Skip to main content

v2026.9.4 Production Release

Jim
Updated

⚠️ Important Notice: Node.js 20 End-of-Life + Required Actions

Node.js 20 reaches end-of-life on April 30, 2026. After this date, Node.js 20 will no longer receive security patches, critical bug fixes, or upstream support. Customers and partners running Custodia services on Node.js 20 should plan migration to Node.js 22 LTS before the deadline.

Running end-of-life runtimes may impact compliance posture for SOC 2, PCI DSS, and ISO 27001 audits.

Required actions for this release:

  • NODE_EXTRA_CA_CERTS=/path/to/certs/aws-rds-global-bundle.pem, or
  • MYSQL_SSL_REJECT_UNAUTHORIZED=0 (for local development only)
  • Apply database updates and SQL grants for #7400

✨ New Features

  • ZEN-48766 New Card Product Images management experience for card-issuer administrators (#7396).
  • ZEN-48815 New Activity Template Grantor screen in Helpdesk workflows (#7401).
  • ZEN-48416 Added quick actions to copy Allocatable Type IDs in admin workflows (#7395).
  • ZEN-48512 Added activity lifecycle audit trail capabilities for stronger traceability (#7400).

🐛 Bug Fixes

  • ZEN-49012 Fixed authorization issue affecting cash/business expense creation in specific flows (#7417).
  • ZEN-47916 Improved pending amount update behavior to prevent expensive database scans (#7406).
  • ZEN-48512 Fixed utilization double-count behavior and improved audit event processing reliability (#7410).
  • INF-1635 Resolved numeric regressions in aggregate and slicing paths used in reporting views (#7425).
  • INF-1527 Improved error/status handling for invalid ICC card create requests (#7204).
  • ZEN-48612 Reduced observer/event noise and removed blocking database calls in key processing paths (#7407).

🛠 Improvements

  • INF-1613 Updated legacy UI internals for improved Angular compatibility and maintainability (#7391).
  • INF-1622 Performed broad cleanup and stabilization updates for the custodia-ui-2 codebase (#7399).
  • INF-1623 Simplified Docker build/auth configuration to improve build consistency across services (#7405).

📦 Dependency & Platform Updates

  • INF-1609 Upgraded custodia-connector-mysql to v2.x (#7385).
  • INF-1609 Bundled AWS RDS global CA certificates for streamlined secure DB connectivity (#7394).
  • INF-1620 Upgraded LoopBack SOAP connector to v2.x (#7397).
  • INF-1621 Applied dependency updates across backend services (#7398).
  • INF-1621 Applied legacy UI dependency updates and Flexmonster unbundle improvements (#7403).
  • Dependabot Applied grouped npm/yarn dependency updates across 3 directories (#7404).
  • INF-1630 Applied dependency updates while skipping DECIMAL precision table alters by design (#7418).

Related articles

Powered by Zendesk