulnerabilities. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| adapter-automation_gateway | 4.31.4-2023.2.6 |
| adapter-azure_aaa | 1.7.5-2023.2.2 |
| adapter-email | 4.2.20-2023.2.0 |
| adapter-ldap | 2.14.3-2023.2.2 |
| adapter-local_aaa | 4.5.2-2023.2.0 |
| adapter-nso | 7.9.4-2023.2.17 |
| adapter-radius | 2.2.2-2023.2.0 |
| app-admin_essentials | 5.4.10-2023.2.24 |
| app-ag_manager | 1.20.3-2023.2.3 |
| app-automation_catalog | 2.13.7-2023.2.6 |
| app-automation_studio | 4.69.3-2023.2.222 |
| app-configuration_manager | 3.117.5-2023.2.31 |
| app-form_builder | 4.15.3-2023.2.8 |
| app-gateway_manager | 1.7.9 |
| app-json_forms | 1.42.3-2023.2.27 |
| app-jst | 1.15.11-2023.2.16 |
| app-lifecycle_manager | 1.38.4-2023.2.17 |
| app-mop | 6.21.1-2023.2.19 |
| app-nso_manager | 2.25.2-2023.2.5 |
| app-operations_manager | 1.215.10-2023.2.73 |
| app-service_catalog | 3.14.1-2023.2.3 |
| app-service_management | 3.0.2-2023.2.3 |
| app-template_builder | 2.9.1-2023.2.9 |
| app-workflow_builder | 5.55.2-2023.2.24 |
| app-workflow_engine | 11.9.6-2023.2.65 |
| database | 2.1.0 |
| iap-ui | 1.14.3-2023.2.12 |
| itential-utils | 3.3.4 |
| logger | 4.1.0 |
| network | 4.2.2 |
| pronghorn-core | 15.8.10-2023.2.90 |
| search | 1.3.3-2023.2.0 |
| service | 3.3.2 |
| tags | 3.2.2-2023.2.0 |
2023.2.21
Platform 2023.2.21 is a maintenance release containing enhancements, bug fixes, and security updates.
This 2023.2.21 release includes important updates and fixes to the Platform.
Enhancements (7)
| Feature | Description |
|---|---|
| Codebase cleanup and dead code removal (ENG-10707) | The codebase has undergone a thorough cleanup, which involved removing unused dependencies and eliminating dead code, thereby improving overall performance and maintainability. |
| app-gateway_manager in container images (ENG-11500) | Added @itential/app-gateway_manager to container images. |
| New UUID property for workflow data (ENG-12003) | Introduced a new UUID property to workflow data for enhanced identification. |
| NSO adapter global-timeout setting (ENG-12523) | The NSO adapter has been updated to incorporate a global-timeout setting, which acts as a boolean flag. When set to ‘true’, this global-timeout setting allows services to bypass local timeout values and instead adhere to the global timeout configuration. If the global-timeout is not activated or is set to ‘false’, the system will revert to either a custom value or the default timeout of 60 seconds, as specified by the user. |
| workflowId and projectId in jobStart event (ENG-12595) | Added workflowId and projectId properties to the jobStart event in Workflow Engine. These unique identifiers help to correlate workflow executions (jobs), and protect against unexpected event duplication. |
| Task summary and description in WFE events (ENG-12662) | Added a task summary and description to Workflow Engine events. This metadata is automatically added to task events handled via the eventSystem, allowing users to easily understand the purpose and details of each event. |
| Expand/collapse buttons for trigger editing (ENG-13038) | A new feature has been introduced that allows users to expand and collapse buttons for trigger editing within automations, enhancing the user experience and functionality. |
Bug fixes (18)
| Feature | Description |
|---|---|
| Removed unusable Project shortcuts (ENG-2891) | Removed and hid unusable shortcuts for transformations within a Project, preventing users from performimg actions that should not be performed in a Project. |
| the Platform was configured to authenticate (ENG-4213) | When the Platform was configured to authenticate users via SAML SSO, a user who was logged out from a page in the Platform would not be redirected to their original location after logging back in. Support was added for persistent redirect links across SAML SSO login flows to ensure users are restored to their original location after logging out and logging back in. |
| childJob loop status in output objects (ENG-7728) | Fixed an issue where the status for each job was not reflected in the output objects from the childJob task when either parallel or sequential looping was enabled. |
| In certain circumstances, the Workflow Builder (ENG-7900) | In certain circumstances, the Workflow Builder Canvas would display duplicate task definitions in the task palette. This change provides a fix that eliminates possible race conditions and ensures no duplicates are added. |
| A race condition issue during prebuilt (ENG-7955) | A race condition issue during prebuilt imports has been resolved. This problem arose when multiple workflows in the prebuilt contained the same group, which would previously cause errors in the import API. The fix ensures smoother operation without errors. |
| configuring Azure/EntraID as an Identity Provider (ENG-8062) | When configuring Azure/EntraID as an Identity Provider (IdP) in the Platform, the SSO test connection failed due to a required Password, ProtectedTransport authentication method. To resolve this issue, added a “Disable Expected Auth” toggle to the SSO configuration page that gives administrators the option to control the disableAuthnContext configuration property that disables checking of AuthnContext in an SSO/SAML response. |
| A bug that caused child job (ENG-8815) | A bug that caused child job loops to remain stuck in a running state even after all child jobs were cancelled has been successfully fixed, ensuring that the system behaves as expected. |
| A critical bug has been fixed (ENG-10315) | A critical bug has been fixed regarding the convertTimezone task and other related time tasks. Previously, these tasks would incorrectly default to using the current date and time rather than the correct input time. This issue has now been rectified. |
| A series of fixes have been (ENG-10352) | A series of fixes have been implemented to address multiple issues that occurred when utilizing an incoming or outgoing JST schema. These issues have been resolved to ensure proper functionality at runtime. |
| a JST bug that allowed references (ENG-10751) | Resolved a JST bug that allowed references to deleted steps to persist within the context of other steps, ensuring that the integrity of the workflow remains intact and that users are not misled by outdated references. |
| Restart of memory-exhausted services (ENG-11043) | Fixed an issue preventing the restart of services that crash due to memory exhaustion. |
checks for iap_id and Redis connection (ENG-12023) | Added checks for iap_id and Redis connection to ensure smooth shutdowns when exiting the Platform early in the startup process and when exiting the Platform after Redis shuts down. |
| Copying command templates between Projects changed (ENG-12405) | Copying command templates between Projects changed the created and lastUpdated fields to a date string instead of an integer, preventing users from saving the Command Template. Fixed the date formatting for JSON schemas when copying assets into a project space. |
| importing a pre-built automation with GBAC (ENG-12445) | When importing a pre-built automation with GBAC assigned, the imported automation does not appear in the Operations Manager side navigation bar. Fixed pre-built automation import to ensure all GBAC id are strings and the automation is displayed in the side navigation bar. |
| The login API calls from Gateway (ENG-12480) | The login API calls from Gateway adapters were displaying password and token as plaintext credentials in the Gateway adapter logs. To mask sensitive credentials in Itential Platform logs, updated the adapter-utils dependency version. |
| The Command Template Builder UI previously (ENG-12529) | The Command Template Builder UI previously lacked the Maximum Accepted Percentage (%) selector when performing a comparison evaluation by percentage. This issue has been rectified by re-adding the selector to the UI, ensuring its availability for use in command templates. |
| adding users to a Group via (ENG-12616) | When adding users to a Group via UI, the save button was greyed out (disabled). Implemented functionality in the Edit Group dialog so that when modifying group members through the Admin Essentials UI, the save button will now be enabled on member change. |
| An important fix has been implemented (ENG-12865) | An important fix has been implemented to address a significant issue where deeply nested objects or large arrays of objects, when used as inputs to tasks, could lead to the task being stuck in a running state. This was accompanied by a “Maximum Call Stack” error being logged, which has now been resolved. |
Security fixes (3)
| Feature | Description |
|---|---|
| running security scans, it showed affected (ENG-11009) | When running security scans, it showed affected versions of app-operations_manager in the Platform were vulnerable to Regular Expression Denial of Service (ReDoS) risks. Upgraded semver to latest version to resolve this vulnerability. |
| running security scans, it showed affected (ENG-12785) | When running security scans, it showed affected versions of the tar-fs and undici packages in Admin Essentials were vulnerable to security risks. Upgraded the tar-fs package dependency to 2.1.3 and the undici package to 5.29.0 to resolve this vulnerability. |
Upgraded the ssh2 package in adapter-nso (ENG-12833) | Upgraded the ssh2 package in adapter-nso to version 1.16.0 to address a Command Injection security vulnerability present in version 0.8.9 of the dependency. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| itential/adapter-automation_gateway | 4.31.4-2023.2.5 |
| itential/adapter-azure_aaa | 1.7.5-2023.2.2 |
| itential/adapter-email | 4.2.20-2023.2.0 |
| itential/adapter-ldap | 2.14.3-2023.2.2 |
| itential/adapter-local_aaa | 4.5.2-2023.2.0 |
| itential/adapter-nso | 7.9.4-2023.2.16 |
| itential/adapter-radius | 2.2.2-2023.2.0 |
| itential/app-admin_essentials | 5.4.10-2023.2.24 |
| itential/app-ag_manager | 1.20.3-2023.2.3 |
| itential/app-automation_catalog | 2.13.7-2023.2.6 |
| itential/app-automation_studio | 4.69.3-2023.2.218 |
| itential/app-configuration_manager | 3.117.5-2023.2.30 |
| itential/app-form_builder | 4.15.3-2023.2.7 |
| itential/app-gateway_manager | 1.6.16 |
| itential/app-json_forms | 1.42.3-2023.2.27 |
| itential/app-jst | 1.15.11-2023.2.16 |
| itential/app-lifecycle_manager | 1.38.4-2023.2.17 |
| itential/app-mop | 6.21.1-2023.2.19 |
| itential/app-nso_manager | 2.25.2-2023.2.5 |
| itential/app-operations_manager | 1.215.10-2023.2.73 |
| itential/app-service_catalog | 3.14.1-2023.2.3 |
| itential/app-service_management | 3.0.2-2023.2.3 |
| itential/app-template_builder | 2.9.1-2023.2.9 |
| itential/app-workflow_builder | 5.55.2-2023.2.24 |
| itential/app-workflow_engine | 11.9.6-2023.2.63 |
| itential/database | 2.1.0 |
| itential/iap-ui | 1.14.3-2023.2.12 |
| itential/itential-utils | 3.2.5 |
| itential/logger | 4.1.0 |
| itential/network | 4.2.2 |
| itential/pronghorn-core | 15.8.10-2023.2.88 |
| itential/search | 1.3.3-2023.2.0 |
| itential/service | 3.3.2 |
| itential/tags | 3.2.2-2023.2.0 |
2023.2.20
Platform 2023.2.20 is a maintenance release containing enhancements, bug fixes, and security updates.
The 2023.2.20 artifacts have been removed from the Itential Artifact Repository. We apologize for any inconvenience.
Enhancements (4)
| Feature | Description |
|---|---|
| app-gateway_manager in container images (ENG-11500) | Added @itential/app-gateway_manager to container images. |
| NSO adapter global-timeout setting (ENG-12523) | The NSO adapter has been updated to incorporate a global-timeout setting, which acts as a boolean flag. When set to ‘true’, this global-timeout setting allows services to bypass local timeout values and instead adhere to the global timeout configuration. If the global-timeout is not activated or is set to ‘false’, the system will revert to either a custom value or the default timeout of 60 seconds, as specified by the user. |
| workflowId and projectId in jobStart event (ENG-12595) | Added workflowId and projectId properties to the jobStart event in Workflow Engine. These unique identifiers help to correlate workflow executions (jobs), and protect against unexpected event duplication. |
| Task summary and description in WFE events (ENG-12662) | Added a task summary and description to Workflow Engine events. This metadata is automatically added to task events handled via the eventSystem, allowing users to easily understand the purpose and details of each event. |
Bug fixes (13)
| Feature | Description |
|---|---|
| Removed unusable Project shortcuts (ENG-2891) | Removed and hid unusable shortcuts for transformations within a Project, preventing users from performimg actions that should not be performed in a Project. |
| the Platform was configured to authenticate (ENG-4213) | When the Platform was configured to authenticate users via SAML SSO, a user who was logged out from a page in the Platform would not be redirected to their original location after logging back in. Support was added for persistent redirect links across SAML SSO login flows to ensure users are restored to their original location after logging out and logging back in. |
| childJob loop status in output objects (ENG-7728) | Fixed an issue where the status for each job was not reflected in the output objects from the childJob task when either parallel or sequential looping was enabled. |
| In certain circumstances, the Workflow Builder (ENG-7900) | In certain circumstances, the Workflow Builder Canvas would display duplicate task definitions in the task palette. This change provides a fix that eliminates possible race conditions and ensures no duplicates are added. |
| configuring Azure/EntraID as an Identity Provider (ENG-8062) | When configuring Azure/EntraID as an Identity Provider (IdP) in the Platform, the SSO test connection failed due to a required Password, ProtectedTransport authentication method. To resolve this issue, added a “Disable Expected Auth” toggle to the SSO configuration page that gives administrators the option to control the disableAuthnContext configuration property that disables checking of AuthnContext in an SSO/SAML response. |
| A series of fixes have been (ENG-10352) | A series of fixes have been implemented to address multiple issues that occurred when utilizing an incoming or outgoing JST schema. These issues have been resolved to ensure proper functionality at runtime. |
| a JST bug that allowed references (ENG-10751) | Resolved a JST bug that allowed references to deleted steps to persist within the context of other steps, ensuring that the integrity of the workflow remains intact and that users are not misled by outdated references. |
checks for iap_id and Redis connection (ENG-12023) | Added checks for iap_id and Redis connection to ensure smooth shutdowns when exiting the Platform early in the startup process and when exiting the Platform after Redis shuts down. |
| Copying command templates between Projects changed (ENG-12405) | Copying command templates between Projects changed the created and lastUpdated fields to a date string instead of an integer, preventing users from saving the Command Template. Fixed the date formatting for JSON schemas when copying assets into a project space. |
| importing a pre-built automation with GBAC (ENG-12445) | When importing a pre-built automation with GBAC assigned, the imported automation does not appear in the Operations Manager side navigation bar. Fixed pre-built automation import to ensure all GBAC id are strings and the automation is displayed in the side navigation bar. |
| The login API calls from Gateway (ENG-12480) | The login API calls from Gateway adapters were displaying password and token as plaintext credentials in the Gateway adapter logs. To mask sensitive credentials in Itential Platform logs, updated the adapter-utils dependency version. |
| The Command Template Builder UI previously (ENG-12529) | The Command Template Builder UI previously lacked the Maximum Accepted Percentage (%) selector when performing a comparison evaluation by percentage. This issue has been rectified by re-adding the selector to the UI, ensuring its availability for use in command templates. |
| adding users to a Group via (ENG-12616) | When adding users to a Group via UI, the save button was greyed out (disabled). Implemented functionality in the Edit Group dialog so that when modifying group members through the Admin Essentials UI, the save button will now be enabled on member change. |
Security fixes (1)
| Feature | Description |
|---|---|
| running security scans, it showed affected (ENG-12785) | When running security scans, it showed affected versions of the tar-fs and undici packages in Admin Essentials were vulnerable to security risks. Upgraded the tar-fs package dependency to 2.1.3 and the undici package to 5.29.0 to resolve this vulnerability. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| itential/adapter-automation_gateway | 4.31.4-2023.2.4 |
| itential/adapter-azure_aaa | 1.7.5-2023.2.2 |
| itential/adapter-email | 4.2.20-2023.2.0 |
| itential/adapter-ldap | 2.14.3-2023.2.2 |
| itential/adapter-local_aaa | 4.5.2-2023.2.0 |
| itential/adapter-nso | 7.9.4-2023.2.16 |
| itential/adapter-radius | 2.2.2-2023.2.0 |
| itential/app-admin_essentials | 5.4.10-2023.2.23 |
| itential/app-ag_manager | 1.20.3-2023.2.3 |
| itential/app-automation_catalog | 2.13.7-2023.2.5 |
| itential/app-automation_studio | 4.69.3-2023.2.214 |
| itential/app-configuration_manager | 3.117.5-2023.2.29 |
| itential/app-form_builder | 4.15.3-2023.2.6 |
| itential/app-gateway_manager | 1.6.16 |
| itential/app-json_forms | 1.42.3-2023.2.26 |
| itential/app-jst | 1.15.11-2023.2.16 |
| itential/app-lifecycle_manager | 1.38.4-2023.2.16 |
| itential/app-mop | 6.21.1-2023.2.18 |
| itential/app-nso_manager | 2.25.2-2023.2.5 |
| itential/app-operations_manager | 1.215.10-2023.2.70 |
| itential/app-service_catalog | 3.14.1-2023.2.3 |
| itential/app-service_management | 3.0.2-2023.2.3 |
| itential/app-template_builder | 2.9.1-2023.2.8 |
| itential/app-workflow_builder | 5.55.2-2023.2.22 |
| itential/app-workflow_engine | 11.9.6-2023.2.58 |
| itential/database | 2.1.0 |
| itential/iap-ui | 1.14.3-2023.2.12 |
| itential/itential-utils | 3.2.4 |
| itential/logger | 4.1.0 |
| itential/network | 4.2.2 |
| itential/pronghorn-core | 15.8.10-2023.2.86 |
| itential/search | 1.3.3-2023.2.0 |
| itential/service | 3.3.2 |
| itential/tags | 3.2.2-2023.2.0 |
2023.2.19
Platform 2023.2.19 is a maintenance release containing enhancements, bug fixes, and security updates.
Enhancements (2)
| Feature | Description |
|---|---|
| Task events have been added to (ENG-11418) | Task events have been added to the Workflow Engine, which significantly improves the auditing capabilities of job processing, allowing for better tracking and management of tasks. |
| custom job and task variable support (ENG-11516) | Implemented custom job and task variable support in the Gateway Manager runService task. This task enhances the functionality of Gateway Manager, allowing users to select the service type and gateway cluster, and use variable options for cluster and service inputs. |
Bug fixes (8)
| Feature | Description |
|---|---|
| an issue where the custom role (ENG-1609) | Fixed an issue where the custom role dialog in Admin Essentials did not display roles for methods categorized as tasks, which are not HTTP endpoints. The endpoint behind the configuration dialog has been corrected to return task methods, enabling comprehensive configuration of custom roles. |
app-configuration_manager-maintenance to the base distribut… (ENG-3799) | Added app-configuration_manager-maintenance to the base distribution of Itential Platform to include all Configuration Manager features, except for Golden Configuration. |
the rodeo-ui version to resolve a (ENG-10673) | Updated the rodeo-ui version to resolve a bug issue where the /myTtl API endpoint was being unnecessarily triggered multiple times when the Logout Warning Dialog was displayed. |
| An issue was resolved where Projects (ENG-10721) | An issue was resolved where Projects larger than 2MB would encounter errors when pulled from a Github repository. This issue has been corrected to ensure smoother Project management. |
calculation errors in nextRunAt for schedule (ENG-10753) | Resolved calculation errors in nextRunAt for schedule triggers that occurred under specific creation circumstances, ensuring that nextRunAt is now calculated accurately. |
| Corrected the method by which the (ENG-10758) | Corrected the method by which the PHSpinner component was setting its current and default values in the UI. |
| A critical issue was fixed where (ENG-10784) | A critical issue was fixed where starting a job would fail to validate the workflow correctly. Instead, it relied on outdated error data from the workflow document to determine if the job could start. This issue has been corrected to ensure proper validation. |
The /health/status endpoint, used to ping (ENG-11901) | The /health/status endpoint, used to ping downstream services when performing a health check, caused timeouts when used with a readiness probe. Added a new optional query parameter exclude-services so that the endpoint only returns health information related to the Platform itself, and not the health of its connections to downstream systems. |
Security fixes (4)
| Feature | Description |
|---|---|
| During security scans, it was discovered (ENG-9791) | During security scans, it was discovered that certain versions of the axios package in Automation Catalog were vulnerable to Cross-Site Request Forgery (CSRF) risks. Upgraded the rodeo-ui dependency to address this security vulnerability. |
| During security scans, it was discovered (ENG-10285) | During security scans, it was discovered that the markdown-it parser in pronghorn-core was vulnerable to Infinite Loop risks. To address this vulnerability, the package dependency was removed as it is no longer used. |
| During security scans, it was discovered (ENG-10622) | During security scans, it was discovered that certain versions of the undici package in Admin Essentials were vulnerable to Insecure Randomness risks. To address this vulnerability, the package dependency has been upgraded to version 6.21.1. |
| During security scans, it was discovered (ENG-11172) | During security scans, it was discovered the dompurify package dependency in iap-ui was vulnerable to Prototype Pollution. To address this vulnerability, updated the swagger-ui-react and rodeo-ui package dependencies. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| itential/adapter-automation_gateway | 4.31.4-2023.2.3 |
| itential/adapter-azure_aaa | 1.7.5-2023.2.2 |
| itential/adapter-email | 4.2.20-2023.2.0 |
| itential/adapter-ldap | 2.14.3-2023.2.2 |
| itential/adapter-local_aaa | 4.5.2-2023.2.0 |
| itential/adapter-nso | 7.9.4-2023.2.15 |
| itential/adapter-radius | 2.2.2-2023.2.0 |
| itential/app-admin_essentials | 5.4.10-2023.2.20 |
| itential/app-ag_manager | 1.20.3-2023.2.3 |
| itential/app-automation_catalog | 2.13.7-2023.2.5 |
| itential/app-automation_studio | 4.69.3-2023.2.211 |
| itential/app-configuration_manager | 3.117.5-2023.2.29 |
| itential/app-form_builder | 4.15.3-2023.2.6 |
| itential/app-json_forms | 1.42.3-2023.2.26 |
| itential/app-jst | 1.15.11-2023.2.14 |
| itential/app-lifecycle_manager | 1.38.4-2023.2.16 |
| itential/app-mop | 6.21.1-2023.2.18 |
| itential/app-nso_manager | 2.25.2-2023.2.5 |
| itential/app-operations_manager | 1.215.10-2023.2.69 |
| itential/app-service_catalog | 3.14.1-2023.2.3 |
| itential/app-service_management | 3.0.2-2023.2.3 |
| itential/app-template_builder | 2.9.1-2023.2.8 |
| itential/app-workflow_builder | 5.55.2-2023.2.21 |
| itential/app-workflow_engine | 11.9.6-2023.2.54 |
| itential/database | 2.0.9 |
| itential/iap-ui | 1.14.3-2023.2.10 |
| itential/itential-utils | 3.2.2 |
| itential/logger | 4.1.0 |
| itential/network | 4.2.2 |
| itential/pronghorn-core | 15.8.10-2023.2.81 |
| itential/search | 1.3.3-2023.2.0 |
| itential/service | 3.3.1 |
| itential/tags | 3.2.2-2023.2.0” |
2023.2.18
Platform 2023.2.18 is a maintenance release containing enhancements, bug fixes, and security updates.
Enhancements (1)
| Feature | Description |
|---|---|
| Form data persistence after JSON form updates (ENG-10754) | The system now ensures that valid form data within triggers remains persistent even after updates are made to the corresponding JSON form. This enhancement bolsters data integrity and significantly improves user workflow efficiency. |
Bug fixes (7)
| Feature | Description |
|---|---|
| An issue was discovered that allowed (ENG-7974) | An issue was discovered that allowed users to import a Project successfully, but all asset-references were broken if another user attempted to import the same project into the same Itential Platform environment. The duplicate project checks have been updated to accurately identify duplicate projects that are not accessible by the current user, thereby improving the user experience. |
| A bug was fixed where groups (ENG-9372) | A bug was fixed where groups and roles that were added to a custom group using the create group API were not accurately reflected for users in the new group. This fix ensures that the user permissions and roles are correctly assigned and displayed. |
an issue where adapters in DEGRADED (ENG-9757) | Resolved an issue where adapters in DEGRADED status and did not automatically transition back to Online upon connection restoration. Implemented a code fix to enable automatic recovery from the degraded state to ensure seamless status restoration. |
| An issue was resolved where stopping (ENG-10795) | An issue was resolved where stopping the Task Worker negatively impacted the ability to manage scheduled tasks on an instance. This issue persisted until the instance was restarted. The fix ensures that the scheduled tasks can be handled without requiring a restart after stopping the Task Worker. |
| In rare instances during the shutdown (ENG-10897) | In rare instances during the shutdown process, the Platform had the potential to log Redis credentials inadvertently. A fix has been successfully implemented to prevent this from occurring, thereby enhancing security and protecting sensitive information. |
| An issue was discovered that allowed (ENG-11035) | An issue was discovered that allowed users to inadvertently input an invalid ID into the UpdateForm API, which caused app-json_forms to unexpectedly stop working. This problem has been resolved through the implementation of input validation measures, ensuring that such invalid entries are no longer possible. |
| In scenarios where numerous adapters have (ENG-11131) | In scenarios where numerous adapters have been installed, users may experience a freezing issue when attempting to add tasks to a workflow. To address this concern, significant enhancements have been implemented in the workflow rendering process, which has resulted in significant performance improvement when a task is added to the workflow. |
Security fixes (2)
| Feature | Description |
|---|---|
| running security scans, it showed affected (ENG-10623) | When running security scans, it showed affected versions of the body-parser library in Pronghorn Core were vulnerable to Asymmetric Resource Consumption (Amplification) risks. Upgraded the package dependency to 1.20.3 to resolve this vulnerability. |
| running security scans, it showed affected (ENG-11173) | When running security scans, it showed affected versions of the http-proxy-middleware package in Operations Manager were vulnerable to Denial of Service (DoS) risks. Upgraded the package dependency to 2.0.9 to resolve this vulnerability. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| itential/adapter-automation_gateway | 4.31.4-2023.2.3 |
| itential/adapter-azure_aaa | 1.7.5-2023.2.2 |
| itential/adapter-email | 4.2.20-2023.2.0 |
| itential/adapter-ldap | 2.14.3-2023.2.2 |
| itential/adapter-local_aaa | 4.5.2-2023.2.0 |
| itential/adapter-nso | 7.9.4-2023.2.15 |
| itential/adapter-radius | 2.2.2-2023.2.0 |
| itential/app-admin_essentials | 5.4.10-2023.2.18 |
| itential/app-ag_manager | 1.20.3-2023.2.3 |
| itential/app-automation_catalog | 2.13.7-2023.2.4 |
| itential/app-automation_studio | 4.69.3-2023.2.209 |
| itential/app-configuration_manager | 3.117.5-2023.2.28 |
| itential/app-form_builder | 4.15.3-2023.2.6 |
| itential/app-json_forms | 1.42.3-2023.2.26 |
| itential/app-jst | 1.15.11-2023.2.14 |
| itential/app-lifecycle_manager | 1.38.4-2023.2.15 |
| itential/app-mop | 6.21.1-2023.2.18 |
| itential/app-nso_manager | 2.25.2-2023.2.5 |
| itential/app-operations_manager | 1.215.10-2023.2.66 |
| itential/app-service_catalog | 3.14.1-2023.2.3 |
| itential/app-service_management | 3.0.2-2023.2.3 |
| itential/app-template_builder | 2.9.1-2023.2.8 |
| itential/app-workflow_builder | 5.55.2-2023.2.21 |
| itential/app-workflow_engine | 11.9.6-2023.2.49 |
| itential/database | 2.0.9 |
| itential/iap-ui | 1.14.3-2023.2.7 |
| itential/itential-utils | 3.2.1 |
| itential/logger | 4.1.0 |
| itential/network | 4.2.1 |
| itential/pronghorn-core | 15.8.10-2023.2.75 |
| itential/search | 1.3.3-2023.2.0 |
| itential/service | 3.3.1 |
| itential/tags | 3.2.2-2023.2.0 |
2023.2.17
Platform 2023.2.17 is a maintenance release containing enhancements, bug fixes, and security updates.
Bug fixes (6)
| Feature | Description |
|---|---|
| an issue where groups and roles (ENG-9372) | Fixed an issue where groups and roles added to a custom group with the create group API were not properly reflected on a user in the new group. |
| Itential servers in an HA (high (ENG-9520) | Itential servers in an HA (high availability) cluster occasionally showed different sets of custom roles. Updated the itential/service and itential/logger to enable service and startup errors to reach log files. All startup and shutdown notification logs are now logged with the system. |
| viewing a transformation containing a nested (ENG-9813) | When viewing a transformation containing a nested function step with an empty args array, opening the function causes rendering and runtime issues. Added additional checks to address rendering and runtime issues when viewing a transformation with a nested function step in this state. |
| exporting a project with workflows from (ENG-10364) | When exporting a project with workflows from a devenvironment and then importing it to staging environment, the workflows were missing post-import. Fixed an issue where projects containing workflows with a createdBy field would fail to import by removing this field during the import process. |
| Integration tasks added to workflows would (ENG-10679) | Integration tasks added to workflows would remain in a running state indefinitely. To resolve this issue, modified the lifecycle logic for adding integration configs to the global.config when the Platform starts up. |
| The run window on a task (ENG-10795) | The run window on a task would stop working when job execution was disabled and then immediately re-enabled from Admin Essentials. Fixed an issue where the action of stopping the task worker affected the ability to handle scheduled tasks on an instance until the instance was restarted. |
Security fixes (5)
| Feature | Description |
|---|---|
| running security scans, it reported a (ENG-9790) | When running security scans, it reported a package dependency in Operations Manager was vulnerable to Prototype Pollution. Removed a duplicate package dependency to resolve the security issue. |
| running security scans, it showed improper (ENG-10284) | When running security scans, it showed improper verification of the cryptographic signature. Upgraded the @node-saml/passport-saml package to version 5.0.1 to resolve security vulnerability. |
| running security scans, it showed affected (ENG-10287) | When running security scans, it showed affected versions of the body-parser package were vulnerable to Asymetric Resource Consumption (Amplification). Updated the package to version 1.20.3 to fix security vulnerability. |
| running security scans, it showed affected (ENG-11010) | When running security scans, it showed affected versions of the ip package in Operations Manager were vulnerable to Server Side Request Forgery (SSRF) risks. Updated ip to version 2.0.8 to resolve security vulnerability. |
| running security scans, it showed affected (ENG-11011) | When running security scans, it showed affected versions of the cross-spawn package in Operations Manager were vulnerable to Regular Expression Denial of Service (ReDoS). Updated the package to version 7.0.5 to resolve security vulnerability. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| adapter-automation_gateway | 4.31.4-2023.2.3 |
| adapter-azure_aaa | 1.7.5-2023.2.2 |
| adapter-email | 4.2.20-2023.2.0 |
| adapter-ldap | 2.14.3-2023.2.2 |
| adapter-local_aaa | 4.5.2-2023.2.0 |
| adapter-nso | 7.9.4-2023.2.14 |
| adapter-radius | 2.2.2-2023.2.0 |
| app-admin_essentials | 5.4.10-2023.2.18 |
| app-ag_manager | 1.20.3-2023.2.2 |
| app-automation_catalog | 2.13.7-2023.2.2 |
| app-automation_studio | 4.69.3-2023.2.206 |
| app-configuration_manager | 3.117.5-2023.2.28 |
| app-form_builder | 4.15.3-2023.2.6 |
| app-json_forms | 1.42.3-2023.2.25 |
| app-jst | 1.15.11-2023.2.14 |
| app-lifecycle_manager | 1.38.4-2023.2.15 |
| app-mop | 6.21.1-2023.2.18 |
| app-nso_manager | 2.25.2-2023.2.5 |
| app-operations_manager | 1.215.10-2023.2.64 |
| app-service_catalog | 3.14.1-2023.2.3 |
| app-service_management | 3.0.2-2023.2.3 |
| app-template_builder | 2.9.1-2023.2.8 |
| app-workflow_builder | 5.55.2-2023.2.21 |
| app-workflow_engine | 11.9.6-2023.2.47 |
| database | 2.0.8 |
| iap-ui | 1.14.3-2023.2.7 |
| itential-utils | 3.2.1 |
| logger | 4.1.0 |
| network | 4.2.0 |
| pronghorn-core | 15.8.10-2023.2.73 |
| search | 1.3.3-2023.2.0 |
| service | 3.3.1 |
| tags | 3.2.2-2023.2.0 |
2023.2.16
Platform 2023.2.16 is a maintenance release containing enhancements, bug fixes, and security updates.
Enhancements (2)
| Feature | Description |
|---|---|
| device count functionality to fix an (ENG-8269) | Improved device count functionality to fix an issue that caused no devices to be returned on the API call to retrieve device counts where devices did exist, as well as an issue that caused device counts of 0 to not be recorded in certain cases. |
| display of the Task Palette when (ENG-9897) | Improved display of the Task Palette when initialized on the canvas. A “Load More” button is displayed when an Integration or Adapter has more than 100 tasks. |
Bug fixes (10)
| Feature | Description |
|---|---|
| opening a JSON Form to select (ENG-8953) | When opening a JSON Form to select YANG Models, the form did not show any Yang elements. Fixed the JSON YANG schema search to parse the form correctly and get Yang schemas for multiple adapters. |
| In a JSON Form with a (ENG-9018) | In a JSON Form with a table that has a custom key, adding a form element to the table and then changing the custom key no longer removes the added element. |
| API errors as a result of (ENG-9031) | API errors as a result of cloning a Command Template and Analytic Template no longer crash the UI. Also updated the JSON schema for Command Templates and Analytic Templates to allow for the createdBy and lastUpdatedBy fields to be null. |
| collapsing a schema in JST Designer, (ENG-9268) | When collapsing a schema in JST Designer, any nested assignments disappear which allows users to create invalid duplicate assignments. Fixed the schema collapse issue to ensure assignments persist and prevent invalid assignments. |
| ancestor-checking in the cancel jobs endpoint (ENG-9478) | Added ancestor-checking in the cancel jobs endpoint to only cancel the greatest ancestor within a batch, and removing any unnecessary compute without affecting cancellation results. This also mitigates the likelihood of runaway recursive looping into high memory usage. |
| an issue where Integration Models that (ENG-9559) | Fixed an issue where Integration Models that errored during conversion to the internal Platform model caused subsequent Integration Models to not load into the Platform. |
| Renaming a Command or Analytic Template (ENG-9878) | Renaming a Command or Analytic Template in Projects to a duplicate name correctly displays the error in Projects and no longer crashes the MOP service. |
| a type check to the JSON (ENG-10179) | Added a type check to the JSON form dropdown to confirm source items are valid and prevent search issues in the Render JSON Schema task. |
| a missing property key to resolve (ENG-10185) | Added a missing property key to resolve a “React Missing Array Key” security rule warning. |
the axios dependency across Itential Platform (ENG-10263) | Updated the axios dependency across Itential Platform to resolve XSS and SSRF vulnerabilities. |
Security fixes (2)
| Feature | Description |
|---|---|
| running security scans, it showed affected (ENG-10011) | When running security scans, it showed affected versions of the axios package in Job Manager were vulnerable to Cross-Site Request Forgery (CSRF) risks. Updated axios dependency to version 0.29.0 to remove CSRF vulnerability. |
| running security scans, it showed affected (ENG-10286) | When running security scans, it showed affected versions of the axios package in Pronghorn Core were vulnerable to Server Side Request Forgery (SSRF) risks. Updated axios to version 1.7.4 or higher to resolve security vulnerability. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| itential/adapter-automation_gateway | 4.31.4-2023.2.3 |
| itential/adapter-azure_aaa | 1.7.5-2023.2.2 |
| itential/adapter-email | 4.2.20-2023.2.0 |
| itential/adapter-ldap | 2.14.3-2023.2.2 |
| itential/adapter-local_aaa | 4.5.2-2023.2.0 |
| itential/adapter-nso | 7.9.4-2023.2.13 |
| itential/adapter-radius | 2.2.2-2023.2.0 |
| itential/app-admin_essentials | 5.4.10-2023.2.19 |
| itential/app-ag_manager | 1.20.3-2023.2.2 |
| itential/app-automation_catalog | 2.13.7-2023.2.2 |
| itential/app-automation_studio | 4.69.3-2023.2.202 |
| itential/app-configuration_manager | 3.117.5-2023.2.28 |
| itential/app-form_builder | 4.15.3-2023.2.6 |
| itential/app-json_forms | 1.42.3-2023.2.24 |
| itential/app-jst | 1.15.11-2023.2.14 |
| itential/app-lifecycle_manager | 1.38.4-2023.2.15 |
| itential/app-mop | 6.21.1-2023.2.18 |
| itential/app-nso_manager | 2.25.2-2023.2.5 |
| itential/app-operations_manager | 1.215.10-2023.2.60 |
| itential/app-service_catalog | 3.14.1-2023.2.3 |
| itential/app-service_management | 3.0.2-2023.2.3 |
| itential/app-template_builder | 2.9.1-2023.2.8 |
| itential/app-workflow_builder | 5.55.2-2023.2.21 |
| itential/app-workflow_engine | 11.9.6-2023.2.45 |
| itential/database | 2.0.8 |
| itential/iap-ui | 1.14.3-2023.2.7 |
| itential/itential-utils | 3.2.1 |
| itential/logger | 3.1.2 |
| itential/network | 4.2.0 |
| itential/pronghorn-core | 15.8.10-2023.2.67 |
| itential/search | 1.3.3-2023.2.0 |
| itential/service | 3.2.0 |
| itential/tags | 3.2.2-2023.2.0 |
2023.2.15
Platform 2023.2.15 is a maintenance release containing enhancements, bug fixes, and security updates.
Enhancements (2)
| Feature | Description |
|---|---|
| attempting to access the “Get Forms”, (ENG-8204) | When attempting to access the “Get Forms”, “Get Form By Id”, “Delete Forms” and “Update Form” API endpoints in Itential Platform through tasks, the user is not able to access them. Enabled all JSON API tasks in Automation Studio, including createForm, deleteForms, getForms, getFormsById, importForms, updateForm and validateForm. |
the finishManualTask Ops Manager API to (ENG-8727) | Updated the finishManualTask Ops Manager API to set output correctly upon completion of automatic tasks with the deprecated flag. |
Bug fixes (21)
| Feature | Description |
|---|---|
| Style issues were observed while using (ENG-103) | Style issues were observed while using the search bar. Fixed a bug that prevented users from selecting search results. |
| moving a pre-seeded template into a (ENG-4845) | When moving a pre-seeded template into a project, the dialog option to move them was disabled. Updated the Projects Editor to allow for pre-seeded templates to be moved into a project. |
| Changing the git branch in a (ENG-5355) | Changing the git branch in a Project workflow no longer breaks an Operations Manager automation. |
| passing an array with indexed schemas (ENG-5918) | When passing an array with indexed schemas into an iterative array in JST Designer, making a connection from an index of the incoming array to any method would cause the JST to stop rendering correctly. Fixed a rendering issue within JST Designer that was causing rendering to break after making connections from an array’s contents within a function. |
| viewing a task error in Operations (ENG-6713) | When viewing a task error in Operations Manager, the text would extend beyond the viewable area. Updated the task Error tab in Operations Manager to display the entirety of any error message. |
| using JSON Forms with dynamic dropdown, (ENG-6790) | When using JSON Forms with dynamic dropdown, the search function within paginated results did not return query results as expected. Fixed issues with multi-select dropdowns that use a large dataset. |
| accessing a project config from the (ENG-6898) | When accessing a project config from the Projects UI, users were unable to view the project. Enhanced validation when opening projects to prevent rendering issues. |
| OpenAPI Integration Models can be imported, (ENG-7205) | OpenAPI Integration Models can be imported, but when creating an instance or starting the server with a created instance, an error occurred within Admin Essentials. Updated the swagger-client version to ensure support of OpenAPI 3.1 integrations. |
| importing a JSON form, the import (ENG-7465) | When importing a JSON form, the import failed. Updated the form schema to allow for null default values on the numberField in Form Builder. |
Retrieving devices with the getDevicesFiltered API (ENG-7848) | Retrieving devices with the getDevicesFiltered API call did not return results as expected via Config Manager and gateway tasks. Fixed ostypes filtering to correctly retrieve and return devices. |
| deleting a switch case in the (ENG-7883) | When deleting a switch case in the JST Designer canvas, the switch method card and transitions are not updated properly. Deleting a switch case now works as expected. |
| running a Gateway task and no (ENG-7973) | When running a Gateway task and no Automation Gateway adapter was available to handle the call, the task would enter the “success” state and return an error message.Updated the callback configuration in the Gateway Manager schema to cause these tasks to enter the “error” state instead. |
| adding a function in JST Designer, (ENG-8045) | When adding a function in JST Designer, the name may unexpectedly add a “(1)”. Updated logic to check for id and name collisons to fix a case where adding a function to a JST would unnecessarily rename the function. |
| an issue where a success notification (ENG-8577) | Fixed an issue where a success notification would incorrectly show when all task instances for a compliance runs failed to execute. |
| Golden configuration regex did not support (ENG-9084) | Golden configuration regex did not support certain special characters such as brackets. Updated Configuration Manager to support such special characters. |
| request queue for integration tasks to (ENG-9222) | Removed request queue for integration tasks to prevent CPU increase when worker threads are unavailable. Added logs to improve debugging for integration tasks. |
| Memory spikes occurred when viewing the (ENG-9413) | Memory spikes occurred when viewing the data output of a parent workflow that has a childjob with a task output 6MB or larger. To resolve this, disabled a problematic line wrapping feature for task data code editors to avoid page crashes due to high RAM consumption. |
| some scenarios, the Platform would not (ENG-9419) | In some scenarios, the Platform would not correctly handle changes in Redis Sentinel cluster topology. Added behavior to correctly reconnect when Redis Sentinel cluster topology changes. |
| JST functions containing function steps are (ENG-9442) | JST functions containing function steps are not rendering their methods and transitions on the canvas. Applied a fix to the JST engine to ensure these documents are migrated correctly and display as expected. |
| an invalid healthcheck in the API (ENG-9451) | Fixed an invalid healthcheck in the API to ensure a valid Vault status when visiting the health/status endpoint. |
skipNormalization flag on resolve of integration (ENG-9668) | Removed skipNormalization flag on resolve of integration swagger docs to ensure Itential Platform methods include path level and operation level parameters, while ensuring any method operationId with special characters are not replaced. |
Security fixes (3)
| Feature | Description |
|---|---|
| running security scans, it showed affected (ENG-9788) | When running security scans, it showed affected versions of the jsonpath-plus package were vulnerable to Remote Code Execution (RCE) due to improper input sanitization. Updated jsonpath-plus to version 10.3.0 to resolve security vulnerability. |
| running security scans, it showed affected (ENG-9792) | When running security scans, it showed affected versions of the ip Node library in app-jst were vulnerbale to a Server-Side Request Forgery (SSRF). Updated node modules and database dependencies in app-jst to resolve security vulnerability. |
| running security scans, it showed affected (ENG-9918) | When running security scans, it showed affected versions of the jsonpath-plus package in itential-config-service were vulnerable to Remote Code Execution (RCE) due to improper input sanitization. Updated jsonpath-plus to version 10.3.0 to resolve security vulnerability. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| adapter-automation_gateway | 4.31.4-2023.2.3 |
| adapter-azure_aaa | 1.7.5-2023.2.2 |
| adapter-email | 4.2.20-2023.2.0 |
| adapter-ldap | 2.14.3-2023.2.2 |
| adapter-local_aaa | 4.5.2-2023.2.0 |
| adapter-nso | 7.9.4-2023.2.13 |
| adapter-radius | 2.2.2-2023.2.0 |
| app-admin_essentials | 5.4.10-2023.2.18 |
| app-ag_manager | 1.20.3-2023.2.2 |
| app-automation_catalog | 2.13.7-2023.2.1 |
| app-automation_studio | 4.69.3-2023.2.191 |
| app-configuration_manager | 3.117.5-2023.2.28 |
| app-form_builder | 4.15.3-2023.2.5 |
| app-json_forms | 1.42.3-2023.2.23 |
| app-jst | 1.15.11-2023.2.14 |
| app-lifecycle_manager | 1.38.4-2023.2.15 |
| app-mop | 6.21.1-2023.2.15 |
| app-nso_manager | 2.25.2-2023.2.3 |
| app-operations_manager | 1.215.10-2023.2.57 |
| app-service_catalog | 3.14.1-2023.2.3 |
| app-service_management | 3.0.2-2023.2.3 |
| app-template_builder | 2.9.1-2023.2.8 |
| app-workflow_builder | 5.55.2-2023.2.20 |
| app-workflow_engine | 11.9.6-2023.2.44 |
| database | 2.0.8 |
| iap-ui | 1.14.3-2023.2.7 |
| itential-utils | 3.2.1 |
| logger | 3.1.2 |
| network | 4.2.0 |
| pronghorn-core | 15.8.10-2023.2.63 |
| search | 1.3.3-2023.2.0 |
| service | 3.2.0 |
| tags | 3.2.2-2023.2.0 |
2023.2.14
Platform 2023.2.14 is a maintenance release containing enhancements, bug fixes, and security updates.
Enhancements (1)
| Feature | Description |
|---|---|
attempting to access the getForms, getFormById, (ENG-8204) | When attempting to access the getForms, getFormById, deleteForms and updateForm API endpoints in Itential Platform through tasks, the user was not able to access them. Updated the JSON Form schema to enable all JSON API tasks in Automation Studio. All tasks are now visible and able to run on the canvas. |
Bug fixes (11)
| Feature | Description |
|---|---|
| an issue with JSON form elements, (ENG-5861) | Fixed an issue with JSON form elements, where any form layering (container/schema combination) is assumed to be a binding configuration (and fails to parse) when at least one actual binding exists. |
| querying form data using the dropdown (ENG-7144) | When querying form data using the dropdown search bar, multiple pages of results return and you have to scroll through them to find the specific data you need. To resolve this issue, updated the rodeo-ui dependendency. The JSON Forms dropdown search now works properly. |
| the setup of the Itential Platform (ENG-7910) | Fixed the setup of the Itential Platform systemd unit file for systemctl restart and systemctl stop, allowing it to clean up its child services and preventing race conditions that resulted in an unclean Redis state. This fix applies to all released versions of Itential Platform. |
| importing JSON Forms and then running (ENG-8032) | When importing JSON Forms and then running the form via the Preview button, the wrong return value was showing. As it turns out, duplicate dropdown labels were causing the returned values to be incorrect. To fix this issue, updated the rodeo-ui dependendency. Duplicate labels in a dynamic JSON Form are now supported. |
a childJob Workflow Input Variables Loop (ENG-8258) | When a childJob Workflow Input Variables Loop Array is set to a task variable in Automation Studio, opening another child job task without closing the first window will sometimes cause the source to reset to static. Updated the Task Data Workflow Editor to include a unique taskID to reset task data when variables change. |
| If a workflow is configured with (ENG-8303) | If a workflow is configured with a JST on a childJob task, it will attempt to inline the entire JST document into the workflow on export. If the JST is missing at the time of export, Worfklow Builder is unable to handle the export and crashes (stops working properly). To resolve this, added a check to ensure the JST exists before attempting to inline the JST document into the workflow. |
| creating a large number of Golden (ENG-8305) | When creating a large number of Golden Configuration tree nodes in Configuration Manager, the pop-over menu for several nodes was hidden in the browser window due to an incorrect menu location. Fixed the menu position to be from “bottom” to “left”, so that every node will display their respective pop-over menu correctly. |
| updating an existing Command Template, adding (ENG-8343) | When updating an existing Command Template, adding an additional command to the template would cause it to not format correctly which lead the API to timeout when running the command. Applied a fix in app-mop that ensures an undefined error does not cause the API to timeout. |
| The Automation Gateway adapter was not (ENG-8444) | The Automation Gateway adapter was not honoring the base path configuration that allowed it to work with a proxy server that utilizes a non-standard path and the AGManager tasks would error. Updated adapter-automation_gateway by setting the entitypath to work with the basepath configuration. A non-standard base path can now be utilized through a proxy server and AGManager tasks work as expected. |
| a bug in processing Integration Models (ENG-8493) | Fixed a bug in processing Integration Models with operationId strings that contained special characters (not a-z, A-Z, or _) that was causing the associated tasks to be considered invalid. Workflows that contain tasks from the Integration Model are now valid and run without error. |
| attempting to save, import, or run (ENG-8587) | When attempting to save, import, or run a workflow that contained a JST, workflow validation would error with “Cannot read properties of undefined (reading ‘type’)”. This was due to encoding as a result of the JST being pulled directly from the database. To resolve, added logic to pull and decode the JST from the app-jst application, thereby allowing workflows with JST to run as expected. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| adapter-automation_gateway | 4.31.4-2023.2.2 |
| adapter-azure_aaa | 1.7.5-2023.2.2 |
| adapter-email | 4.2.20-2023.2.0 |
| adapter-ldap | 2.14.3-2023.2.2 |
| adapter-local_aaa | 4.5.2-2023.2.0 |
| adapter-nso | 7.9.4-2023.2.13 |
| adapter-radius | 2.2.2-2023.2.0 |
| app-admin_essentials | 5.4.10-2023.2.18 |
| app-ag_manager | 1.20.3-2023.2.1 |
| app-automation_catalog | 2.13.7-2023.2.1 |
| app-automation_studio | 4.69.3-2023.2.177 |
| app-configuration_manager | 3.117.5-2023.2.26 |
| app-form_builder | 4.15.3-2023.2.5 |
| app-json_forms | 1.42.3-2023.2.22 |
| app-jst | 1.15.11-2023.2.11 |
| app-lifecycle_manager | 1.38.4-2023.2.15 |
| app-mop | 6.21.1-2023.2.15 |
| app-nso_manager | 2.25.2-2023.2.2 |
| app-operations_manager | 1.215.10-2023.2.51 |
| app-service_catalog | 3.14.1-2023.2.3 |
| app-service_management | 3.0.2-2023.2.3 |
| app-template_builder | 2.9.1-2023.2.8 |
| app-workflow_builder | 5.55.2-2023.2.18 |
| app-workflow_engine | 11.9.6-2023.2.42 |
| database | 2.0.8 |
| iap-ui | 1.14.3-2023.2.7 |
| itential-utils | 3.2.1 |
| logger | 3.1.2 |
| network | 4.1.5 |
| pronghorn-core | 15.8.10-2023.2.59 |
| search | 1.3.3-2023.2.0 |
| service | 3.1.18 |
| tags | 3.2.2-2023.2.0 |
2023.2.13
Platform 2023.2.13 is a maintenance release containing enhancements, bug fixes, and security updates.
Enhancements (2)
| Feature | Description |
|---|---|
Enabled the finishManualTask API in Operations (ENG-6842) | Enabled the finishManualTask API in Operations Manager to complete both manual and automatic tasks. |
the task property of the cancelJobs (ENG-7656) | Updated the task property of the cancelJobs API to “true” in the app-operations_manager pronghorn.json file in order for data to be processed as a workflow task. The cancelJobs API endpoint is now available to be used as a task on the canvas. |
Bug fixes (8)
| Feature | Description |
|---|---|
| a parent job is started with (ENG-3798) | When a parent job is started with a looping child job, the child task remains running causing the workflow to become stuck. Fixed a race condition that allowed multiple Workflow Engine (WFE) services to start up at the same time. |
| The user experience (i.e., information message) (ENG-4689) | The user experience (i.e., information message) for integration import was not very clear when schema validation failed on import. Improved UX by adding schema validation errors to the import modal and directing the user to the modal details on the toast. |
| exporting and then importing a JSON (ENG-5726) | When exporting and then importing a JSON Form, the import failed due to data validation errors. To resolve this issue, added support for importing a JSON form that implements more than one field validation. |
| using the switch method in JST (ENG-5978) | When using the switch method in JST Designer, adding >10 cases will cause assignments after the 10th case to not work, and the cases to reorder on save or export of the transformation. Fixed the switch method to ensure all assignments work correctly and the order of cases is maintained. |
| trying to type a negative number (ENG-6641) | When trying to type a negative number into an integer or number field, the minus sign is ignored and the workflow zooms out. Added support for negative numbers. |
| a bug with HTTP methods where (ENG-7253) | Fixed a bug with HTTP methods where returning a code without sanitization would cause the platform to crash. Added sanitization of HTTP API error code response to prevent crash of Itential Platform. |
making JSTs that use the thisArg (ENG-7353) | When making JSTs that use the thisArg feature for functions, migrating to 23.2 may migrate thisArg into the new constantValue incorrectly. Fixed a migration bug in JST that would cause thisArg values to sometimes migrate incorrectly, and created a new migration script to fix documents that were broken by the previous migration. |
| RSA public key and Key ID (ENG-7550) | Implemented RSA public key and Key ID (KID) variable logging for JSON Web Token (JWT) failure. |
Component versions
Automation Platform
| Component | Version |
|---|---|
| adapter-automation_gateway | 4.31.4-2023.2.1 |
| adapter-azure_aaa | 1.7.5-2023.2.2 |
| adapter-email | 4.2.20-2023.2.0 |
| adapter-ldap | 2.14.3-2023.2.2 |
| adapter-local_aaa | 4.5.2-2023.2.0 |
| adapter-nso | 7.9.4-2023.2.13 |
| adapter-radius | 2.2.2-2023.2.0 |
| app-admin_essentials | 5.4.10-2023.2.18 |
| app-ag_manager | 1.20.3-2023.2.1 |
| app-automation_catalog | 2.13.7-2023.2.1 |
| app-automation_studio | 4.69.3-2023.2.172 |
| app-configuration_manager | 3.117.5-2023.2.25 |
| app-form_builder | 4.15.3-2023.2.5 |
| app-json_forms | 1.42.3-2023.2.20 |
| app-jst | 1.15.11-2023.2.11 |
| app-lifecycle_manager | 1.38.4-2023.2.15 |
| app-mop | 6.21.1-2023.2.14 |
| app-nso_manager | 2.25.2-2023.2.2 |
| app-operations_manager | 1.215.10-2023.2.50 |
| app-service_catalog | 3.14.1-2023.2.3 |
| app-service_management | 3.0.2-2023.2.3 |
| app-template_builder | 2.9.1-2023.2.8 |
| app-workflow_builder | 5.55.2-2023.2.17 |
| app-workflow_engine | 11.9.6-2023.2.41 |
| database | 2.0.8 |
| iap-ui | 1.14.3-2023.2.7 |
| itential-utils | 3.2.1 |
| logger | 3.1.2 |
| network | 4.1.5 |
| pronghorn-core | 15.8.10-2023.2.57 |
| search | 1.3.3-2023.2.0 |
| service | 3.1.18 |
| tags | 3.2.2-2023.2.0 |