Changelog

Customers with a 3.259.0-edge deployment should immediately update to 3.259.1-edge. This patch release addresses a security vulnerability that could expose environment variables during code-executor startup.

Retool now provides a built-in integration for Databricks Lakebase, a fully managed Databricks Postgres database built on lakehouse architecture.

Organization admins can now control whether users can create draft apps on a per-group basis. If an admin disables the draft apps feature on a permission group, users within the group will not be able to create unpublished apps in their own drafts folder.

Self-hosted organizations using Source Control to protect apps can opt into the public beta of multi-instance releases. This feature enables you to publish different release versions of apps across multiple deployment instances. This is particularly useful if you want to test a newer version of an app on a test instance first.

For new Business and Enterprise plan organizations, the All Users group does not have universal access permissions by default. Admin users can add permissions to the All Users group as needed.

This change was made to simplify the process of creating custom groups, eliminating the need to remove permissions from the All Users group before creating more permissioned groups.

This change does not impact existing organizations, or organizations upgrading from Free or Team plans.

Retool added support within the IDE for merging changes from your default branch into your feature branch. This feature allows developers to keep their branches aligned with the default branch through guided, in-product flows, eliminating the need to switch to external tools like GitHub or GitLab.

When conflicts arise, Retool walks developers through a conflict resolution process entirely within the IDE, including validation checks to catch errors before completing the operation.

This change also eliminates the need for catch-up commits.

Self-hosted Retool 3.251 and later contain two notable changes to the code-executor service:

• A container running code-executor is required to run workflows and custom API authentication. Previously, these features could be run in a sandbox in the backend container. Retool's security team has become aware of a sandbox escape and will no longer be supporting sandboxing in the backend. For more information refer to the disclosure page.
• Traffic to the private 192.168.0.0/16 IP address range is blocked by default. If you want to disable this security configuration, follow the instructions in the code-executor security privileges documentation.

Retool removed the preview release of Agents for self-hosted organizations since Agents is now in public beta with the 3.234.0 edge release and it will be available in 3.253 stable. This preview release was intended for deployment into a non-production environment, and was created as a mechanism to allow Self-hosted organizations the opportunity to create agents prior to their availability in an edge or stable release.

When setting up Source Control with Bitbucket, you can now use a Bitbucket access token instead of an app password. Access tokens provide a more secure authentication method than app passwords.

Authentication using app passwords is still supported, but Retool recommends using access tokens instead.

If you use Source Control to protect a workflow, you can now create and publish releases for that workflow. This allows you to safely test and build changes without disruption. Previously, protected workflows were automatically versioned and published, and you could not publish a specific version.

Once you merge a change into the main branch, navigate to the Releases tab in the left-hand menu. In this tab, you can create, manage, and publish versions of the workflow. Refer to Version and publish workflows for more information.