Product Update - v24.13
Details of the product update v24.13 from the 28th of March 2024.
New Features
Added support for flow variables in Recipes
The Recipe author has a possibility to declare variables in Recipe and use its values in the Flow templates.
User can access these variables via $getFlowVariables().{variable_name}.
The usage example of storing these variables can be found in API documentation in Recipes endpoint in variables section.
Improved Email template texts for deleting Workspace/Contract/Membership actions
The next e-mails now contain the name of the User who triggered the deletion process:
- Delete Workspace.
- Delete Contract.
- Remove Member from Workspace.
- Remove Member from Contract.
- Remove Member from Developers team.
HMAC SHA-256 authorization method
Now the SHA-256 encryption algorithm is supported in Webhook credentials.
Increased time of possible restoring flow before permanent removal to 48 hours
CronJob value responsible for time of possible flow recovery (see Release 23.44) before permanent deletion is increased to 48 hours.
Beautify cUrl in the Implement section of the flow-designer
Now the JSON in the Implement section displays beautified to read the flow’s structure more easily.
Enable Subscribe to errors by default for the flow creator
Subscribe to errors feature is automatically activated for the creator of the flow by default. User can unsubscribe to errors via gear menu at the Flow card. Also any user can subscribes to not his own flow in the workspace.
Avoided vulnerabilities
Vulnerability CWE-601 “Open Redirect”
Fixed vulnerability by removing domain by default.
Update @elastic.io/jsonata-moment to avoid vulnerability
Updated @elastic.io/jsonata-moment to 1.1.6 to fix a vulnerability found in jsonata 1.8.6 (migrated jsonata to 1.8.7).
Update @elastic.io/component-commons-library to avoid vulnerability
Got rid of @elastic.io/component-commons-library lib as a dependency to avoid circular dependency. The only function that was used from that library has been moved to this library source code.
Update JSONata to 1.8.7 to resolve vulnerability
Update JSONana version in the jsonata-moment library.
Update @elastic.io/maester-client to new version to avoid vulnerability
@elastic.io/maester-client updated to 5.0.2
The new elasticio-sailor-nodejs version 2.7.2 was released.
Fixed Bugs
- FIXED Subscribe to errors check mark disappears after UI reload.
- FIXED
$getPassthrough()function is not available in the UI when the previous step’s sample is an array. - FIXED Grant/Revoke support access button is not displayed on Workspace page if it configured on the tenant level, not per contract.
- FIXED The
monitor-contract-quota-usagejob doesn’t send email if quota is exceed. - FIXED The quota usage page cannot load reports if you have a large number of workspaces.
- FIXED
k8s-events-handlerreconnection issue.
Components
Transformation (JSONata) component 1.0.13
- UPDATED Sailor version to
2.7.2. - UPDATED
@elastic.io/component-commons-libraryto3.2.0.
Node.js Code with Credentials component 1.0.0
- Initial component release
- Note: The component is derived from the code-component 1.2.11. A noteworthy enhancement in this version is the introduction of an authorization mechanism. This mechanism involves the use of credentials, which are available in four distinct types:
No AuthBasic AuthAPI KeyOAuth 2.0
- Note: The component is derived from the code-component 1.2.11. A noteworthy enhancement in this version is the introduction of an authorization mechanism. This mechanism involves the use of credentials, which are available in four distinct types:
REST API V2 component 2.0.15
- UPDATED the Sailor version to
2.7.2. - SET the Node engine to
18.x. - UPDATED minor development libraries.
Google translate component 2.0.0
- SWITCHED Google Translate library from
google-translate:3.0.0togoogle-cloud/translate:8.1.0- Note: Translate Object Properties has not been transferred to this component version.
- UPDATED Sailor to
2.7.2. - UPDATED development libraries.
- FIXED credentials verification stuck issue.