Installations running Lobster Platform version 25.1-LTS can be upgraded directly to version 26.1 without any adjustments.
For any installations older than this this, you cannot go straight to 26.1.
For more details see: https://www.lobster-world.com/en/blog/what-to-expect-from-our-updates-quarterly-releases-an-annual-lts/
Company: Added warning in deletion confirmation dialog
Prometheus tokens are now auto-generated by the system for enhanced security.
Prometheus tokens are only visible during initial creation and cannot be retrieved afterwards.
Offer generic search/filter possibility in server logging view
AppendFileToPdfContainerIU: offer new parameter "Skip embedding fallback fonts" to decrease size of PDF file
Support exporting performance metrics to industry-standard monitoring platforms, enabling
real-time visibility into system health and performance. Expose of JVM metrics Exposure
& Application metrics.
Supported Platforms:
When importing DataFlows with profiles, the test files for the mapping "Test mapping" will be imported
Key Vault: Added UI for vault provider configuration
Key Vault: Implemented password/secret support for Azure Key Vault
Trading Partner Manager (TPM): LDP view for collaboration connection status and registration including Inbound/Outbound tests
The File Routing View in AS2 Configurations has been refactored
AS2 service will auto restart after chaning the configuration.
New token-based login for Transport-Manager which can be used if the target system prevents you from logging in with username and password.
Navigation items reorganized.
AS2 Configuration with children Partner Channel and File Routing was moved under Adminstration. Queue Traffic was moved with new name "AS2 Queue Traffic" directly under Control Center
REST API Manager: Offer rate limits via policies
The configuration file for the unattended Bridge installation can now be downloaded via the context menu of Bridge connections
Support Google Pub/Sub message protocol in Phase 1 & Phase 6 including HA
Licensing: REST API operations and MCP tools are now also counted towards the licensed configuration items
Optimized UI/UX in configuration dialog for config files
Introducing Pathfinder - A multi talent AI assisting at various places in the platform
Key Vault: Implemented support for HashiCorp password
The CEP & Peppol Connectors can now be downloaded directly from the Template Gallery
Configurable Jetty SessionCookie for multiple Bridge instances on the same server
Added error message when fonts are missing for creating the PDF
Changed the behavior of the Select Input Agent button so that it now selects the input agent instead of opening the documentation.
The error handling for the pathfinder API has been improved.
Added support for observability in high availability clusters, with database configurations automatically synchronizing from primary to replica nodes.
Fixed "PortalByNameKey" issues when exporting forms or event handlings with reference to portals
Database connections no longer become uneditable when the alias contains uppercase letters.
ETL tasks with parquet files: missing “duckdb” database alias will now be added to the database pool, if missing, when an ETL Task is run. There is no need, and it should not be done, to add it to the “database.xml”
The “duckdb” alias can not be edited in the database view.
Fixed potential invalid status of custom client structures after system start
JsonParser: Exception when value of object exceeds 20000000 characters
Fixed an issue leading to errorneous profile validiation check failures when saving or testing mappings.
Fixed potential OptimisticLockException with persisting statistics
An expired session in multiple open browser tabs or windows no longer causes random session issues
Fixed a potential wrong serialization state after changing a custom entity
Fixed an error related to custom subroutines which prevented new actors from beeing added
Fixed support of multiple circular data structures in json serialization
Portals referenced by ribbon commands and event handling actions are now also exported as expected
ZUGFeRD postexecuter produces a second unnecessary PDF file
Fixed ETL Parquet persistent layer and optimized ETL logging
EnvironmentCheckByFilter: during a rerun the correct filename is passed to filters/functions
Now deleted channels will be correctly created again if a package with same channel is reimported after deletion.
Unnecessary error-log entry when unknown users are trying to login via SSH (e.g. during brute force attacks)
Changed order of rest default response types from client/json to application/json
New Event to prevent users from deregistering TFA device
Fixing error when creating new tracking status entries manually
Improved logging on the ZUGFeRD XML template, superfluous trace logging now removed.
Some users experienced random session logouts, we’ve fixed these issues.
When exporting the end point list of a REST API, no error will be raised
If an object is requested from the history via "versionAt" parameter in a "Search" action, the original object was returned instead of the historized one
Fixed typo (csfr -> correct is csrf). In case you disabled CSRF through the system property, please reconfigure this (ldp.security.csfr.enabled --> ldp.security.csrf.enabled)
Performance improvement: replaced BCrypt cookie with proxy header in platform redirect
Database Connection passwords can no longer be viewed when the "paranoid" setting is true.
Fixed regularly occurring error log message on a DMZ if a CertBotHandler is used
Enable empty pool size, Database max. pool size can be now set to Zero. This improves the behavior of CData connections.
UpdateCenter: After termination the update still got installed on working notes and DMZ
REST API: Made “name” input field mandatory
Fixed potential optimistic lock exception on persisting statistics
Creating a new entity via the "Save changes later" event action does no longer result in a permission error. Also the "Create" event is dispatched again for such cases.
Now an AS2 channel can be created, if a Lobster Bridge Connection without a partner exists.
IFrames can now also load HTML code that has no DOCTYPE or html root element
YAML Import structure: Structure is not created but success message appears
Form renderer: The set focus action works again for syntax highlighting text fields
Form renderer: Fixed layout issues with the "Options" view type of a combobox
DataCockpit: Replaced user management functions related to DataCockpit users to adhere to the unified Platform User Management.
Improved error handling for faulty AS2 configuration.
MQTT: A broker restart will now result into a single subscription, instead of creating multiple subscriptions and duplicate data records.
Phase 3: Fixed broken functions related to user data (e.g. mail)
A boolean json projection can now be used for row formatting
Bridge Gateway: Improved performance of tunneled JDBC requests
The profile creation wizard maps paths of nodes correctly when configured to create a 1:1 mapping, or none at all
CertBot ACME challenge is now working with DMZ again
Fixed table list display for all supported DB vendors
Fixes issue allowing any user to move, edit, or create profile groups bypassing intended role restrictions
Document management: New event "Document requested" which gets dispatched once a document gets requested via URL.
Removed modal blocking from intergration views, which caused issues in certain circumstances
SAP PI Import: NullpointException when missing tree element
OAuth2 Server: JWT Tokens without scopes will trigger an 401 Unauthorized response instead of a null-pointer exception.
Fixed erroneous response code 500. Improved security for the Partner/Channel REST API
Forms are no longer broken if another auto synchronized form is embedded directly into a repeatable element
Two factor authentication is now working again with enabled CSFR protection
Override style properties can be reset to their original value again, by using the remove button of the according theme value
HTMLtoPDFPostexcuter is now available through the default configuration.
ControlCenter (Remote-Logs): consumer can whitelist Lobster systems to access logs via the message service port
Fixed missing translations in the profile creator
Profiles which are created by the form designer are no longer initially inactive
CloudStorage: AzureBlobStorage OutOfMemory in byte array if downloaded file is larger than 2GB
ControlCenter (Remote-Logs): viewer fails to connect to DMZs (due to a missing message consumer)
Improved page layout for Bridge "home view" for smaller browser windows.
File Upload: Added warning banner to highlight the default security settings
Fixed potential CSFR access error on fast switch of the user session
The server logs are no longer spammed with permission errors, if the user can see the "Activity feed" widget but has no read permission for any of its listed items
The menu entry picker in a 'Custom overview' dialog now offers the correct menu to pick from
AMQP 0.9.1: Added prefetch parameters to input agent
Kafka: Not configured registry channel no longer produces a log entry
Fixed memory leak within profile phase 3 gui
Fixed bug in private blocks where references where not updated on configuration import
CI: Added retry mechanism for file existence checks (can be enabled via system property hub.datawizard.ci.inspectorThread.enableRetries)
Cockpit: Users are now able to see logs to the jobs that are specifically allowed for them via the role
Admin: Roles with only permissions to view active sessions can now view the sessions view