Difference between revisions of "EPrints 3.4.4"

Release Notes

EPrints 3.4.4 is now available on files.eprints.org and GitHub.

• Zero codename: Lemon Trifle Bora
• Publications flavour codename: Amaretti Biscuit Haboob (1.4)

New Dependencies

For future facilitation of interchangeable JavaScript libraries, Prototype JavaScript currently used by EPrints has been moved to become an ingredient. Therefore, for those upgrading their repository the following line needs to be added to your flavour's inc file (e.g. /opt/eprints3/flavours/pub_lib/inc):

ingredients/prototypejs

Be sure to hard refresh (e.g. Ctrl+Shift+R) your web browser (after add this ingredient and reload your web server) to clear the JavaScript client-side cache.

Check earlier dependencies for EPrints 3.4.3 and before.

Known Issues

LDAP-based authentication for new users

If you use LDAP-based authentication to login users and your $c->{check_user_password} function includes code that creates new user accounts on-the-fly if they do not already is exists in EPrints, then users without a pre-existing user account will no longer be able to login. This is due to code implemented to allow user accounts to be locked if there were too many consecutive failed login attempts. This patch has been created to fix the issue by not requiring a user account to exist, which means a new user account can be created but there can be no restriction on how many times non-registered user can attempt to login as there is no user account that can be locked.

Changes Since 3.4.3

New Functionality

• Adds new script to about unit test results in JUnit format to better support use with Continuous Integration applications (e.g. Jenkins).
• Adds function $document->get_derived_versions to get derived documents, such as preview and thumbnail images.
• Allows custom list of fields for meta tags in summary pages.
• Allows parts of the subject tree to be expanded by default.
• Allows top of subjects-based view to be different from field's top. (E.g. have a browse view for a sub-division of the organisation rather than the whole organisation).
• Adds show_timestamps_in_log config option to log.pl config files.
• Adds --reload flag to generate_static to also reload the repository configuration. This ensure changes to both static pages and templates are applied at the same time.
• Adds function to check whether a dataset with a particular ID actually exists.
• Adds redo_hash option to epadmin to allow MD5 hash of files to be recalculated. (E.g. If something when wrong with this originally).
• EPC tag list and EPScript functions dumper, to_dataobj and subproperty.

Security and Privacy Improvements

• Ensures render_fileinfo always uses https URLs if enabled. So files can be downloaded securely.
• Allows EPrints::System::proc_exists to work when SELinux is enforcing.
• Ensures access settings (i.e. security field) of all derived versions of a document are updated when the document's access settings are updated.
• Ensures workflow cannot update a data object with anything other than a POST request.
• Adds monitoring for login attempts for better intrusion detection. Stored as hierarchical log files (e.g. 2022/04/13/) in login_attempts sub-directory of archive's var/ directory.
• Creators/editors ID should not (by default) be exportable for better GDPR.
• Adds repository function that says whether current request is for a preview.
• Allows review buffer to be skipped just for eprints of certain owners. (Rather than binary choice of to skip buffer for all or no eprints).

General Improvements

• Includes check of dark_document dataset before assuming no document in certain position on eprint is present.
• Allows bespoke function ultimate_doc_pos to be defined to work out position for new document, if eprint can use more than one document dataset (e.g. document and dark_document).
• Allows saved search alerts to go to additional recipients.
• Adds title phrase and warning to /cgi/set_lang if it were ever to be called without an immediate redirect.
• Allows CSS to be applied to specific subjects in a tree of Subject field.
• Send test email multiple recipients.
• Adds high resolution timestamps to database debug lines.
• Deal better with field type mismatches in SWORD POST requests.
• Allows epadmin reindex, recommit, redo_thumbnails and redo_mime_type to specify a range / multiple eprints
• Add timestamps to significant error messages.
• Allows distinctby search condition of fields if they are sub/super classes (i.e. types) of each other.
• Adds DOIs to OAI_UKETD_DC export plugin.
• Makes progress on improving Pod documentation in code files to update API wiki pages.
• Removes no longer implemented misc.pl configuration settings.
• Merges all RDF URI configuration files to tidy into a single file.
• Merges user_password_maxlength.pl into user_auth_limits.pl.
• Removes flowplayer as Flash is no longer supported.
• Removes defunct ie6.css stylesheet file.
• Replaces old bespoke theme with leaner example theme.
• Ensures summary page EPrint::Box plugins have unique class for CSS.
• Provides a more Accessibility compliant version of limit_names_shown.pl.
• Extricates PrototypeJS from core codebase into ingredient, so in future JavaScript library of choice could be used. You may need to manually update your flavours/pub_lib/inc file.
• Allows PubMed and DOI import plugins to set corporate creators.
• Allows DOI import plugin to set ORCIDs for creators, editors and contributors.
• Modifies requester_user_agent column for access table to use LONGTEXT rather than VARCHAR(255) so long user agent strings do not get set as NULL. (Only update existing archives' access database tables if NULL values for requester_user_agent have been discovered).
• Replaces old DOI import plugin with newer version that uses UNIXREF import source.
• Allows PubMed import plugin to set id_number with most significant ID, (doi > pubmed > pii).
• Removes hard-coding of citation style to use.
• Adds upload URL field for documents and warns users if file not uploaded properly. (This should both make it easy to debug upload issues and reduce the chances eprints will failed documents uploads being moved to the live archive).
• Switches between department and divisions as default advanced search field.
• Allows top of subjects-based view to be different to field's top subject
• Allows whether to show request copy button to be determined based on document metadata.
• Adds timestamp parameter to auto CSS and JS files to prevent caching issues.
• Allows lift_embargos to retain date_embargo if --retain flag is set.
• Adds/makes consistent OpenXML MS document typename phrases.
• Adds new JavaScript needed for Accessibility compliant limit_names_shown in citations.
• Adds phrase for bad EPM ID error.
• Allows export plug-ins to be extended to include byte order mark.
• Allows multiple eprint IDs to be specified for generate_abstracts.

Bug Fixes

• Ensures epadmin upgrade also adds new dataset fields
• Checks whether id_number field is set before parse test in Export::DC and Export::EndNote plugins.
• Fixes data read in hack with Import::BibTeX plug-in so it works with unit test.
• Fixes way EPrints::Utils::crypt_password is called in unit tests.
• Fixes validation for date field when it is multiple
• Sets a search_input_style for document license field.
• Fixes is_public check for documents and returns 0 (false) if security field is not set. (Rather than generating a warning, but still returning false).
• Ensure send_out_alert errors if search expression is EPrints::Plugin::Search::Xapianv2 (as well as EPrints::Plugin::Search::Xapian). As such search expressions cannot be used for alerts.
• Fixes bug in defining cookie settings when using /cgi/set_lang>.
• Fixes mismatch in calling code and method (EPrints::Apache::Rewrite and EPrints::Update::Views).
• Various fixes to prevent bad filenames/formats being used or processed.
• Considers datestamp for deleted records when finding the earliest record.
• Updates td element to div in views missed during Accessibility improvements.
• Fixes aria-describedby for non-multiple itemref/dataobjref components.
• Fixes rendering issues for Multipart type field.
• Adds aria-labelledby and aria-describedby to Boolean menu.
• Fixes anomaly with unordered fields.
• Ensures requests with text/* in the Accept header work.
• Moves license/copyright boilerplate for testdata/bin/import_rand_data to ensure it does not break random abstract generation.
• Ensure all fields are added to XML revision files even if export_as_xml is set to 0 (false).
• Fixes journal autocomplete to also group on publisher field.
• Prevents undepositable subjects being unset when eprint is edited.
• Fixes subject and body of test email to stop it getting lost in spam filters.
• Use reply-to rather from to reduce email sent being marked as spam.
• Fixes non-compulsory boolean radiogroup fields cannot deselect UNSPECIFIED.
• Fixes email field validation to not allow commas in domain.
• Fixes date validation so it still allows archive bespoke validation.
• Use default_value for compound sub-field if it is set and value is not.
• Allow uppercase characters in REGEXP_VARNAME to allow for user-defined database password.
• Various minor fixes to bin/check_xapian script.
• Fixes aria-describedby reference when date field used within a compound field. (E.g. in the Dates, Dates, Dates plugin).
• Uses EPrints::Language has_phrase to check whether fieldhelp is set for EPrints::MetaField's get_describedby function rather than generating unnecessary warning messages if missing.
• Fixes DOI import error handling.
• Use CURRENT_USER() to get hostname or database server rather than assuming localhost, when creating MySQL database user and granting privileges.
• Uses more reliable EPrints::Time::iso_date to get current date to use in lift_embargos search.
• Fixes bug with applying mysql_enable_utf8=1 when database driver is not MySQL.
• Sets IsNotNull search condition to 0 rather than empty string for date, int and time type fields.
• Removes invalid characters (x00-x08, x0B, x0C and x0E-x19) from being output as XML, specifically Dublin Core (DC) export.
• Prevents repository admins from modifying usernames where they would create duplicates.
• Display UNSPECIFIED in subject tree if the sort name that would be displayed is an empty string. (This ensures it is still clickable).
• Removes EPrints::Apache::Beast as is no longer needed and has unsupported dependencies.
• Fixes Pod2Wiki to not automatically assign own category to generated API pages (e.g. EPrints::DataObj::EPrint should not have category API:EPrints/DataObj/EPrint).
• Prevents non-ASCII characters causing index tasks to fail when using Xapian.
• Ensures $c->{cookie_domain} can still be set if $c->{host} is not set. (This should make little difference, as no cookie domain means only allow for the current domain).
• Includes EPrints::DataObj::SAX::Handler in use list for EPrints. (Previously present but not in use list).
• Fixed regular expression for matching browse view URLs on Apache::Rewrite.
• Ensures password length validation cannot break if parameters undefined.
• Provides better handling of error if TeX::Encode Perl library is not installed.
• Fixes assumption that PostgreSQL table_schema will always be 'public'.
• Fixes typo on EndNote export to check isbn field is set before exporting it rather than checking issn before trying to export isbn.
• Removes duplicate definition of $c->{make_orderkey_ignore_extras}.
• Removes dc:doi element that does not exist in Dublin Core use dc:identfier dc="dcterms:doi" attribute instead.
• Fixes separator characters used to parse a date. (To include a space used in EPrints typically format and the letters T and Z used in the ISO 8601 date and time format).
• Ensures appropriate default values are set for allow_null => 1 fields for compatibility if strict rules enforced on MariaDB 10.x.
• Fixes bug with EPrints::System::sanitise if used in no CGI context, (e.g. in a bin script).
• Fixes various bugs with /cgi/cal resource.
• Makes Search Condition IsNotNull what it says and adds IsNotEmpty Search condition.
• Ensures checkboxes in multiple compound MetaFields does not add blank rows.
• Stops Upload from URL uploading the whole Internet.
• Prevents 'has invalid parameter' being intermittently reported.
• Prevents epc:comment in template files rendering comment text on generated web pages.
• Fixes leap year exceptions to every 400 not 1000 years in date MetaField validation.
• Fixes download of encapsulated HTML file from Admin::Config::Edit::XPage.
• Ensures HTML generated for download from Admin::Config::Edit::XPage is valid according to xmllint.
• Removes libsepol1 from Deb deps as not available in Ubuntu 22.04.
• Adds mariadb-{client,server} as alternatives to MySQL Debs.
• Fixes typos found by Codespell report (from fossies.org)
• Fixes invalid HTML element IDs used for tabs.
• Fixes edit and remove buttons for web interface defined MetaFields.
• Removes outdated tools/update_phrase_file
• Fixes bug with new eprint revisions being generated when no fields have actually changed.
• Fixes HTTPS responses giving HTTP 200 status codes when appropriate HTTP status error code should be used.
• Fixes link in account registration confirmation emails causing an internal server error.
• Fixes CGI lookup script encoding issues.
• Makes sure base_url is still defined if no 20_baseurls.pl exists.
• Handles if document's security field value is undefined.
• Adds missing phrases for saved_search's additional_recipients field.
• Ensures any problems detected by $c->{validate_field} user-defined function are not dropped by MetaField::Date's validate function.

Planned Development

See EPrints 3.4.5