Version 3.2.0 (May 2025)

Welcome to the Zowe Version 3.2.0 release!

See New features and enhancements for a full list of changes to the functionality. See Bug fixes for a list of issues addressed in this release.

Download v3.2.0 build: Want to try new features as soon as possible? You can download the v3.2.0 build from Zowe.org.

New features and enhancements

Zowe Version 3.2.0 contains the enhancements that are described in the following topics.

Server Install

• Added an enhancement so that the zwe support command collects more environment details.
• Added an enhancement in the form of a new library function named formatZosVersion() in zosUtils to standardize the formatting of z/OS versions during installation checks.
• Added an enhancement so that when you run the zwe support verify-fingerprints command, you no longer have to specify a configuration file, such as zowe.yaml, as a command-line parameter.

Zowe Application Framework

• Added an enhancement to compress the Zowe v3 Desktop assets so that the Desktop can load faster on a slow internet connection with a slow network speed.
• Added an enhancement to compress the size of assets within the Zowe v3 Desktop so that the Desktop loads faster despite a slow internet connection. The enhancement increases the speed of loading the desktop.
• Added an enhancement to validate certificate properties on startup, ensuring a secure and valid configuration.
• Added an enhancement in the form of a utility named certificateChecker.js. This utility validates whether Zowe can use a keystore that has the PKCS12, PEM, or SAF keyring.

ZSS

• Added a new feature with a modify command to display module registry information. Users can use the information to easily monitor, troubleshoot, and manage the current state of registered modules.
• Added a feature to reset the module registry at cross-memory server startup, ensuring a clean and consistent environment for the server’s operation by clearing outdated data and reducing the risk of errors caused by stale module configurations.
• Added an enhancement to include the stub version in the generated HLASM stub, enabling improved version tracking and compatibility.
• Added an enhancement to expose new cmutils functions, providing additional capabilities for managing and interacting with system components.
• Added support for passing multiple parameters to Zowe Integration Server (ZIS) via the START command. This is an enhancement on its own, all it means is there is more flexibility available for configuration at start up. The start command is mostly run from a terminal window or CLI on the system where Zowe is installed.
• Added a parameter to reset the module registry at ZIS startup, preventing issues with outdated or conflicting module data.
• Added an enhancement to make the modregReset function available through dynlink, enabling dynamic linking for module registry resets.

Zowe API Mediation Layer

• Users can now configure the connect and read timeout for the Eureka HTTP client. (#4045)
• Zowe now supports API ML components that were built on Java 17 compatibility level to run using Java 21. (#4028)

Zowe CLI

Zowe CLI (Core)

• Search data sets with regex patterns by passing the new --regex option into the search command. (#2432)
• Overwrite all members of a target data set with source data set members by including the new overwrite flag with the zowe files copy ds command. (#2450)
• See secure properties when issuing the zowe config list command when the ZOWE_SHOW_SECURE_ARGS environment variable is set to true. (#2259)
• Create extended and large formatted sequential data sets by adding the new --data-set-type flag to the zowe files create ps command. (#2141)
• Select a specific range of records to output from a spool file with the new --recordRange flag for the zowe jobs download output command. (#2411)
• The zowe zos-files copy data-set command no longer requires the target data set to be preallocated. (#2349)

Zowe CLI Imperative Framework

• Added a line to the output to display the authentication type when using the --show-inputs-only option. (#2462)
• A Web Help favicon now displays in browser tabs. (#801)
• Allowed instances of the ProfileCredentials class to check only for the active layer to determine if the user's credentials are secure. (#2460)
• Consolidated all sensitive data hiding logic into the Censor class. (#2424)
• Added the showSecureArgs environment variable to the EnvironmentalVariableSettings class to allow extenders to determine if they should mask secure values. (#2424)
• See secure properties when issuing the zowe config list command when the ZOWE_SHOW_SECURE_ARGS environment variable is set to true. (#2259)
• Deprecated the LoggerUtils class. Use the Censor class instead. (#2424)
• Deprecated the CliUtils.CENSOR_RESPONSE property. Use the Censor.CENSOR_RESPONSE property instead. (#2424)
• Deprecated the CliUtils.CENSORED_OPTIONS property. Use the Censor.CENSORED_OPTIONS property instead. (#2424)
• Deprecated the CliUtils.censorCLIArgs function. Use the Censor.censorCLIArgs function instead. (#2424)
• Deprecated the CliUtils.censorYargsArguments function. Use the Censor.censorYargsArguments function instead. (#2424)
• Changed DeferredPromise and DeferredPromise.unit.test comment format to match standard. (#2413)

Zowe Explorer

Zowe Explorer (Core)

• See the Zowe Explorer changelog for updates included in this release.

Zowe Explorer API

• See the Zowe Explorer API changelog for updates included in this release.

Zowe Explorer FTP Extension

• See the Zowe Explorer FTP Extension changelog for updates included in this release.

Zowe Explorer ESLint Plug-in

• See the Zowe Explorer ESLint Plug-in changelog for updates included in this release.

Bug fixes

Zowe Version 3.2.0 contains the bug fixes that are described in the following topics:

Zowe Application Framework

• Fixed an issue where it was not possible to configure the app-server as the configuration property components.app-server.node.mediationLayer.eureka was not documented in the schema.
• Fixed an issue that prevented the Desktop from selecting the most efficient and direct route to access ZSS. After the fix, the Desktop has the necessary information to identify and use a direct route to access ZSS.
• Fixed an issue that caused a large memory consumption and a high memory utilization after every startup. The issue was due to a defect in the axios library. The functionality of the app-servers does not alter due to this change.
• Fixed an issue where troubleshooting information became unavailable when there was a network failure during the eureka registration process. The components.app-server.node.mediationLayer.traceTls property was introduced to troubleshoot TLS issues. The property can trace the connection the app-server forms with the discovery server, revealing the cause of low-level networking issues.

ZSS

• Storage has now been configured to allow execution with the EXECUTABLE=YES setting, which enables the specified storage to be used as executable code. This is typically done to allow the storage to hold executable programs or modules.
• Fixed a memory leak in the rsusermap code, preventing unnecessary memory consumption and improving system performance.
• Enabled the use of single-line WTOs for efficient handling of single-line system console messages and improving the readability of generated system logs.
• Ensured that Zowe does not delete modreg based modules, thus preventing the loss of critical module data.
• Fixed an issue where the schema entry for JWT tracing was being updated with an incorrect name _zss.jwt. After the fix, the schema entry is updated with the correct name _zss.jwtTrace, which helps users to identify the log level that can enable JWT tracing.
• Corrected the modregRegister entry in the dynlink stub.
• Fixed the incorrect checking of the look-up anchor reset parameter.
• Fixed an issue where ZSS was not accessible from the Gateway when a user used AT-TLS. After the fix, ZSS is accessible from the Gateway if a user uses AT-TLS.

Zowe API Mediation Layer

• Disabled hostname verifier with non-strict mode. (#4069)
• The jacoco agent in jib containers previously unsupported with the Java 21 are now supported. (#4060)
• The username is now always valid when authentication for zaas/scheme/* endpoints passes. Username and applicationName validation is improved by moving validation to the PassTicketService. (#4054)
• Changed error code SERVICE_UNAVAILABLE to INTERNAL_SERVER_ERROR when PassTicket generation fails in Zowe v3. (#4047)
• Fixed the incorrect pattern for loggers through Personal Access Token validation log messages. (#4036)
• For keystores containing multiple keys, the correct client certificate is now chosen for outbound communication from the Gateway. (#4033)
• The use of a double slash in a url are now allowed. (#4030)
• Updated ciphers list v3. (#4025)
• Fixed the file log appender for debug profile. (#4020)
• Improved WebSocket generic 500 response in message. (#4019)
• Special characters are now allowed in url. (#4008)
• Introduced a workaround for API Catalog redirect behavior in the Desktop. (#4007)
• Added Authorization header for routed requests to ensure backwards compatibility with v2. (#4000)
• Added newPassword to the Swagger. (#3999)
• Authorization header is now supported in deterministic routing. (#3998)
• The TLS minimum setting has been fixed supporting TLSv1.2 as the minimum with TLSv1.3 supported by default. (#3993)
• Updated the React router to v7. (#3977)
• Replaced default Spring x509 Authentication in ZAAS. (#3971)
• HA instance ID is now used in the path to infinispan storage location (v3). (#3960)

Zowe CLI

Zowe CLI (Core)

• Updated the Daemon binary version for technical currency. (#2479)
• Fixed a bug that resulted in daemon commands running slower with every additional command. (#2470)
• Fixed the --show-inputs-only option on commands with chained command handlers, such as zowe zos-files copy data-set-cross-lpar. (#2446)
• When using the copy command, if a target partitioned data set has a smaller record length than a source partitioned data set, the operation for subsequent members no longer stops. The user can now view the affected members in a local file. (#2349)
• Users were not warned when copying partitioned data sets with identical member names. Now, the user is prompted to confirm before continuing the copy operation to avoid potential data loss. (#2349)
• The zowe zos-files copy data-set command overwrites the contents of the target data set without user confirmation. A --safe-replace option was added to prompt the user to confirm before overwriting the contents of the target data set. (#2369)

Zowe CLI Imperative Framework

• Ensured that the ProfileCredentials class evaluates all layers to determine if the user's credentials are secure. (#2460)
• Fixed a bug that resulted in daemon commands running slower with every additional command. (#2470)
• When in daemon mode, the user would not see Imperative initialization errors, but now the errors are passed back to the user's terminal window. (#1875).
• Fixed the --show-inputs-only option on commands with chained command handlers. (#2446)
• Fixed the help text example section's wrapping issue where the first line of the description is wrapped differently than the rest of the lines. (#1945).
• Fixed inconsistent behavior with the ZOWE_SHOW_SECURE_ARGS environment variable continuing to mask secure properties when it should not. (#2430)

Zowe Explorer

Zowe Explorer (Core)

• See the Zowe Explorer changelog for updates included in this release.

Zowe Explorer API

• See the Zowe Explorer API changelog for updates included in this release.

Zowe Explorer FTP Extension

• See the Zowe Explorer FTP Extension changelog for updates included in this release.

Zowe Explorer ESLint Plug-in

• See the Zowe Explorer ESLint Plug-in changelog for updates included in this release.

Vulnerabilities fixed

Zowe discloses fixed vulnerabilities in a timely manner giving you sufficient time to plan your upgrades. Zowe does not disclose the vulnerabilities fixed in the latest release as we respect the need for at least 45 days to decide when and how you upgrade Zowe. When a new release is published, Zowe publishes the vulnerabilities fixed in the previous release. For more information about the Zowe security policy, see the Security page on the Zowe website.

The following security issues were fixed by the Zowe security group in version 3.1:

• BDSA-2024-4090
• CVE-2024-39338 (BDSA-2024-5295)
• BDSA-2024-3717
• CVE-2023-28155
• CVE-2016-1000027
• BDSA-2024-6258
• CVE-2023-26136 (BDSA-2023-1661)
• CVE-2021-21366 (BDSA-2021-2314)
• CVE-2021-32796 (BDSA-2021-2903)
• CVE-2022-37616 (BDSA-2022-3398)
• CVE-2022-39353 (BDSA-2022-3404)