The following hotfix is available for Appian 20.1.
If you have a self-managed installation, you can view your current Appian version by logging into your Appian environment as a designer or system administrator and clicking the navigation menu > About Appian.
This is a cumulative hotfix that includes all resolved issues listed below in a single download and set of instructions. This hotfix is required for any Appian 20.1 installations not currently up to date with the latest hotfixes. After installing, you will be running on Appian 20.1.1055.0.
See the Installation section at the bottom of this page for instructions on how to install this hotfix.
Security Updates - Medium
AN-189656 - Medium
File upload fields no longer produce an error when a percent (%) character is present in the filename of an uploaded file.
Security Updates - High
AN-189012 - Medium
Fixed an issue that caused a potential thread deadlock when writing access log response data to the Health Check zip file.
Security Updates - Medium
AN-180216 - High
A timer which calculates the memory usage of process instances no longer causes errors in the process execution engine. Prior to this fix, the timer would cause the process execution engine to rollback in certain scenarios.
Security Updates - Low
AN-172311 - Medium
Fixed a race condition during an engine failover and promotion event, that could result in an engine shutting down instead of being promoted to primary.
AN-136621 - Low
Increased the maximum number of replicas of an engine from 5 to 9.
Security Updates - Low
AN-187146 - High
Fixed an issue that caused Db2 database connection string validation to fail during the data source creation in the admin console.
AN-187265 - High
Fixed an issue that prevented self-managed customers from properly configuring Google credentials in the Document Extraction page of the Administration Console.
Security Updates - High
AN-185647 - High
Repeated wildcard queries caused in pickers and search boxes no longer cause site performance issues.
AN-52587 - Medium
Provided a configuration to increase the size of the email messages that can be sent out.
AN-181512 - Medium
The automatic background cleanup of old transient system files no longer impacts site performance or user experience. For self-managing customers, if you had previously set conf.content.max.temporary.uploaded.files.age in custom.properties, you should now remove that setting. Appian Cloud customers do not need to take any action.
Security Updates - Low
AN-176614 - High
Upgraded OpenJDK to version 8u292b10.
AN-185842 - Medium
On-premise customers can re-enable TLS 1.0 and 1.1 support for Tomcat.
Security Updates - Critical
AN-143471 - Medium
Interfaces no longer break when typing an incorrect format into a date component.
AN-181252 - Medium
Upgrade Zookeeper to 3.7.0
AN-182236 - Medium
Fixed an issue that prevented the OAuth Provider from redirecting back to the mobile app after authorizing the user.
Security Updates - Low
AN-181244 - High
Designers can now view up to 25,000 tables when creating a CDT from a database table.
AN-182179 - High
Execution of processes with very large process variables now use less memory. Prior to this fix, such operations could cause the site to go out of memory in certain scenarios.
AN-180764 - Medium
Fixes a bug that caused double slashes '//' to be interpreted as single slashes '/' in the URL of HTTP integrations.
AN-179477 - High
Plugins are no longer removed when certain app server connections fail
AN-180967 - Medium
Updated Apache PDFBox to 2.0.23 to address the out of memory exception experienced when loading certain PDF files.
AN-181111 - Medium
Fixed an issue with metric collection process
Security Updates - Medium
AN-179530 - Medium
Process model version comparisons now detect and highlight changes made to data inputs of smart services accurately.
Security Updates - Low
AN-178677 - Low
Query error messages now display more information
Security Updates - High
AN-178797 - Medium
Users whose locale is set to something other than the primary site locale can now create and save new process models from the Appian Designer space.
Security Updates - Medium
AN-177620 - Medium
When a package with multiple database scripts is redeployed to another environment, the scripts will now be displayed in the order of execution.
Security Updates - High
AN-158987 - Medium
Fixed an issue where extra padding is applied around the header content layout in user input tasks.
AN-175842 - Low
For High Availability configurations, all engines automatically restart, when safe and without disruption, after checkpointing. This allows the engines to reclaim unused memory which previously could not be released until a scheduled or forced restart of the engines.
Security Updates - Critical
AN-174630 - Medium
When a data source is deleted from admin console, application server is restart is no longer required to remove the information about the old connection in cache.
AN-174875 - Low
Fixed an issue that prevented Appian Data Server from restarting under certain conditions.
AN-175330 - Low
A race condition that could prevent an engine from checkpointing and shutting down has been eliminated.
Security Updates - High
AN-175464 - Medium
Fixed an issue where linked rich text icons in modals did not show their tooltips.
AN-174986 - Low
The Kafka component used by the Internal Messaging Service has been upgraded to version 2.7. This upgrade makes these services more resilient in the event of network, OS process, or machine hardware failures.
AN-175248 - Low
MariaDB upgrade compatibility checker now checks for the existence of the function ANY_VALUE in Appian Cloud MySQL Database.
Security Updates - Critical
AN-170770 - Low
Process Models no longer incorrectly show warnings for missing referenced items. Prior to this fix, some process models and their process instances unexpectedly displayed this warning due to a bug in unarchiving processes. That bug was fixed in 20.2 Hotfix Package D (see AN-165870).
Security Updates - Critical
AN-173182 - Medium
Replication timeouts during a checkpoint no longer cause an engine to failover.
Security Updates - Medium
AN-173741 - Medium
The navigation menu icon and user profile photo in the navigation bar now have a more prominent keyboard focus style.
Security Updates - High
AN-173649 - Medium
Fixed a keyboard navigation issue for rich text icons with a link and a caption where the caption would only appear after a second tab press on the icon.
AN-174002 - Medium
Improved the performance of the Application Designer and object designers, especially in environments that have hundreds of records and reports.
AN-174009 - Medium
Fixed an issue where screen readers did not announce a required picker field as required if the number of selections already reached the maximum.
Security Updates - Low
AN-172803 - Medium
Fixed a display issue with the expression editor icon in the process modeler when viewed in Internet Explorer.
Security Updates - Low
AN-168877 - Medium
Process history now properly displays a user whose username was changed. Prior to this fix, process history would display a blank user for users whose username was changed.
AN-164728 - Low
Users with a null username can no longer be reactivated using the Reactivate User Smart Service. Prior to this fix, it was possible to reactivate a user with a null username causing errors while accessing the user.
AN-170066 - Low
Fixed an issue that prevented system administrators from logging in when they are not part of the Designer and Application User groups.
Security Updates - High
AN-170363 - Medium
Fixed an issue that caused interfaces to become unresponsive after submitting a record action dialog and then quickly opening another record action dialog.
AN-171833 - Medium
Fixed an issue that caused interfaces to become unresponsive after submitting a record action dialog and then quickly opening another record action dialog.
AN-165165 - Low
When duplicating objects, developers are no longer added to the security rolemap as an administrator if they already belong to a group with administrator permissions.
AN-168586 - Low
When deploying applications to a target environment, developers are no longer added to the application's security rolemap as an administrator if they already belong to a group with administrator permissions.
AN-171145 - Low
Duplicating a process model now correctly generates new node UUIDs.
Security Updates - Critical
AN-171665 - Medium
Update RPA Execute Process Integration to fix issue of an empty dropdown parameter value causing error
Security Updates - Medium
AN-170763 - High
Fixed an issue that caused some functions in expressions to be replaced by their previous Appian version.
AN-55085 - Medium
The Render Phase Mean Time metric is now accurately logged in rest_details.csv. Prior to this fix, the metric was logged incorrectly in certain scenarios, causing its value to be larger than the Mean Total Time.
AN-170457 - Low
Fixed a display issue where a direct deployment's details page showed its database scripts in a different order from which they were originally specified and executed.
Security Updates - Critical
AN-169808 - Medium
Fixed an issue which prevented refresh intervals from updating a local variable’s value while testing an interface.
Security Updates - Critical
AN-169464 - High
Process History details can be safely accessed for processes with process variables of type 'dictionary'. Prior to this fix, accessing history for such processes would cause the process execution engine to rollback in some scenarios.
AN-156075 - Medium
The Export Data Store Entity to Excel or CSV smart services will no longer execute indefinitely when exporting a database view that has a null primary key. Instead, these smart services will fail appropriately at run-time and display a corresponding process error message.
AN-168635 - Low
The keyboard focus indicator is now visible for the 'Skip to main content' link on Tempo and Sites.
Security Updates - Medium
AN-167283 - Medium
Fixed an issue where navigating quickly between pages on a site could cause an unexpected error.
AN-168003 - Low
Unused configuration files have been removed from the Service Manager conf directory.
AN-168554 - Low
Fixed an issue with a broken documentation link in the Button Widget validation parameter.
Security Updates - High
AN-143009 - High
Nested CDTs with date or datetime fields are now not updated redundantly when the parent CDT is updated. This results in performance improvement during writes to parent CDTs.
AN-165870 - High
Processes archived after adding additional process execution shards beyond the default three can now be unarchived safely. Prior to this fix, unarchiving these processes would fail due to data corruption.
Security Updates - Medium
AN-166375 - High
Processes that were archived prior to version 6.6.3 can now be successfully unarchived. Prior to this fix, unarchiving these process caused the process execution engine to rollback in some scenarios.
Security Updates - High
AN-163470 - High
Newly added process execution engines now properly validate for missing users. Prior to this fix, certain functionality such as unarchiving processes would fail if they contained one of the missing users.
AN-164491 - High
Fixed an issue that caused the Start Doc Extraction Smart Service node to fail after upgrading a site from 20.1 to a higher version.
AN-165843 - High
Archived processes that are missing user UUIDs can now be unarchived safely. The missing users in the unarchived process will show up as "null" in the unarchived process. Prior to this fix the process execution engine could roll back in such a situation, causing a temporary outage. The issue causing processes to archive with missing user UUIDs was fixed in a different hotfix (see AN-160176).
AN-162600 - Medium
Modal dialogs now show a visual indicator when the dialog itself has keyboard focus.
AN-165492 - Medium
Improved performance when editing interfaces containing large data structures. This prevents an issue where certain interfaces may fail to load.
Security Updates - Low
AN-153413 - High
Fixed an issue where importing types or deploying a plugin in some scenarios would cause the process design engine to rollback
AN-163121 - Medium
Linked cards are now properly included in the list of links dialog when using assistive technologies.
AN-164042 - Medium
Health Check data collection no longer fails due to certain invalid application configurations.
AN-164748 - Medium
Fixed an issue that caused record types to appear to be modified
Security Updates - Medium
AN-164662 - Medium
Fixed an issue that occasionally caused types to be cached incorrectly in the system on appserver startup.
Security Updates - High
AN-164708 - High
Improved performance of larger interfaces when the system is under high load.
AN-162346 - Medium
Fixed an issue that prevented process model comparisons from rendering when sub-process nodes contain certain custom data type inputs.
AN-163494 - Medium
Reduced memory footprint of the Read-Only Grid Component.
AN-163516 - Medium
An issue resulting in an excessive number of threads in a waiting state on a site after the usage of data stores has been resolved.
AN-160413 - Medium
Fixed an issue where rule renaming did not automatically rename rules called in the expression editor in the record header configuration.
AN-161920 - Medium
Fixed an issue where rule renaming did not automatically rename rules called in the expression editor in the record header configuration.
Security Updates - High
AN-163541 - Medium
It is no longer allowed to create a business data source in the Admin Console with the same name as the Appian Cloud provided business data source.
AN-158574 - Low
Removed a broken documentation link from expression-backed records created prior to 18.3
Security Updates - Medium
AN-163423 - Medium
Health Check now gracefully handles the presence of multiple gzip files in the logs directory.
AN-163562 - Medium
The From address for the forgot password email now matches the site name configures on the branding page of the administration console.
AN-161558 - Low
Updated interface and data type designers to use improved terminology: "grid with detail view" and "parent-child"
Security Updates - Medium
AN-162012 - High
Reduced memory footprint and improved stability of the application server in certain cases.
AN-160350 - Medium
When viewing the process history of a process, the values of process variables of type user now show the new username for users that have been renamed instead of blank. This restores behavior to be consistent with version 19.4 and earlier.
Security Updates - Medium
AN-163459 - High
Reduced memory footprint and improved stability of the application server in certain cases.
AN-93216 - Medium
The login behavior is now consistent when attempting authentication with invalid credentials and the system has both SAML and LDAP authentication mechanisms configured and enabled.
AN-162270 - Low
Rule input expressions in the Forms tab of a process node now display system rules in a human-readable format.
Security Updates - Low
AN-160317 - High
Fixed an issue with component plug-ins where users on Google Chrome 83 could not download the embedded content.
AN-152118 - Medium
Service manager will now log an exception if checkpointing is disrupted due to disk access. This will then ensure the process does not hang indefinitely.
AN-162191 - Medium
A custom property has been added to make it easier to connect with databases that have case-sensitive collation configured. This property allows customers to work around the scenario of data stores not validating due to the application server lower-casing the schema defined in the XSD. On-premise customers can set "conf.data.teneo.naming.strategy" property in custom.properties to "none" to access the problematic entities. For cloud customers, the same property can be set via a Support case.
AN-162015 - Low
Users that have had a username rename performed are now listed correctly in the Record Type Security dialog in Appian Designer.
AN-161604 - High
Added the ability for plug-ins to access packages from the Oracle JDBC jar that ships with Appian.
AN-160805 - Medium
Engines are more resilient during network instability and will eventually succeed in leader election even through connection loss.
AN-73461 - Low
Fixed an issue where a horizontal scrollbar displayed when using Arabic language.
AN-154892 - Low
It is no longer required to run the ResetAnalytics script on all servers, it can be run on any server running an analytics engine. Additionally, the script now has improved logging and can be used on distributed sites where components are distributed across multiple physical machines.
AN-179050 - Low
Plug-ins that use the Apache Velocity library can now be deployed to sites running in Appian Cloud. The system now provides a default properties configuration for Velocity so that log files are written to the proper directory.
Security Updates - Medium
AN-161467 - Medium
Fixed an issue in the process modeler that allowed for the creation of process variables with invalid types.
AN-160176 - High
New users created after adding additional process execution shards beyond the default three are now properly populated in the newly added execution engine shards. Prior to this fix, certain functionality such as unarchiving processes would fail if they contained one of the newly-created users. This restores behavior to be consistent with version 19.4 and earlier.
AN-161531 - High
Restore the previous default encoding to UTF-8 for integration responses that don't explicitly specify a charset.
AN-161752 - High
Data cleanup procedures that run on site startup now run asynchronously so that the do not block the startup process.
AN-160904 - Low
A potential thread deadlock when connecting to a data source has been removed.
AN-161107 - Low
Updated Java API documentation to ensure consistent terminology for terms: allow list, block list, main, and shard.
AN-161572 - Low
Fixed an issue where references to a!refreshVariable could be displayed as their internal storage form after upgrade.
Security Updates - Medium
AN-160477 - High
Screen reading software now correctly reads content within non-collapsible sections and boxes in Internet Explorer 11. This is not an issue in other browsers.
AN-161240 - High
Fixed an issue where a process model could automatically save an incorrect version with missing node connections, swim lanes, or data output targets when using RecordType as an input type to a User Input Task.
AN-160973 - Medium
The multiple dropdown component now shows visual indication of keyboard focus when the user's keyboard focus is on a selected option.
Security Updates - Low
AN-160994 - Low
Fixed an issue that caused column layout alignment issues.
AN-159299 - Medium
The import error message for a missing Record Action precedent now includes the corresponding Record Type’s UUID in addition to the Record Action’s UUID.
AN-142032 - Low
Search Server now does not repeatedly retry indexing a contiguous string greater than 32k in length. Any error due to such strings is now printed only once in the application server log.
Security Updates - Low
AN-151361 - Medium
A data migration in the notifications engine now gracefully handles the rare case of mix of user identifier types. Previously, there was a chance of a rollback when encountering such a scenario.
AN-153600 - Medium
When replaying transactions from the transaction log, Service Manager will now discard messages that have already been written to the engine
AN-156806 - Medium
Fixed an issue where saving an expression with unbalanced parentheses or brackets could cause an expression to use older versions of functions.
Security Updates - Medium
AN-160012 - High
Preemptively updated the cache to prevent errors when interacting with Appian Designer.
AN-147793 - Medium
Process archive directories on the filesystem are now created by the application server instead of the process execution engines in order to improve stability when engines are under high load or near the underlying server's memory capacity.
AN-157262 - Medium
The "Back to sign-in page" link on the "Forgot Password" page is now keyboard accessible.
AN-160248 - Medium
Fixed an issue with the web content component where users on Google Chrome 83 could not download the embedded content.
AN-159576 - Low
Fixed an issue where the Trends report in Quick Apps shows an error if user field is used.
Security Updates - Medium
AN-160126 - High
The stability of the process execution engine has been improved. Previously, a user ID stored in the engine in an unexpected format could cause the engine to rollback, causing a temporary service outage for process execution.
Security Updates - Medium
AN-156879 - High
Record types that contain record action components in the record list now import successfully.
AN-158972 - High
Fixed an issue where users not in the "Tempo Users" group would see an error in record action dialogs.
AN-145552 - Medium
Fixed a race condition on engine startup that could pollute the service manager logs with illegal state transition warnings
AN-157633 - Medium
Record action dialogs now only show the 'X' to close the dialog on start forms.
AN-159511 - Medium
Record views can now be deleted successfully on all record types where the record header is a color or image. If your application is in this state, export the Record type and import it again to fix the issue.
AN-157887 - High
Engine replicas that failed to start or failed to replicate due to an IllegalReferenceCountException are now able to start and replicate transactions properly.
AN-157650 - Medium
Site record links are now supported by the Appian for Mobile Devices application. Links to Site records, when invoked on a mobile device, will open in the Appian application if one exists.
Security Updates - High
AN-140219 - Medium
Resolved an issue where the changes to the maximum file upload size property were not remembered on cloud sites.
AN-153200 - Medium
During engine shutdown, Service Manager will verify that the last transaction written to the engine matches the last transaction written to Kafka in order to eliminate the need to replay any transactions when the engine starts again.
AN-157225 - Medium
The Start Rule Tests smart services now retrieve the most recent version of data types used by test inputs.
AN-157619 - Medium
File upload components now validate against adding empty files.
AN-153843 - Low
The Rule Inputs and Local Variables panes in the Interface Designer now resize correctly when expanding and collapsing a row.
AN-156955 - Low
In the deployments view, direct deployments with multiple database scripts will now always display the scripts in the correct order of execution.
Security Updates - Medium
AN-155505 - High
Kafka shutdown will no longer hang if Zookeeper is already down on any other node of the cluster.
AN-151465 - Medium
Fixed an issue where read-only grid columns using rule inputs as parameter values caused some interfaces to error on initial load.
AN-155590 - Medium
The engine checkpoint script will now return an exit code 1 when a checkpoint fails, instead of always returning 0
AN-156954 - Medium
Fixed an issue where screen readers did not announce the label in picker fields if the number of selections already reached the maximum.
AN-156996 - Medium
The Start Rule Tests smart services now correctly handle test inputs that reference load variables.
AN-157229 - Medium
Updates the Google API endpoint used by the document extraction features. The new endpoint uses the 'US' region by default. Administrators can select between the 'US' and 'EU' regions in the Administration Console.
Security Updates - Medium
AN-157111 - High
Document Extraction no longer returns an error when processing PDF files that contain checkboxes.
Security Updates - Medium
AN-156132 - Medium
Fixed an issue that incorrectly warned developers that others were editing the same process model.
AN-156504 - Medium
Trailing whitespaces have been removed from the username field on the "Forgot Password" screen to ensure users receive password reset emails.
AN-156543 - High
Reverts a previous change that could result in process reports unable to properly fetch process variables
AN-156396 - Medium
Fixed an issue that prevented creating a process model by duplicating a model selected via the browser.
Security Updates - Critical
AN-118361 - Medium
The primary engine will checkpoint in the event of a replica encountering a transaction replay error. This allows the replica to restart quickly and eliminates the need to replay on restart.
AN-130269 - Medium
Engine checkpoint requests are now always routed to running replicas when using the High Availability configuration. Previously, they could be sent to a non-running replica, which would cause the checkpoint request to be rejected.
AN-154589 - Medium
Fixed an issue with Search Server log rotation.
AN-155700 - Medium
A graceful shutdown of the Service Manager will now properly complete even if the Service Manager file loggers are experiencing difficulties with disk access.
AN-151100 - Low
Service manager metrics logs will now record an error message in the service manager log if the logging process fails due to an exception.
AN-154339 - Low
Fixed an issue with Liquibase handling of Oracle DB timestamp values
AN-155339 - Low
It is now possible to successfully run the Engine Restart Script without any additional configuration.
AN-155514 - Low
Fixed an issue in record user filters on mobile where an error displayed when using a newer version mobile client.
AN-155927 - High
Fixed an issue with process reports that could cause it to fail when associated with a custom data type with multiple versions
AN-155929 - Medium
Fixed a cosmetic process modeler issue that removed swim lane and node connection information from parent processes in monitoring view
AN-155496 - High
Disabled web content fields no longer receive keyboard focus.
AN-153968 - Medium
Health Check now collects the log for the Execute Stored Procedure plug-in.
AN-155324 - Medium
Embedded interfaces now work correctly when Appian and the SAML IdP are hosted on the same domain.
AN-155365 - Medium
Health Check no longer fails when collecting files that contain invalid characters.
AN-151650 - Low
Toggles such as the Design Mode or Expression Mode in Interface Designer will no longer move its text or icon jump, when mousing over it on a zoomed-in browser page.
AN-152521 - Low
The web_api .csv files in logs/perflogs no longer include internal functionality in their invocation counts. The counts now only reflect invocation of developer-specified Web API design objects.
Security Updates - Low
AN-155163 - High
Fixed an issued where the users page in the design console was inaccessible in some scenarios
Security Updates - Critical
AN-153911 - Critical
The performance of dictionaries with a large number of fields has been improved.
AN-149537 - High
Record tag styling and other text color in Tempo has been updated to meet WCAG 2.1 accessibility compliance.
AN-150731 - Medium
Fixed an issue with the getUsernameByUuid API that could result in null users
AN-154329 - Medium
Improved performance of Interface Designer for interfaces with deeply nested components.
process-execution and process-analytics engines on one host and the remaining engines on another host. This restores behavior to be consistent with version 19.2 and earlier.Security Updates - Critical
AN-142514 - High
Fixed an issue that would have been introduced by an upcoming Chrome version, Chrome 80, where embedded users would be unable to login.
AN-150186 - High
The engine transaction logs are now protected against recording additional transactions after the checkpoint request during system shutdown. Prior to this protection, a race condition could cause a transaction to be recorded after checkpointing on shutdown, which can complicate subsequent upgrades or hotfixes.
AN-151338 - High
Fixed an issue where publishing a process model in some scenarios would cause the system to rollback
AN-151501 - High
Fixed a SharePoint connected system issue that resulted in 403 Unauthorized errors on integration requests.
AN-151615 - High
Fixed an issue on the Details tab of Health Check reports where some findings failed to display process model names.
AN-137156 - Medium
Fixed an issue in the Interface Designer which prevented Design Mode from loading when using a!groupsByName().
AN-149342 - Medium
Fixed an issue where styled icons with submit links in IE11 opened a blank tab on click.
AN-149680 - Medium
Fixed an issue where Health Check incorrectly marked certain Appian APIs used by plug-ins as removed.
AN-150268 - Medium
Start process link and report link now throw events in embedded interfaces.
AN-150492 - Medium
Fixed an issue with the collection of logs for Health Check on sites with multiple application servers.
AN-150827 - Medium
Fixed an issue which prevented special characters from rendering correctly in internationalized Health Check emails.
AN-135117 - Low
Fixed an issue where changing a group type's name reset the attribute values of dependent groups.
AN-151309 - Low
When configuring SAML, the Group Membership Synchronization picker now allows the selection of only a single group type.
AN-151882 - Low
Email address validation now allows addresses with non-standard top-level domains.
Perform the following steps to apply the hotfix:
<APPIAN_HOME> directory.
<APPIAN_HOME> directory.
<APPIAN_HOME> directory.<APPIAN_HOME>/deployment/web.war to the folder where the Web server is getting the static resources. See Copy Static Resources to the Web Server for more information.To determine if the Appian 20.1 Hotfix is deployed, open the build.info file located in <APPIAN_HOME>/conf/. The contents of this file should match the following code sample:
build.revision=c0a124cd573232a4837d5891b2d8e83e7776e8f4 build.version=20.1.1055.0
