Itential Platform 6 changelog

Subscribe to our RSS feed or by email to receive automatic notifications when new releases are published. Get notified when we ship new features and improvements.

May 5, 2026

Summary

test

April 2, 2026

Platform 6.3.4 is a maintenance release that includes critical bug fixes, security updates, and feature enhancements. This release addresses customer-reported issues to enhance platform stability and reliability.

Enhancements (8)

Feature	Description
Asset edit details modal standardization (ENG-19875)	All “View Metadata” drawers in Studio and Lifecycle Manager are now replaced with a dialog and renamed to “Edit Details”. In the projects UI, the project navigation bar (left-hand side) and asset editor titlebar (top-right) also now consistently use this dialog for editing asset details.
Auto keying for project asset migration (ENG-19921)	Workflow references are updated where applicable when moving or copying assets into a project.
Asset more menu options update (ENG-20100)	Updated asset titlebar more menus to provide consistent and intuitive access to asset actions throughout the platform.
NSO 6.5 and 6.6 certification (ENG-17515)	Certified NSO Service Manager functions and NSO Adapter against NSO 6.5 and NSO 6.6, ensuring compatibility with the latest Cisco NSO versions.
Platform 6 index management enhancement (ENG-16284)	Enhanced index management for Platform 6 upgrades to improve database performance and reduce upgrade complexity.
Vault namespace header support (ENG-15973)	Implemented support for `X-Vault-Namespace` header for Vault integration, enabling multi-tenancy and namespace isolation.
NSO fetchData return limit adjustment (ENG-8574)	Adjusted NSO `fetchData` return limit to handle larger datasets and improve integration performance with Cisco NSO.
Project thumbnail file size configuration (ENG-10644)	Added configuration for project thumbnail file size in Settings to allow customization based on organizational requirements.

Bug fixes (32)

Feature	Description
Long workflow names in project automation references (ENG-21971)	Fixed an issue where workflows in project-based automations displayed “from undefined” instead of the project name in the automation dropdown when the workflow name was very long.
Lifecycle manager schema reference error (ENG-21853)	Fixed an issue where the OpenAPI specification generated by the `help/openapi` endpoint contained an invalid schema reference, which could cause customer scripts using the spec to fail.
MOP template last updated by field (ENG-21803)	Fixed issue where ‘Last Updated By’ field always displayed ‘unknown’ for MOP Command/Analytic templates. Implemented proper user tracking for template modifications.
Transformation search with dash characters (ENG-21768)	Resolved issue where Transformations search did not work properly for names containing dash characters. Enhanced search query parsing.
Workflow GBAC restrictions in global space (ENG-21621)	Fixed issue in 6.3.3 where Workflow Group-Based Access Control (GBAC) no longer restricted users in global space. Restored proper access control enforcement.
Operations manager automations groups display limit (ENG-21576)	Resolved issue where Operations Manager Automations Read/Write Groups only displayed the first 100 groups. Implemented proper pagination and group listing.
Form validation enumNames rejection (ENG-21566)	Fixed backend form validation incorrectly rejecting valid forms containing enumNames due to Ajv strict mode. Adjusted validation schema to support enumNames.
Query task JSON view output display (ENG-21383)	Corrected issue where Query Task Post Execution showed incorrect output when JSON View was turned off. Improved output formatting logic.
Validate form task JSON forms service crash (ENG-21256)	Fixed issue where Validate Form task would crash the JSON Forms service if validation failed. Implemented proper error handling and service recovery.
Project thumbnail upload with workflows (ENG-20828)	Resolved inability to upload project thumbnail when a workflow exists in the project. Fixed file upload validation logic.
LCM RunAction task hang on invalid data (ENG-20227)	Fixed issue where LCM `RunAction` task hung when invalid instance data was provided. Added input validation and timeout handling.
ValidateJsonSchema single document limitation (ENG-20193)	Resolved issue where `ValidateJsonSchema` task only validated a single document per schema ID. Enabled multi-document validation support.
Golden configuration identifier key data loss (ENG-20147)	Fixed issue where users are not given a warning when entries are dropped.
Golden configuration identifier key dropdown blank (ENG-20146)	Fixed issue where undefined array identifier crashes the page.
Golden configuration dialog crash on right-click (ENG-20145)	Fixed a bug with JSON config options throwing error when the config is empty.
viewData inconsistent behavior (ENG-19226)	The `viewData` task has been updated to improve consistency in how message and body content is parsed and rendered as HTML.
Workflow loading performance on P6 (ENG-18902)	Improved workflow loading performance on Platform 6 by optimizing data retrieval and rendering logic.
Manual trigger form crash with duplicate labels (ENG-17866)	Fixed page crash when clicking on forms containing items with same label name but different types in Manual Trigger dropdown. Enhanced form validation and conflict resolution.
Job deletion with automation read/write groups (ENG-16590)	Resolved issue where jobs could not be deleted when triggered by an automation with read/write groups. Corrected permission checking logic.
JSON form text input binding (ENG-14982)	Fixed issue where binding for text input in JSON Forms did not work correctly. Restored proper data binding functionality.
JSON form element ordering (ENG-4775)	Resolved issue where JSON form elements appeared out of order when previewing and in the Automation trigger view. Ensured consistent element ordering.
Project builder logo display (ENG-4773)	Fixed issue where Itential logo did not display correctly in Project Builder. Corrected logo asset loading.
JSON form builder table deletion confirmation (ENG-4712)	Added confirmation prompt when deleting tables in JSON Form Builder to prevent accidental data loss.
JSON form readonly field population (ENG-4653)	Resolved inability to populate readonly fields with values in JSON Forms. Enabled value assignment for readonly fields.
Task swap state persistence (ENG-4259)	Fixed issue where Swap Task state persisted when opening other tasks. Properly cleared task state on task change.
JST schema modification variable removal (ENG-3873)	Resolved issue where modifying schema of JST removed any outgoing variables set in workflow. Preserved variable assignments during schema updates.
Duplicate form option values (ENG-3341)	Fixed ability to create forms with duplicate values in options. Implemented duplicate value detection and validation.
Workflow count display accuracy (ENG-2959)	Corrected inaccurate workflow count on the Automation Studio workflow View All page. Fixed counting logic.
Transformation hotkey save (ENG-2950)	Resolved issue where saving transformation using hotkeys did not work. Restored keyboard shortcut functionality.
Child/parent workflow visualization (ENG-2946)	Fixed child/parent workflow drill down visualization issue with zoom-to-fit and constellation view. Improved canvas rendering logic.
JST designer task execution completion (ENG-2293)	Resolved issue where JST Designer did not complete execution of a task even when prior task produced valid output. Fixed task completion detection.

Security fixes (9)

This release includes important security updates that address vulnerabilities in third-party packages and platform components.

Feature	Description
Data amplification in undici (ENG-21752)	Fixed Improper Handling of Highly Compressed Data (Data Amplification) vulnerability by updating undici (SNYK-JS-UNDICI-15518068).
Prototype pollution in immutable (ENG-21364)	Updated immutable package to resolve Prototype Pollution vulnerability (SNYK-JS-IMMUTABLE-15423650).
ReDoS in ajv (JST) (ENG-20534)	Fixed ajv Regular Expression Denial of Service (ReDoS) vulnerability by upgrading to ajv@6.14.0 (SNYK-JS-AJV-15274295).
Resource allocation in qs (JST Designer) (ENG-20532)	Fixed Allocation of Resources Without Limits or Throttling vulnerability in qs by bumping ajv to 6.14.0 and refreshing the lockfile (SNYK-JS-QS-15268416).
ReDoS in ajv (IAP) (ENG-20498)	Fixed ajv Regular Expression Denial of Service (ReDoS) vulnerability by updating package (SNYK-JS-AJV-15274295).
Resource allocation in qs (IAP) (ENG-20475)	Upgraded qs to address Allocation of Resources Without Limits or Throttling vulnerability (SNYK-JS-QS-15268416).
Algorithmic complexity in minimatch (IAP) (ENG-20376)	Updated minimatch package to address Inefficient Algorithmic Complexity vulnerability (SNYK-JS-MINIMATCH-15353389).
ReDoS in ajv (itential-utils) (ENG-20366)	Fixed ajv Regular Expression Denial of Service (ReDoS) vulnerability by updating package (SNYK-JS-AJV-15274295).
Algorithmic complexity in minimatch (itential-utils) (ENG-20365)	Updated minimatch package to address Inefficient Algorithmic Complexity vulnerability (SNYK-JS-MINIMATCH-15353389).

March 5, 2026

6.3.3

Platform 6.3.3 is a maintenance release containing enhancements, bug fixes, and security updates.

Enhancements (3)

Feature	Description
Project description field (ENG-19847)	Added optional description field to project creation flows in Studio, enabling better project documentation and organization.
Lifecycle Management action descriptions (ENG-18926)	Enabled setting the description field for Lifecycle Management Action assets to improve asset documentation and searchability.
Golden configuration asset descriptions (ENG-18925)	Enabled setting the description field for golden configuration assets in Configuration Manager, enhancing configuration documentation capabilities.

Bug fixes (22)

Feature	Description
Asset movement from project to global (ENG-20126)	Fixed an issue where moving an asset from project to global space did not update the asset correctly. Ensured proper asset metadata and reference updates during migration.
Workflow import validation errors (ENG-19989)	Resolved validation errors occurring when importing workflows in Platform 6.3.2. Improved import validation logic to handle edge cases.
Custom application functionality (ENG-19874)	Fixed custom application not working properly in 6.3 and addressed additional issues that occurred when the application did work. Improved application initialization and runtime stability.
Task node deselection (ENG-19709)	Fixed an issue where the task node was automatically deselected when opening task details. Maintained selection state for improved user experience.
Asset duplication in projects (ENG-19549)	Resolved an issue where assets were being duplicated within projects, causing import errors in Platform 6. Implemented proper asset uniqueness validation.
Project performance with external references (ENG-19433)	Improved project loading and performance when large numbers of external references exist. Optimized reference resolution and caching mechanisms.
Project loading COLLSCANS (ENG-19332)	Fixed an issue where loading projects with many components caused spikes in database COLLSCANS leading to platform slowness. Added proper database indexes and optimized queries.
JSON Form data binding schema error (ENG-18622)	Resolved an issue where data binding in JSON Form gave an incorrect schema error consistently. Corrected schema validation logic.
Eval null value handling (ENG-18487)	Fixed an issue where the eval task incorrectly handled null values. Improved null checking and value coercion logic.
Child JST renaming on import (ENG-18187)	Resolved an issue where a referenced child JST was renamed upon workflow import. Preserved original JST names during import operations.
JST Designer user function cleanup (ENG-17989)	Fixed JST Designer failure to clean up assignments from user functions, which created irrecoverably broken JST documents. Implemented proper cleanup routines.
Evaluation task job variable input (ENG-17802)	Corrected an issue where the evaluation task job variable input was not functioning properly. Restored proper variable binding and evaluation.
AGManager adapter discovery (ENG-17775)	Fixed AGManager error on discoverAll where the automation gateway adapter could not be found. Improved adapter registration and discovery mechanisms.
Task summary loading state (ENG-17550)	Resolved an issue where task summary remained stuck in loading state on running workflows. Improved state management and error handling.
LCM special character sanitization (ENG-17240)	Fixed LCM failure to sanitize special characters when invalid regex exists in action names for workflows. Enhanced input validation and sanitization.
Redis TLS configuration (ENG-16926)	Resolved inability to configure Itential Platform to use TLS with Redis and Redis Sentinel. Implemented proper TLS configuration support.
Operations Manager job view crash (ENG-16816)	Fixed Operations Manager job view crash when viewing child iterations of cancelled jobs or jobs without valid job object values. Added proper null checking and error handling.
JST import from project (ENG-15667)	Resolved an issue where automation and JSON Form could not be imported if using a JST from a project. Fixed cross-scope JST reference resolution.
Legacy forms export/import (ENG-15611)	Fixed an issue in 23.2 UAT where legacy forms failed to export/import. Ensured backward compatibility for form migration.
renderJsonSchema binding schema (ENG-13749)	Fixed the bindingSchema parameter in the renderJsonSchema task that was not working correctly. Restored proper schema binding functionality.
JSON Form field dependency update (ENG-12016)	Resolved an issue where a JSON Form with field dependency did not update the selected field properly. Improved dependency tracking and field updates.
JST Designer duplicate schema IDs (ENG-11207)	Fixed JST Designer not warning users about duplicate schema $id values, which allowed saves but caused misbehavior. Implemented duplicate ID detection and validation.

Security fixes (11)

This release includes important security updates that address vulnerabilities in third-party packages and platform components.

Feature	Description
ReDoS in ajv (NSO adapter) (ENG-19908)	Updated ajv package in NSO adapter to resolve a regular expression denial of service (ReDoS) vulnerability. Enhanced regex validation patterns.
ReDoS in minimatch (NSO adapter) (ENG-19907)	Updated minimatch package in NSO adapter to address a ReDoS vulnerability. Improved pattern matching performance.
Prototype pollution in lodash (service management) (ENG-19905)	Updated lodash package in app-service_management to resolve prototype pollution vulnerability. Enhanced object property validation.
ReDoS in ajv (service management) (ENG-19903)	Updated ajv package in app-service_management to address a ReDoS vulnerability. Improved schema validation performance.
Prototype pollution in lodash (NSO Manager) (ENG-19899)	Updated lodash package in app-nso_manager to resolve prototype pollution vulnerability. Implemented proper input sanitization.
ReDoS in ajv (NSO Manager) (ENG-19898)	Updated ajv package in app-nso_manager to address a ReDoS vulnerability. Enhanced validation efficiency.
ReDoS in minimatch (NSO Manager) (ENG-19897)	Updated minimatch package in app-nso_manager to resolve a ReDoS vulnerability. Improved glob pattern handling.
Resource allocation in axios (NSO Manager 2023.2) (ENG-19473)	Updated axios package to address allocation of resources without limits or throttling vulnerability. Implemented proper request throttling.
Prototype pollution in axios (NSO Manager) (ENG-19472)	Updated axios package in app-nso_manager to resolve prototype pollution vulnerability. Enhanced HTTP request validation.
Prototype pollution in csvtojson (ENG-16644)	Updated csvtojson package to address prototype pollution vulnerability. Improved CSV parsing security.
Predictable value range in form-data (NSO Manager) (ENG-15022)	Updated form-data package to address predictable value range from previous values vulnerability. Enhanced boundary generation randomness.

February 16, 2026

6.3.2

Platform 6.3.2 is a maintenance release containing enhancements, bug fixes, and security updates.

Enhancements (5)

Feature	Description
Canvas Debug Mode UI Updates (ENG-18749)	Updated Canvas Debug Mode color scheme and icon design in both Studio and Operations Manager for improved visibility and user experience.
MOP Template Description Support (ENG-18502)	Enabled setting descriptions for Command Templates and Analytic Templates during asset creation in projects, improving documentation capabilities.
NSO 6.5+ Transaction Comments (ENG-18189)	Added support for NSO 6.5+ transaction comments (`set_trans_comment`) to enhance integration capabilities with Cisco NSO.
Principal Caching Enhancements (ENG-18680)	Implemented principal caching security improvements to enhance authentication performance and security posture.
X-Forwarded-For Header Logging (ENG-16748)	Added `X-Forwarded-For` header logging in Platform Webserver logs to improve request tracing and security auditing.

Bug fixes (36)

Feature	Description
LCM runAction Task Recursion (ENG-19162)	Fixed issue where using LCM’s runAction task in a workflow caused discover references to infinitely recurse, crashing Studio. Improved task reference handling to prevent infinite loops.
Date Range Filter Crash (ENG-19075)	Resolved Operations Manager crash caused by invalid input in Date Range Filter. Enhanced input validation to prevent system crashes.
Workflow Engine Scheduler Race Condition (ENG-19016)	Fixed race condition in Workflow Engine scheduler that could cause timing-related execution issues. Improved thread safety and synchronization.
Run Windows Static Time Entries (ENG-19004)	Restored functionality for static time entries in Run Windows that were non-functional in version 6.3.1.
Radix Argument Error (ENG-18970)	Fixed production error “toString() radix argument must be between 2 and 36” by implementing proper input validation for number conversion operations.
Large File Import Size Limitation (ENG-18953)	Addressed issues with moving assets inside folders or importing large project files due to 15MB size limitation. Improved handling for large file operations.
Zoom to Selection Context Menu (ENG-18861)	Restored missing ‘Zoom to Selection’ option in task context menu on Operations Manager canvas.
Zoom to Selection Centering (ENG-18859, ENG-16346)	Fixed issue where ‘Zoom to Selection’ feature did not properly center the selected items on canvas in both Studio and Operations Manager.
IAP UI Login Performance (ENG-18707)	Resolved slow login performance issue inItential Platform UI that persisted after upgrade to 6.3.0. Optimized authentication workflow for improved response times.
MOP Template Metadata Dialog (ENG-18501)	Fixed issue where clicking the save button on metadata dialog for MOP Command Template or Analytic Template in projects caused import failures.
MOP Template Description Export (ENG-18500)	Resolved issue where descriptions for MOP Command Templates and Analytic Templates were not included during project export.
Workflow Description Persistence (ENG-18497)	Fixed issue where workflow description set during asset creation did not persist, and description field was missing in global space.
Transformation Extract Output (ENG-18486)	Corrected issue where Transformation task did not properly set Extract Output when outgoing schemas were modified. Ensured proper output mapping.
Workflow Promotion Issues (ENG-18475)	Fixed issue where workflows were missing after promoting a project from development to staging environment. Improved project promotion reliability.
Studio Task Palette Filter (ENG-18463)	Resolved task palette filter misbehavior when palette was displayed in wide mode. Improved filter behavior across different display configurations.
Generate Example Inputs Data Loss (ENG-18405)	Fixed issue where clicking “Generate Example Inputs” button wiped existing user data. Implemented proper data preservation logic.
Project Folder Creation (ENG-18401)	Resolved inability to create folders within projects. Restored folder creation functionality.
NSO 6.5+ Host Header Validation (ENG-18156)	Improved handling of HTTP 400 errors caused by strict Host header validation in NSO 6.5+. Enhanced compatibility with newer NSO versions.
Studio Canvas Task Corruption (ENG-17868)	Fixed race condition that could place corrupted tasks on Studio canvas. Improved task placement synchronization.
Workflow Start Error State (ENG-17841)	Resolved error state occurring on workflow Start node when variables were empty. Improved empty variable handling.
SLA Duration Input Validation (ENG-17838)	Fixed issue where duration input in workflow’s SLA/Pre-Automation Fields broke on invalid inputs. Added proper input validation.
JSON Forms Yang Widget Rendering (ENG-17639)	Resolved rendering failures for JSON Forms utilizing Yang Widget. Ensured proper widget initialization and display.
Auth Methods Access Handling (ENG-16755)	Fixed improper failure behavior when attempting to access authentication methods without proper permissions. Improved error handling and messaging.
JSON Form Builder Default Value (ENG-16304)	Fixed inability to set default value of 0 in number fields within JSON Form Builder. Corrected value validation logic.
Event Listener Job Multi-Cluster (ENG-15292)	Resolved failures of eventListenerJob task in multi-IAP clusters depending on number ofItential Platform instances. Improved cluster-aware task execution.
Command Template Regex in Transformation (ENG-14421)	Fixed production issue with command template regex processing in transformations. Improved regex handling and validation.
Run Templates Diff Task (ENG-13661)	Addressed issues preventing proper execution of Run Templates Diff task. Restored full task functionality.
Child Job Data Inconsistency (ENG-12562)	Fixed inconsistent data display between canvas and Job Details view for P6 child jobs. Ensured consistent data representation.
JST Schema Property Names (ENG-12304)	Resolved JST failure when schema property names contained the `#` character. Improved special character handling in schema properties.
JST Step Context Order (ENG-12294)	Fixed JST errors occurring when step context order did not match data flow. Improved context resolution logic.
JST Designer Infer Functionality (ENG-11251)	Resolved inconsistencies in JST Designer infer functionality including addition of empty "" property and data type mismatches. Improved schema inference accuracy.
Transformation Corruption (ENG-10647)	Fixed production issue where transformations became corrupted and non-functional. Implemented safeguards against transformation corruption.
Integration Thread Count Limit (ENG-9078)	Removed maximum threshold for IAP_INTEGRATION_THREAD_COUNT configuration to allow proper scaling for high-throughput scenarios.
Schema Combination Option Renaming (ENG-7533)	Fixed issue where renaming an option in a schema combination cleared all added fields for that option. Preserved field data during rename operations.
Transformation Canvas Scrollbar (ENG-7413)	Resolved production issue where transformation canvas scrollbar was not viewable. Improved UI layout and scrollbar visibility.
Transformation Function Closure (ENG-7269)	Fixed issue where closing a function while parent transformation was open would offset transitions. Improved state management for nested transformations.

Security fixes (5)

This release includes important security updates that address vulnerabilities in third-party packages and platform components.

Feature	Description
Prototype Pollution in axios (ENG-19229)	Updated axios package in itential-utils to resolve prototype pollution vulnerability. Enhanced input validation to prevent prototype chain manipulation.
Arbitrary Code Injection in jsonpath (ENG-19223)	Updated jsonpath package to address arbitrary code injection vulnerability. Implemented proper input sanitization for JSONPath expressions.
Node.js Version Upgrade (ENG-18855)	Upgraded Node.js versions in Platform Image to address security vulnerabilities and improve runtime security posture.
XSS in @remix-run/router (ENG-18425)	Updated @remix-run/router package to resolve Cross-site Scripting (XSS) vulnerability. Enhanced input sanitization in routing components.
Incomplete Filtering in validator (ENG-17677)	Updated validator package to address incomplete filtering of special elements vulnerability. Improved input validation and sanitization.

January 26, 2026

6.3.0

Itential Platform 6.3.0 is a minor release that includes Inventory Manager integration, Automation Studio enhancements, performance improvements, security updates, and critical bug fixes. This release addresses customer-reported issues and enhances platform stability and usability.

For an overview of the highlights and key features in this release, see the Platform 6.3.0 feature announcement.

Enhancements (9)

Feature	Description
Inventory Manager (ENG-18005)	Platform 6.3.0 adds Inventory Manager to the platform sidebar, providing integrated access to inventory management capabilities directly within the automation platform. Benefits: • Seamless navigation between automation workflows and inventory data • Improved efficiency for operations requiring device and asset information • Unified user experience across platform modules
Workflow Metadata Panel Deep Linking (ENG-17257)	Added support for URL parameters that enable direct navigation to workflow metadata panels, improving integration with external tools like Insights. New Capabilities: • URL parameter support for automatically opening workflow metadata panel • Works for both global and project-scoped workflows • Enhanced tooltip help text for Pre-Automation Time and SLA Per Workflow fields • Improved user guidance for workflow performance tracking Example URL: `https://{instance}.itential.io/{workflowId}?expandMetadataPanelOnFirstWorkflowOpen=true` Use Cases: • Navigate directly from Insights performance data to workflow settings • Quick access to edit Pre-Automation Time for ROI calculations • Streamlined workflow configuration updates
Workflow engine optimization (ENG-15586)	Added support for configurable rate limiting to control workflow task execution rates. Benefits: • Prevent system overload by controlling task execution speed • Maintain stable performance during high-volume workflow processing • Scale horizontally across multiple Platform instances

Feature	Description
Platform Responsiveness with Large Role Sets (ENG-18555)	Resolved critical performance issues affecting instances with large numbers of roles and methods, particularly impacting adapters with extensive method collections. Improvements: • Faster login times when using LDAP or local authentication • Improved UI responsiveness in Admin Essentials and Operations Manager • Optimized workflow execution performance • Reduced timeout incidents with load balancers Impact: Customers with gateway adapters containing thousands of allowed methods will experience significantly improved platform performance.
Nested Indexed Array Support (ENG-9417)	Fixed issue where nested indexed array elements in JSON Schema Transformation schemas were not selectable, enabling proper transformation configuration for complex data structures.
Special Character Handling in JST (ENG-11898, ENG-11954)	• Resolved issues with `%` symbol in property names causing transformation failures • Fixed schema corruption when renaming properties containing special characters • Improved URI validation and error handling
Enhanced JST Error Reporting (ENG-9088)	Regular expression errors in transformations are now properly captured and displayed in the UI, providing clear feedback to users instead of silent failures.
JST Schema Editability Improvements (ENG-3512)	Resolved inconsistencies in incoming schema editability, ensuring consistent behavior regardless of how transformations are accessed (via method card or sidebar navigation).
JST Duplicate Name Handling (ENG-7907)	Fixed issue allowing transformation renaming to duplicate names, preventing data display inconsistencies and confusion between transformations with identical names.

Bug fixes (13)

Feature	Description
AD-FS Identity Provider Authentication (ENG-17545)	• Fixed issue where AD-FS IdP login succeeded with empty username • Added validation to prevent login when UPN value is missing • Enhanced logging to identify missing identity provider values • Improved error messages for authentication failures
CyberArk Reference Handling (ENG-16734)	• Resolved issue where CyberArk secret path references in adapter configurations were incorrectly encrypted • Reference paths now remain intact, preventing adapter authentication failures
Scheduler Task Data References (ENG-11487)	• Updated scheduler to use new task data reference format • Ensures consistency with workflow engine task document structure • Aligns scheduled tasks with current data management architecture
Job View Display (ENG-4564)	• Fixed issue where job variables appeared empty in the 2023.2+ job view interface • Restored proper display of job variable data
doProvision Workflow Task Schema (ENG-18195)	• Corrected input parameter schema definition from incorrect array type to proper object type • Resolves task execution failures due to schema validation mismatches • Ensures compatibility between API and task implementations
Integration Deletion (ENG-16275)	• Fixed issue preventing integration deletion when confirmation dialog appeared • Resolved blank screen issue during integration deletion workflow
Project Workflow Import (ENG-17839)	• Fixed issue where imported project workflows appeared in global scope instead of project space • Ensures proper workflow organization and namespace isolation
JSON Forms Transformation Bindings (ENG-17772)	• Resolved mismatch between JSON form configuration view and runtime display • Ensures consistent form rendering across configuration and preview modes
Project JST Export/Import (ENG-9553)	• Fixed issue where JSTs used in childJob tasks were duplicated during project export • Resolved JST renaming issues on project import • Eliminated orphaned JST copies in database after project operations
Prebuilt Transformation Import (ENG-3435)	• Fixed issue where prebuilt import did not properly overwrite existing transformations with same name • Prevents duplicate transformations with different IDs
Large Data in Editor (ENG-10557)	• Resolved issue where large data in workflow editor reformatted unexpectedly • Prevents unwanted “dirty state” triggering in workflows • Improves editor performance with large datasets
Mock Data Workflow Import (ENG-17907)	• Fixed issue where workflows with mock data configured did not import properly
LCM Reference Handling (ENG-16401)	• Resolved failures when cloning, pulling, or branching remote projects containing invalid LCM resource references • Replaced temporary error notification with dialog offering continue/cancel options for better error handling

Security fixes (2)

Feature	Description
js-yaml Prototype Pollution (ENG-17654)	• Type: Prototype Pollution vulnerability • CVSS Score: 6.9 • Impact: Addressed vulnerability that could allow attackers to alter object prototypes through specially crafted YAML documents • Status: Resolved through dependency update
qs Package Resource Allocation (ENG-18115)	• Type: Allocation of Resources Without Limits or Throttling • CVSS Score: 8.7 • Impact: Fixed vulnerability that could cause server memory exhaustion through bracket notation parameter abuse • Status: Resolved through dependency update

January 26, 2026

6.3.1

Platform 6.3.1 is a maintenance release containing enhancements, bug fixes, and security updates.

Enhancements (1)

Improvement	Description
Workflow Engine Schema Validation (ENG-18679)	Fixed invalid JSON schemas in Workflow Engine that were causing error-level logging messages during platform startup, improving system diagnostics and reducing log noise.

Bug fixes (12)

Feature	Description
API Token Authentication (ENG-18885)	• Fixed issue where API tokens and service accounts were incorrectly returning 403 Forbidden errors• Restored proper authentication for token-based API access• Resolved authentication failures impacting automated integrations and service accounts
JSON Forms Dynamic Dropdowns (ENG-18508)	• Fixed issue where JSON Forms with dynamic dropdowns displayed “undefined” when opening the dropdown• Resolved discrepancy between successful API call in form settings and failed runtime display• Ensured proper data population for dynamic POST request dropdowns
Job Variable Handling (ENG-18151)	• Fixed job error “Cannot destructure property ‘location’ of ‘_0x2f4fa8’ as it is undefined”• Improved handling of missing job variables in push to array tasks• Addressed sub-optimal missing variable behavior causing job failures
Code Editor Component (ENG-18068)	• Fixed race condition in BackgroundTokenizer causing “Cannot read properties of null (reading ‘getLength’)” errors• Resolved issue where code editor component attempted to access document properties after unmounting• Improved editor component lifecycle management
OAuth Client Visibility (ENG-17392)	• Fixed issue where OAuth Client creation option remained visible when ITENTIAL_ADMIN_AUTH_PAGES_ENABLED environment variable was set to false• Ensured proper UI behavior for Cloud customers managing service accounts through Hub interface• Aligned interface options with environment variable configuration
OAuth2 Integration Models (ENG-16320)	• Fixed validation failure when creating OAuth2-capable Integration Models following documentation examples• Resolved issues preventing proper OAuth2 authentication configuration• Ensured compatibility with OAuth2-enabled API integrations
JST Schema Editor (ENG-12011)	• Fixed JST Designer Schema Editor errors occurring when property names contained forward slash (/) characters with incorrect types• Resolved validation errors in betterAjv.js library when processing properties with special characters• Restored proper save button functionality in schema editor
Masked Job Variables (ENG-11192)	• Fixed issue where renaming masked job variables left orphaned decorator entries in workflows• Resolved problem where old variable names appeared as masked in Operations Manager despite no longer being referenced• Ensured decorator array properly updates when job variable names change
JST Pointer Connections (ENG-10280)	• Fixed issue where JST pointers did not connect as expected when building map functions• Improved pointer behavior and connection logic in transformation designer• Enhanced user experience when creating complex transformations
JST Nested Functions Import (ENG-10021)	• Fixed issue where JSTs with nested functions imported incorrectly• Resolved ID conflict handling during function flattening process• Ensured proper reference resolution when moving nested functions to root level
Transformation Scoping (ENG-8392)	• Fixed incorrect scoping when creating transformations directly from child job task panel in unsaved workflows within projects• Resolved URL routing issue that caused loss of unsaved workflow changes• Ensured transformations are properly scoped to their containing project
Transformation Comment Timestamps (ENG-6498)	• Fixed issue where comments on transformations displayed dates one month earlier than actual creation date• Corrected date formatting logic for transformation comment timestamps• Ensured accurate timestamp display for all transformation comments

Security fixes (1)

Platform 6.3.1 includes important security updates that address vulnerabilities in third-party packages.

Feature	Description
Out-of-bounds write vulnerability (ENG-18428)	Updated gnupg2/gpgv package to resolve the CWE-787 Out-of-bounds Write vulnerability (CVSS Score: 7.0).

December 19, 2025

6.2.0

Platform 6.2.0 is a minor release that introduces Canvas Mock mode, along with bug fixes and security updates.

For an overview of the highlights and key features in this release, see the Platform 6.2.0 feature announcement.

Enhancements (8)

Feature	Description
Canvas mock data validation (ENG-13565)	Added mock data validation to verify that test data conforms to workflow requirements before execution. The feature provides visual feedback when mock data requires updates, such as when tasks or transitions are missing or when schema mismatches occur.
Operations Manager failure iconography for tasks (ENG-13432)	Updated task icons to support failure iconography in Operations Manager for query and manual tasks.
JSON-formatted logging API support (ENG-15618)	Added support for JSON-formatted logging and updated the logging API to align with the HLD specification, including support for message and context objects.
Relocatable RPM installation support (ENG-15941, ENG-17185)	Added support for relocatable RPM-based installation into custom directories using the —relocate flag. Multiple custom service directories can be specified with a comma-delimited list in the `service_directory` configuration property.
Service Manager RPM SHA256 checksums (ENG-16405)	Added SHA256 checksums for Service Manager 6 RPM packages on both x86_64 and ARM64 architectures to verify package integrity and ensure they haven’t been tampered with.
Automation Triggers formData wrapping label (ENG-16440)	Updated the formData wrapping option in Automation Triggers to use clearer, feature-focused language. The term “legacy” has been removed from labels and tooltips.
Docker image sudo configuration removal (ENG-16454)	Removed sudo configuration from Docker images as it is no longer needed for the TemplateBuilder jail.
Workflow selection area name display (ENG-16660)	Expanded the workflow selection area to display more of the workflow’s name.

For more information about our highlighted feature improvements for this release, see Platform 6.2 Feature Release Announcement.

Bug fixes (55)

Feature	Description
Operations Manager auto-work reliability (ENG-2675)	Improved the reliability of the auto work feature in Operations Manager.
Automatic integration model validation on upload (ENG-2939)	Added automatic integration model validation on upload to support OpenAPI specifications like Netbox.
JST canvas live preview error styling (ENG-3382)	Corrected the styling and removal of live preview errors in JST canvas.
Lifecycle Manager Resource Instance defaults (ENG-3699)	Fixed an issue where sensible defaults weren’t being provided to new Resource Instance forms in Lifecycle Manager, which caused save and modification failures.
Show JSON Form task slash in form name (ENG-4761)	Resolved an issue where the Show JSON Form task failed when slashes were present in the form name.
Applications submenu missing from Studio (ENG-5851)	Fixed an issue where the “Applications” submenu was missing from Automation Studio.
JSON Form import name with parentheses (ENG-6243)	Fixed a bug where importing a JSON Form with a name containing text in parentheses caused the system to append “NaN)” to the name, leading to duplicate forms with incorrect names.
Search palette canvas styling when closed (ENG-6600)	Prevented the search styling from activating when the search palette is not open in canvas.
isError variable exclusion from input schema (ENG-7171)	Added a check to exclude variables with the isError flag from the input schema while maintaining them in the output schema.
Run window job variable schema regeneration (ENG-7284)	Fixed a schema regeneration bug that occurred when disabling the run window with a job variable.
Operations Manager missing form graceful handling (ENG-7412)	Missing forms are now gracefully handled in Operations Manager manual tasks.
LCM action pre-JST dollar sign encoding (ENG-7789)	Fixed a Lifecycle Manager action pre-JST encoding bug where dollar sign ($) characters in workflow schemas appeared as “2”.
Job description search filter trailing characters (ENG-7957)	Updated the job description search filter to preserve trailing dots and zeros in search queries.
JSON Form state sharing between tabs (ENG-7969)	Resolved an issue where switching between different JSON forms in separate tabs caused form state to be incorrectly shared, leading to dropdown option changes in one form appearing in another.
Broker logging for adapter exclusion and device lookup (ENG-7999, ENG-13934)	Enhanced broker logging to provide better diagnostics when adapters are excluded, devices cannot be found during command execution, or when communicating with IAG over the device broker.
Project import duplicate ID detection (ENG-8052, ENG-8066)	Fixed project import issues including duplicate project ID detection and preventing multiple copies from being created when “import” is clicked too quickly.
Task deletion transition cleanup (ENG-8465, ENG-8490)	Improved task deletion behavior to only remove transitions to and from the deleted task and fixed validation errors that occurred when deleting tasks referenced in run window schedules or used as job references.
updateForm API stale data return (ENG-8550)	Fixed the updateForm API to return updated data instead of stale data.
Unsaved changes dialog on workflow navigation (ENG-9350)	Improved the unsaved changes dialog interaction during workflow navigation.
LCM special character sanitization in action names (ENG-9431)	Lifecycle Manager now sanitizes special characters (&, +) in action names for workflows. Previously, it would fail to create the workflow.
Workflow created date typo fix (ENG-9839)	Fixed a typo that caused incorrect created dates for new workflows in projects.
Integration Engine model resolution performance (ENG-9902)	Fixed performance issues in the Integration Engine that caused extended processing times when resolving integration models.
Add Asset To Project continue button state (ENG-9906)	The “Add Asset To Project” continue button now properly disables when the project selection is cleared.
Task Palette canvas click block when closed (ENG-10228)	Fixed an issue where the Task Palette blocked clicking on canvas when closed.
RPM directory ownership correction (ENG-10282)	RPMs are now bundled with all directories owned by itential, correcting directory ownership.
Automation workflow dropdown componentId update (ENG-10378)	Selecting a new workflow in the dropdown of an automation now correctly updates both componentId and componentName in the database.
Manual Adapter ID entry in Studio (ENG-10417)	Fixed Manual Entry of task Adapter IDs within Automation Studio, which was preventing users from entering Adapter IDs that are not currently present.
Child job orphaned JST canvas crash (ENG-10656)	Resolved an issue where child jobs with references to orphaned or deleted JSTs would crash the canvas UI when viewing the child job’s properties.
Automation group selection pagination limit (ENG-10752)	Fixed pagination limits for group selection in automation properties to support more than 100 groups.
NPM artifact internal file inclusion (ENG-10955)	Fixed an issue where internal files were incorrectly included with NPM artifacts.
LCM action execution navigation (ENG-11413)	Resolved an issue where opening a Lifecycle Manager (LCM) action execution from workflow tasks was not navigating correctly.
Task documentation links to 2023.2 (ENG-11433)	Updated task documentation links to point to 2023.2 until Platform 6 documentation links are stable.
Studio git group-based project access (ENG-11482)	Enhanced the git permissions verification system in Automation Studio to properly support group-based project access, ensuring users with group membership have appropriate access to git operations.
LCM resource model workflow identifier string type (ENG-11709)	Added string type support to the workflow identifier in the resource model JSON schema, allowing imported LCM models with missing Action workflows to be modified.
Job document null variable migration crash (ENG-12302)	Fixed an issue where incoming variable objects in jobs that were set to null would crash Workflow Engine on startup while attempting to migrate job documents.
Integration TLS settings on token retrieval (ENG-12883)	Fixed an issue where integrations were not respecting TLS settings when a token retrieval step was configured.
Asset JSON export with unsaved changes blob (ENG-12946)	Fixed a bug where exporting an asset as JSON would display the exported blob if the workflow had unsaved changes.
Syslog transport error handler (ENG-13718)	Added an error handler to the syslog transport to prevent application crashes when the transport encounters errors.
Broker logging for excluded adapters and devices (ENG-13934)	Enhanced broker logging to provide better diagnostics when adapters are excluded or devices cannot be found during command execution.
Evaluation task strictTypes option (ENG-14609)	Added a “strictTypes” option to the evaluation task that skips all operand type inference when evaluating operand values, resolving comparison issues between numeric and non-numeric strings.
Config Manager invalid configuration crash (ENG-14934)	Configuration Manager no longer crashes when invalid configuration is provided.
Config Manager manual tasks in build (ENG-15154)	Configuration Manager manual tasks are now included in the build and can be successfully executed.
Loop transition validation in workflow engine (ENG-15804)	Added loop transition validation to the backend workflow engine to prevent invalid transitions from inside a loop to outside of a loop.
Jinja2 template newline JSON parse error (ENG-15926)	Fixed Jinja2 template result JSON parsing errors that occurred when newlines were present.
Project import asset reference conflict errors (ENG-16090, ENG-16401, ENG-17319)	Improved project import error handling including clearer error messages for asset reference conflicts, graceful handling of missing LCM resource references with continue/cancel options, and fixed race conditions when multiple workflows reference non-existent user accounts.
Rename failure UI revert to original name (ENG-16261)	Ensured that when a rename operation fails (e.g., due to duplicate names), the UI reverts to the original name and displays an appropriate error message.
Project iid=0 URL blank page fix (ENG-16377)	Fixed a bug where opening a project with iid=0 in the URL showed a blank page instead of redirecting to the first available asset.
NSO adapter getDevicesFiltered compliance fix (ENG-16459)	Fixed an issue in adapter-nso where getDevicesFiltered failed to return devices, causing device loading errors in Compliance Plans.
Automation import duplicate trigger fix (ENG-16989)	Fixed an issue where importing an automation that already exists would duplicate triggers.
Dead process checker service ping suppression (ENG-16994)	Stopped unnecessary service ping packets from being sent when the dead process checker is disabled.
FIPS-compliant SSH key algorithms in NSO adapter (ENG-17044)	Added support for all FIPS-compliant SSH key algorithms in the NSO adapter, resolving connection failures on RHEL systems running in FIPS mode. Updated underlying SSH libraries to ensure compatibility without relying on non-approved keys like ssh-ed25519.
Render JSON Schema form display fix (ENG-17274)	Fixed an issue where render JSON Schema wouldn’t display the form.
Manual trigger form pre-populated data display (ENG-17347)	Fixed manual trigger forms not displaying pre-populated data when clicking “Run Now” and restored “Save and Run” functionality to immediately execute jobs instead of opening the run window.
AG Manager configuration on cluster restart (ENG-17458, ENG-17558)	Improved AG Manager configuration handling duringItential Platform cluster restarts. AG Manager now self-manages its configuration setup on application start, and Core excludes AG Manager from its initial configuration broadcast to prevent temporary loss of methods.
phui files restore for dynamic forms (ENG-17596)	Re-added missing phui and supporting files to restore dynamic form functionality.

Security fixes (2)

Feature	Description
jws cryptographic signature verification (ENG-17553)	Updated the jws dependency to resolve an improper verification of cryptographic signature vulnerability.
xml2js security update in NSO adapter (ENG-17694)	Upgraded xml2js to v0.6.0 in adapter-nso, resolving parsing issues and security vulnerabilities while improving overall stability.

November 5, 2025

6.1.2

Platform 6.1.2 is a maintenance release containing enhancements, bug fixes, and security updates.

Enhancements (3)

Feature	Description
Canvas Debug Mode UI enhancements (ENG-16048, ENG-16050, ENG-16055, ENG-16056)	Improved Canvas Debug Mode usability with UI enhancements including renaming the “Mock Data” tab to “Mocked Tasks”, relocating the delete scenario button, better indication of required fields, and clearer messaging for failure transition outputs.
AG Manager Redis-based configuration storage (ENG-16182)	AG Manager now uses Redis-based configuration storage for automatic cluster-wide synchronization. For more information, see Automatic discovery in IAG.
Mock Data failure transition output display (ENG-16456)	Updated the failure transition type view in the Mock Data dialog to display “output is null” for improved user experience.

Bug fixes (18)

Feature	Description
Manual tasks in MOP templates and Form Builder (ENG-16710)	Restored functionality for manual tasks in MOP templates and Form Builder.
Forms blocked by failed jQuery query calls (ENG-16481)	Resolved issue where forms were blocked by failed query calls. Forms now execute successfully within workflows despite jQuery dependency issues.
Integration Model OpenAPI 3.0.4 rejection (ENG-16268)	Updated the Integration Model import process to reject OpenAPI 3.0.4 models, preventing compatibility issues. Integration Models without authentication now work as expected.
Template Builder without tmp directory access (ENG-16175)	Template Builder now operates without requiring access to the `/tmp/iap_python_jail` directory or sudo chroot access to run Jinja2 templates, enabling functionality in STIG’ed and FIPS-enabled environments.
Asset tab workflow drag to childJob task (ENG-15842)	Enabled dragging workflows from the Asset tab to automatically create childJob tasks with properly populated incoming variables based on the workflow’s input schema.
Operations Manager GBAC automation import (ENG-15672)	Fixed import issue in Operations Manager where Automations with GBAC groups that don’t exist on the target system would import but remain inaccessible. Automations are now properly visible after import.
Save and Run button trigger execution (ENG-15306)	Corrected the ‘Save and Run’ button functionality to properly execute triggers after saving.
Ops Manager excessive myTtl API calls (ENG-15201)	Eliminated excessive API calls to `/myTtl` from Operations Manager.
Workflow rename metadata UI display (ENG-10398)	Fixed issue where renaming a workflow from the metadata would prevent the UI from displaying tasks and connections in Automation Studio.
Service discovery index creation race condition (ENG-9934)	Resolved race condition in service discovery during index creation in high availability environments.
Integration instance configurable timeout (ENG-8982)	Added support for configurable timeout values on integration instances, restoring timeout functionality.
Studio engineer/operator role unauthorized error (ENG-7332)	Users with default “engineer” and “operator” roles no longer see unauthorized access error messages on the Studio landing page.
Recent Tasks palette on workflow open (ENG-6662)	Resolved issue where the Recent Tasks palette failed to populate when opening a workflow.
Project Builder sort page position (ENG-4949)	Fixed sorting in Project Builder to maintain current page position after sorting and implement case-insensitive alphabetical ordering.
JST ID search crash in Studio collections (ENG-4110)	Corrected issue where searching for a JST by ID in the Studio collections dialog caused the Itential Platform UI to crash. Search now functions as expected.
Job variable read-only in reference view mode (ENG-3183)	Job variables can no longer be modified when a user is in reference view mode.
Project asset naming and linking in search (ENG-2894)	Corrected naming convention for project assets in system search results and fixed linking to project assets.
Project asset search special character escaping (ENG-2890)	Implemented regex expression to properly escape special characters when searching for workflows in Studio.

Security fixes (5)

Feature	Description
Multiple Snyk vulnerabilities by upgrading dependencies… (ENG-13145, ENG-13147, ENG-16416, ENG-16642, ENG-16656, ENG-16657, ENG-16658, ENG-16673, ENG-16677)	Resolved multiple Snyk vulnerabilities by upgrading dependencies across coreItential Platform components, adapters, and applications.
Operations Manager automation XSS fix (ENG-15651, ENG-15652, ENG-15653, ENG-15750, ENG-15751)	Fixed DOM-based XSS vulnerabilities in Operations Manager automation interface, DeviceGroup Titlebar component, and SVG rendering. Implemented URL sanitization in useUserGroupedAppsQuery.jsx.
URL component Open Redirect sanitization (ENG-15654)	Implemented URL component sanitization to resolve Open Redirect vulnerability in src/common/utils.js.
axios resource allocation vulnerability (ENG-15657, ENG-15676)	Updated axios to version 1.12.2 to address resource allocation vulnerability.
Path traversal vulnerability in itential-utils (ENG-15669, ENG-16310)	Resolved path traversal vulnerabilities by enhancing file path validation in itential-utils.

October 8, 2025

6.1.1

Platform 6.1.1 is a maintenance release containing enhancements, bug fixes, and security updates.

Enhancements (12)

This release introduces the following enhancements to the Itential Platform.

Feature	Description
Resource discovery unit tests (ENG-9617)	Added unit tests to resource-discovery list.test.js and validate.test.js.
Unused files and dependencies removal (ENG-10705)	Removed all unused files, code, and dependencies in Platform 6.
Child job variable masking (ENG-11320)	Updated the Child Job task to support masking of incoming and outgoing variables.
Transformation task variable masking (ENG-11321)	All input and output variables configured on a Transformation task are now individually maskable.
Task execution actor type restriction (ENG-11352)	Added support for restricting task execution based on actor type. Implemented this functionality for Studio’s getProject method.
Redis initial connection timeout config (ENG-11965)	Added a configurable timeout parameter for initial Redis connection during Platform startup.
JSON Forms JST dependency removal (ENG-12858)	Removed JSON Forms dependency on the JST library by using HTTP API calls to retrieve and run transformations in dynamic dropdowns.
Workflow Engine task worker rate limiting (ENG-13929)	Added rate limiting to the Workflow Engine task worker to improve system stability under high load.
TLS version configuration support (ENG-14617)	Added support for configuring minimum and maximum TLS versions (including TLS 1.3) used by theItential Platform web server.
Canvas transition color accessibility (ENG-14860)	Updated Success and Loop transition line colors in Canvas to meet accessibility standards.
BullMQ shutdown cleanup (ENG-14995)	Configured BullMQ cleanup on shutdown to improve resource management.
Web server total_time_ms log field (ENG-15813)	Added `total_time_ms` field to webserver.log, which measures request-to-response time in milliseconds.

Bug fixes (27)

Platform 6.1.1 release includes fixes for potential bugs and issues detected in a controlled testing environment before making the software available.

Feature	Description
Studio search with special characters in names (ENG-2571)	Fixed a search issue that prevented templates and transformations containing special characters (e.g., ‘`*`’) from being found in the Project builder.
Unusable shortcuts for transformations within projects (ENG-2891)	Removed unusable shortcuts for transformations within projects.
Canvas controls cut off in project editor (ENG-3420)	Fixed an issue where Canvas controls on a transformation were partially cut off when the function tab bar was opened in the Projects editor.
JSON Form file upload size error message (ENG-4769)	Improved the error message displayed when uploading files via JSON Form that exceed the maximum size limit.
Workflow group with project assets restriction (ENG-4774)	Fixed an issue that incorrectly allowed users to create Workflow Groups with Project assets.
Studio read-only banner accuracy (ENG-5403)	The read-only banner now displays only when users truly have read-only access to projects.
Device count failure handling (ENG-8269)	Fixed an issue that caused device counts to fail when devices couldn’t be found, and resolved cases where device counts of 0 were not recorded.
Integration instance log settings (ENG-8932)	Fixed Integration Instances to correctly refer to their individual log settings rather than the Platform-level log configuration when logging request activity.
Compliance report error tooltip (ENG-9267)	Added a tooltip to display quick error messages for items with ‘error’ status in compliance reports.
Create group API role assignment (ENG-9372)	Fixed an issue where groups and roles added to a custom group via the create group API were not properly reflected on users in the new group.
Health API Vault status check (ENG-9451)	Fixed invalid healthcheck in the Health API to ensure accurate Vault status reporting at the `/health/status` endpoint.
Integration model conversion error handling (ENG-9559)	Fixed an issue where Integration Models that errored during conversion caused subsequent Integration Models to fail to load into the platform.
iapGetAdapterQueue debug task (ENG-10281)	Added `iapGetAdapterQueue` task to improve debugging when the automation gateway adapter produces TimeoutOverflowWarning errors with throttling enabled.
JST incoming/outgoing schema issues (ENG-10352)	Fixed multiple JST issues related to special characters in schema `$id`, property names, and function names that could prevent assignments from being drawn or cause JST runtime failures. Also improved error visibility in the schema editor and added notifications for invalid assignments.
Project import createdBy field failure (ENG-10364)	Fixed an issue where projects containing workflows with a `createdBy` field would fail to import by removing this field during import.
Task worker shutdown scheduled task impact (ENG-10795)	Fixed an issue where stopping the task worker affected the ability to handle scheduled tasks until the instance was restarted.
Transformation internal function backspace delete (ENG-10848)	Fixed an issue where transformation internal functions disappeared when pressing backspace.
JST if-else conditional path evaluation (ENG-11148)	Fixed a JST issue where adding an else-if conditional path from the if…else method did not properly update subsequent conditional paths, causing incorrect evaluation. Added a warning when opening corrupted transformations to notify users.
JSON schema date formatting on copy to project (ENG-12405)	Fixed date formatting for JSON schemas when copying assets into a project space.
getTriggers deleted JSON form error (ENG-14364)	Fixed an issue with the getTriggers API where schedule triggers referencing non-existent JSON forms returned errors, preventing other triggers from working.
Project import asset loss (ENG-14405)	Fixed an issue that caused loss of assets when importing a project.
AG Manager task execution crash handling (ENG-14483)	Added additional error handling to prevent crashes during AG Manager task executions.
Asset tab task outgoing variable loss (ENG-14897)	Fixed an issue where adding a Child Job, Show JSON Form, Run Command/Analytic Template, or Apply Template task from the Assets tab stripped outgoing variables from the task.
Loop-to-outside transition prevention (ENG-14970)	Prevented users from drawing transitions from inside a loop to outside a loop.
Operations Manager ancestor job query performance (ENG-15013)	Fixed Operations Manager Jobs page stability issues that occurred with many jobs having more than 1,000 ancestor jobs. Updated the page to minimize database queries and resolved UI issues with the jobs table.
Event system and web server separation (ENG-15227)	Separated the Platform Event System from the HTTP Web Server process to eliminate the impact of high event throughput on platform performance.
Duplicate key error message (ENG-15538)	Updated error message when duplicate keys cause issues.

Security fixes (14)

Platform 6.1.1 includes important security updates that address vulnerabilities in third-party packages and enhance data protection measures.

Feature	Description
semver vulnerable version update (ENG-11009)	Updated packages to resolve security vulnerabilities in the semver package.
d3-color security update (ENG-11632)	Fixed security vulnerability in the d3-color package.
Config Manager XSS in export functions (ENG-13131)	Enhanced Configuration Manager export functions with secure download functionality, including data sanitization and safer DOM manipulation to prevent XSS vulnerabilities across all export operations (device groups, backups, golden configs, templates, compliance plans, and config parsers).
Dev Tools repository removal (ENG-13182)	Removed Dev Tools from the repository (not customer-impacting).
axios 1.11.0 security update (ENG-15142)	Updated axios to version 1.11.0 to fix security vulnerability.
express and body-parser security update (ENG-15175)	Updated express and body-parser to resolve security vulnerabilities.
express and body-parser security update (ENG-15176)	Updated express and body-parser to resolve security vulnerabilities.
express and body-parser security update (ENG-15177)	Updated express and body-parser to resolve security vulnerabilities.
express and body-parser security update (ENG-15178)	Updated express and body-parser to resolve security vulnerabilities.
express and body-parser security update (ENG-15179)	Updated express and body-parser to resolve security vulnerabilities.
Cookie XSS security update (ENG-15181)	Updated express and body-parser to resolve XSS vulnerability in cookie.
express body-parser XSS security update (ENG-15450)	Updated express and body-parser to resolve XSS vulnerability.
Emotion @babel/runtime vulnerability (ENG-15510)	Updated emotion dependencies to fix vulnerability in @babel/runtime.
Emotion packages and axios security update (ENG-15512)	Upgraded @Emotion packages (css, react, styled) and axios from 1.8.4 to 1.12.2 to address resource allocation security issues.