Skip to main content
Version: ACE 5

Release 26.2

Release notes

See docker images below.

ACE 26.2.4

May 21, 2026

Bug Fixes

  • DIG2022-83723
    Invalid token for subsequent git requests due to missing username

ACE 26.2.3

May 16, 2026

Bug Fixes

  • DIG2022-82808
    JSONata step returns object instead of array when array has a single element after upgrade to v26.1.3

ACE 26.2.2

April 23, 2026

Bug Fixes

  • DIG2022-82614
    Security: CVE-2026-41672, CVE-2026-41673, CVE-2026-41674, CVE-2026-41675 (xmldom-0.8.12)
  • DIG2022-82613
    Security:CVE-2026-41238, CVE-2026-41239, CVE-2026-41240 (dompurify-3.3.2)
  • DIG2022-82610
    Security: CVE-2026-41242 (protobufjs-7.5.3)
  • DIG2022-81940
    Security: CVE-2026-2950, CVE-2026-4800 (lodash-4.17.23, lodash-es-4.17.23)
  • DIG2022-81937
    Security: CVE-2026-40175, CVE-2025-62718 (axios-1.13.5)
  • DIG2022-81936
    Security: CVE-2026-34601 (xmldom-0.8.10)

ACE 26.2.0

April 1, 2026

Improve Git support for large repositories

This release improved git support for large repositories by using branch switching in single folder, which significantly improves performance when switching branches in large monorepos. Previously each branch was stored in a separate folder, requiring a full repository clone on every branch switch — a significant bottleneck for repositories of hundreds of megabytes.

  • DIG2022-70794
    PoC for single branch switching
  • DIG2022-70800
    Rework old operations
  • DIG2022-70799
    Improve local and remote branch synchronization mechanism
  • DIG2022-70798
    Implement dirty workspace check before switching branches
  • DIG2022-70795
    Single-Folder Workspace Refactor (types, services, function definitions)
  • DIG2022-71287
    Display git operation progress

Debugger improvements

The debugger now follows step execution order same way as the runtime does. It is now possible to pass errors and full previous step output (document, files, error context) into the next step input and execute Catch steps. A new "Run to end" option allows running the flow and stopping at a specified breakpoint.

  • DIG2022-73732
    Debugger - run to end option
  • DIG2022-57228
    Debugger step order with runtime
  • DIG2022-71693
    Pass errors from previous steps during debugging

Workspace validation

Added further validation to check correct format of entity definitions.

  • DIG2022-12989
    Entity definition validation

Package variables

Added support for using variables in all package.yaml fields, allowing for more dynamic and flexible package configurations. It's also possible to use variables in the middle of string, not only as a whole value. Previously it was possible to use variables only in gitToken field.

  • DIG2022-79548
    Allow to use variables in all package.yaml fields

Other features

Bug Fixes

  • DIG2022-69485
    Ace Designer: dependency display issue
  • DIG2022-74930
    Git dependencies are not updated on reload/refresh
  • DIG2022-80776
    Security: CVE-2026-33532 (yaml-2.8.1, yaml-1.10.2)
  • DIG2022-80775
    Security: CVE-2026-33750 (brace-expansion-1.1.12, brace-expansion-2.0.2, brace-expansion-5.0.3)
  • DIG2022-80774
    Security: CVE-2026-33671, CVE-2026-33672 (picomatch-2.3.1)
  • DIG2022-80773
    Security: CVE-2026-4923, CVE-2026-4926 (path-to-regexp-8.2.0)
  • DIG2022-80772
    Security: CVE-2026-4867 (path-to-regexp-0.1.12)
  • DIG2022-80354
    Security: CVE-2026-32630, CVE-2026-31808 (file-type-21.1.1)
  • DIG2022-79810
    Security: CVE-2026-29786(tar-7.5.9)
  • DIG2022-79605
    Security: CVE-2026-3449 (once-2.0.0)
  • DIG2022-79603
    Security: CVE-2026-29063 (immutable-3.8.2)
  • DIG2022-79602
    Security: CVE-2026-2359 ,CVE-2026-3304 ,CVE-2026-3520 (multer-2.0.2)
  • DIG2022-79600
    Security: CVE-2026-0540 (dompurify-3.3.1)
  • DIG2022-79599
    Security: CVE-2026-27601 (underscore-1.13.6)
  • DIG2022-75730
    Security: CVE-2026-25639 (axios-1.12.2 ,axios-1.13.2)
  • DIG2022-75722
    Security: CVE-2026-26280 , CVE-2026-26318 (systeminformation-5.27.14)
  • DIG2022-75721
    Security: CVE-2026-26960 (tar-7.5.7)
  • DIG2022-75720
    Security: CVE-2026-26996 (minimatch-3.1.2.tgz , minimatch-7.4.6.tgz , minimatch-5.1.0.tgz , minimatch-9.0.4.tgz)
  • DIG2022-75577
    Security: CVE-2025-69873 (ajv-6.12.6)
  • DIG2022-75273
    Security: CVE-2025-69873 (ajv-8.17.1,ajv-8.12.0)
  • DIG2022-75168
    Security: CVE-2026-2391 (qs-6.14.1)
  • DIG2022-75094
    Security: CVE-2026-1615 (jsonpath-1.2.1)

Docker images

Designer Web

Hash: sha256:a3923acf407128d1768850cbc613a7874f5ab5dd9e76c7d5f6ffdf7ebf47f8e3
docker pull euadigportalcoredev02acr.azurecr.io/ace-designer:26.2.4

Runtime server

Hash: sha256:e636ab94bc4c70980330d9d3164a2c47da19a341dae07616d39dbeaaf5198038
docker pull euadigportalcoredev02acr.azurecr.io/ace-runtime-server:26.2.4

Deployment API server

Hash: sha256:d62c2d8f72cdb6ecfff02fa42e22473e57eee8131e0687ed84c2bec8ea8e8826
docker pull euadigportalcoredev02acr.azurecr.io/ace-deployment-server:26.2.4

Scheduled job (BullMQ) administration

Hash: sha256:a792e9d576ff6a9b12abdd171403c6a5e907b694268bb9bf2e7d6f8c8d2ece9f
docker pull euadigportalcoredev02acr.azurecr.io/bull-board:26.2.4

Developer API portal

Hash: sha256:283071e4d2c19208a3e9a68bbf36d6d79d9050887c26c98ddc8b20303a22d595
docker pull euadigportalcoredev02acr.azurecr.io/api-developer-portal:26.2.4

Designer Desktop

ACE Designer Desktop is available here