2025.6 release notes
November 2025
The Continuous Compliance 2025.6.0.0 release introduces support for capturing Salesforce batch errors with the Bulk API, improves non-conformant data count accuracy, and adds Australian TFN support to the Checkdigit algorithm. It also adds new options for setting non-conformant data to null, deprecates LDAP configuration for Continuous Compliance engines, and supports Sybase driver plugin for additional masking tasks.
On this page:
New features
Salesforce batch error collection (Bulk API via CData Driver)
This release introduces support for capturing batch-level errors during Salesforce masking jobs that use the Bulk API with certified CData JDBC drivers. When a masking job fails to update certain records, it now:
-
Identifies and logs up to 10 sample record IDs where errors occurred.
-
Tag these errors with a new event type: SALESFORCE_BATCH_JOB_ERRORS.
For more information, see the Salesforce Compliance documentation.
Non-conformant data count accuracy improvement
Previously, the record counts for non-conformant data in masking jobs were approximate, generally accurate within an order of magnitude. With this release, these counts are now reported with full precision. For more information, see Job Monitoring documentation.
Checkdigit algorithm Australian TFN support
This release enhances the Checkdigit algorithm to include support for the Australian TFN (Tax File Number) checksum calculation type. For more information, see the Checkdigit documentation.
Option to set non-conformant data values to null
This release adds the option to set non-conformant data values to null in global settings and introduces a job-level override in the UI for masking jobs. This enhancement applies only to Hop-based jobs and is not compatible with systems using Kettle. For more information, see Job Monitoring documentation.
Deprecation of LDAP configuration for Continuous Compliance Engines
Starting with release 2026.1, setting or updating the LDAP configuration for Continuous Compliance engines running on VMs will no longer be supported through the Continuous Compliance API or UI, and must be configured through the main setup application dashboard. Before upgrading, ensure that LDAP settings are configured in the main setup application dashboard, and that corresponding LDAP users exist in the Continuous Compliance engine. This change does not affect DCT.
GCP Secure Boot support for Delphix Engines
Delphix Engines now support Secure Boot on Google Cloud Platform (GCP) through Google Cloud’s Shielded VM security features. Secure Boot adds an extra layer of protection against threats that can persist across reboots by ensuring instances only launch software signed with trusted cryptographic keys stored in the UEFI key database. For more information, read Google Cloud platform installation.
GCP gVNIC support for Delphix Engines
GCP support of Google Virtual NIC (gVNIC) which is the alternative to the virtIO based driver and is only supported network interface in Compute Engine for all new machine types (Generation 3 and newer). This feature is only supported on new Delphix engine installations. For more information, read Google Cloud platform installation.
MultiColumn/GenericDataRow support for XML attributes
This release introduces support for assigning MultiColumn and GenericDataRow algorithm types to XML attribute fields. For more information, see the Managing Inventories documentation.
Support for Sybase driver plugin
This release adds default driver support for Sybase database masking options of Drop Constraints, Drop Indexes, and Disable Triggers as job tasks. For details on the usage and known limitations of the Sybase driver plugin support tasks, see Built-in Sybase driver support plugin documentation.
Fixed issues
| Bug number | Description |
|---|---|
| DLPX-68973 | Fixed performance issues in CSV Inventory Import to enable faster processing. |
| DLPX-90254 | Fixed an issue where Mainframe File masking failed to generate job_xml files for all input files. |
| DLPX-91056 | Fixed an issue where Ruleset CSV import did not correctly log errors and warnings during import. |
| DLPX-91200 | Fixed an issue where warnings generated during CSV import were not captured in the main masking application logs. |
| DLPX-91208 | Fixed an issue where cancelling a running job incorrectly marked all unprocessed tables as FAILED in the Monitor, now cancelled jobs are reported as CANCELLED status. |
| DLPX-91574 | Fixed an issue where CSV Inventory Import did not report warnings when rows in the import file did not match any column or field in the target ruleset. |
| DLPX-93802 | Fixed an issue where masking jobs failed for SQL Server when schema or table names contained [ or ]. |
| DLPX-95142 | Fixed an issue with the ruleset warning message for “Identity Check did not pass.” |
| DLPX-95361 | Fixed an issue where database masking job performance degraded when a table contained an identity column without an index and included masking of a non-clustered primary key. |
Known issues
|
Key |
Summary |
Workaround |
|---|---|---|
| DLPX-80640 | Masking drop Indexes task does not find and remove indexes on SQL Server partitioned tables in both on-the-fly and in-place masking jobs. | Manually script the drop and recreate indexes. |
| DLPX-81694 | When masking two columns with the same name but different casing, the same algorithm may be incorrectly applied to both. | None |
| DLPX-91068 | Failed masking jobs on heap tables may leave behind a generated temporary identity column and index. | None |
| DLPX-93701 | On the fly masking job fails when using different source and target connector types (mixed Cloud and On-premise connectors) for JSON, XML, and Parquet files. | None |
| DLPX-96175 | Inconsistent values in parquet masked file for null-heavy, dictionary encoded columns. | None |