Digest 8.6
During the development of yuuvis® RAD version 8.6, the following changes were made that are described in this documentation.
Updates
Software Security
- The following remaining services use Spring Boot 2.5.13 to solve the CVE-2022-22950 issue: DMS-Sidecar, Rendition-Sidecar. As a result, DMS-Sidecar and Rendition-Sidecar do not use zuul any longer. If zuul is referenced in custom services when accessing DMS-Sidecar or Rendition-Sidecar, please delete the 'zuul' part from the URL. (internal: TUK-1137)
// before <dmssidecarhost>:<dmssidecarport>/zuul/inbox // after <dmssidecarhost>:<dmssidecarport>/inbox
Password Security
- From now on, you have to observe simple rules when creating or changing user passwords. (internal: TUK-994)
Existing passwords are not affected. The default rules are given below.
When creating users or updating their passwords in yuuvis® RAD management-studio an error message is presented when the user data is saved and the password does not match the rules.
When users change their password in the settings of yuuvis® RAD client, validation information is given for each rule that is not matched.
The password rules can be set in yuuvis® RAD management-studio under System > Settings > Cluster > Session services > Password validation settings.
Standard validation settings are:- Minimum length of user passwords. Default is 7 characters.
- Minimum count of numbers. Default is 0.
- Minimum count of special characters. Default is 0.
Deprecated Functions and Removed Features
Deprecated Methods Have Been Removed from $.http
in Workflow Scripts
As announced in the digest of 7.16 LTS, deprecated methods have been removed from $.http
.
We have originally planed and announced removal for version 8.0, but have decided to postpone it a bit, so that projects have more time to change and test the existing scripts.
Up to version 7.16 LTS, the scripts were using the singleton class HttpClient
to execute HTTP calls. This semantic is error-prone because configurations of sequential HTTP requests could easily get mixed up unintendedly.
To improve this, a new HttpRequest
class has been introduced with 7.16 LTS and the old one has been deprecated for removal.
With version 8.6, the following methods in the HttpClient
class (accessible via the $.http
object) were removed:
service()
path()
raw()
header()
param()
query()
body()
clear()
execute()
Beginning with version 7.16 LTS, the HttpRequest
class is introduced in workflow scripting.
- Instances of
HttpRequest
can be created using these functions of the$.http
object:get()
,post
,put
,delete
,patch
. - Instances of
HttpRequest
offer the following methods that are deprecated onHttpClient
, such asservice()
,path()
,body()
, etc.
//prior to 7.16 LTS this.$.http.get(); this.$.http.path("/service/organization/role/{id}").param("id", roleId); //This configures the http singleton. These methods on $.http are deprecated for removal in 8.0 var response = this.$.http.query("orgobjects", true).execute(); // This executes the singleton HttpClass. //as of 7.16 LTS var getRequest =this.$.http.get(); //This creates a new request instance. var response = getRequest.path("/service/organization/role/{id}").param("id", roleId).query("orgobjects", true).execute(); //Configuration is executed on the getRequest object, no longer on the $.http singleton //The methods for request instance configuration can be safely used in 7.16 LTS and onwards.
Breaking Changes
Deprecated methods have been removed from $.http in Workflow Scripts (see above for details).