Changelog

• Kafka: added support for Protobuf schema format.
• HTTP: the agent now correctly handles cases where the remote server responds before the request completes.
• HTTP: requests can now pass through a configured proxy server.
• Hardening: fixed bug where agent failed to reconnect when using a proxy server.
• JMS: fixed message parsing when sending from non-JMS applications.
• TLS: added support for ECC private keys and certificates.
• MS SQL: fixed connection problem when using ActiveDirectory authentication method.
• SAP: implemented sending IDoc batches to Workato webhook.
• SAP: support for receiving outbound IDocs from SAP for all partner types.
• SAP: keep NUMC data types as strings instead of integers.
• Security: updated Java to version 21.0.2+13.
• Security: updated Spring Framework to version 6.1.2, Spring Boot to 3.2.2, AWS SQS messaging library to 2.1.1

See the OPA release notes for this and previous updates to OPA.

Users can now view OPA logs in Workato Logging Service. This addition makes it even easier to to search, audit, and troubleshoot specific automations utilizing OPA.

By default, this feature is disabled, but it can be enabled in workspaces with OPA and Logging Service via the on-prem group level settings.

• Security: upgraded several libraries following OWASP recommendations.
• Linux: fixed RPM OPA upgrade process.
• Linux: fixed graceful shutdown script.
• JMS: fixed resolution of mqcsp property in IBM MQ configuration.
• Files: performance improvements for List files action.
• Logging: reduced amount of logs with debugging enabled.
• MS SQL: added SSL configuration support.
• Docker: starting and activating OPA can be done with a single command.
• Kafka: fixed support for SSL configuration. Added the option to provide a password for the client key file.

See the OPA release notes for this and previous updates to OPA.

• Security: updated Java runtime to version 17.0.9+9.
• MySQL: updated JDBC driver to version 8.2.0.
• Monitoring: fixed initialization error when starting agent with monitoring feature enabled.
• Hardening: fixed rare reconnection bug when using a proxy.
• Hardening: fixed memory consumption for long-running agents.
• Configuration: reduced default graceful shutdown timeout to 30 seconds.

See the OPA release notes for this and previous updates to OPA.

We've introduced a new versioning scheme, major and minor version numbers only (21.0).

Key updates:

• MS SQL: Added support for RFC 4180 specification in CSV bulk load.
• Secrets: Enhanced support for Workato cloud secrets manager and clear secrets cache mechanism. Note: Manual reconnection required for certain connectors after secret rotation.
• Linux: Added SHA-256 signature support for RPM packages for Red Hat Linux.
• Usability: Improved agent behavior with the same key connections. First connected agent remains active, others shut down.
• Windows: Dependency on vcruntime binary removed; installer streamlined.
• Logging: Reduced log events in debug mode.
• Extensions: Fixed auto-injection issue with jakarta.inject.Inject annotation.
• Security: Libraries updated per OWASP recommendations.
• Monitoring: Telemetry added for asynchronous operations.
• SAP: Enhanced reliability of metadata load process.

See OPA Release Notes in docs.

• Security: upgraded middleware libraries Spring to 6.0.9, Jetty to 11.0.15, and Spring LDAP to 3.1.0.
• Kafka: new real-time “New message in topic” single and batch triggers have been released, for better reliability in instances when a recipe is stopped and then started again. Previous triggers are still supported but now marked deprecated.
• Kafka: a bug that caused misconfiguration with the sasl.jaas.config property has been fixed.
• Redshift: microseconds to timestamps added to avoid row collisions.

See OPA Release Notes in docs.

For tighter security, we’ve extended support for secrets manager, Hashicorp Vault, to our on-prem agents (OPA) and on-prem groups (OPA).

We’ve improved the activation flow for any new on-prem agents you create. Other updates:

• Security: trust certificates are now issued by default, by Let’s Encrypt
• Security: several libraries were upgraded with OWASP’s recommendations
• System: agent performance data is now automatically sent to Workato for analysis and improvements
• System: cloud logging feature no longer requires added configuration
• MS SQL: support for useFmtOnly connection property added
• MySQL: support for year date type added
• Kafka: validation of SASL configuration improved

See OPA Release Notes in docs.

• Security: Java Runtime Environment upgraded to version 17.0.6+10
• Security: PostgreSQL JDBC upgraded to version 42.5.4
• JMS: redelivery options for ActiveMQ added, by default number of retries now unlimited
• Debug: full certificate details now print when TLS handshake fails
• Windows: default encoding changed to UTF-8
• Windows: updated with the latest Windows service wrapper library
  

See OPA Release Notes in docs.

• JMS, Kafka, SAP: additional firewall configuration for their triggers will no longer be required
• Security: updated to TLSv1.3 to enable gateway tunnel connections
• Performance: buffering for database-related requests disabled for lower memory consumption
• Kafka: support for AVRO-encoded message keys added
• Kafka: kafka-clients library has been upgraded to version 7.3.1-ccs
• SAP: support for TYPE_UTCLONG data type added
• SAP: stateful RFC support implemented (requires SAP JCo library version 3.1.7. or later)
• MySQL: timezone issue for datetime columns in version 8 fixed
• MySQL: result set streaming is now enabled by default

See OPA Release Notes.