Subscribe to our RSS feed or by email to receive automatic notifications when new releases are published.
Get notified when we ship new features and improvements.
6.3.0
Itential Platform 6.3.0 is a minor release that includes Inventory Manager integration, Automation Studio enhancements, performance improvements, security updates, and critical bug fixes. This release addresses customer-reported issues and enhances platform stability and usability.
For an overview of the highlights and key features in this release, see the Platform 6.3.0 feature announcement.
Enhancements (9)
| Feature | Description |
|---|---|
| Inventory Manager (ENG-18005) | Platform 6.3.0 adds Inventory Manager to the platform sidebar, providing integrated access to inventory management capabilities directly within the automation platform. Benefits: • Seamless navigation between automation workflows and inventory data • Improved efficiency for operations requiring device and asset information • Unified user experience across platform modules |
| Workflow Metadata Panel Deep Linking (ENG-17257) | Added support for URL parameters that enable direct navigation to workflow metadata panels, improving integration with external tools like Insights. New Capabilities: • URL parameter support for automatically opening workflow metadata panel • Works for both global and project-scoped workflows • Enhanced tooltip help text for Pre-Automation Time and SLA Per Workflow fields • Improved user guidance for workflow performance tracking Example URL: https://{instance}.itential.io/{workflowId}?expandMetadataPanelOnFirstWorkflowOpen=true Use Cases: • Navigate directly from Insights performance data to workflow settings • Quick access to edit Pre-Automation Time for ROI calculations • Streamlined workflow configuration updates |
| Workflow engine optimization (ENG-15586) | Added support for configurable rate limiting to control workflow task execution rates. Benefits: • Prevent system overload by controlling task execution speed • Maintain stable performance during high-volume workflow processing • Scale horizontally across multiple Platform instances |
| Feature | Description |
|---|---|
| Platform Responsiveness with Large Role Sets (ENG-18555) | Resolved critical performance issues affecting instances with large numbers of roles and methods, particularly impacting adapters with extensive method collections. Improvements: • Faster login times when using LDAP or local authentication • Improved UI responsiveness in Admin Essentials and Operations Manager • Optimized workflow execution performance • Reduced timeout incidents with load balancers Impact: Customers with gateway adapters containing thousands of allowed methods will experience significantly improved platform performance. |
| Nested Indexed Array Support (ENG-9417) | Fixed issue where nested indexed array elements in JSON Schema Transformation schemas were not selectable, enabling proper transformation configuration for complex data structures. |
| Special Character Handling in JST (ENG-11898, ENG-11954) | • Resolved issues with % symbol in property names causing transformation failures • Fixed schema corruption when renaming properties containing special characters • Improved URI validation and error handling |
| Enhanced JST Error Reporting (ENG-9088) | Regular expression errors in transformations are now properly captured and displayed in the UI, providing clear feedback to users instead of silent failures. |
| JST Schema Editability Improvements (ENG-3512) | Resolved inconsistencies in incoming schema editability, ensuring consistent behavior regardless of how transformations are accessed (via method card or sidebar navigation). |
| JST Duplicate Name Handling (ENG-7907) | Fixed issue allowing transformation renaming to duplicate names, preventing data display inconsistencies and confusion between transformations with identical names. |
Bug fixes (13)
| Feature | Description |
|---|---|
| AD-FS Identity Provider Authentication (ENG-17545) | • Fixed issue where AD-FS IdP login succeeded with empty username • Added validation to prevent login when UPN value is missing • Enhanced logging to identify missing identity provider values • Improved error messages for authentication failures |
| CyberArk Reference Handling (ENG-16734) | • Resolved issue where CyberArk secret path references in adapter configurations were incorrectly encrypted • Reference paths now remain intact, preventing adapter authentication failures |
| Scheduler Task Data References (ENG-11487) | • Updated scheduler to use new task data reference format • Ensures consistency with workflow engine task document structure • Aligns scheduled tasks with current data management architecture |
| Job View Display (ENG-4564) | • Fixed issue where job variables appeared empty in the 2023.2+ job view interface • Restored proper display of job variable data |
| doProvision Workflow Task Schema (ENG-18195) | • Corrected input parameter schema definition from incorrect array type to proper object type • Resolves task execution failures due to schema validation mismatches • Ensures compatibility between API and task implementations |
| Integration Deletion (ENG-16275) | • Fixed issue preventing integration deletion when confirmation dialog appeared • Resolved blank screen issue during integration deletion workflow |
| Project Workflow Import (ENG-17839) | • Fixed issue where imported project workflows appeared in global scope instead of project space • Ensures proper workflow organization and namespace isolation |
| JSON Forms Transformation Bindings (ENG-17772) | • Resolved mismatch between JSON form configuration view and runtime display • Ensures consistent form rendering across configuration and preview modes |
| Project JST Export/Import (ENG-9553) | • Fixed issue where JSTs used in childJob tasks were duplicated during project export • Resolved JST renaming issues on project import • Eliminated orphaned JST copies in database after project operations |
| Prebuilt Transformation Import (ENG-3435) | • Fixed issue where prebuilt import did not properly overwrite existing transformations with same name • Prevents duplicate transformations with different IDs |
| Large Data in Editor (ENG-10557) | • Resolved issue where large data in workflow editor reformatted unexpectedly • Prevents unwanted “dirty state” triggering in workflows • Improves editor performance with large datasets |
| Mock Data Workflow Import (ENG-17907) | • Fixed issue where workflows with mock data configured did not import properly |
| LCM Reference Handling (ENG-16401) | • Resolved failures when cloning, pulling, or branching remote projects containing invalid LCM resource references • Replaced temporary error notification with dialog offering continue/cancel options for better error handling |
Security fixes (2)
| Feature | Description |
|---|---|
| js-yaml Prototype Pollution (ENG-17654) | • Type: Prototype Pollution vulnerability • CVSS Score: 6.9 • Impact: Addressed vulnerability that could allow attackers to alter object prototypes through specially crafted YAML documents • Status: Resolved through dependency update |
| qs Package Resource Allocation (ENG-18115) | • Type: Allocation of Resources Without Limits or Throttling • CVSS Score: 8.7 • Impact: Fixed vulnerability that could cause server memory exhaustion through bracket notation parameter abuse • Status: Resolved through dependency update |
6.3.1
Platform 6.3.1 is a maintenance release containing enhancements, bug fixes, and security updates.
Enhancements (1)
| Improvement | Description |
|---|---|
| Workflow Engine Schema Validation (ENG-18679) | Fixed invalid JSON schemas in Workflow Engine that were causing error-level logging messages during platform startup, improving system diagnostics and reducing log noise. |
Bug fixes (12)
| Feature | Description |
|---|---|
| API Token Authentication (ENG-18885) | • Fixed issue where API tokens and service accounts were incorrectly returning 403 Forbidden errors• Restored proper authentication for token-based API access• Resolved authentication failures impacting automated integrations and service accounts |
| JSON Forms Dynamic Dropdowns (ENG-18508) | • Fixed issue where JSON Forms with dynamic dropdowns displayed “undefined” when opening the dropdown• Resolved discrepancy between successful API call in form settings and failed runtime display• Ensured proper data population for dynamic POST request dropdowns |
| Job Variable Handling (ENG-18151) | • Fixed job error “Cannot destructure property ‘location’ of ‘_0x2f4fa8’ as it is undefined”• Improved handling of missing job variables in push to array tasks• Addressed sub-optimal missing variable behavior causing job failures |
| Code Editor Component (ENG-18068) | • Fixed race condition in BackgroundTokenizer causing “Cannot read properties of null (reading ‘getLength’)” errors• Resolved issue where code editor component attempted to access document properties after unmounting• Improved editor component lifecycle management |
| OAuth Client Visibility (ENG-17392) | • Fixed issue where OAuth Client creation option remained visible when ITENTIAL_ADMIN_AUTH_PAGES_ENABLED environment variable was set to false• Ensured proper UI behavior for Cloud customers managing service accounts through Hub interface• Aligned interface options with environment variable configuration |
| OAuth2 Integration Models (ENG-16320) | • Fixed validation failure when creating OAuth2-capable Integration Models following documentation examples• Resolved issues preventing proper OAuth2 authentication configuration• Ensured compatibility with OAuth2-enabled API integrations |
| JST Schema Editor (ENG-12011) | • Fixed JST Designer Schema Editor errors occurring when property names contained forward slash (/) characters with incorrect types• Resolved validation errors in betterAjv.js library when processing properties with special characters• Restored proper save button functionality in schema editor |
| Masked Job Variables (ENG-11192) | • Fixed issue where renaming masked job variables left orphaned decorator entries in workflows• Resolved problem where old variable names appeared as masked in Operations Manager despite no longer being referenced• Ensured decorator array properly updates when job variable names change |
| JST Pointer Connections (ENG-10280) | • Fixed issue where JST pointers did not connect as expected when building map functions• Improved pointer behavior and connection logic in transformation designer• Enhanced user experience when creating complex transformations |
| JST Nested Functions Import (ENG-10021) | • Fixed issue where JSTs with nested functions imported incorrectly• Resolved ID conflict handling during function flattening process• Ensured proper reference resolution when moving nested functions to root level |
| Transformation Scoping (ENG-8392) | • Fixed incorrect scoping when creating transformations directly from child job task panel in unsaved workflows within projects• Resolved URL routing issue that caused loss of unsaved workflow changes• Ensured transformations are properly scoped to their containing project |
| Transformation Comment Timestamps (ENG-6498) | • Fixed issue where comments on transformations displayed dates one month earlier than actual creation date• Corrected date formatting logic for transformation comment timestamps• Ensured accurate timestamp display for all transformation comments |
Security fixes (1)
Platform 6.3.1 includes important security updates that address vulnerabilities in third-party packages.
| Feature | Description |
|---|---|
| Out-of-bounds write vulnerability (ENG-18428) | Updated gnupg2/gpgv package to resolve the CWE-787 Out-of-bounds Write vulnerability (CVSS Score: 7.0). |
