Digest 8.6

Owned by Team Kolibri (Unlicensed)
Last updated: Jul 07, 2022 by Technische Redaktion
2 min read

During the development of yuuvis® RAD version 8.6, the following changes were made that are described in this documentation.


Updates

Software Security

  • The following remaining services use Spring Boot 2.5.13 to solve the CVE-2022-22950 issue: DMS-Sidecar, Rendition-Sidecar. As a result, DMS-Sidecar and Rendition-Sidecar do not use zuul any longer. If zuul is referenced in custom services when accessing DMS-Sidecar or Rendition-Sidecar, please delete the 'zuul' part from the URL. (internal: TUK-1137)
Example
// before
<dmssidecarhost>:<dmssidecarport>/zuul/inbox

// after
<dmssidecarhost>:<dmssidecarport>/inbox

Password Security

  • From now on, you have to observe simple rules when creating or changing user passwords. (internal: TUK-994)
    Existing passwords are not affected. The default rules are given below.
    When creating users or updating their passwords in yuuvis® RAD management-studio an error message is presented when the user data is saved and the password does not match the rules.
    When users change their password in the settings of yuuvis® RAD client, validation information is given for each rule that is not matched.
    The password rules can be set in yuuvis® RAD management-studio under System > Settings > Cluster > Session services > Password validation settings.
    Standard validation settings are:
    • Minimum length of user passwords. Default is 7 characters.
    • Minimum count of numbers. Default is 0.
    • Minimum count of special characters. Default is 0.

Deprecated Functions and Removed Features

Deprecated Methods Have Been Removed from $.http in Workflow Scripts

As announced in the digest of 7.16 LTS, deprecated methods have been removed from $.http.

We have originally planed and announced removal for version 8.0, but have decided to postpone it a bit, so that projects have more time to change and test the existing scripts.

Up to version 7.16 LTS, the scripts were using the singleton class HttpClient to execute HTTP calls. This semantic is error-prone because configurations of sequential HTTP requests could easily get mixed up unintendedly.
To improve this, a new HttpRequest class has been introduced with 7.16 LTS and the old one has been deprecated for removal. 

With version 8.6, the following methods in the HttpClient class (accessible via the $.http object) were removed:

  • service()
  • path()
  • raw()
  • header()
  • param()
  • query()
  • body()
  • clear()
  • execute()

Beginning with version 7.16 LTS, the HttpRequest class is introduced in workflow scripting.

  • Instances of HttpRequest can be created using these functions of the $.http object: get(), post, put, delete, patch.
  • Instances of HttpRequest offer the following methods that are deprecated on HttpClient, such as service(), path(), body(), etc.


HttpClient examples
//prior to 7.16 LTS

this.$.http.get();
this.$.http.path("/service/organization/role/{id}").param("id", roleId); //This configures the http singleton. These methods on $.http are deprecated for removal in 8.0
var response = this.$.http.query("orgobjects", true).execute(); // This executes the singleton HttpClass.

//as of 7.16 LTS

var getRequest =this.$.http.get(); //This creates a new request instance.
var response = getRequest.path("/service/organization/role/{id}").param("id", roleId).query("orgobjects", true).execute(); //Configuration is executed on the getRequest object, no longer on the $.http singleton
//The methods for request instance configuration can be safely used in 7.16 LTS and onwards.

Breaking Changes

Deprecated methods have been removed from $.http in Workflow Scripts (see above for details).