Release 2022.07
Note Standalone packages for the 2022.07 release have a version naming convention of -RC. This will revert back to the standard naming convention with the 2022.08 release, and has no impact on the safety or stability of standalone packages.
Fixes / Enhancements
- DQ Job
- Fixed an issue that prevented data from appearing in the Source tab when Source Observation RunID was clicked from the Assignments page.
- Fixed an issue that caused Annotations with special characters to be truncated in the Labels tab.
- Fixed an issue that caused the Column (name) column of the Rules tab to display incorrectly when Run Discovery was used.
- Fixed an issue where the Retrain button on the Record tab was disabled.
- You can again invalidate observations with single quotes
'from the Shapes tab. - The Hints tab now displays any available data.
- You can no longer change agents from the Scheduler modal.
- Rules
- SQLF is now supported for Generic rules.
- When running a custom rule through Rule Discovery, the column names Repo and Column again display correctly.
- Alerts
- You can now send emails using unauthenticated SMTP servers.
- Security
- Vulnerabilities identified by Jfrog
- Vulns 0, criticals 0, high severity 7
- For a visual readout, see the DQ Security Metrics section below.
- Fixed an issue that allowed jobs to be run from the command line regardless of connection permissions.
- When Connection Security is enabled, lock the SQL Editor to prevent unauthorized access to other connections. (#87916)
- Fixed an issue that allowed View Only users to access some profile results and export the data to a CSV file.
- Added an authorization check for data set access to the profile export feature, which allows only users with data set access to export the profile. (#87720)
- Backslashes
\are no longer supported characters for AD usernames without disabling XSS for the /v2/updateadsecurityconfiguration API. (#88499) - Fixed an issue that prevented navigation back to the log in page when tenant access was denied. (#89024)
- Vulnerabilities identified by Jfrog
- Profile
- From the Labels tab, backslashes are now stripped from annotations when they are used for separation within strings.
- Admin
- From Audit Trail, when administrators modify roles mapped to data sets or data sets mapped to roles, changes are now documented automatically, and display original and updated values.
- The Agent Group (H/A) and its associated endpoints are now deprecated.
- From Usage, you can now access a table and tiles reflective of your monthly usage metrics.
- Salesforce account ID can now be configured for use with Pendo logs.
- *Tech Preview* [TP] ServiceNow integration
- You can now assign incidents (validate action) to ServiceNow groups and users with the following fields included in the same request: caller_id, description, short_description, cmdb_ci.
- Explorer
- Fixed an issue with date range on Oracle connections, which caused end date to change to start date when Transform was selected.
- The Job Estimate modal again displays the correct number of rows for Sybase connections.
- Fixed an issue with Source to Target where double quotes
"were removed from the source file in database to file targets.
- Scorecards
- Enhanced the layout of the Assignment Queues page.
- API
- v2/getallscheduledjobs is now available as an enhancement of the original, v2getscheduledjobs.
- A UI integration is planned for a future release.
- v2/getallscheduledjobs is now available as an enhancement of the original, v2getscheduledjobs.
- Schedule
- Added an Active column to the scheduler export.
- The RunJob column was removed. (#88799)
- Added an Active column to the scheduler export.
- Reporting
- Fixed an issue that created misalignment of column headers in PDF exports. (#89739)
Known Limitations
- Rules
- To use the new SQLF feature for Generic rules, you must manually update the Generic rule type from SQLG to SQLF.
- A UI feature for this is planned for a future release.
- Stat rules such as $rowCount do not work for secondary data sets or previous runId of the same data set via @t1 syntax.
- To work around this limitation, run a subquery to select count(*) from the secondary data set or the previous runId.
- To use the new SQLF feature for Generic rules, you must manually update the Generic rule type from SQLG to SQLF.
- Explorer
- Drill-ins and jobs on Sybase connections run successfully, but connections to Sybase with encrypted passwords are currently unsupported.
- Files
- When using CSV files, you cannot use a comma
,in the name.
- When using CSV files, you cannot use a comma
- Admin
- *Tech Preview* [TP] ServiceNow integration
- Special characters
!@#$%^&*()in the description are not supported and will not persist to the ServiceNow assignment queue at this time. - Empty or invalid ServiceNow group name does not return an error in CDQ.
- As a result, the ServiceNow assignment is generated with the default admin account as the owner if left empty or invalid.
- You must have a valid ServiceNow group name or its related sys_id.
- The new REACT UI is not yet supported for the ServiceNow Group integration.
- Special characters
- *Tech Preview* [TP] ServiceNow integration
DQ Security Metrics
Warning
There is a critical CVE CVE-2016-1000027 that shows up in the image scan due to Spring version. This is a false positive and should be added to the exception list of the customer scan tools. We don’t use HttpInvokerServiceExporter anywhere in the application and are not impacted by it.
There is no fix version available for it from Spring. More details are available at Sonatype vulnerability CVE-2016-1000027 in Spring-web project · Issue #24434 · spring-projects/spring-framework
