Neptune DXP - Open Edition 24.14.3 release notes

May 27, 2026

Upgrade notes

Starting with Neptune DXP - Open Edition version 24.14.1, a new environment variable SESSION_SECRET may be set. When upgrading from earlier versions (that is to say, versions before 24.14.1), you must explicitly set this environment variable during setup and ensure it is identical across all instances in multi-instance or scaled deployments. If not configured consistently, each instance will generate its own secret, which can lead to authentication failures (for example, users being unable to log in due to mismatched session cookies).

Bug fixes

App Designer

  • The App Designer no longer duplicates object attributes when a style class is applied to a column component, resolving critical performance issues and browser freezes that occurred when working with Naia-modified apps. (This change will also be included in the upcoming 24.15.0 release.)

Authentication

  • Launchpad Azure login now correctly completes the MSAL v2 authentication flow, preventing silent login failures when MSAL v2 is enabled in the Authentication configuration. (This change will also be included in the upcoming 24.15.0 release.)

  • OpenID Connect and Microsoft Entra ID dialog-based authentication flows now complete correctly under strict CSP configurations, preventing the inline redirect scripts from being blocked by the script-src directive by applying a CSP nonce to the redirect pages at serve time.

  • Proxy authentication can now be attached to an existing API in the API Designer without errors, resolving a failure that prevented the attachment dialog from confirming successfully. (This change will also be included in the upcoming 24.15.0 release.)

  • The Proxy Authentication tool now supports SAP Principal Propagation via HTTP request headers (SSL_CLIENT_CERT, SSL_CLIENT_S_DN, SSL_CLIENT_I_DN, SSL_CLIENT_VERIFY), preventing principal propagation failures caused by intermediate proxies dropping SSL client certificates before they reach the SAP back end. (This change will also be included in the upcoming 24.15.0 release.)

Launchpad

  • Adaptive app dialogs now open reliably when using dialogShow, resolving an intermittent failure where UI5 rejected dialog IDs starting with a numeric character. The generated appGUID is now prefixed with adaptive- to guarantee valid IDs, and beforeDisplay event lookups now also match registrations keyed by appGUID. (This change will also be included in the upcoming 24.15.0 release.)

  • Deleted apps no longer cause a visible error when fetchAppUpdates attempts to re-download them. Background download failures are now silent, and a deleted web app no longer crashes the getTiles response.

Security

  • Improved export process for Vault configurations in deployment exports. (This change will also be included in the upcoming 24.15.0 release.)

Script Editor

  • The built-in sendEmail function now supports a replyTo parameter in server scripts, allowing the email "Reply-To" header to be set on outgoing service emails, restoring functionality previously available through third-party mailer dependencies. (This change will also be included in the upcoming 24.15.0 release.)

UI/UX

  • The Table Browser tool and the Adaptive Designer now display all table properties and form fields correctly, resolving an issue introduced in Neptune DXP - Open Edition 24.14.1, where large property sets were silently truncated due to undersized model limits. (This change will also be included in the upcoming 24.15.0 release.)

Stability and performance improvements

Compatibility

  • File upload controls now attach change event listeners programmatically on initialization rather than using inline onchange handlers, ensuring file imports (for example, App Designer and Adaptive Designer) work correctly under strict Content Security Policy configurations.

Licensing

  • Offline license validation now correctly permits user creation when no license blocks are active, preventing a false block that stopped the save action from completing due to a parsing incompatibility introduced by a Slascone (LaaS provider) offline license format change.

Housekeeping

  • Housekeeping now deletes old user activity records reliably in awaited chunks, preventing sporadic engine crashes with exit code 68 caused by unbounded bulk deletes overloading the process during scheduled log cleanup. (This change will also be included in the upcoming 24.15.0 release.)

Naia for Business

  • AI threading support in the Script Editor: Scripts can now create and resume persistent AI conversation threads, enabling stateful, context-aware agent interactions across multiple calls. (This change will also be included in the upcoming 24.15.0 release.)

Script Editor

  • Executor processes now terminate correctly when the engine disconnects, preventing orphaned executor.pkg.js processes from accumulating on Linux after an engine crash or restart and causing significant memory leaks.

User launchpad experience

  • The Forgot Password flow on end-user launchpad login pages now only prompts for a username, resolving failures caused by email and username mismatches during password reset.

  • User launchpads no longer become unresponsive after the browser switches from offline back to online when no decrypted credentials are available for re-login

More information

Are you looking for more information? To access full details of the technical changelog for Neptune DXP - Open Edition 24.14.3, please contact lloyd.trevarthen@neptune-software.com.

If you experience any problems with this patch, please contact Neptune Support.

Related topics