Skip to main content
Version: DAI 26.2

DAI 26 Release Notes

The notes below provide descriptions of the new features and changes introduced in the 2026 releases of Eggplant DAI.

The online documentation contains the latest information about DAI releases. If you are viewing this documentation online, you are seeing the latest update. If you are using the documentation embedded within DAI, please see the Release Notes on our Documentation website at: https://docs.eggplantsoftware.com/dai/dai-release-notes/ for the latest information.

Any potential compatibility issues are highlighted.

To the extent you are entitled to a copy of the source code for the open source software distributed with this product, a free copy will be provided. Please contact us with your request.

System Requirements

You can find supported operating systems and system recommendations for this release on the Prerequisites page.

Upgrade Notes

The following summarizes the important things you need to know if you are upgrading DAI from an earlier version. For details about upgrading to specific versions, see Upgrade Notes. Whenever you upgrade, we strongly recommend that you back up your DAI data. Click the Take a Backup tab below for instructions.

  • DAI 26.2.1 is the latest release of DAI. The 26.2.1 version requires that you access DAI with secure (HTTPS) connections from your browsers and the DAI environments and agents. See Release 26.2.1 (May 2026) and Upgrade Notes for important information about this release.

  • You must upgrade to DAI 26.1 before you start a DAI 26.2.1 or 26.2.0 upgrade. See Upgrade Notes for important information about upgrading with DAI 26.1.

  • You must upgrade to Eggplant Functional 26.2.1.1 or 26.2.101.1 when you upgrade to DAI 26.2.1. DAI 26.2.1 is only compatible with Eggplant Functional (EPF) 26.2.1.1 or 26.2.101.1.

  • Similarly, you must upgrade to Eggplant Functional 26.2.0 when you upgrade to DAI 26.2.0. DAI 26.2.0 is only compatible with Eggplant Functional (EPF) 26.2.0.

  • The upgrade may take 10-20 minutes to complete.

  • When you upgrade from 26.1 to 26.2.1, the first time you log in, you will see the Spaces are here! pop-up message. In 26.2.0, we released the Spaces feature and, as part of that implementation, we changed the landing page you see when you log into DAI to be the Spaces page. See the Spaces in DAI feature description in the 26.2.0 Release Notes for more information about this feature and also see the Upgrade Notes for important information about the first time you upgrade to a release that has spaces.

  • For information about upgrading container deployments, see Upgrading on the Deploying Eggplant DAI in Containers page.

Release 26.2.1 (May 2026)

DAI version 26.2.1 contains the following enhancements and defect fixes:

Features

DAI 26.2.1 contains the following new features:

Improved Security with HTTPS Connections

DAI version 26.2.1 introduces improved security for accessing DAI from your browser. The improvements not only provide greater security but compliance with the EU Cyber Resiliency Act (EU-CRA), and compatibility with our Eggplant IAM tool (our Keycloak-based product for managing identity and access management (IAM)). The improvements include:

  • HTTPS as the default and only supported access method for DAI; HTTP is no longer supported

  • Support for the following certificate types:

    • Publicly trusted Certificate Authority (CA) certificates (recommended)
    • Private or enterprise CA certificates, for example, from your own company
    • Self-signed certificates from Eggplant, which you can generate during installation

    Detailed information about the certificate requirements is provided in the Special Requirements section of the new Installing and Upgrading DAI Server on Windows (Versions 26.2.1 and Higher) page. The DAI Windows Server Setup program has changed to accommodate the new HTTPS changes.

info

If you are upgrading your DAI Server to 26.2.1 on Windows, and your existing DAI Server installation is configured for HTTP access, you will need to reconfigure it for HTTPS. See Upgrade Notes for Windows DAI Servers for what's required to perform this upgrade.

This HTTPS requirement also applies to the DAI Environments and Agents. Therefore, on all platforms, you will need to regenerate the .ini files for all of your environments/agents after installation because the DAI URL will be different.

Note that container deployments of the DAI Server are not affected because they have always required HTTPS configurations.

Support for Jira Zephyr Test Management Tool Integration

DAI 26.2.1 now integrates with another test management tool by adding support for test results with Jira Zephyr. Integrating third-party test management tools with DAI streamlines test case synchronization and reporting. Once you connect DAI to a test management tool, DAI can automatically synchronize your test cases, requirements, and test results between the two systems. For more information, see Adding a Jira Zephyr Integration in the Test Management Tool Integrations page.

Updated DAI Server Installation Program for Windows

DAI 26.2.1 also provides a new Setup program for the Windows Server installation. The major change is to accommodate the new requirement to use HTTPS. Additionally, we also streamlined the Setup program so that there is essentially one workflow. (The previous installation process had two workflows: Standard and Advanced.) The new Setup program provides one workflow with the option to choose advanced options, which consist of specifying alternate locations for some folders that DAI creates.

Because the Setup program for 26.2.1 differs from the previous one for 26.2.1 and older versions, there are now two installation pages. See Documentation Updates below for more information.

DAI Internal Data Moved to File System

Some DAI internal data has been moved to the file system to ensure stability and continued support. This data was previously stored in MinIO (object storage), which is no longer being maintained. This migration will occur automatically after you upgrade to DAI 26.2.1. The migration does not require you to take any actions for this migration to occur. See Upgrade Notes for more information this change.

Spaces are here

The first time you log into DAI after upgrading to DAI 26.2.1, you will see the Spaces are here! panel. This is to inform you of the Spaces feature that was introduced in DAI 26.2.0. The Spaces page became the landing page you see when you first log into DAI versions 26.2.0 and higher. For important information about the first time you upgrade to a release that has the spaces feature, see Upgrading from 26.1 to 26.2.0 on the Upgrade Notes page.

The **Spaces are here!** panel calling attention to Spaces feature in DAI

The Spaces are here! panel calling attention to Spaces feature in DAI

Defect Fixes

DAI 26.2.1 includes the following defect fixes:

  • Fixes an issue in DAI where it was not possible to delete an Eggplant test suite that referenced itself as a helper suite. (CRD-1976)

  • Fixes an issue with DAI Helm container deployments where customers on systems without internet access ("air-gapped users") experienced slow load times when they launched DAI due to access issues with font libraries. (CRD-1972)

Documentation Updates

DAI 26.2.1 includes the following documentation updates:

Third-Party Component Updates

DAI 26.2.1 includes the following third-party component updates:

ComponentPrevious VersionUpgraded To
Nginx1.29.41.30.0
Erlang26.2.5.1526.2.5.19
Keycloak26.5.526.6.1
Postgres17.9-117.9-3
Python3.13.123.13.13
RabbitMQ4.2.44.2.5

Security Fixes (CVEs)

DAI 26.2.1 remediates the following security vulnerabilities:

DependencyRemediated Vulnerabilities
MultipartCVE-2026-40347 / GHSA-mj87-hwqh-73pj
Psycopg2-binaryCVE-2025-69418
Keycloak- GHSA-xh32-c9wx-phrp / CVE-2026-3911 (Low)
- GHSA-8g9r-9wjw-37j4 / CVE-2026-3429 (Medium)
- GHSA-63v5-26vq-m4vm / CVE-2026-1190 (Low)
- GHSA-x4p7-7chp-64hq / CVE-2026-2603 (High)
- GHSA-cjm2-j6cm-6p6m / CVE-2026-3872
- GHSA-q35r-vvhv-vx5h / CVE-2026-3190
- GHSA-7xf9-4jfc-wgm4 / CVE-2026-3121
- CVE-2026-2092 / GHSA-wmxr-6j5f-838p (High)
- GHSA-cphf-4846-3xx9
- GHSA-m297-3jv9-m927 / CVE-2026-3009
- GHSA-xv6h-r36f-3gp5 / CVE-2026-2575 (Medium)
Bug Hunting KerasCVE-2026-1462 / GHSA-4f3f-g24h-fr8m
PillowCVE-2026-40192 / GHSA-whj4-6x5x-4v2j
MakoGHSA-v92g-xgxw-vvmm
erlang-otp 26.2.5.15BDSA-2026-4048 / CVE-2026-23941
aiohttpGHSA-w2fm-2cpv-w7v5 / CVE-2026-22815
RequestsGHSA-gc5v-m9x4-r6x2 / CVE-2026-25645
strawberry-graphqlGHSA-hv3w-m4g2-5x77 / CVE-2026-35526
CryptographyGHSA-p423-j2cm-9vmq / CVE-2026-39892
RequestsGHSA-gc5v-m9x4-r6x2 / CVE-2026-25645
PygmentsGHSA-5239-wwwm-4pmq / CVE-2026-4539
UnknownGHSA-m959-cc7f-wv43 / CVE-2026-34073
pygmentsGHSA-5239-wwwm-4pmq / CVE-2026-4539
WerkzeugGHSA-29vq-49wr-vm6x / CVE-2026-27199
python 3.12/1.13BDSA-2026-5095 / CVE-2026-4519
npmjs:flatted 2.0.2BDSA-2026-4940 / CVE-2026-33228
Bug Hunting KerasGHSA-gfmx-qqqh-f38q / CVE-2026-1669
MarshmallowGHSA-428g-f7cq-pgp5 / CVE-2025-68480
pyjwtGHSA-752w-5fwx-jx9f / CVE-2026-32597

Release 26.2.0 (April 2026)

DAI version 26.2.0 contains the following enhancements and defect fixes:

Features

DAI 26.2.0 contains the following new feature:

Spaces in DAI

DAI 26.2.0 introduces Spaces, a new capability that helps your teams organize test assets and manage access within a single DAI instance. Spaces address common challenges encountered when managing large numbers of models, configurations, and test cases. See About DAI Spaces for information about using this exciting new feature.

The Spaces page will be the landing page you see when you first log into DAI. The Spaces page includes one common space, called the Shared space, which is available in all DAI installations.

info

If you are upgrading to DAI 26.2.0, be sure to read the Upgrade Notes for this release for important information about spaces and your existing assets.

The new DAI Spaces feature page showing the common Shared space, which is now the landing page when you log into DAI

The new DAI Spaces feature page showing the common Shared space, which is now the landing page when you log into DAI

Security and Authentication

In the 26.1 Release Notes, we announced planned updates to DAI that introduce clearer and stricter expectations for TLS configuration. However, these changes will not be included in 26.2 release.

Important

26.2 does not contain any TLS updates.

There is no impact to current deployments (TLS configurations). All existing configurations, including HTTP connections to the DAI Server, will continue to operate as they did in 26.1 and prior versions.

These security enhancements will, however, be implemented in a future release. To prepare, please be aware that the TLS updates will include:

  • HTTPS as the default access method for DAI Support for the following certificate types:

    • Publicly trusted CA certificates
    • Private or enterprise CA certificates
    • Self-signed certificates explicitly trusted by the runtime

  • Continued support for alternative configurations, including HTTP-only setups, for environments with specific operational constraints (explicit configuration required)

We will announce a new timeline and publish updated documentation once these enhancements are finalized, providing you with ample time to review and prepare for the changes.

Defect Fixes

DAI 26.2 includes the following fixes for the following Customer Reported Defects (CRDS):

  • Resolves an issue where the Origin field on the DAI Test Cases page was limited to 40 characters for existing test cases and 59 characters for new test cases. You can now enter up to 500 characters. (CRD-1950)

  • Resolves an issue on the DAI Schedule page where later evening time slots (for example, 11:15 PM) are displayed at the top of the calendar view above earlier time slots (like 3:00 PM) instead of at the bottom. (CRD-1925)

Documentation Updates

You will notice that the 26.2 Release Notes are on the same page as the 26.1 Release Notes. Starting with the DAI 26.1 release, we will be listing the release notes for all the 26.x releases on one page, to make it easier to find them and read about updates in the previous 26.x releases.

Third-Party Component Updates

DAI 26.2 updates the following component:

  • Upgrades Keycloak to version 26.5.5

Security Fixes (CVEs)

DAI 26.2 remediates the following security vulnerabilities:

DependencyRemediated Vulnerabilities
Keycloak- CVE-2025-66021 / GHSA-g9gq-3pfx-2gw2, OWASP Java HTML Sanitizer vulnerability allowing XSS via <noscript> tags and improper <style> tag sanitization
- CVE-2026-1529 / GHSA-hcvw-475w-8g7p, Improper invitation token validation
- CVE-2026-1486 / GHSA-37gf-gmxv-74wv, Tokens issued without verifying whether the Identity Provider (IdP) is enabled
Keycloak QuarkusCVE-2025-66560 / GHSA-5rfx-cp42-p624
Bug-hunting – KerasCVE-2026-0897 / GHSA-xfhx-r7ww-5995
Bug Hunting – WerkzeugCVE-2026-27199 / GHSA-29vq-49wr-vm6x
PostgreSQL 17.7CVE-2026-2006, Memory corruption via buffer overflow in the pg_mblen function
RabbitMQ 4.2.2BDSA-2018-3189, Man-in-the-middle vulnerability due to missing TLS hostname validation in RabbitMQ and Spring-amqp

Release 26.1 (February 2026)

Upgrade Notes

For information about upgrading to DAI 26.1 on Windows, see Upgrade Notes in the version 26.1 documentation.

For information about upgrading container deployments to 26.1, see Upgrading on the "Deploying Eggplant DAI in Containers" page in the version 26.1 documentation.

DAI version 26.1 contains the following enhancements and defect fixes:

Important

  • CORRECTION: The note below states that only TLS (Transport Layer Security) will be supported in DAI 26.2. This change is not in DAI 26.2, but it will be implemented in a future release.

  • DAI 26.1 will be the last release to support HTTP connections to your DAI Server. Starting in DAI version 26.2, TLS (Transport Layer Security) only will be supported. This means you must move your DAI Server to use a secure HTTPS connection rather than HTTP only. This important change enhances application security and results from our Identity Access Management (IAM) solution only supporting HTTPS from the most recent version onwards. To upgrade to DAI 26.2, you will need TLS certificates in place. You should consult your organization’s Cyber/App Security function to arrange these certificates.

  • The DAI Public API V3 will be released in a near future, and with it, we will be deprecating and removing Public API v1. Users are advised to make necessary preparations and move to a supported later version.

Features

DAI 26.1 contains the following new feature:

Support for Xray Cloud Test Management Tool Integration

DAI 26.1 adds support for test management tool integrations, starting with Xray Cloud Test Management for Jira. Integrating a third-party test management tool with DAI streamlines test case synchronization and reporting. Once you connect DAI to a test management tool, DAI can automatically synchronize your test cases, requirements, and test results between the two systems. For more information, see Test Management Tool Integrations.

3rd Party Updates

DAI 26.1 includes the following 3rd-party product updates:

ComponentPrevious VersionUpgraded To
Nginx1.29.11.29.4
RabbitMQ4.1.44.2.2
Postgres17.7.117.7.2
OpenJDK21.0.8+921.0.9+10
Mingit25.125.2

Security Fixes

DAI 26.1 remediates the following security vulnerabilities:

DependencyRemediated Vulnerabilities
Bug hunting (werkzeug)CVE-2026-21860 / GHSA-87hc-h4r5-73f7
MarshmallowGHSA-428g-f7cq-pgp5 / CVE-2025-68480
rllib3RETEST 26.1.0+2: CVE-2025-50182 / GHSA-48p4-8xcf-vxj5
GHSA-38jv-5279-wg99 / CVE-2026-21441
aiohttpCVE-2025-69223 / CVE-2025-69224 / CVE-2025-69225 / CVE-2025-69226 / CVE-2025-69227 / CVE-2025-69228 / CVE-2025-69229 / CVE-2025-69230
Last updated on