2.2.1. Release 7.5.45

This chapter contains all changes made in Release 7.5.45 of CoreMedia Digital Experience Platform 8.

[Note]Note

Highlights in this Release

  • The CAE Feeder prioritizes small changes now, so that in many situations newly created content will be indexed earlier, even if the change of an expensive dependency has triggered reindexing of lots of documents before (aka "invalidation storm" / "feeder storm").

  • Removed NPM version dependency. An explicit NPM version is not needed anymore, instead the build is now using the NPM version bundled with NodeJS (3.10.8).

  • All Maven plugins have been updated to the newest working version to reflect the transition from Maven 2 dependencies to pure Maven 3 dependencies.

  • The IncludeTag (lc:include) now has an optional parameter "httpStatusVar" for storing the HTTP status code of a fragment request.

  • Support for IBM WebSphere Commerce cumulative APAR JR56287 is added.

Follow the CoreMedia DXP 8 Help Center section to receive release and product announcements automatically.

Modules and Tooling

Release 7.5.45 contains the following CoreMedia modules:

  • CoreMedia Blueprint

  • CoreMedia CMS

  • CoreMedia Studio

  • CoreMedia Elastic Social

In addition, CoreMedia DXP 8 uses the following tooling:

ProductKeyVersion
CoreMedia Application Maven Plug-inAPPPLUGIN2.7.9
CoreMedia Project Maven ExtensionPROJEXT1.0.5

Table 2.1. Tooling of CoreMedia DXP 8


CoreMedia CMS Changes and Improvements

  • The postgresql setup in the flexible deployment with Chef was not configured for performance, this change sets better defaults for some caching and memory settings.

    In addition to this DB performance tuning, the publishall action of the content resource supports the concurrency flag of the publishall tool. To support an increased memory footprint in case of concurrent publication, the JVM memory settings for the tools bulkpublish and publishall can now be configured in the flexible deployment.

    (CMS-8076)

CoreMedia Studio Changes and Improvements

  • The limit for contributions in the "All contributions" section is increased to 5000. Items are loaded lazy and accessed with infinite scrolling.

    (CMS-2432)

CoreMedia Blueprint Changes and Improvements

  • Updated jQuery to latest 1.x Version (1.12.4) for Preview Driven Editing in Studio.

    (CMS-7703)
  • Update node.js to new LTS version 6.9.1. With frontend-maven-plugin version 1.3 an explicit npm version is not needed anymore, instead it uses the node.js bundled npm version (3.10.8). Update node module dependencies in themes too.

    (CMS-7348)
  • All components have been tested with spring 4.3.4.RELEASE

    (CMS-5939)
  • All Maven Plugins have been updated to the newest working version to reflect the Transition from Maven 2 dependencies to pure Maven 3 dependencies.

    (CMS-5889)

CoreMedia Elastic Social Changes and Improvements

  • Update of mongo-java-driver from 2.13.0 to 3.4.1

    (CMS-7914)

Miscellaneous Changes and Improvements

  • The IncludeTag (lc:include) now has an optional parameter "httpStatusVar" for storing the http statuc code of a fragment request.

    (CMS-8110)
  • The CAE Feeder prioritizes small changes now, so that in many situations newly created content will be indexed earlier, even if the change of an expensive dependency has triggered reindexing of lots of documents before (aka "invalidation storm" / "feeder storm").

    The new column priority was added to the database tables ppckeys and pdcinvalidations. The CAE Feeder adds the column automatically when starting on an existing database.

    (CMS-7426)
  • A new interface AssetResolvingStrategy has been introduced to provide a customization point for the AssetService. To use a custom AssetResolvingStrategy use a customize replace for the property assetResolvingStrategy of the assetServive bean or declare the custom AssetResolvingStrategy as primary bean.

    (CMS-5644)

Fixed Issues

  • CMS-8580: IBM WCS Prerequisites

    The prerequisites for IBM WCS have changed. The mandatory cumulative APAR JR56287 is now required along with JR56662 and JR57043.

  • CMS-8558: Deadlock in CAE Feeder after start

    Fixed a bug that can cause a deadlock in the CAE Feeder shortly after startup. Such a deadlock could happen if the CAE Feeder was down for some time, must catch up latest repository changes and additional repository listeners are registered during CAE Feeder startup . The Blueprint CAE Feeder registers such an additional repository listener since 7.5.33 but other versions are affected as well, if repository listeners are added in custom code during CAE Feeder startup.

  • CMS-8396: CVE-2016-3092 commons-fileupload 1.3 denial of service vulnerability

    commons-fileupload has been updated to 1.3.2

  • CMS-8313: Date filter for "All Contributions" (Elastic Social)

    A date filter is added to the "All Contributions" section of Elastic Social Moderation. Now it is possible to filter the contributions on a daily base. The total number of search result items is displayed in the footer. If the number of search result items exceeds the maximum length of the list (5000), a hint is displayed.

  • CMS-7862: Search Customizations are overwritten by Cumulative Fix JR57043

    with cumulative APAR JR57032 IBM has updated several config files in the search module. Please make sure to carefully update the newest files with the required code for CoreMedia LiveContext. Our delivered example files have been adapted to match the new files from IBM.

  • CMS-7632: Removed WordBreakSolrSpellChecker from solrconfig.xml

    The spellcheck configuration for Solr queries in the CAE was changed so that the WordBreakSolrSpellChecker is not used anymore. Queries with long words became extremely slow with this spellchecker, so we decided to remove it from the configuration file modules/search/solr-config/src/main/app/solr-home/configsets/cae/conf/solrconfig.xml.

  • CMS-7411: CVE-2016-6809 – Arbitrary Code Execution Vulnerability in Apache Tika’s MATLAB Parser

    The thirdparty library Apache Tika, that we use to extract text from various binary formats, has a transitive dependency to the jmatio parser for MATLAB files. This parser deserializes Java objects embedded in MATLAB files. A malicious user could inject arbitrary code into a MATLAB file that would be executed in the Content Feeder and CAE Feeder.

    We now exclude the jmatio parser from Apache Tika's transitive dependencies to fix this security issue. This disables parsing of MATLAB files.

  • CMS-7407: Linking an embedded picture in richtext causes rendering error

    Fixed the creation of external links on images in the richtext properties in Studio.

  • CMS-7313: Solr index schema change to fix Feeder deadlock

    The definition of field feederinfo in modules/search/solr-config/src/main/app/solr-home/configsets/content/conf/schema.xml and modules/search/solr-config/src/main/app/solr-home/configsets/cae/conf/schema.xml was changed to attribute indexed="false".

    In some cases, the Feeders store error messages in this field and indexing would repeatedly fail for very long messages. As there's no need to search in the internal feederinfo field, we simply skip indexing for that field. You do not need to reindex after this schema change.

  • CMS-6694: Current developer flow does not work when being offline

    Since node-sass v3.12 all frontend dependencies are cachable. To build the workspace offline, make sure it was build online once.

  • CMS-6526: XLIFF Import - Handling of ignorable whitespaces in Trans-Units

    XLIFF Import - Handling of ignorable whitespaces in Trans-Units

    A new property translate.xliff.import.ignorableWhitespaceRegex has been introduced to configure a regular expression that determines which characters are counted as ignorable whitespace. This configuration is only used when translate.xliff.import.emptyTransUnitMode is set to IGNORE_WHITESPACE The default expression has been changed from \s* to {{\\s\p\{Z\}\*}}, so that especially the NBSP character (U+00A0 <No-break space>) is ignored by now.

  • CMS-6426: Commerce connection initialization

    A commerce connection used to be initialized with CommerceConnectionInitializer.init(Site), which in turn stored the connection in a thread local.

    This was changed so that a commerce connection is to be initialized with CommerceConnectionInitializer.getCommerceConnectionForSite(Site), which does not store the connection in a thread local. However, if that is desired, it has to be done explicitly with Commerce.setCommerceConnection(CommerceConnection) and—very important—{{Commerce.clearCurrent()}} must be called afterwards (preferrably in a finally block).

  • CMS-6320: Link Handling of Encoded UriComponents Enhanced

    As described in JavaDoc of @Link tag the recommended return value for link handlers is the class UriComponents. Some link post processors (see tag @LinkPostProcessor) were not aware of possibly already encoded UriComponents and provoked a doubled URL encoding.

    To provide better support for link post processors dealing with encoded UriComponents the utility class UriComponentsHelper has been extended by the following methods:

    • prependPath2(String, UriComponents):UriComponents

    This is the recommended replacement for prependPath(String, UriComponents):UriComponentsBuilder as it handles already encoded UriComponents correctly. The path is assumed not to be encoded.

    • prependPath(UriComponents, UriComponents):UriComponents

    The first argument will be used to extract the path and prepend it to the second argument. This way you can flag the path as already encoded or not yet encoded.

    • override(UriComponents, UriComponents):UriComponents

    Creates UriComponents where the first is overridden with non-empty values from the second.

    • appendOverride(UriComponents, UriComponents):UriComponents

    Creates UriComponents where the first is overridden or (if applicable) appended with non-empty values from the second.

    • appendOverride(UriComponents, UriComponents, boolean):UriComponents

    Same as the two above despite that you can control append or override behavior by boolean flag.

    The following methods are now aware of the encoded state of UriComponents:

    • prefixUri(String, String, UriComponents):UriComponents

    • withTrailingSlash(UriComponents):UriComponents

    The following methods got a warning notice that you need to deal carefully with the encoding state of the supplied UriComponents when using them:

    • fromUriComponents(UriComponents):UriComponentsBuilder

    • prependPath(String, UriComponents):UriComponentsBuilder

    • prependPathSegments(List&lt;String&gt;, UriComponents):UriComponentsBuilder

    The following method got marked as deprecated:

    • addQueryParameters(MultiValueMap&lt;String, String&gt;, UriComponentsBuilder):UriComponentsBuilder

    Use UriComponentsBuilder#queryParams(MultiValueMap&lt;String, String&gt;) instead.

    Note (1): General advice is that post processors should not return anything else but UriComponents as otherwise the intermediate encoding state is lost – and of course they need to take care that incoming UriComponents might be encoded.

    Note (2): You should be aware that UriComponents.toUriString() behaves different to UriComponents.toUri().toString(). Only the latter one is aware of the encoding status and thus should be preferred when dealing with UriComponents.

  • CMS-6146: Studio becomes unresponsive when opening document with lots of referrers

    Due to technical limitations the number of entries shown in the referrers list is now limited to 500 entries by default. With the help of the config parameter maxListLength of the ReferrerListPanel you can re-define this limit but be aware that the Studio might freeze with bigger values. The limit applies to both, documents in production and deleted documents. Thus depending on the checkbox if to show deleted contents or not the actual list length might differ from the configured length.

    If the restriction applies the user will get a text message below the referrer list indicating that the list has be cut off.

  • CMS-5999: Internal link is broken when linked text contains tags

    Creating internal links in Studio now also works correctly if parts of the underlying text are marked bold.

  • CMS-3949: Copy & Paste in SiteManager

    Recent MS Word versions produce a clipboard format similar to https://msdn.microsoft.com/en-us/library/Aa767917.aspx . If you observe unwanted pasted data like

    Version:1.0 StartHTML:0000000105 EndHTML:0000020973 StartFragment:0000020855 EndFragment:0000020933

    in the SiteManager's richtext panes, you should set the flag

    editor.richtext.clipboard.consider-msword-format=true

    in the editor.properties file. Default is false (backward compatible), because the recognition of such clipboard data is only heuristic and thus not reliable.