close

Filter

Close X
loading table of contents...

Release Notes / Version 10.2107

Table Of Contents

CoreMedia Core

Third-Party Update: Apache Tika and Transitive Dependencies

Apache Tika has been updated to version 1.26. As part of this change, the following transitive dependencies of Apache Tika have been updated to match versions used by Tika. These updates fix known security vulnerabilities: CVE-2021-28657 (Tika), CVE-2021-27807 (PDFBox).

Updated dependencies:

  • com.google.guava:guava: 30.1.1-jre

  • org.apache.commons:commons-lang3: 3.12.0

  • org.apache.pdfbox:fontbox: 2.0.23

  • org.apache.pdfbox:pdfbox: 2.0.23

  • org.apache.pdfbox:pdfbox-tools: 2.0.23

  • org.apache.pdfbox:preflight: 2.0.23

  • org.apache.pdfbox:xmpbox: 2.0.23

  • org.apache.tika:tika-core: 1.25

  • org.apache.tika:tika-parsers: 1.25

  • org.bouncycastle:bcmail-jdk15on: 1.68

  • org.bouncycastle:bcpkix-jdk15on: 1.68

  • org.bouncycastle:bcprov-jdk15on: 1.68

  • org.ow2.asm:asm: 9.1

  • org.tukaani:xz: 1.9

If you use these libraries in project code, please check their respective release notes for changes and upgrade information. No changes were necessary in the CoreMedia Blueprint for these updates.

(CMS-19202)

Content Feeder Metrics

Introduced new metrics for the Content Feeder : "feeder.populator" which measures the time spent in FeedablePopulator implementations, and "feeder.index" which counts index updates for different types of triggers. For details, have a look at the Search Manual, section "Reference | Content Feeder Metrics".

(CMS-19028)

Runlevel based health indicator added to the content-server application

A runlevel based health indicator has been added to the content-server application. The endpoint is available at :8081/actuator/health/runlevel . The indicator will be set to:

  • UP if the runlevel is ONLINE or MAINTENANCE

  • DOWN. if the runlevel is ADMINISTRATION or OFFLINE

To activate/deactivate the healthcheck, set the application property management.health.runlevel.enabled=true|false .

(CMS-18871)

Unified API connection state

Two new methods have been introduced to the interface CapConnection . isContentRepositoryToBeUnavailable() indicates that the Content Server will eventually be shut down after an execution of cm runlevel with a grace period. isDisrupted() indicates that at least one repository has been disconnected in such a way that the connection will not attempt a reconnect. These methods are intended for advanced health check procedures.

Equivalent methods have also been added to CapConnectionManager for monitoring the connection.

(CMS-18617)

Runlevel actuator endpoint added

The content-server application now has a runlevel endpoint to get the current runlevel or change the runlevel. The endpoint is available at :8081/actuator/runlevel and can be enabled by setting the property management.endpoint.runlevel.enabled=true . The endpoint is disabled by default. To change the runlevel you can send a HTTP POST request i.e. 

/usr/bin/curl -X POST \
  -H "Content-Type: application/json" \
  -d '{"runlevel": "MAINTENANCE", "gracePeriod": 30}'  \
  http://localhost:8081/actuator/runlevel

The runlevels are:

  • ONLINE

  • MAINTENANCE

  • ADMINISTRATION

  • OFFLINE

(CMS-18578)

A new configurable property "caas.media-no-transform" has been added

A new configurable property "caas.media-no-transform" has been added to make it possible to remove the "no-transform" directive of the cache-control header from headless media controller responses. Please see the Deployment Manual for further info.

(CMS-18404)

Changed Content Feeder Configuration Properties

Some configuration properties of the Content Feeder have been renamed as part of an initiative to use Spring Boot's type-safe ConfigurationProperties . The old property names still work as before but some have been deprecated. It's not required to change your configuration now. If possible, we recommend to migrate to the new property names.

The following properties have been renamed

  • feeder.indexDeleted -> feeder.content.index-deleted

  • feeder.indexGroups -> feeder.content.index-groups

  • feeder.indexNameInTextBody -> feeder.content.index-name-in-textbody

  • feeder.indexReferrers -> feeder.content.index-referrers

  • feeder.partialUpdate.aspects -> feeder.content.partial-update-aspects

  • feeder.management.user -> feeder.content.management.user

  • feeder.management.password -> feeder.content.management.password

  • feeder.backgroundFeed.delay -> feeder.content.background-feed-delay

  • feeder.retryConnectToIndexDelay.seconds -> feeder.content.retry-connect-to-index-delay (new property takes milliseconds if not specified otherwise)

  • feeder.updateGroups.immediately -> feeder.content.update-groups-immediately

See also section 'Content Feeder Renamed Properties' in the reference chapter of the Search Manual for all deprecated and new property names.

(CMS-17957)

New Validator: PossiblyMissingMasterReferenceValidator for Multi-Site

In certain scenarios it may happen, that you have a master content and derived content which miss a corresponding link from derived to master to signal the relationship. This state, if caused by accident, may cause duplicated contents to be created where you don't expect them.

The new validator PossiblyMissingMasterReferenceValidator detects such a state and will by default raise a warning in these states.

Depending on the perspective (if this content is regarded as master content or as derived content) you will get slightly different messages:

  • For master you may get: A content in derived site German (Germany) exists, which may miss a link to this content as its master: Orphaned Name.

  • For derived content you may get: A content in master site English (United States) exists, which should possibly be linked to as master: Orphaned Name. Consider setting an appropriate master version carefully. Most likely the current master version.

If for any reason, this analysis reports a false-positive, it will vanish as soon as you finished a translation of a given master content.

Upgrade Notice

No upgrade steps are required unless you consider these warnings irrelevant in your setup. In this case you may remove the bean possiblyMissingMasterReferenceValidator which comes with com.coremedia.cms.middle.blueprint.validators.ValidatorsConfiguration .

As an alternative you may customize the severity by setting possiblyMissingMasterReferenceFromMasterValidator.severity to INFO (it defaults to WARN ).

Extension Points

By default, the match strategy to search for similar contents is done by relative path. If you have different identity tokens (such as product IDs as property values) you may consider replacing the bean. A dedicated section exists in JavaDoc of com.coremedia.rest.cap.validators.PossiblyMissingMasterReferenceValidator explaining what possible extension points you may use.

validate-multisite

This validator covers issues detected by cm tool validate-multisite :

  • MS-VALIDATION-6001 – Content not Used in Derived Site but some Content Exists

  • MS-VALIDATION-6003 – Content without Master but some Content Exists

(CMS-16043)

Search Results

Table Of Contents