Skip to main content

Changelog

Updates, changes, and improvements at Retool.

Code executor changes in self-hosted 3.251 and later

Self-hosted Retool 3.251 and later contain two notable changes to the code-executor service:

  • A container running code-executor is required to run workflows and custom API authentication. Previously, these features could be run in a sandbox in the backend container. Retool's security team has become aware of a sandbox escape and will no longer be supporting sandboxing in the backend. For more information refer to the disclosure page.
  • Traffic to the private 192.168.0.0/16 IP address range is blocked by default. If you want to disable this security configuration, follow the instructions in the code-executor security privileges documentation.