Difference between revisions of "EPrints 3.4.6"

This page contains information about the provisional EPrints v3.4.6 tag and release on GitHub.

Release Notes

EPrints 3.4.6 is now available on GitHub.

• Zero codename: Creme Brulee Cryoseism
• Publications flavour codename: Affogato Snowmelt

New Dependencies

Check earlier dependencies for EPrints 3.4.5 and before.

Changes Since 3.4.5

New Functionality

• Adds unlink_lib option to tools/epm.
• Adds --to-link flag to unpack option of tools/epm to allow an EPM file to be unpack so it can subsequently be deployed by link_lib option.
• Provide support for converting HEIC and WEBP thumbnails
• Adds support for setting default reply-to when separate $c->{adminemail} and $c->{sendermail}
• Allows certain URL paths to be blocked for certain IPs
• Initial Signposting integration

Security and Privacy Improvements

• Implement stronger password hashing
• Creates and enables export_privacy setting to prevent export formats that include email addresses to be publicly accessible by default.
• Ensure ga.js is always served on HTTPS
• Makes sure cache parameter value provided by search form is a number to prevent URL injection.

General Improvements

• Implement Recaptcha field to work with Google ReCAPTCHA v3
• [https://github.com/eprints/eprints3.4/issues/339 Sets ignore_login_ip = 1 by default if HTTPS is enabled.
• Improvements Accessibility based on issues raised by axe DevTools
• Improves message when file retrieval fails
• Adds .gitignore for ingredients other than those included, so those deploying EPrints using Git do not see new ingredients as uncommitted.
• Updates and tidies SystemSettings.pm and SystemSettings.pm.in
• Adds function to get local path on disk for file object
• Overwrites media video stream if incoming stream is higher res
• Uses export version of citation if exists (rather than default) for HTML export of data objects
• Adds title attribute for preview images to display on hover
• Adds function to test if citation style file exists
• Allows truncated URL linls to set a target attribute
• Provide large icons to be printed by EPC icon function
• Added EPC text function to print out phrases into HTML attributes values
• Allows certain HTML formatting tags in imports, (e.g. from PubMed)
• Adds title for action button image
• Allows fields of various types to be more customisable in search forms
• Reports useful error message if user tries to remove subject that has children
• Allows way to pass timeout to indexer daemon
• Aligns headings when Itemref occurs within Compound Metafield
• Log failure if email attempts send with to_email or to_list set
• Allows EPrints::Repository::render_option_list to render select box as disabled
• Ensures more consistent use of space for results listings where div rather than table rows are now used for better Accessibility
• Better margin for search results toolbar (e.g. Batch Edit)
• Organise fields under stage in EPrint::View screen by workflow rather than data object
• Rewrite CitationCache code to use EPrints API rather than SQL query
• Allow "make open access" on request copy responses a disable-able field
• Allow signed in user to be logged in Apache access logs
• Adds lastmod attributes to entries in sitemap
• Add threads option to ffmpeg invocations
• Stop unnecessarily generating list of user's eprints twice for Manage Deposits page load
• Uses Text::Unidecode primarily to tokenize input for indexing (rather than manually defining mappings)
• Rework cpan_modules.pl to install all required Perl modules
• Allows EPC to render icon without a link
• Adds commented out config option show_ids_in_log
• Removes long since deprecated pagehooks functionality
• Removes irrelevant dbsid config setting
• Improvements to simplify login monitoring configuration
• Remove reference to defunct quiet config setting

Bug Fixes

• Fixes Downloading document from preview image does not work for some filenames
• Fixes Do not add requester_userid by default as access table can take a long time to add new fields. However, ensure if field exists it is set to current user ID, if set.
• Fixes serialization of EPM for build option of tools/epm.
• Fixes issues with disable and unpack options for tools/epm.
• Duplicated "_label" span id
• Fixes Tab children deemed decorative
• Fixes bug preventing user password updates from command line.
• Fixes intermittent issue with xmlns:xsi attribute being defined twice on some /cgi/oai2/... pages.
• Check that uri of relation is set before comparing its value for EPrints::DataObj::remove_dataobj_relations
• Check that uri of relation is set before comparing its value for EPrints::MetaField::Relation::to_sax_basic
• Check URL is set before testing its length in EPrints::Extras::render_url_truncate_end
• Fixes EPrints::XML::SAX::Writer::escape to make sure $str is set before applying regular expression
• Export bar form should use rel_cgipath not http_cgiroot
• Actually use size when calling EPrints::DataObj::Document::render_icon_link
• Ensure lookup of keyname is set before using it in EPrints::Database::get_dataobjs
• Testing an import should set the filename parameter like it would in a real import
• Checks $c->{oai}->{comments} is set before iterating over it.
• Prevents bin script from complaining about email-less users.
• Fixed EPC contains function to return a boolean value rather than a TRUE/FALSE string.
• Allows documents to redo_thumbnails even if they have no parent eprint
• Fixes wrong optione name for loading external DTDs in XML
• [https://github.com/eprints/eprints3.4/issues/366 Fixes overloading of etaField render_quiet attribute by introducing render_column_quiet attribute
• Fixes unsecure request when uploading file
• Fix encoding issues for bespoke Export plugins
• Using page_id pin in page templates breaks editing static pages in web interface
• Checks value is set before performing a regular expression replace in EPrints::MetaField::Search::form_value_basi
• Return more appropriate 500 rather than 404 HTTP code if document present but database query fails
• [https://github.com/eprints/eprints3.4/issues/377 Fixes drag 'n' drop issues leading to zero byte files
• Fixes "More input rows" button affecting layout of Compound field tables in workflow
• Ensures clicking tabs on abstract pages does not reload page
• Ensures fields sent in autocompleter requests are encoded
• Allows phrase editor to add phrases for alternative languages
• Fixes bug with edit subjects if ID field value is too long
• Fixes warnings produced when readonly or show_help MetaField attributes are not defined when expected
• Fixes further issue with toform attribute for itemref MetaField
• Fixes warnings when using <codeEPrints::UTils::compare_version function
• Fixes ancestor numbers (of items) in subject-based browse views
• Fixes slow page loads when user has lots of items under Manage Deposits
• Reverts changes to implement subject MetaField's top attribute as a function (Best done through conditional in the workflow)
• Fixes XSLT import/export plugins so they no longer prevent EPrints being run using Apache MPM Event (i.e. threaded)
• Ensure search pages respect template specified in their configuration
• Makes sure XML converted to string does not contain any control/non characters that might break if they attempt to be rendered within XML.
• Fixes wrong config variable loads for citation_default for Dublin Core and simple export.
• Extends sanitization invalid characters for values of ID metadata fields and their subclasses.
• Fixes various typos
• Fixes broken eprint_status filters when get_users_owned_eprints configuration function is defined
• Fixes incorrect white space in citations rendered in emails

Known Issues

Running generate_apacheconf with an archive without a cfg/static/javascript/auto/ directory

If you are upgrading an EPrints repository and your archive(s) do not have a cfg/static/javascript/auto/ directory then bin/generate_apacheconf will fail. This is because 3.4.6 introduces code that makes sure that the maximum upload limit is configured to be the same in the Apache configuration and in EPrints' JavaScript, which prevents you from trying to upload files larger than a certain size. This is useful because if you just updated the JavaScript, EPrints would allow the upload to start but would then fail when the Apache limit was reached. So not only would you not be able to upload the file but you would waste a load of time and possibly not understand why the upload failed.

To fix this issue for this version of EPrints, just make sure your archive (or archives) all have a cfg/static/javascript/auto/ before running bin/generate_apacheconf. Future versions of EPrints will automatically create this directory if it does not already exist.

Subject search does not work in workflows

If you have a subject field which renders as a subject tree in a workflow, the search form will not work. This is due to the fix for ensuring Xapian respect a MetaField's text_index value. This has the consequence of not indexing the ancestors field for subjects. This is used by the search to filter out subjects that are not part of the subject sub-tree for a particular MetaField. This patch fixes the issue. However, you will also need to re-index all subjects:

EPRINTS_PATH/bin/epadmin reindex ARCHIVE_ID subject

Approved document requests still force user to login

This issue was caused by setting the samesite attribute for the eprints_doc_request cookie to Strict, this cookie is intended to allow the user to access the restricted document for the remainder of their session. Changing this attributes means some browsers (e.g. Firefox) still send the user to a login page even when clicking the approved request link in the email they received. This is because the change made to the cookie prevents its from being stored because /cgi/process_request never fully serves a page. This patch fixes the the issue.

Further Planned Features and Improvements

See 3.4.7 milestone on GitHub for more details.