Difference between revisions of "EPrints 3.4.5"

Release Notes

EPrints 3.4.5 is now available on GitHub and files.eprints.org.

• Zero codename: Smoothie Squall
• Publications flavour codename: Kombucha Hypercane (1.5)

New Dependencies

html2text RPM / DEB required instead of elinks.

Check earlier dependencies for EPrints 3.4.4 and before.

Changes Since 3.4.4

New Functionality

• Adds console-based REPL tool
• Adds staged status for indexer tasks so they can be run outside the EPrints indexer. E.g. using a cron job.

Security and Privacy Improvements

• Adds PIN based security for documents.
• Makes Xapian index obey text_index attribute for fields.
• Allows restricted documents to not have their full texts indexed.
• Uses HTTPS for CrossRef lookup of DOIs.
• Removes (HTTP only) eprints_session if HTTPS is enabled.
• Improves target URL validation so only local URLs are allowed and not just paths.
• Explicitly disables password field autocomplete.
• Improves "request copy" security.
• Ensures SameSite=Strict for all cookies.
• Better force HTTPS when generating repository URLs.

General Improvements

• Updates and makes consistent list of software contributors.
• Adds get_search_conditions_not_ex for float fields.
• Updates DOCTYPE to be more standards compliant.
• Updates pub_lib homepage links for browse views.
• Allows MetaField::Subject to have user-defined render_value.
• Improves OAI-PMH representation of records that once were live.
• Allows userid to be logged in Access data objects when user is logged in.
• Adds ability to manipulate element attributes.
• Updates latest_tool to use filters.
• Adds id and classes for individual styling of "Manage records" page.
• Adds class attributes for "View details" table.
• Adds classnames to navigation items and links.
• Splits off senderemail from adminemail if this need to be different for DMARC reasons.
• Adds the optional attributes of resumptionToken in OAI-PMH.
• Table class for screens; Status, DatabaseSchema and MetaFieldListing.
• Adds --prune option to generate_views.
• Various improvements to check_xapian script including --facets automatically using xapian.facet directory rathe than needing to specify in --path.
• Adds verbose debug to send_alerts to advise when email is not sent as saved search notifications are only required when results are found.
• Set canonical URLs for abstract pages for better Google indexing.
• Ensures sitemaps always uses HTTPS URLs if securehost is defined.
• Breaks up show/hide help phrases to make them more compatible with Bootstrap.
• Makes task timeout for EPrints' indexer configurable. Along with making other indexer settings configurable.
• Replaces elinks with html2text as application to extract text from HTML/XML files for indexing.
• Allows staff search to find results where metadata_visibility is not set to show.
• Allows XSL files to be viewed using Config::View::XML plugin.
• Allows MetaField::Subject's top attribute to be set to a configurable function.
• Provides overarching setting for maximum file upload size.
• Significant phrase changes to facilitate better internationalisation.
• Allows screen plugins to use a bespoke page template.
• Removes implicit commit when reordering multiple fields.
• Adds separate CSS classes to top and bottom action buttons in workflow.
• Adds $c->{retain_embargo_dates} settings so dates can be retained when embargoes are lifted without causing any validation warnings or need to perpetually check old embargo dates.
• Prevent indexer.log filling up with errors from pdftotext.
• Additional CSS classes and IDs added for parts of input forms.
• Improvements to phrases used for icons in input forms and views.
• Render paragraphs from reasons in emails.
• Allow indexcodes to be regenerated as part of epadmin reindex when --force flag is used.
• Allow different phrases to be used for field names dependent on eprint's type.
• Allows date input fields to be rendered shorter.
• Improves rendering/hiding of missing subjects depending on render_quiet.
• Adds data-row... attributes to compound/multiple field renders.
• Various improvements to POD documentation.

Bug Fixes

• Fixes typo for _epname in RPM spec file.
• Adds properly referenced ARIA labels for sets and fields with bespoke search_input_style.
• Gets EPrints install script to create EPRINTS_PATH/tmp directory with appropriate permissions.
• Stops including ARIA describedby if help text is empty.
• Fixes "Data too long for column 'word'" indexing errors.
• Now returns "410 Gone" HTTP code when item has been retired.
• Adds missing <help> and <title> elements used in phrases for 2nd+ document fields in eprint workflows.
• Fixes text indexing saved_search.spec causing problems with Xapian.
• Fixes HTTPS URLs not be parseable by XML::LibXML->parse_file.
• Fixes missing URL encoding of # in filename download links.
• Checks render_dynamic attribute is set for MetaField before testing value
• Fixes LDAP-based login failures when accounts need to be created on-the-fly.
• Ensures $c->{userhome} and $c->{urlpath} are auto set correctly.
• Fixes missing parameter field when making phrase limit_names_shown_label.
• Adds poppler-utils DEB dependency for pdftotext to index PDFs.
• Allows PHDTHESIS from BibTeX to be imported without error by correcting mappings for thesis_type and thesis_name fields.
• Uses original rather than proxied IP address in access record if proxied address is in (configurable) private IP address range.
• Fixes BibTeX import parsing by ignoring entries with empty of malformed citekeys.
• Fixes issues with both server-side and client-side caching of JavaScript and CSS auto files.
• Fixes search offset being forgotten when results reordered.
• Fixes search ordering reverting to "by relevance" when different default ordering is set.
• Makes redirects from short URLs to long URLs a 301 rather than 302 or 303. Good for SEO.
• Ensures BibTeX export of note is not prevented is already used by ispublished field.
• Fixes incorrect location described in lib/syscfg.d/README.
• Tidies up replyto_name used in emails when referenced user has not set their name.
• Fixes disabling Config::Edit plugins breaking "View Configuration".
• Gracefully handles template pin not being defined or mapped.
• Fixes incorrect counts for items for ancestor (e.g. parent) subjects in subject field based browse views.
• Fixes bug with grouping function being ignored in certain browse views.
• Ensures appropriate escaping in search serialization and setting of $self->{op} for regexp search condition.
• Fixes ordering of summary box divs on abstract pages.
• CRUD interface GET requests now return NOT_FOUND rather than FORBIDDEN for non-existent eprints.
• Removes redundant code from XHTML field rendering function.
• Ensures consistent ordering of RejectWithEmail / RemoveWithEmail buttons on review queue.
• Fixes check for whether JavaScript within uploaded files can run when viewed through EPrints. Fixes change for original issue.
• Adds more character mappings for indexer to fix issues with indexing tasks failing to complete due to duplicate index errors.
• unnecessary field defaults. Better restricts digits for int fields.
• Fixes ARIA typo in upload form.
• Fixes use of fieldsets in input/search from to make it easier and more consistent when modifying CSS.
• Deal with UTF8-MB4 characters that would break database queries.
• Makes user menu bar and footer more responsive to page width.
• Fixes word-wrapping overflow on homepage description list.
• Various improvements to the tidy_pids script.
• Various typos

Known Issues

Long time to add requester_userid field to access data object

Adding new columns to a database table that already contains a lot of records can take a long time. The access table for EPrints can often have tens of millions of records. At such a size adding a new column can take in the order of hours. EPrints 3.4.5 add the new field requester_userid. This is intended to capture the logged in user that is viewing or downloading an eprint/document. This is useful for Open Education repositories that have different access permissions. However, if you have a large access table you may want to apply this patch from the GitHub issue.

Subject search does not work in workflows

If you have a subject field which renders as a subject tree in a workflow, the search form will not work. This is due to the fix for ensuring Xapian respect a MetaField's text_index value. This has the consequence of not indexing the ancestors field for subjects. This is used by the search to filter out subjects that are not part of the subject sub-tree for a particular MetaField. This patch fixes the issue. However, you will also need to re-index all subjects:

EPRINTS_PATH/bin/epadmin reindex ARCHIVE_ID subject

Approved document requests still force user to login

This issue was caused by setting the samesite attribute for the eprints_doc_request cookie to Strict, this cookie is intended to allow the user to access the restricted document for the remainder of their session. Changing this attributes means some browsers (e.g. Firefox) still send the user to a login page even when clicking the approved request link in the email they received. This is because the change made to the cookie prevents its from being stored because /cgi/process_request never fully serves a page. This patch fixes the the issue.

Planned Development

See EPrints 3.4.6