Release Notes / Version 10.2104
Table Of ContentsThird-Party Update: Apache Tika and Transitive Dependencies
Apache Tika has been updated to version 1.26. As part of this change, the following transitive dependencies of Apache Tika have been updated to match versions used by Tika. These updates fix known security vulnerabilities: CVE-2021-28657 (Tika), CVE-2021-27807 (PDFBox).
Updated dependencies:
com.google.guava:guava: 30.1.1-jre
org.apache.commons:commons-lang3: 3.12.0
org.apache.pdfbox:fontbox: 2.0.23
org.apache.pdfbox:pdfbox: 2.0.23
org.apache.pdfbox:pdfbox-tools: 2.0.23
org.apache.pdfbox:preflight: 2.0.23
org.apache.pdfbox:xmpbox: 2.0.23
org.apache.tika:tika-core: 1.25
org.apache.tika:tika-parsers: 1.25
org.bouncycastle:bcmail-jdk15on: 1.68
org.bouncycastle:bcpkix-jdk15on: 1.68
org.bouncycastle:bcprov-jdk15on: 1.68
org.ow2.asm:asm: 9.1
org.tukaani:xz: 1.9
If you use these libraries in project code, please check their respective release notes for changes and upgrade information. No changes were necessary in the CoreMedia Blueprint for these updates.
(CMS-19202)
Content Feeder Metrics
Introduced new metrics for the
Content Feeder
: "feeder.populator" which measures the time spent in
FeedablePopulator
implementations, and "feeder.index" which counts index updates for different types of triggers. For details, have a look at the Search Manual, section "Reference | Content Feeder Metrics".
(CMS-19028)
Runlevel based health indicator added to the content-server application
A runlevel based health indicator has been added to the content-server application. The endpoint is available at
:8081/actuator/health/runlevel
. The indicator will be set to:
UP if the runlevel is
ONLINE
orMAINTENANCE
DOWN. if the runlevel is
ADMINISTRATION
orOFFLINE
To activate/deactivate the healthcheck, set the application property
management.health.runlevel.enabled=true|false
.
(CMS-18871)
Unified API connection state
Two new methods have been introduced to the interface
CapConnection
.
isContentRepositoryToBeUnavailable()
indicates that the
Content Server
will eventually be shut down after an execution of
cm runlevel
with a grace period.
isDisrupted()
indicates that at least one repository has been disconnected in such a way that the connection will not attempt a reconnect. These methods are intended for advanced health check procedures.
Equivalent methods have also been added to
CapConnectionManager
for monitoring the connection.
(CMS-18617)
Runlevel actuator endpoint added
The content-server application now has a runlevel endpoint to get the current runlevel or change the runlevel. The endpoint is available at
:8081/actuator/runlevel
and can be enabled by setting the property
management.endpoint.runlevel.enabled=true
. The endpoint is disabled by default. To change the runlevel you can send a HTTP POST request i.e.
/usr/bin/curl -X POST \ -H "Content-Type: application/json" \ -d '{"runlevel": "MAINTENANCE", "gracePeriod": 30}' \ http://localhost:8081/actuator/runlevel
The runlevels are:
ONLINE
MAINTENANCE
ADMINISTRATION
OFFLINE
(CMS-18578)
A new configurable property "caas.media-no-transform" has been added
A new configurable property "caas.media-no-transform" has been added to make it possible to remove the "no-transform" directive of the cache-control header from headless media controller responses. Please see the Deployment Manual for further info.
(CMS-18404)
Changed Content Feeder Configuration Properties
Some configuration properties of the
Content Feeder
have been renamed as part of an initiative to use Spring Boot's type-safe
ConfigurationProperties
. The old property names still work as before but some have been deprecated. It's not required to change your configuration now. If possible, we recommend to migrate to the new property names.
The following properties have been renamed
feeder.indexDeleted
->feeder.content.index-deleted
feeder.indexGroups
->feeder.content.index-groups
feeder.indexNameInTextBody
->feeder.content.index-name-in-textbody
feeder.indexReferrers
->feeder.content.index-referrers
feeder.partialUpdate.aspects
->feeder.content.partial-update-aspects
feeder.management.user
->feeder.content.management.user
feeder.management.password
->feeder.content.management.password
feeder.backgroundFeed.delay
->feeder.content.background-feed-delay
feeder.retryConnectToIndexDelay.seconds
->feeder.content.retry-connect-to-index-delay
(new property takes milliseconds if not specified otherwise)feeder.updateGroups.immediately
->feeder.content.update-groups-immediately
See also section 'Content Feeder Renamed Properties' in the reference chapter of the Search Manual for all deprecated and new property names.
(CMS-17957)
New Validator: PossiblyMissingMasterReferenceValidator for Multi-Site
In certain scenarios it may happen, that you have a master content and derived content which miss a corresponding link from derived to master to signal the relationship. This state, if caused by accident, may cause duplicated contents to be created where you don't expect them.
The new validator
PossiblyMissingMasterReferenceValidator
detects such a state and will by default raise a warning in these states.
Depending on the perspective (if this content is regarded as master content or as derived content) you will get slightly different messages:
For master you may get: A content in derived site German (Germany) exists, which may miss a link to this content as its master: Orphaned Name.
For derived content you may get: A content in master site English (United States) exists, which should possibly be linked to as master: Orphaned Name. Consider setting an appropriate master version carefully. Most likely the current master version.
If for any reason, this analysis reports a false-positive, it will vanish as soon as you finished a translation of a given master content.
Upgrade Notice
No upgrade steps are required unless you consider these warnings irrelevant in your setup. In this case you may remove the bean
possiblyMissingMasterReferenceValidator
which comes with
com.coremedia.cms.middle.blueprint.validators.ValidatorsConfiguration
.
As an alternative you may customize the severity by setting
possiblyMissingMasterReferenceFromMasterValidator.severity
to
INFO
(it defaults to
WARN
).
Extension Points
By default, the match strategy to search for similar contents is done by relative path. If you have different identity tokens (such as product IDs as property values) you may consider replacing the bean. A dedicated section exists in JavaDoc of
com.coremedia.rest.cap.validators.PossiblyMissingMasterReferenceValidator
explaining what possible extension points you may use.
validate-multisite
This validator covers issues detected by
cm
tool
validate-multisite
:
MS-VALIDATION-6001
– Content not Used in Derived Site but some Content ExistsMS-VALIDATION-6003
– Content without Master but some Content Exists
(CMS-16043)