Cloud CMS Release 3.2.87

The following are the new features, enhancements and fixed issues for Cloud CMS 3.2.87 release.

Upgrade Considerations

Please review the upgrade considerations provided here:
https://gitana.io/documentation/gitana/3.2/guide/guide/docker/upgrades/3-2-87.html

With this upgrade:

• MongoDB 4.0 or above is required
• You will need to perform a cold restart of your API cluster.

New Features

Amazon ECS

• Adjusted the default Amazon Elastic Container Service settings to support multiple retries and improved timeouts so as to more effective handle Amazon API throttling and 429s when running a large number of parallel ECS container tasks.

Automatic Query Optimization

• Indexes for branch collections are now automatically analyzed and maintained so as to optimize for query performance. This new facility works hand-in-hand with query analysis to compute and apply indexes that address queries that perform slowly.

Containers

• Images have been upgraded to Fedora 41 and OpenJDK 21. All libraries and dependencies have been updated to support the latest security patches for these respective packages.

Enhancements

ACL Checks

• Faster Access Control checks that leverage some backported code improvements from Cloud CMS 4.0.

Actions

• The syncNode action now supports the contentIncludeRelatingAssociations flag (using to populate contentIncludeRelatingAssociations on the transfer export during the copy).

Branches

• Tenant logs are now updated to reflect information when branches are created and updated.

Caches

• Added org.gitana.platform.services.node.mongoViewService.repositoryCollectionsMaxSize setting to control max size of repository collections cache (defaults to 2500).

Cluster

• Faster and more efficient distributed lock service for the API cluster. This has been refactored to use a database-driven lock facility. This further reduces our reliance on Hazelcast for these IO-intensive operations and provides a significant performance improvement.
• Atomic values are now stored within the DB and no longer require Hazelcast for persistence.

Datastore Configuration

• Added safety check code to guardrail the datastore configuration service. This helps protect against potential overwrites of any datastore configuration documents.

Hazelcast

• Enhanced the Out of Memory Handler to provide improved logging prior to exit.

GraphQL

• GraphQL now supports a _paths subobject which can be used to look up nodes by path. For more information, see https://gitana.io/documentation/gitana/3.2/guide/guide/graphql.html#paths.
• Optimized data fetchers for faster performance.

Non Cyclicity

• Optimized the f:non-cyclic feature to assert non-cyclicity of the content graph on commit.

Path-Based Find and GraphQL

• The Find API has been enhanced to support path-based lookup. You can now path a combination of Query, Search and Path information to the Find API to perform the aggregated lookup. For more information and examples, see https://gitana.io/documentation/gitana/3.2/guide/guide/find.html#find-in-folder and https://gitana.io/documentation/gitana/3.2/guide/guide/find.html#example-#3.
• GraphQL now supports retrieval of path information within a query.

Performance

• Optimized code paths for query and find operations to better utilize indexes and perform feature DB calls.
• Introduced the internal use of MongoDB $aggregation for optimize code for path-based lookup for file/folders and GraphQL.
• Faster response times and better heap management for all query and find operations.
• Improved usage of internal pagination to reduce the number of MongoDB count operations for faster performance.
• Quicker incremental building on branch tip views on transaction commit via use of bulk operations.
• Faster file folder event handling during transaction write.
• Relator association event handlers now execute much faster during transaction assembly.
• Faster node resolvers that no longer rely on branchService checks.

Search

• The background worker that indexes branches now utilizes pagination and a from token to improve performance for large sets of data.

Single-Sign On (SSO)

• Execution of Group Mapping rules has now been moved out of the UI container and into the API container allowing for faster user/group synchronization on login.
• Updated to the latest SAML and security libraries.
• Certificates are required (no longer optional) for encryption of SAML Assertions.
• Added SSO configuration options to let you assert the digest/hash for the full document and/or the assertions.
• Added SSO configuration option to let you specify the hashing algorithm of the digest/hash (SHA-1, SHA-256 or SHA-512).

Startup

• Faster API container startup time. Refactor of node cache so that node cache initialization step is no longer required.

Transfer Export

• Added a transfer export configuration flag tipModeLockBranch which can be optionally applied to take out a write lock during the export of content off of a branch. This is useful for cases where concurrent threads might be running that modify the branch during export. In these cases, the concurrent changes might produce an incorrect export or cause the exporter to fail. Setting this flag will cause the exporting branch to take out a write lock and will prevent other users from writing to that branch until the export completes. By default, this flag is set to false.
• Added a project setting tipModeLockBranchOnExport which can be optionally applied so that all exports from any branches within the project will automatically have the transfer export configuration flag tipModeLockBranch set. This ensures that all exports of any content from within the project will be done with a branch-level write lock taken out. By default, this flag is set to false.
• Faster export of content with lower memory footprint. This has a significant impact on large exports.
• Added a transfer export configuration flag contentIncludeRelatingAssociations which specifies whether to include non-exported nodes that have associations that relate them to the currently exporting node.

User Interface

• Updated to all the latest dependencies and library versions.
• Removed old libraries (such as Dust.js) which are no longer being utilized.
• Added DDOS safeguards including automatic blacklisting and blocked URI checks.
• Removed custom indexes page (these are now auto-managed by the product on a per-branch basis).

Bug Fixes

Analyzed Queries

• Fix so that cursor timeout defaults are properly applied when performing a count operation across all code paths. This had been causing some analyzed queries to misreport their findings.

Associations

• Fix so that internally paginated result sets are more accurate when running in the context of a large transaction. This impacts cases where some rules where not being tripped for large transactions. It has a more notable impact on complex content models with deeply nested relators.

General

• Fix for cases where some cached nodes were being cast to incorrect types upon deserialization from cache.
• Fix for spatial find operations around node so that arguments map as intended.
• Fix so that teams clean up properly in cases where some teamable types fail to instantiate fully.
• Fix for an NPE potentially being thrown while handing exceptions that fell out of one shot optimized queries.
• Fix so that late grantAuthority() calls during import don’t cause an overall failure post transaction due to the transaction collection not being found.

Paginated Iterators

• Fix so that any calls relying on paginated query iteration using a fromKey now perform proper comparison of result set size with limit instead of using total rows.

References

• Fix so that node reference resolution properly throws a ReferenceResolutionException for cases where a branch’s tip view is not available (or has been archived).

Tags

• Fix so that tags work and merge as expected during branch merge and release commit.

Transactions

• Fix so that the order of nodes is guaranteed within a multi-level transaction. This improves accuracy and ensures consistency of result set ordering.

Transfer Export

• Fix so that exported nodes are reloaded durign tip mode exports to ensure references are established against the tip changeset.
• Fix so that references are not errantly calculated if concurrent changes are made to the exporting branch between the time of job submission and the time of job execution start.

Tree

• Fix for tree path expansion by properly detecting empty paths element.

User Interface

• Fix so that data tables now work properly for edge cases where an API call was being made in an event handler immediately after rendering.
• Fix so that login redirects take you back to your originally intended URL after login.
• Fix so that pickers now properly validate maxItems/minItems and revalidate on call to setValue().
• Fix so that user registration email requests fall back properly for cases where the user already exists.
• Fix so that I18N locales display consistently throughout the UI (common code path).