Product Update - v26.10

Details of the product update v26.10 from the 5th of March 2026.

New Features

New Monthly Message Quotas for Flow Steps

New quota type: monthly limit on the number of emitted data items (records and errors) produced by flow steps. Added quota keys to the API:

v2/quotas/usages and v2/quotas/limits now include:
- per_contract_message_count_limit
- per_workspace_message_count_limit

Quota checks are applied when:

Starting a flow (Start)
Running a flow manually (Run Now)

Behavior when quota is exceeded:

If the quota is exceeded, launching the flow is blocked.

Email notifications:

Sent when usage reaches 80%: “Resource usage for [contract/workspace] message count has exceeded 80% of your quota”
Sent when usage reaches 100%: “Resource usage for [contract/workspace] message count has exceeded 100% of your quota”

Note: When the quota is exceeded, all flows in the contract will be suspended. They can be resumed by Elastic.io Support upon a request to increase the resource limit.

This change helps prevent unexpected overages by capping monthly emitted data per contract and workspace and notifying you as you approach your limit.

Display Steps Count for Running Flows in Contract

The Contract Quota overview now displays the number of steps for each Active flow in the contract.

Display Quota Usage for Emitted Message Count

Quota Overview page now includes a widget that displays emitted messages count usage and updated explanatory text. The widget makes it easy to see monthly usage and current quota utilization at a glance. New API endpoint: GET /v2/runtime-quota-usages/contracts/:contract_id/messages-usage/history returns message usage history grouped by month for the specified contract. It requires permissions GLOBAL.USAGES.READ or contract participant.

Prevent Abuse of Limited Workspaces with Stricter Start Checks

Endpoint updated: POST v2/flows/:id/start New behavior:

If flow has “status”: “active” and “currentStatus”: “active”- the request now returns 409 Conflict {Flow is already active}.
If flow has “status”: “suspended” and “currentStatus”: “suspended” - the endpoint still returns 202 Accepted, but it no longer updates the flow’s lastStartTime property.

Prevents workflows from gaming start timestamps in Limited Workspaces to evade quota/limit enforcement while preserving existing behavior for suspended flows. All other start semantics remain the same.

Front-end Error Boundary (React)

Added an Error Boundary in the front-end (React) to catch uncaught rendering errors.

Updated `workspace-invite-new-user` Email Text

Updated the email body for the workspace-invite-new-user template to clearer, user-friendly copy.

Fixed Bugs

FIXED a bug in the Flow Designer Settings tab where displayed times could appear in the wrong time zone
FIXED an issue where opening a recipe link while logged out and signing in with Google would fail to load the recipe page after authentication
FIXED a bug where a platform service sometimes failed to create a messageId to a queued message, which caused the flow error-handler to fail to process that error and the step to stuck.
- Important Limitation: This fix applies only to new occurrences in flows without queues and messages missing a messageId. It does not retroactively fix existing error records with missing messageId; those will need to be cleared manually.
FIXED an error where the Flow Versions page could fail to load or display incorrectly if a version was associated with a deleted user

Components

Google Calendar component `1.0.0`

Initial component release
ADDED Make Raw Request Action
ADDED Upsert Object Action
ADDED Lookup Objects (plural) Action
ADDED Lookup Object By ID Action
ADDED Delete Object By ID Action

ServiceNow component `1.0.0`

Initial component release
ADDED Make Raw Request Action
ADDED Upsert Object Action
ADDED Lookup Objects (plural) Action
ADDED Lookup Object By ID Action
ADDED Delete Object By ID Action

Sharepoint component `1.0.0`

Initial component release
ADDED Make Raw Request Action
ADDED Upsert Object Action
ADDED Lookup Objects (plural) Action
ADDED Lookup Object By ID Action
ADDED Delete Object By ID Action

Code component `1.2.15`

ADDED strong-soap v5.0.7 library support

Code component with Credentials `1.0.2`

ADDED strong-soap v5.0.7 library support
REMOVED elasticio-node dependency
UPDATED Sailor version to 2.7.8
UPDATED Axios version to 1.13.5
UPDATED Node.js version to 24

NetSuite component `3.2.2`

ADDED internal validation for Size of Polling Page in Polling Objects Trigger. Values 1-4 are now rejected with a clear error message, while 0 (which uses the default of 1000) and values 5 or greater are permitted
FIXED handling empty Size of Polling Page field gracefully in Polling Objects Trigger
FIXED preventing potential NullPointerException across multiple actions and triggers by adding robust null checks for NetSuite API responses, status objects, and search results

Git-Protocol component `1.3.0`

ADDED Beautify JSON files option to the Create Commit action to enhance the readability of differences
IMPROVED test suite with more comprehensive tests for Create Commit action and edge cases
FIXED internal dependencies to resolve test failures
FIXED a race condition where parallel executions would collide on the local file system by using unique temporary directories for each action
UPDATED documentation to include known limitations regarding concurrency and remote push conflicts

AWS S3 component `1.6.0`

ADDED support for pre-signed URLs in Read file Action and Get New and Updated S3 Objects Trigger
ADDED support for S3-compatible providers
MIGRATED to AWS SDK v3 (modular @aws-sdk/* packages)
UPDATED Sailor version to 2.7.7
UPDATED dev dependencies
UPDATED Node engine version to 24.x
UPDATED @elastic.io/component-commons-library to 4.0.0
IMPROVED README.md
REMOVED unused elasticio-node dependency

AMQP component `1.4.4`

UPDATED Node engine version to 24.x
UPDATED amqp-connection-managerdependencies to 5.0.0
UPDATED elasticio-sailor-nodejsdependencies to 2.7.7
UPDATED CircleCI configuration
REMOVED elasticio-node and amqplib dependencies
IMPROVED README.md

Shopify Admin v2 component `2.5.3`

UPDATED Sailor version to 2.7.8
UPDATED Axios version to 1.13.5
IMPROVED the End Time boundary logic in the Get New and Updated Objects Polling Trigger
FIXED issue with GraphQL InlineFragment handling in “Additional fields” configuration field

Salesforce component `2.9.1`

FIXED critical bug in Subscribe to PubSub Trigger:
- FIXED infinite loop issue where trigger would get stuck showing Subscription recreate in progress when errors occurred
- ADDED proper authentication error detection and handling for sfdc.platform.eventbus.grpc.service.auth.error errors
- IMPROVED token refresh mechanism to trigger automatically on auth errors during connection, keepalive wait, and active streaming
- IMPROVED creationInProgress flag is always reset via finally block, preventing trigger from getting stuck
FIXED Lookup Object (at most 1) Action to always include attachments property in emitted messages (even when empty), ensuring consistent message structure
UPDATED Sailor version to 2.7.7
UPDATED @elastic.io/component-commons-library to 4.0.0
REMOVED unused elasticio-node dependency
UPDATED Node engine version to 24.x

Salesforce component `2.9.2`

Security Improvements:
UPGRADED jsforce v3.10.14 eliminating critical and high severity vulnerabilities:
- REMOVED critical vulnerability: form-data (GHSA-fjxv-7rqg-78g4)
- REMOVED high vulnerability: qs (GHSA-6rw7-vpxm-498p)
- REMOVED moderate SSRF vulnerability in deprecated request package
UPDATED elasticio-rest-node to v2.0.0
REMOVED nsprc file
Breaking Changes: (handled internally)
UPDATED query methods to use scanAll as an option to execute() instead of method chaining (jsforce v3 API change)
UPDATED bulkQuery() to await promise returned by bulk.query() before accessing stream
UPDATED StreamingExtension import to use jsforce/api/streaming module
IMPROVED error handling to properly extract messages from FetchError format (jsforce v3 uses node-fetch instead of request)
Dependencies:
REMOVED better-npm-audit dependency (replaced with standard npm audit)
UPDATED audit script to use standard npm audit --production

Sailor Nodejs `2.7.8`

UPDATED to wait for connection before sending ack/nack

Product Update - v26.10

New Features

New Monthly Message Quotas for Flow Steps

Display Steps Count for Running Flows in Contract

Display Quota Usage for Emitted Message Count

Prevent Abuse of Limited Workspaces with Stricter Start Checks

Front-end Error Boundary (React)

Updated workspace-invite-new-user Email Text

Fixed Bugs

Components

Google Calendar component 1.0.0

ServiceNow component 1.0.0

Sharepoint component 1.0.0

Code component 1.2.15

Code component with Credentials 1.0.2

NetSuite component 3.2.2

Git-Protocol component 1.3.0

AWS S3 component 1.6.0

AMQP component 1.4.4

Shopify Admin v2 component 2.5.3

Salesforce component 2.9.1

Salesforce component 2.9.2

Sailor Nodejs 2.7.8