j5 Framework 28.0 update 17 - j5 - - Release Bulletin - Hexagon PPM

j5 Release Bulletin

PPMProduct
j5
PPMCategory_custom
Release Bulletin

Support for iOS 10 is now deprecated, and we expect to remove iOS 10 from the list of supported mobile operating systems after 2021-07. (PT-8138)

Please let us know if this will cause you a problem, and we can discuss the options with you.

New Features

  • 2021-02-17 - A new tool has been implemented to support the selection of Isolation Points into an IndustraForm for the Control of Work application. This reports collision information when selecting points. (PT-5709, PT-6169, PT-6053, PT-6054, PT-6216, PT-6170, PT-6360)

  • 2021-03-28 - Added a new IndustraForm element type "Choice Hierarchy" for splitting a hierarchy datastore over multiple choice dropdowns. (PT-6293)

  • 2021-04-21 - Added support for the "Unable to Implement" and "Extended Term Isolation" workflows in Control Of Work. (PT-6653, PT-6654)

  • 2021-04-21 - Added a new option to IndustraForm repeating sections to only allow editing of the last repeat. (PT-7413)

  • 2021-04-29 - Added support for updating IndustraForm values from Python code and from IndustraForm Action Button methods. (PT-3795, PT-6699)

Improvements

  • 2021-04-01 - Added new standalone machine code generation executable that supports future single installer licenses. (PT-6323)

  • 2021-04-07 - Added an option on Schedule Configuration logbook, when using a Simple Schedule by Hours, to use Calendar Hours rather than UTC hours. This needs to be selected to work correctly in a timezone with daylight saving. (PT-6547)

  • 2021-04-12 - Added support for downloading Work Instructions and Shift Handover templates from the j5 IndustraForm Designer. (PT-6330)

  • 2021-04-14 - Added the ability to use a Formula to select a Predefined Message List in an IndustraForm design. (PT-7166)

  • 2021-04-20 - Stopped automatically selecting one of the areas a user has permission to when adding a new log, if the user has permission to select multiple areas. (PT-5107)

  • 2021-04-22 - Added support for the new Control of Work Isolation workflow processes. This provides a 'Choose workflow action' button on mobile when required. (PT-6570, PT-6630)

  • 2021-04-22 - Improved performance of area filters for logbook queries. (PT-5695)

  • 2021-04-26 - A data refresh will now be triggered when a section with external data changes from disabled to editable. (PT-6834)

  • 2021-04-30 - Update properties of installers to show Hexagon ownership and sign with Hexagon certificate. (PT-4617)

Security Updates

The following security updates were included in j5 Framework 28.0 Update 15, but inadvertently were not noted in the release bulletins.

  • 2021-03-10 - Removed calls to unsafe load functions on YAML configuration files, to prevent CVE-2017-18342 and CVE-2019-20477. (PT-6454)

  • 2021-03-10 - Removed unused watchdog library. (PT-6454)

  • 2021-03-10 - Upgraded Pillow from 2.9.0 to 6.2.2 in order to resolve CVE-2016-4009, CVE-2020-5311, CVE-2020-5312. (PT-6431)

  • 2021-03-10 - Upgraded pyca/cryptography package from 2.8 to 3.3.2 to resolve CVE-2020-36242. (PT-6434)

The following security updates were included in j5 Framework 28.0 Update 16, but inadvertently were not noted in the release bulletins.

  • 2021-03-16 - Patched _ctypes.pyd to resolve CVE-2021-3177. (PT-6432)

  • 2021-03-16 - Patched test/multibytecodec_support.py to resolve CVE-2020-27619. (PT-6433)

  • 2021-03-16 - Removed requests_ntlm library from j5 along with ipaddress, ntlm-auth and crytography which were dependencies of requests_ntlm. (PT-6535)

  • 2021-03-16 - Upgraded to Python 2.7.18 from Python 2.7.17. (PT-6430)

The following security updates are in j5 Framework 28.0 Update 17.

  • 2021-04-07 - Removed log4j library from the odajdbc driver. (PT-6452)

  • 2021-04-22 - Updated to a new build of Apache Web Server which includes OpenSSL 1.1.1k, to resolve CVE-2020-1971, CVE-2021-23840, CVE-2021-23841, CVE-2021-3449, and CVE-2021-3450. (PT-5402, PT-7490)

  • 2021-04-12 - Improved authorization checks on web actions on Logbook attachments. (PT-6777)

  • 2021-04-26 - Added missing authentication checks for some built-in datastore routes. (PT-6582)

Bug Fixes

  • 2021-03-26 - Restored audit logging for all changes in the Operational Areas configuration page. (PT-4704)

  • 2021-04-07 - Configured RichText fields to use domain absolute URLs rather than relative URLs when converting text to hyperlinks. (#27766, PT-6335)

  • 2021-04-07 - Added db_cache_columns configuration option to the DBselect schema. (PT-6487)

  • 2021-04-07 - Fixed the appearance of Broadcast Messages to prevent overlap with the navigation bar. (PT-6612)

  • 2021-04-09 - Added upgrade script to convert static images in IndustraForms when upgrading to j5 Framework 28.0. (PT-5729)

  • 2021-04-12 - Corrected Spreadsheet Task Import to handle both numbers and non-ascii text in Choice options. (PT-6856)

  • 2021-04-14 - Changed Predefined Message List permissions to allow Power Users to create predefined messages. (PT-7181)

  • 2021-04-20 - Stopped the Rich Text component from overriding the browser context menu on right-click and preventing spell check etc. (PT-7130)

  • 2021-04-21 - Removed gray background from the Notes and Flags section and repeating section column in IndustraForms. (PT-7509)

  • 2021-04-22 - Stopped showing "Data Refresh Required" error when a form is being added. (PT-5644)

  • 2021-04-22 - Fixed various errors with the re-application of user actions when synchronizing after other changes were received first by the server (PT-6570):

    • Actions to change the Active/Inactive state of sections were not being re-applied.

    • Actions changing data on sections that are now not revisable were being re-applied; they will no longer be applied.

    • Actions linked to entry of final gates were not triggering workflow status changes.

    • The handling of re-applying actions now includes specific logic for Isolation Management to discard any changes that were done on an earlier status of the Isolation IndustraForm.

    • The process for identifying side-effects when re-applying actions has been improved to avoid missing certain cases.

  • 2021-04-22 - Removed the attempt to validate HTTPS Connection details when verifying changes to j5 configuration, since this often returned misleading results. (PT-7072)

  • 2021-04-22 - Fixed internal temporary report files being stored in a long directory name that caused Windows file system access issues. (PT-4954)

  • 2021-04-23 - Fixed a rare occurrence where the audit records for deleting a record were not added. (PT-7331)

  • 2021-04-29 - Fixed a number of issues with entering text:

    • Fixed text duplication when entering text using an IME keyboard into a multiline text field at the end of a line on an iOS device. (PT-6437)

    • Fixed a critical issue when using an IME keyboard where the editor would not register the end of a composition as a change on an iOS device. (PT-7582)

    • Fixed an issue in the RichText where changes were lost and the cursor moved to the start of the field. (PT-7582)

    • These were also released as part of the 28.0 Update 16.1 Fast Track release.

  • 2021-04-30 - Fixed critical issue that prevented PDF exports of IndustraForms containing tag data (including reports) from generating. (PT-7733)

    This was a regression in Update 16, and was released as part of the 28.0 Update 16.1 Fast Track release.

  • 2021-04-30 - Restored ability to customize login page, while maintaining refreshed branding for default login screens. (PT-7714)

    This was also released as part of the 28.0 Update 16.1 Fast Track release.

  • 2021-05-01 - Fixed an issue on Oracle with Handovers showing inaccurate status and duplicate logs for logs where the last two changes happened in the same second. (PT-7446)

    The root cause of this is we used the Oracle DATE column, which only has precision to the second. The fix includes a workaround for legacy data, to make the Shift Reports accurate, and a switch to TIMESTAMP columns going forward, which has precision down to at least the microsecond. If clients using Oracle desire greater than second precision in columns which have already been created, there is a new script which can be run to convert all DATE columns to TIMESTAMP columns.

  • 2021-05-05 - Fixed issue that would cause forms to fail to load ungracefully if they required unauthorized data. (PT-8166, PT-8393)

Translations

  • 2021-05-03 - Added missing Spanish translations. (PT-7579)

This release contains new translation strings, in the following translation domains:

  • j5.Setup (3 new strings)

  • j5.SpreadsheetForms (7 new strings)

  • webui (39 new strings)