v4.2.3 release
Release date: October 2, 2019
Significant new features
- A new API allows projects to add custom authenticators, including Google. To use a custom authenticator, implement
ToolAuthenticator
then configure the authentication settings. Filed under: API, authentication - Two revisions selected from the Revisions widget can now be displayed side-by-side on the page. The list in the Revisions widget also now has the option to display only named revisions (i.e., revisions that were intentionally saved and not just saved as work in progress). When a user’s account is archived, that user’s name will still appear in the Revisions widget. Filed under: revisions
Significant improvements
- To simplify cropping images and adding a focal point, the Focus tab on the image editor has been renamed Sizes and three default crop sizes (portrait, landscape, and square) have been added. Click the new Set Focus Point button to set the focus point. When the option to freeform crop an image is selected, the Set Focus Point button is disabled. Filed under: image, focus point
- On the Assignment Desk dashboard, urgent and past due items are now flagged and elevated to the top of the list in list view and the top of the column in board view. Filed under: Assignment Desk
- Similar to content locking, a collaborative editing lock has been added to the enhancements in the rich-text editor (RTE). If one user is editing an enhancement, such as an image, in the RTE, other users will see a message that there is a pending edit when viewing the RTE. Filed under: locking, rich-text editor
The following improvements have been added to content locking:
- Inactivity timeout. If a user navigates to another tab or minimizes the browser, after a configured amount of time other users viewing the content will be notified and can take over the lock. This setting can be disabled.
- Hard lock timeout. If a user holds a lock for longer than the configured number of hours, that user is kicked off the page.
- Disable unlocking. A new setting and permission allows privileged users to disable unlocking which prevents any other user from taking the lock. Filed under: locking
- When you drag and drop a single image into the rich-text editor, the default for transformer will now be Image Enhancement instead of Gallery Enhancement. If you drag and drop multiple images, the default will be Gallery Enhancement. Filed under: rich-text editor, drag-and-drop
- Administrators are now able to reset two-factor authentication for a user by selecting the Reset Two-Factor Authentication for This Tool User option under the Tools Menu in the Edit Tool User widget under Admin > Users & Roles. Filed under: authentication
- The rich-text editor now uses ProseMirror by default. You can switch back to CodeMirror by enabling it on the Advanced tab of your user profile, which is accessed under your username on the dashboard. Filed under: rich-text editor
- The Express Vanity URL Redirect feature has been replaced with an improved version. Filed under: redirect
- Administrators and developers can now add custom link elements in a
<head>
. Select Link Element after clicking Add under Admin > Sites & Settings > Global (or specific site) > Front-End > Advanced > Add Custom Head Elements. Filed under: header - GraphQL was updated so that view interface fields in the
query
type now support arguments from implementing view models. Filed under: GraphQL
Significant defects addressed
- Changes were made to Dari ScriptElement children. They are now treated as raw so that HTML escaping does not apply. This change addresses invalid script body content errors. Filed under: Dari
- The AWS Transcribe plugin was displaying an
IndexOutOfBoundsException
error message; the defect causing the message has been resolved. Filed under: Amazon Transcribe - In some instances after making changes to your source code, the Dari Reloader was returning an error message stating that the webapp was not reloaded because background tasks were running even if there were no such tasks. The Dari Reloader now works as expected. Filed under: Dari
- Some icons on the toolbar in the rich-text editor overlapped and were inaccessible; the icons now appear as expected. Filed under: rich-text editor
- In GraphQL, search filters failed in the delivery API; they now work as expected. Filed under: GraphQL, API
- The logic in
WildcardRedirect
to address transfer matched path segments failed when the redirect was on a site with a path in its URL; it now redirects as expected. Filed under: redirect - A status utility called
Search#updateUsingParameters
forAbstractSearchPageServlet
was created to ensure that search parameters are being recognized as expected. Filed under: search
Breaking changes
- The name for the GraphQL query parameter API key was changed from
api_key
toapiKey
. - The value for GraphQL
site
parameter in the content management API is now the site URL instead of the site ID. - The Express Vanity URL Redirect feature has been replaced with an improved version in Brightspot, and a programmatic relocate or migration script is not available. Projects that still have legacy instances published will need to manually republish their redirects after upgrading.
Security updates:
- The
xmpcore
dependency vulnerability was addressed by updating the drewnoakesmetadata-extractor
to the latest version. A side effect of this is that the XmpSubject
field is no longer being extracted and populated on theImageMetadataMap
. - The Apache JSTL
taglibs
standard dependency vulnerability was addressed by removing the dependency; Brightspot no longer includes or supports the legacy custom tag library. - The upgrade to the latest
mysql-connector-java
dependency could cause issues for projects making direct JDBC connections to the databases (legacy migration data ingestion, etc.).
- The
- The AWS SDK version was updated to 1.11.623 from 1.11.381.
- This release moves and renames the Express/Autotag plugin to a Brightspot plugin titled Suggestions. As such, any implementations of
AutoTaggable
should be renamed toSuggestable
.
Previous Topic
v4.2.4 release
Next Topic
v4.2.3.2 release