Changelogs

dotCMS 5.2.4

Available: Jan 23, 2020

dotCMS 5.2.4 is a maintenance release which includes some minor upgrades, fixes, and improvements, and an important security update.

Important:

dotCMS 5.2.4 includes an important fix for a critical security vulnerability. This vulnerability has already been mitigated for existing dotCMS Enterprise and dotCMS Cloud customers. However, if you are a Community Edition customer, it is strongly recommended that you upgrade to dotCMS 5.2.4 as soon as possible.

Privacy and Security Updates

The following changes in dotCMS 5.2.4 fix potential security or privacy issues which have been identified by dotCMS.

Fixed a critical security vulnerability reported in CVE-2020-6754

Fixes for this vulnerability have been generated for all affected dotCMS versions.
Fore more information, including mitigation measures and the link to the CVE alert, please see security issue SI-54.

Fixes

The 5.2.4 release includes fixes for a number of reported issues. For a list of issues addressed in dotCMS 5.2.4, please visit the dotCMS Github Repository.

Fixed an issue preventing the Redirect URL property from working with custom Page Content Types (#15427)
Fixed an issue causing CMSFilter to return a 404 for URLs containing a plus sign (#17261)
Fixed an issue preventing the Copy Site operation from properly copying Page contents to a new Site (#17541)
Fixed an issue which could sometimes cause Push Publishing conflicts when pushing Language Variables (#17596)
Fixed an issue which could prevent users from being able to edit Sites without View permission on the Default Site (#17612)
Fixed an issue preventing the Asset Backup tool from using the ASSET_REAL_PATH configuration (#17620)
Removed an old/invalid foreign key from some database upgrade scripts (#17647)
Fixed an issue causing WebDAV to force folder and file names to lowercase (#17698)
Fixed an issue causing GraphQL to return a null when no Content Types of a queried Base Type existed (#17717)
Fixed an issue which could prevent browsing beyond five sub-folder levels when adding a file to a WYSIWYG field (#17792)

To view more information on these and other issues, please visit the dotCMS Github repository.

Additional Changes and Improvements in dotCMS 5.2.4

The Back-end Menu Navigation has been improved to allow the menu to remain collapsed continually.
Added the ability to set a security constraint on the assets folder in the web.xml file (#17835)
The REST Content Type API has been enhanced to allow specification of additional default Workflow Actions

Default Workflow Actions may now be specified for UNPUBLISH, ARCHIVE, UNARCHIVE, DELETE, and DESTROY, in addition to existing NEW, EDIT, and PUBLISH default actions.

Improved the content import and REST API save functions to accept remote URLs for the content of Binary Fields (#16852)
Prevented the copy of Workflow history when making a copy of a content item (#17550)

dotCMS 5.2.3

Available: Jan 2, 2020

dotCMS 5.2.3 is a maintenance release which includes some minor upgrades, fixes, and improvements.

New Features

The following new features have been added in dotCMS 5.2.3:

New Elasticsearch Custom Field Mappings

Custom Elasticsearch mappings may now be created for individual Content Type fields.
For more information, please see the How Content is Mapped to Elasticsearch documentation.

New Language REST API Operations

Methods to allow Save, Update, and Delete of languages have been added to the Language REST API.
For more information, please see the REST API Endpoints documentation.

Fixes

The 5.2.3 release includes fixes for a number of reported issues. For a list of issues addressed in dotCMS 5.2.3, please visit the dotCMS Github Repository.

Fixed an issue which could cause incorrect bundle audit information to generate noisy log messages (#17626)
Fixed an issue preventing the Bundles screen from refreshing after a Bundle was deleted (#17676)
Fixed an issue preventing Language Variables containing spaces from resolving correctly (#17679)
Fixed an issue which could prevent past Time Machine snapshots from being displayed (#17684)
Fixed an issue preventing images in WYSIWYG fields from being selected (#17731)

To view more information on these and other issues, please visit the dotCMS Github repository.

Additional Changes and Improvements in dotCMS 5.2.3

The Page REST API (/api/v1/page) includes several new enhancements to support Single Page Applications (SPAs):

Information for all content contained in a Page is now rendered in results (#17665)
Content of URL Mapped pages is now rendered in results (#17666)
Languages passed via URL parameters can now be specified by language code (e.g. "en-US") as an alternative to language ID (e.g. "1") (#17700)

TinyMCE (used in the WYSIWYG field) has been upgraded from version 4.1.6 to version 4.9.6.

dotCMS 5.2.2

Available: Dec 12, 2019

dotCMS 5.2.2 is a maintenance release which includes some minor upgrades, fixes, and improvements.

New Features

The following new features have been added in dotCMS 5.2.2:

New Delete All Versions Workflow Sub-Action

A new Workflow Sub-action has been added to delete all Language versions of a content item.
For more information, please see the Workflow Sub-actions documentation.

New Delete Push Publishing Bundles REST Endpoint

A new REST API endpoint has been added to enable deleting old Push Publishing bundles.
For more information, please see the REST API Endpoints documentation.

Fixes

The 5.2.2 release includes fixes for a number of reported issues. For a list of issues addressed in dotCMS 5.2.2, please visit the dotCMS Github Repository.

Fixed an issue preventing the Push Publish popup from displaying from the Tasks Tool (#17026)
Fixed an issue which could prevent proper batching of transaction when calling Quartz from code (#17591)
Fixed an issue preventing GraphQL from returning IDs for new languages (added after upgrade to dotCMS 5.1.0+) (#17615)
Fixed incorrect key when serializing the Visitor object (#17616)
Fixed an issue preventing Lucene date range queries from working (#17621)
Fixed an issue causing upgrades to dotCMS 5.2.1 to fail for systems with no URL Maps (#17642)
Fixed a javascript error when selecting a relationship from the relationship select popup (#17663)

To view more information on these issues, please visit the dotCMS Github repository.

Additional Changes and Improvements in dotCMS 5.2.2

Folder name restrictions have been implemented at the API level, to ensure bad folder names can not be created through WebDAV and other means (#16715)
Changed deletion of Content Type fields to perform the deletion in the background (#16939)
To improve compatibility, the GraphQL implementation has been modified to remove Base Types as Interfaces, and no longer allow specification of individual fields for Base Type collections (#17560)
REST API calls which return related content were improved to respect supplied language parameters for both parent and related content (#16917)

dotCMS 5.2.1

Available: Nov 6, 2019

dotCMS 5.2.1 is a major release which includes some significant upgrades and new features, performance and stability improvements, upgrades to a number of key components, and some significant changes to existing functionality.

Fixes

The 5.2.1 release includes fixes for a number of reported issues. For a list of issues addressed in dotCMS 5.2.1, please visit the dotCMS Github Repository.

Fixed an issue with the Forms preventing binary submits from working properly (#17468)
Fixed an incorrect default sort order on Custom Content Portlets (#17455)
Fixed an issue causing redirection to a blank page after adding a Menu Link (#17347)
Fixed an issue causing display of a blank page (instead of a license required message) when viewing Rules in Community Edition (#17512)
Fixed an issue preventing Forms from being added properly to personalized Pages (#17554)
Fixed an issue causing error messages in REST API calls to be incorrectly included in the response header (#16383)
Fixed an issue preventing the navigation cache from updating properly when a Page was copied (#17353)
Fixed an issue preventing proper display of some Container fields when changing the Max Contents field value (#16782)
Fixed an issue where the removed REST_API_CONTENT_ALLOW_FRONT_END_SAVING configuration property was still required in some circumstances (#17510)
Fixed an issue which could give anonymous users access to content when the Front-End User Role was explicitly given permissions to that content
Fixed issues preventing self-joined Relationship fields from working correctly in some REST API calls (#17477, #17492, #17529)
Fixed an issue preventing related content from displaying properly after a bundle containing related content is uploaded (#17528)
Fixed an issue preventing display of content with different live and working versions (#17451)
Fixed an issue allowing more than one content to be related on a Relationship field with One-to-One cardinality (#17524)
Fixed an issue which could cause content in a Container to be removed from the Page when the layout is changed under specific circumstances (#17435)
Fixed an issue which could cause a log exception and incorrect content display with an empty duplicate Container in a Page (#17553)
Fixed an issue which could cause the selected Site to change when copying and pasting a folder (#17113)
Fixed an issue which could allow content to be related to itself in certain circumstances (#17543)
Fixed an issue which could cause upload of new files via WebDAV to fail (#17506)
Fixed an issue which allowed only one user to see a Workflow Task with "Four Eyes Approval" in progress (#17250)

To view more information on these issues, please visit the dotCMS Github repository.

Known Issues in dotCMS 5.2.1

The following known issues in dotCMS 5.2.1 will be addressed in future dotCMS releases:

Translations for 2 newly added strings were not included in the release.

If you wish to include these translations in your 5.2.1 distribution, you can find the translations (with key names dot.common.press and dot.common.message.no.workflow.schemes) in the dotCMS Github repository, and manually add them to the language strings files in your distribution.

Privacy and Security Updates

The following changes in dotCMS 5.2.1 fix potential security or privacy issues which have been identified by dotCMS.

It's important to understand that both security and privacy issues may have privacy implications for your existing dotCMS installation. Therefore we recommend that you review these changes, and if necessary modify any appropriate content, to ensure your site maintains compliance with any security and privacy standards and regulations you adhere to.

Fixed an issue which could allow anonymous users access to working versions of content when the Front-End User Role was explicitly given View permissions to that content (#17526)

Additional Changes and Improvements in dotCMS 5.2.1

Added caching to 404 error results pages (#17377)
Improved performance by removing redundant Hibernate code (#17428)
Added language flags to relatable content on new Relationship fields (#16129)
Improved logging when content validation fails (#16165)
Added a message to indicate when there are no available Workflow Actions for content (#17533)
Improved responsiveness of Content Type field deletion (#16939)
Improved file access performance by caching file system metadata (#17269)
Improved File Container caching and performance (#16597)
Reduced unnecessary logging when a live version of content can not be found (#17551)
Geolocation information has been added to the Visitor object (#17495).

dotCMS 5.1.6

Available: Jun 5, 2019

dotCMS 5.1.6 is a maintenance release which includes fixes for several issues which affected some customers running the 5.1.0 and 5.1.5 releases.

Important Changes

Important changes in dotCMS 5.1.6 configuration may impact your configuration and system behavior when upgrading an existing site. Please read the documentation sections on all of these changes before upgrading from a previous release.

Changes to Default Behavior

The following differences in default behavior in dotCMS 5.1.6 may change your expectations and require a review of your administration practices. Please review all of these changes before upgrading from a previous release.

XSS Prevention Filter

In order to minimize XSS and CSRF vunerabilities, dotCMS now will block direct access to all files under the /html and /dotAdmin directories unless dotCMS is sent a valid referer or Origin header.
This new behavior is enabled by default, but can be turned off (allowing requests without a valid referrer or Origin to access these folders) by adding the following property to the dotmarketing-config.properties file:
```
XSS_PROTECTION_ENABLED=false
```
For more information, please see the Security Best Practices documentation.

Improvements

The following improvements have been added in dotCMS 5.1.6:

Added a new XSS Prevention Filter to proactively help prevent XSS and CSRF attacks (#16605)
Changed UI behavior to prevent dialogs from closing when you click outside of them (#16638, #16639)

Fixes

The 5.1.6 release includes fixes for a number of reported issues. For a list of issues addressed in dotCMS 5.1.6, please visit the dotCMS Github Repository.

Fixed an issue preventing Key/Value fields from being added to the index (#16313)
Fixed an issue which could cause a push of an entire site to fail (#16481, #16623)
Fixed an issue which could cause pagination in the back-end to fail when running under HTTPS (#16502)
Fixed an issue which caused a reindex of the File Asset Content Type to cause a full reindex (#16545)
Translated some back-end strings which were not translated in all supported languages (#16584, #16660)
Fixed an issue preventing the "All" Content Type selection from working with Custom Content Tools (#16587)
Fixed an issue which prevented limited users without access to the Content Tool from viewing Workflow Tasks (#16590)
Fixed an issue which prevented limited users from being able to logout properly (#16591)
Fixed an issue which prevented content from being removed from the index performing "Delete then Reindex" (#16592)
Fixed an issue preventing the /api/content/publish endpoint from working with multipart form data (FileAssets) (#16600)
Fixed an issue which caused static publishing to AWS S3 to fail when dotCMS was used in a Docker environment (#16612)
Fixed an issue preventing cache flush of individual Content Types from working (#16626)
Fixed an issue which could prevent deleted content from being cleared during a full reindex (#16664)
Fixed an issue preventing display of a front-end URL mapped page when logged into the back end (#16671)

To view more information on these issues, please visit the dotCMS Github repository.

dotCMS 5.1.5

Available: May 8, 2019

dotCMS 5.1.5 is an intermediate release which includes some minor improvements and features, and some significant performance improvements, specifically for customers with large content repositories.

Important Changes

A number of important changes in dotCMS 5.1.5 configuration may impact your performance when upgrading an existing site. Please read the documentation sections on all of these changes before upgrading from a previous release.

Important: The Minimum Java Version Has Changed

dotCMS 5.1.5 will only work with version 1.8.0_162 or later of Java.

Earlier versions of Java will not work, even for systems which were upgraded from earlier dotCMS releases.
If the java version cannot be updated, you must install the Unlimited Strength Jurisdiction Policy Files (available at here).
- Not having this support will result in an "InvalidKeyException" when attempting to use 192 or 256 bit keys.

New Features

In addition to the Important Changes listed above, the following additional new features have been added in dotCMS 5.1.5:

Reindex performance has been greatly improved, especially for large content stores.

For more information, please see the dotCMS Github Repository.

Added the ability to generate stateless API Access Tokens using JWT, which can be used for authentication by applications, and which can be issued and revoked from the back-end UI.

For more information, please see the Authentication Using JWT documentation.

Page Layouts can now include custom CSS classes for specific Rows and Containers in the Layout.

For more information, please see the Page Layouts documentation.

You can now create Custom Content Tools which display only the Content Types you wish.

These behave the same as the existing Content Search screen, but display only a limited set of Content Types you define. For example, you can create a Tool which displays only Blog content, only News content, or a combination of Blogs and News.
For more information, please see the Custom Tool Groups documentation.

The DotAjaxDirector API now take both JSON and API tokens.

This allows you, for example, to add and push Bundles using an API method.
For more information, please see the DotAjaxDirector API documentation.

The Workflow "fire" REST API endpoint has been improved.

The fire endpoint now accepts binary (multipart) content and new Relationships fields.

The fire endpoint now provides full equivalence with the legacy /api/content endpoint.
It is recommended that all new development use the Workflow fire endpoint instead of the legacy /api/content endpoint.

The fire endpoint now accepts specification of Workflow Actions by the Action Name or ID.

Added additional logging to the Push Publishing feature (#16197)
The back-end login screen has been redesigned for simplicity and greater ease-of-use.
A new "post" method was added to the JSONTool which allows you to send a request to the remote server using an HTTP POST.

For more information, please see the JSONTool documentation.

Fixes

The 5.1.5 release includes fixes for a number of reported issues. For a list of issues addressed in dotCMS 5.1.5, please visit the dotCMS Github Repository.

Fixed an issue which could cause a compliation error when importing some OSGI packages (#16377)
Enabled the use of "text/*" types with the content REST API (#15934)
Removed a limitation of REST API calls that prevented them from respecting LoggedInUser permissions (#16135)
Fixed an issue that caused file-based Containers to render incorrectly in Page edit mode (#16263)
Fixed an issue where an incorrect error code was returned when using an invalid identifier with the /vtl REST API (#15799)
Removed an inactive button from the Community Edition Content Search screen (#16270)
Fixed an issue which could prevent content from being published when the Tag field was Required (#16026)
Fixed problems that resulted when using the word "content" as a key in a Key/Value field (#16046)
Fixed an issue causing a Javascript error when a zero content Container was displayed in the Page editor (#16329)
Fixed an issue which could cause incorrect content to be displayed from the cache when pushing content using a shorty ID (#16310)
Fixed an issue which could display an empty popup when displaying health for a single index (#16331)
Fixed an issue which could prevent content saves during switch-over to a new index (#15421)
Fixed an issue which could prevent saving of existing content after changing a field to Required (#16376)
Fixed an issue that could data corruption with self-reltaed content if the order of Relationships fields was changed (#16420)
Made several improvements to Vanity URL caching (#16333, #16337, #16413)
Fixed an issue which could cause display artifacts when an invalid icon was set for a Tool Group (#16246)

To view more information on these issues, please visit the dotCMS Github repository.

Deprecated Features

The following features have been officially deprecated in dotCMS 5.1.5. These features have not been removed, and still work normally, but are no longer fully supported, and may be removed in a future dotCMS release.

Version 2 of the FieldResource REST API has been replaced with a new version (version 3), and version 2 is now deprecated.

dotCMS 5.1.1

Available: Mar 25, 2019

dotCMS 5.1.1 is a maintenance release to fix one specific issue which affected some customers with the dotCMS 5.1.0 release.

It is recommended that all customers running the 5.1.0 release upgrade to dotCMS 5.1.1 as soon as possible.

Fixes

Navigation problems could be encountered in the Page editor under some circumstances (#16221)

To view more information on this issue, please visit the dotCMS Github repository.

dotCMS 5.1.0

Available: Mar 13, 2019

dotCMS 5.1.0 is a major release which includes some major upgrades and new features, performance and stability improvements, upgrades to a number of key components, and some significant changes to existing functionality.

This release includes a number of changes which may affect existing installations. We recommend that you read through this changelog in full before upgrading any existing installations.

Important Changes

A number of important changes in dotCMS 5.1.0 configuration may impact your performance when upgrading an existing site. Please read the documentation sections on all of these changes before upgrading from a previous release.

Changes to Default Behavior

The following differences in default behavior in dotCMS 5.1.0 may change your expectations and require a review of your administration practices. Please review all of these changes before upgrading from a previous release.

Permissions required to create new Content Types has increased.

The authority level required to create new Content Types has been increased from EDIT to PUBLISH (#15285)
This change will not have any effect on any existing Content Types.

However if you have users who need to be able to create new Content Types, you will need to ensure that these users have PUBLISH permissions for Content Types in all locations where they will be creating new Content Types.

Users with EDIT authority will still be able to modify Content Types, but will not be able to create new ones.

New Features

In addition to the Important Changes listed above, the following additional new features have been added in dotCMS 5.1.0:

New Relationships Fields

A new type of Relationship field has been added, offering significant improvements over the legacy Relationships from older versions.
You may now create Relationships by adding Relationships to Content Types as fields which are created and displayed separately for each side of the Relationship.
This change provides more flexibility in the types of Relationships you can create, allowing you to now create both One-to-One Relationships and Relationships which are visible from only one side of the Relationship.
These new Relationships also allow you to access related content directly via Lucene and Elasticsearch queries, treating related content as a field of the content, rather than requiring dedicated methods (such as $dotcontent.PullRelated()) to retrieve related content.
Using the new Relationship fields, you may also now search for related content from the Content Search screen.
Legacy Relationships and Legacy Relationships fields are both still supported for backward compatibility.

You may mix new Relationships fields and Legacy Relationships fields in the same Content Type.
You can choose to convert Legacy Relationships to new Relationships fields, but to ensure backward compatibility, conversion will not be done automatically.
A "Relationships" tab in Content Types will still be displayed if you have Legacy Relationships on a Content Type and have not added a Legacy Relationship field to the Content Type.
However the "Relationships" tab is now built as a regular Tab-Divider field followed by a Legacy Relationships field in the Content Type, and any new Relationship fields will not display in the Legacy Relationships field.

For information on how to upgrade your existing Relationships to the new Relationships fields, please see the Migrating Legacy Relationships documentation.
For more information, please see the Relationships documentation.

Containers as Files

You may now create and manage Containers completely via files.
These files may be managed via WebDAV and other file management operations, easing integration of dotCMS with your CI/CD operations.
As part of this change, some Containers in the dotCMS Starter site were converted to File Containers.
For more information, please see the File Based Containers documentation.

Custom REST Endpoints

You may now easily create custom REST endpoints using Velocity files.
All HTTP Methods for RESTful services are supported, including GET, POST, PUT, PATCH, and DELETE.
Velocity methods have been added which simplify the generation of output in JSON and XML formats for your custom endpoints.
A /vtl/dynamic REST endpoint has been added which allows you to render output from HTML and Velocity code dynamically.
For more information, please see the Scripted Custom Endpoints documentation.

GraphQL REST API

A REST API has been added that supports the GraphQL dynamic query language for retrieving content.
GraphQL allows you to selectively retrieve and arrange the content and fields you retrieve, enabling you to reduce the size of responses and insulate your applications from future changes to your dotCMS content and Content Types.
For more information, please see the GraphQL documentation.

Field Variables for Content Type Fields

You may now add "Field Variables" to fields in your Content Types.
These Field Variables can be used to distinguish and handle fields of the same field type differently, either within the same Content Type or among different Content Types.
The Field Variables for a Content Type field may be accessed from both Velocity code and Plugins.
These field variables are now used to allow customization of the WYSIWYG field, and are intended to be expanded to allow customization of other Content Type fields in the future.

WYSIWYG Field Customization on a per-Content Type and per-Field Basis

You may use the new Field Variables feature to specify tinyMCE customizations for each WYSIWYG field individually by specifyin a Field Variable named tinyMCEProps, which will be used to initialize the WYSIWYG field editor.
For more information, please see the WYSIWYG Field documentation.

CORS Header Configuration

You can now configure headers to send with CORS requests.
Headers can be configured as global defaults, and can be overridden for specific endpoints.
For more information, please see the CORS Header Configuration documentation.

Fixes

The 5.1.0 release includes fixes for a number of reported issues. For a list of issues addressed in dotCMS 5.1.0, please visit the dotCMS Github Repository.

Fixed an issue that could cause a Null Pointer Exception during Push Publishing under some conditions (#9110)
Fixed an incorrect message when incorrect values were entered while adding a new Language (#13168)
Fixed an issue which prevented the site selector list from being updated when using Login As (#14116)
Fixed an issue preventing the site selector from updating when using the Login As feature (#14116)
Fixed an issue which could cause different language versions of the same content to be saved separately (#14966)
Fixed an issue preventing a limited user from creating a new Content Type under certain conditions (#15285,#15308)
Fixed an issue which could cause an error on a Page if a Container on the Page was archived (#15331)
Fixed an issue causing Push Publish to fail in specific circumstances after adding a new Language (#15359)
Fixed an issue preventing the History and Permissions tabs on Events from being refreshed on save (#15439)
Fixed an issue preventing limited users from using the Device Preview feature (#15474)
Fixed an issue which could cause a new Site Search to fail (#15475)
Fixed an issue preventing Pages at the root of the site from being selectable as URL Map Detail pages (#15482)
Corrected some widget sorting issues in the Page Editor (#15486)
Fixed an issue which could cause an error when trying to rearrange or un-check the Required property on a Category field (#15504)
Fixed an issue which could prevent a limited user from navigating public pages in the back-end (#15506)
Fixed some issues which could cause Elasticsearch indexing to fail to complete (#15512)
Fixed an issue which could cause content save to freeze with a custom list of Languages (#15624)
Fixed an issue which could cause the Page Editor to render incorrectly when Velocity errors exist on the Page (#15640)
Fixed an issue which caused Push Publishing errors when Tags contained single quotes (#15792)
Removed the server name and port from generated URLs, to support containerization and applications behind proxies (#15833)
Synchronized the properties returned by the Page API /json and /render methods (#15928)

To view more information on these issues, please visit the dotCMS Github repository.

Deprecated Features

The following features have been officially deprecated in dotCMS 5.1.0. These features have not been removed, and still work normally, but are no longer fully supported, and may be removed in a future dotCMS release.

Legacy Relationships and Legacy Relationship fields

Legacy Relationships and Legacy Relationship fields on Content Types are both officially deprecated.
You may migrate all Legacy Relationships to the new Relationship Fields at any time.
Legacy Relationships, Legacy Relationship fields, and Velocity methods referencing Relationship name rather than Content Type field name will all continue to supported for a period of time.
- However Legacy Relationships and code should be converted to new Relationship fields as soon as possible, to ensure forward compatibility with future releases.

CommentActions class

The CommentActions class has been deprecated and is no longer shipped with the dotCMS distribution. Customers with legacy code that relies on this class should add the class using a plugin.

Additional Changes and Improvements in dotCMS 5.1.0

Updated the Push Publish Workflow sub-Action dialog to allow Push Delete with Workflows.
Added navigation crumbtrails to the back-end user interface.
Made several improvements to the content search listing in the Page Editor.
Improved indexing performance when saving and publishing content.
Added "/servlet/" to the list of paths for the DefaultBackEndLoginRequiredWebInterceptor (#15548)
Added the hostName to the results in the /es/search REST endpoint (#15574)
Added a titleImage property to all content, allowing easy access to images on different Content Types (#15575)
Added additional logging for Push Publishing (#15595)
Improved error handling when a new Page is created with a URL that is already in use (#15951)
Added the ability for the /es/search REST API to return working as well as live content (#15982)
Upgraded the contentlet API to return related content for retrieved content items (#9411)
For source code distributions, the default path for functional tests was changed from /servlet/test to /dotTest (#15548)
Angular has been upgraded from version 4.4.6 to version 7.2.0.
PrimeNG has been upgraded from version 4.3.0 to version 7.0.3.

There were no UI changes in relation to this upgrade; the upgrade was made to maintain currency and compatibility only.

dotCMS 5.0.3

Available: Nov 14, 2018

dotCMS 5.0.3 is a maintenance release to fix several issues which affected some customers with the dotCMS 5.0.2 release.

It is recommended that all customers running the 5.0.0, 5.0.1, or 5.0.2 releases upgrade to dotCMS 5.0.3 as soon as possible.

Fixes

Site selector did not update to show appropriate sites when using the Login As feature (#14116)
Push publishing a file or page could fail after push removing the parent folder (#15022)
In some circumstances, Categories referenced by a content type were not pushed by dependency with the content (#15172)
The Elasticsearch transport port and http port configuration settings were not honored when using auto-wire clusters (#15277)
The list of Widget Types was not sorted when adding a Widget to a Page (#15290)
In the Content Type editor, Category fields could not be renamed without also changing other field parameters (#15309)
Static publish to an Amazon S3 bucket of pages using Sass could fail to render correctly (#15310)
Archiving a container which was used on a Page could cause an error when the Page was accessed on the front-end (#15331)
Image, Textarea and WYSIWYG fields on existing content could not be completely cleared in the content editing screen (#15340, #15353)
Some OSGi plugins placed in the felix/load directory were not loaded properly when dotCMS was started (#15358)
The Base Types list in the Content Types tool was not ordered correctly (#15382)
In some cases, not all appropriate Bulk Workflow Actions were displayed for a limited user (#15385)
Applying "Cascade Permissions" to a Site from the Roles & Tools screen did not update child permissions (#15389)
The NavResource REST API did not return a nested JSON object (#15390)
In the Page ditor, when any Container included Velocity code with errors, an error was displayed for the whole Page instead of for just the problem Container (#15395)
If the Template set for a Page did not exist, the template for the Page could not be changed (#15401)
The Host Content Type was incorrectly allowed to be moved from the SYSTEM HOST (#15410)
If a Content Type had a detail page that did not exist, the content would fail to index properly (#15423)
When a user session expired, the automatic redirect to the Login page did not work correctly (#15437)
Limited user was unable to reorder menus in the Page editor when any Page was locked by another user (#15450)
Device preview could fail for some users in some browsers (#15474)
Running a new Site Search job could fail in some circumstances (#15475)
When setting the Detail Page for a Content Type, pages on the root of the site could not be selected (#15482)
The PersonaTool.getPersonas() method did not work for unauthenticated (front-end) users (#15484)
Reorder of fields in a Content Type could fail in some circumstances (#15504)
Within the Page editor, Navigation on the Page sometimes did not work properly for limited users (#15506)
In some conditions, an Elasticsearch reindex could get stuck (#15512)
In some cases limited users could not view content which was permissioned to be viewable by unauthenticated users (CMS Anonymous) (#15523)

To view more information on these issues, please visit the dotCMS Github repository.

Deprecated Features

The following features have been officially deprecated in dotCMS 5.0.3. These features have not been removed, and still work normally, but are no longer fully supported, and may be removed in a future dotCMS release.

H2 database is deprecated.

The H2 database was previously fully supported for development only.
With the release of dotCMS 5.0.3, the H2 database is now officially deprecated, even for development.
The H2 database will be replaced in a future version with a dotCMS Docker image which uses a Postgres database.

dotCMS 5.0.2

Available: Sep 19, 2018

dotCMS 5.0.2 is a maintenance release to fix several issues which affected some customers with the dotCMS 5.0.1 release, and to address two newly identified security issues.

It is recommended that all customers running the 5.0.0 and dotCMS 5.0.1 releases upgrade to dotCMS ${version} as soon as possible.

Fixes

Added a check to the startup process to ensure that existing assets are not deleted if the configuration of the existing site is not correct (#14819).
Fixed an issue preventing sorting of content by Workflow Step if any content item was set as [Not Assigned] (#14897).
Fixed an issue which caused an error when attempting to push remove a Site (#15013).
Added the ability to specify a Default Template which is used by default when creating a new Page (#15031).
Fixed an issue could cause content to be saved twice when the content API was used to trigger a Workflow Action (#15053).
Fixed an issue which prevented the options from updating after folder permissions were changed (#15055).
Fixed an issue which could prevent relative paths in stylesheet links from working properly (#15141).
Fixed an issue which could cause loss of a binary field value in certain circumstances on a content with a required relationship (#15157).
Fixed an issue which could prevent proper import or export of Categories containing non-Latin characters (#15174).
Fixed an issue which could prevent push publishing of copied sites (#15175).
Fixed an issue which could cause zero length files when doing a static push without a language variable in the bucket name (#15176).
Fixed an issue which could cause an unnecessary close confirmation prompt when content was not edited (#15177).
Fixed an issue which could cause a Workflow Action popup to display incorrectly in some circumstances (#15184).
Fixed an issue which could sometimes prevent Workflow Tasks from displaying in the task portlet (#15186).
Fixed an issue which could prevent a content from being updated properly via the Workflow REST API in some circumstances (#15192).
Fixed an issue causing the wrong Content Type to initially display when editing a content item (#15198).
Fixed an issue causing incorrect display of content changes when a value for a Required field was not supplied (#15199).
Fixed an issue which could prevent widget pre-execute code from displaying in some circumstances #15202).
Fixed an issue preventing the Detail Page of a Content Type from displaying properly when using a Community license (#15217, #15195).
Fixed an issue which could cause display errors when certain pre-defined names were used for Velocity variables (#15219).
Improved Sass performance when using the LibSass compiler by using fully minified (compressed) CSS (#15222).
Changed the priority in which Vanity URLs resolve paths, to prevent potential issues in some circumstances (#15223).
Fixed an issue which could prevent the NavTool from working properly when a Page was viewed in edit mode (#15229, #15162).
Fixed an issue which could cause Elasticsearch operations to become stuck (#15230).
Fixed an issue preventing the LoginAs feature from working properly with some Role configurations (#15237).
Fixed an issue preventing viewing of content in a custom workflow if the dotCMS instance did not have a valid license (#15238).
Removed an unnecessary message regarding Workflow Actions when viewing a Site (#15272).
Fixed an issue which could make a widget incorrectly appear to have not been updated after an edit (#15283).
Fixed an issue which could cause an error when a specific method is called under certain circumstances within a plugin (#15297).

To view more information on these issues, please visit the dotCMS Github repository.

Security and Privacy Updates

For more information on security issues resolved in this release, please see the Known Security Issues documentation.

Details of the two security issues fixed in this release are currently being withheld, but will be added to the Known Security Issues documentation as soon as affected customers have been notified and have had an opportunity to upgrade or mitigate the issues.

dotCMS 5.0.1

Available: Aug 20, 2018

dotCMS 5.0.1 is a maintenance release to fix several issues which affected some customers with the dotCMS 5.0.0 release.

Fixes

Improved messages when an attempt is made to create a new Language with the wrong values (#13168).
Restored previous behavior auto-selecting a recently edited Content Type in the Content Search window (#13719).
Fixed incorrectly displayed actions when using the Workflow "Who can use" filter (#14534).
Improved feedback to the user when the user does have permissions to edit a Content Type (#14999).
Fixed an issue which could cause the Default Host to be lost after a push under certain conditions (#15020).
Fixed an issue preventing futre Time Machine snapshots from showing the correct content in some circumstances (#15014).
Fixed a minor issue with the Content Search listing after editing content (#15064).
Fixed an issue preventing the deletion of Content Types in dotCMS Community Edition (#15090).
Fixed an issue with the XMLTool Viewtool (#15091).
Fixed an issue with the Page edit screen when running dotCMS on Windows Server (#15097).
Fixed an issue preventing the addition of files to some custom File Content Types (#15105).
Fixed an error which could prevent the creation of new tags when adding tags using double-byte languages (#15107).
Fixed an issue which caused errors in the Containers screen under certain conditions (#15114).
Fixed an issue which could cause errors in the Content Types Tool after a push (#15124).
Fixed an issue preventing the Save Draft Workflow sub-action from working properly with some Content Types (#15129).
Fixed an issue preventing servlet OSGI plugins from being added properly (#15145).
Fixed an issue which could prevent the creation of subcategories under multilingual Category names (#15148).

To view more information on these issues, please visit the dotCMS Github repository.

dotCMS 4.3.2

Available: Feb 28, 2018

dotCMS 4.3.2 is a maintenance release to fix a specific issue which affected a new feature in the 4.3.0 release.

Fixes

The 4.3.2 release includes a fix for a new reported issue in dotCMS 4.3:

Resolved an issue preventing the new libsass compiler support from working properly (#13449).

It is recommended that all customers upgrading to dotCMS 4.3 from an earlier version upgrade directly to 4.3.2
However only customers who wish to use features in the new Sass compiler will be affected by this issue if an earlier release of 4.3 is used.

To view more information on this issue, please visit the dotCMS Github repository.

dotCMS 4.3.1

Available: Feb 22, 2018

dotCMS 4.3.1 is a maintenance release to fix a specific issue which affected some customers with the 4.2.2 and 4.3.0 releases using the dotCMS back-end with a specific version of the Chrome browser.

Fixes

The 4.3.1 release includes a fix for the following reported issue introduced in dotCMS 4.2.0:

Resolved an issue which caused an error when trying to view the Template Builder when using a specific version of the Chrome browser (#13571).

To view more information on this issue, please visit the dotCMS Github repository.

dotCMS 4.3.0

Available: Feb 21, 2018

dotCMS 4.3.0 is a significant release which includes a number of notable changes including two new features, performance and security improvements, and fixes for a number of issues which affected some previous releases.

Important Changes

Changes to Default Behavior

The following differences in default behavior in dotCMS 4.3.0 may change your expectations and require a review of your administration practices. Please review all of these changes before upgrading from a previous release.

Default SASS Compiler Changed

The jruby-based SASS compiler has been replaced with the newer and more full-featured libsass.
For more information, including how to re-enable the legacy jruby-based SASS compiler, please see below.

Fixes

The 4.3.0 release includes fixes for a number of reported issues, including but not limited to the following:

Fixed an issue causing an error in specific conditions after a Push Publishing bundle has been manually deleted 13502).
Fixed an issue preventing LDAP validation with a Platform license (#13478).
Fixed an issue preventing TikaUtils from respecting Categories and Tags 13429).
Fixed an issue which could prevent the push of an entire site from succeeding (#13419).
Updated the content REST API to return Category information for unauthenticated users if the CMS Anonymous user has permission to view the Category (#13418).
Fixed an issue which could cause a push publish to fail if content contained special characters in a Unique field (#13392).
Fixed an issue which could cause push publish triggered via a Workflow to fail (#13373).
Fixed an issue which caused an error if the Integrity Checker was run twice in a row when using the SQL Server database (#13249).
Fixed an issue preventing the Content Type Permissions tab from showing inherited permissions properly under specific conditions (#13180).
Fixed an issue with the password reset function (#13117).
Fixed a potential push publishing error due to a caching error (#13115).
Fixed an error preventing the "/edit" URL parameter from working correctly (#13026).
Fixed an issue causing Categories to be removed from a Page when certain custom workflow actions were taken on the Page (#12333).
Fixed an issue preventing push history from being created for bundles which were force pushed (#9309).

To view more information on these issues, please visit the dotCMS Github repository.

New Features

In addition to the Important Changes listed above, the following additional new features have been added in dotCMS 4.3.0:

New Static Publishing Endpoints (#12669, 12521, 11892).

dotCMS now supports creation of Custom Static Endpoints which save static versions of your site to a local folder (on the server), or any external location accessible via SCP or sFTP.
For more information, please see the Connecting Remote Servers documentation.

"Four Eyes" Principle Workflow Sub-Action

The new "Four Eyes" Workflow Sub-Action enables you to require approval by any two (or more) users from among a group of users.
This Sub-Action is an enhancement of the existing "Require Multiple Approvers" Sub-Action (which required approval from all specified users), to allow specification of a group of users and just require approval from a set number of those users, without requiring approval from all of them.
For more information, please see the Multiple Approval Sub-Actions documentation.

Additional Changes and Improvements in dotCMS 4.3.0

The jruby-based SASS compiler has been replaced with the newer and more full-featured libsass (#13449).

Legacy (jruby-based) SASS compiler support has been deprecated.

The old jruby-based SASS compiler still ships with dotCMS, but is disabled by default.
You may re-enable the legacy jruby-based SASS compiler by changing the new USE_LIBSASS_FOR_SASS_COMPILATION property from true (the default) to false.

The LESS compiler has been deprecated (#13449).

No additional upgrades are planned for the LESS compiler included in the dotCMS distribution.
All support for LESS compilation may be completely removed in a future version of dotCMS.

dotCMS 4.2.2

Available: Nov 14, 2017

dotCMS 4.2.2 is a maintenance release to fix an important issue which affected some customers with the dotCMS 4.2.0 and 4.2.1 releases. It is recommended that all customers running the 4.x series upgrade to 4.2.2 as there are important fixes in this release.

Important Notes

It is recommended that customers upgrading to release 4.2.2 from a release prior to dotCMS 4.1.0 upgrade directly to release 4.2.2 rather than upgrading incrementally.

Customers who upgrade incrementally should make sure to read and follow instructions in the 4.1.0 Change Logs.

Fixes

The 4.2.2 release includes fixes for the following reported issues introduced in dotCMS 4.2.0:

Resolved an issue causing the sort order of fields within Content Types to be reordered incorrectly (#13052).

To view more information on these issues, please visit the dotCMS Github repository.

dotCMS 4.2.1

Available: Nov 12, 2017

dotCMS 4.2.1 is a maintenance release to fix several issues which affected some customers with the dotCMS 4.2.0 release. It is recommended that all customers running the 4.x series upgrade to 4.2.1 as there are important fixes in this release and the 4.2.0 release in general.

Important Notes

It is recommended that customers upgrading to release 4.2.1 from a release prior to dotCMS 4.1.0 upgrade directly to release 4.2.1 rather than upgrading incrementally.

Customers who upgrade incrementally should make sure to read and follow instructions in the 4.1.0 Change Logs.

Fixes

The 4.2.1 release includes fixes for the following reported issues introduced in dotCMS 4.1.0:

Resolved an issue when upgrading from dotCMS v2.5.7 or earlier to dotCMS 3.x and higher (#12862).
Fixed an issue preventing the operation of some Vanity URLs which begin with "/c" (#12918).
Fixed an issue which could cause an exception from the Query Tool when searching in a Category field (#12959).
Fixed an issue which could prevent the creation of a Push Publishing endpoint (#12977).
Fixed an issue which could prevent Pages from displaying for customers using Oracle with a Prime level Enterprise license (#13007).
Fixed an issue which could prevent Vanity URLs converted from earlier versions of dotCMS from displaying (#13017).
Corrected an incorrect default property setting which could prevent the login page from appearing when a non-validated user attempts to access a resource with restricted Permissions (#13025).

To view more information on these issues, please visit the dotCMS Github repository.

dotCMS 3.7.2

Available: Oct 17, 2017

dotCMS 3.7.2 is a maintenance release to fix several issues which affected some customers with the dotCMS 3.7.1 release.

Fixes

The 3.7.2 release includes fixes for the following reported issues introduced in dotCMS 4.1.0:

Fixed an issue which could cause site search jobs run at the same time to overwrite files (#8552).
Fixed a case where FileTool does not respect the DEFAULT_FILE_TO_DEFAULT_LANGUAGE property (#10515).
Fixed an issue preventing configuration of a "receive from" endpoint when using the Oracle database (#10825).
Fixed an issue preventing the push of an empty template when using the Oracle database (#10828).
Fixed an issue preventing proper display of Boolean field values within Containers (#10869).
Fixed an issue which sometimes prevented trial license requests from working (#10967).
Changed Rules caching method to prevent potential "ping-pong" in a clustered environment (#11315).
Changed Elasticsearch configuration to reduce memory usage (#11330).
Updated the default H22 cache configuration to prevent potential deadlocks (#11592).
Fixed an issue preventing compilation of static plugins on Windows environments (#11622).
Fixed a potential out of memory issue when push publishing large bundles (#11835).
Fixed an issue with REST API calls accessing legacy files using ShortyIds (#12627).

To view more information on these issues, please visit the dotCMS Github repository.

Security Improvements

The 3.7.2 release includes solutions for the following potential security issues in the 3.7.1 release:

Prevented a potential file upload vulnerability by an authenticated user (#10974).
Prevented a potential SQL injection vulnerability by an authenticated user when using a specific database with dotCMS (#11811).
Prevented a potential information retrieval vulnerability by an unauthenticated user (#11813).

To view more information on these issues, please visit the dotCMS Github repository.

dotCMS 4.2.0

Available: Oct 16, 2017

dotCMS 4.2.0 is a minor release which includes a number of significant changes including several new features, considerable performance improvements, and fixes for a number of issues which affected previous releases.

Important Changes

A number of important changes in dotCMS 4.2.0 configuration may impact your performance when upgrading an existing site. Please read the documentation sections on all of these changes before upgrading from a previous release.

Required Post-Upgrade Actions

Important: Due to changes in the database in dotCMS 4.2.0, it is necessary to manually re-index your site after the upgrade is complete.

Configuration Changes

The following important changes have been made to configuration in dotCMS 4.2.0:

Velocity Cache Region Changes.

All Velocity cache regions may now be stored to persistent cache (e.g. disk cache, Hazelcast, Redis, etc.).
However it is important that if the velocitycache region is set to use any persistent cache, the velocitymacrocache region must also be configured to use the same persistent cache.
For more information, please see the Cache Chaining documentation.

Inactive Cluster Server Period Removed: The REMOVE_INACTIVE_CLUSTER_SERVER_PERIOD property has been removed (#12573).

Licenses previously utilized by an inactive clustered node are now immediately freed once the heartbeat time-out on that node has been reached.

HTTP Only Session Cookie Property Default: The useHttpOnly property is set to false by default.

This property must be set to true to set all dotCMS cookies to HTTP only, and helps to mitigate the risk of client side scripting when accessing a protected cookie.

Cluster Configuration Property Changes: The DIST_INDEXATION_ENABLED property has been removed from the portal.properties file.
- Please see below for more information.

Changes to Default Behavior

The following differences in default behavior in dotCMS 4.2.0 may change your expectations and require a review of your administration practices. Please review all of these changes before upgrading from a previous release.

WAR File Deployment. When generating a WAR file, the generated file name has been changed from dotcms.war to ROOT.war, to conform better with application server standards and expectations (#11961).
Struts Actions. For security reasons, ALL front end Struts actions are now disabled by default (#11784).

This includes all paths found under /dotCMS/*.
Any Struts actions required for your site operation must be explicitly enabled in the dotmarketing-config.properties file via the properties extension file.

Vanity URL Conversion. When upgrading an earlier version of dotCMS to release 4.2.0, any existing Vanity URLs (created in an earlier version of dotCMS) will be automatically converted to the new Vanity URL Content Type, and configured as either a 200 forward or a 301 redirect, depending on the URL of the "Enter URL to Redirect To" field in the original Vanity URL:

URLs beginning with a "/" will be converted to 200/forward.
URLs containing "//" will be converted to 301/redirect.
The new Vanity URL Content Type contains additional redirect and forward options and after any upgrade, you should review all your Vanity URLs to ensure they redirect or forward in the way you intend.

#dotParse Directive Paths. In order to prevent URL errors, the #dotParse directive is less forgiving and no longer supports paths containing invalid slashes ("/"), such as paths with extra slashes (e.g. "/application/vtl///test.vtl") and pages or files with a trailing slash (e.g. "/company/about-us/index/").

If you have existing Velocity code which contains or generates directives using such invalid paths, it will not longer work after the upgrade, and the code will need to be modified to ensure correct paths are used.

New Features

The following new features have been added in dotCMS 4.2.0:

Layout as a Service: Page and Content Relationships REST API.

The new Page REST API enables you to pull all the elements of any page, each encapsulated into a separate JSON obect, either in JSON format or as rendered HTML. This allows single page apps (SPAs) and other iOT applications to retrieve not just raw content, but also fully rendered layouts and modules, which include server side personalization and other context driven information.
The new Content Relationships REST API enables you to perform a content pull that automatically includes all related items for each item returned in the content pull. This greatly simplifies the retrieval and management of related content without the need for additional content pulls for related content.

Vanity URLs as Content. Vanity URLs have been converted to a standard content type, and are now accessible as content by all existing dotCMS features and tools, including Push Publishing, importing, exporting, permissions, and REST API management.

Vanity URLs may now be viewed from both the Vanity URLs tool (Marketing → Vanity URLs) and the standard Content Search tool (Content → Search).
Existing Vanity URLs will be automatically converted to content when upgrading to release 4.2.0 from an earlier release.

Language Variables as Content. Language Variables have been converted to a standard content type, and are now accessible as content by all existing dotCMS features and tools, including Push Publishing, importing, exporting, permissions, and REST API management.

Existing Language Variables will not be converted to content when upgrading to release 4.2.0 from an earlier release. Instead:

Language Variables created in earlier releases will still show under the Languages tool, while Language Variables created as content will show under the Content Search screen./li>
Language Variables in both the Languages and Content Search screens (both old and new) will be respected; if the same Language Variable exists in both places, the value from the Languages screen will be used.
You may convert old Language Variables to content by importing them into the Content Search screen.

WYSIWYG Field URL Format. You may now specify the URL format that will be used when links are inserted into WYSIWYG fields. For more information, please see the WYSIWYG Field documentation.

Fixes

The 4.2.0 release includes fixes for a number of reported issues, including but not limited to the following:

Fixed an issue which could cause some assets to lose their contents if multiple site search index jobs were scheduled at the same time (#8552).
Fixed an issue causing Network status to display as red (error) when more than one server was configured (#11933).
Fixed a problem pushing content when there is no live version of the Site (#11977).
Fixed an issue in the dojo library configuration preventing dropdowns and filtering select fields from working properly on Windows 10 (#12007).
JBoss fix for Boolean Casting error in 4.1.1 - (#12086).
Fixed an issue which sometimes caused an exception message in the log files when the /edit URL was used to access a page (#12170).
Timestamp inconsistency fixed for clustered nodes - (#12276).
Improved push publishing bundle upload to allow upload of a bundle from the same server it was generated on (#12465).
Fixed an issue preventing the thumbnail from being displayed when a new image is uploaded to a binary field (#12490).
Fixed an issue preventing the Velocity macro cache from being populated properly (#12523).
Fixed an issue when saving a Form system field (#12684).
Fixed an issue which could cause duplicate content on a receiving server if the content type has more than one unique field (#12686).
Fixed an issue where an extra comma was appended at the end of the options saved to a multi-select field #12715).
Fixed slow performance issues when push publishing content with many relationships (#12840).
Fixed an issue preventing a tool from being added to a new Tool Group after it was added to a different Tool Group (#12635).
Prevented the potential to display the contents of VTL files from the front-end (#12855).
Fixed incorrect return values and status codes from the content API (#11878)

To view more information on these issues, please visit the dotCMS Github repository.

Additional Changes and Improvements

The following additional changes have been made in dotCMS 4.2.0:

The generated WAR file name has been changed from dotcms.war to ROOT.war (#11961).
Push Publishing: A number of significant performance improvements have been made to Push Publishing:

Categories can now be pushed as a dependency of content (#12125).
Push Publishing now only retries failed pushes to the specific endpoints which failed (#11500).
When a push fails, the pushed bundle is no longer regenerated in order to retry the push (#12038).

Performance Improvements: Significant performance improvements have been made in a number of areas:

Saving Content: The performance of the contentlet getInode method has been improved (#12488).
Accessing Content: A number of performance improvements were made when searching, indexing, editing, and saving content from the dotCMS back-end (#12497).
User Interface: All Angular routes are now loaded lazily, improving performance when loading the application (#12378).

Library and Tool Upgrades: The following development tools and included libraries have been upgraded or changed:

The NG user interface library has been upgraded to version 4.2.4.
The Hazelcast library has been upgraded to version 3.8.4.
The com.moowork.node library has been upgraded to version 1.2.0.
Replaced the legacy edu.emory.mathcs.backport.java.util.concurrent library with the java.util.concurrent library to improve portability and maintainability.
UI build tools have been migrated from webpack to ng-cli.

Property Changes: The following properties have been changed:

Removed the DIST_INDEXATION_ENABLED property from the portal.properties file (#12453).

In most cases, only the following three properties are now required to configure clustering: AUTOWIRE_CLUSTER_TRANSPORT, AUTOWIRE_CLUSTER_ES, and AUTOWIRE_MANAGE_ES_REPLICAS.

Manually specifying the IP Address and port for cache and Elasticsearch has been deprecated.

Manual cluster configuration is still supported, but clients using manual cluster configuration should begin planning to change to use cluster auto-wiring or to externalize resources instead, as support for manual cluster configuration may be removed in a future release.

Added support for running the dotCMS back-end in Internet Explorer 11 (in addition to MS Edge).

Known Issues

Error Messages Logged when Performing a Static Push (#12187).

Amazon AWS has a known issue (https://github.com/aws/aws-sdk-java/issues/567), which will generate some noise in the dotcms logs when performing a static push to Amazon AWS.
Amazon is working to address the issue, but in the meantime, the stack traces returned from AWS in the dotcms.log file can be ignored.

dotCMS 4.1.0

Available: Jun 1, 2017

dotCMS 4.1.0 is a considered a minor release but still introduces several new features, enhances a few existing features, introduces performance enhancements, and provides fixes some issues with the 4.0.1 release.

New Features
Important Changes

Configuration Changes
Default Behavior Changes

Fixed Issues
Additional Changes and Improvements
Known Issues
Deprecated Features Removed

New Features

In addition to the Important Changes listed above, the following additional new features have been added in dotCMS 4.1.0:

REST API Content Type Management

New JSON based Content Types
New REST Endpoints for defining and managing Content Types, Fields and Field Variables
New API and builders to programmatically create content types.
Backwards compatible
Old structure code, factories and caches are all deprecated.

Hazelcast integration

dotCMS 4.1.0 integrates Hazelcast both as a new cache provider and at the Cluster Transport layer.
Hazelcast Embedded and Client Cache Implementations
Hazelcast replaces JGroups for network discovery and topology
Performance optimizations on distributed caches invalidations (for Hazelcast and Redis) so cache-messages and invalidation-operations are not unnecessarily spread over cluster members

Progressive JPEG Support

dotCMS now supports progressive JPEG images, both for regular display and as a conversion filter. For more information, please see the Image Resizing and Processing documentation.

Use of Environment Variables in Properties Files

You may now reference environment and system variables within your properties files, enabling you to maintain common properties files across multiple dotCMS instances, while making changes to to each local server through environment and system variables. For more information, please see the Changing dotCMS Configuration Properties documentation

New Default Cache Provider/Improvements

caffeineCache has been made the default provider shipping with dotCMS. The caffeineCache provides a more efficient LFU algorithm, vs. Guava�۪s LRU. It will reuse the region settings made for the Guava cache.
H2CacheProvider has been removed. If you have any regions using the H2CacheProvider, they will need to be updated to use the H22Provider.
Live and Working caches have been removed and their regions are no longer needed.
FieldCache has been removed. Calls to it are now made to the ContentType cache
Velocity only requires 2 cache regions, VelocityCache and VelocityMacroCache. Currently, both of these regions can be serialized and or written to disk or clustered.

Important Changes

A number of important changes in dotCMS 4.1.0 configuration may impact your performance when upgrading an existing site. Please read the documentation sections on all of these changes before upgrading from a previous release.

Configuration Changes

The following important changes have been made to configuration in dotCMS 4.1.0:

Vanity URLs Upgraded from earlier versions must be manually edited to restore the correct case in the URLs.

When upgrading to release 4.1.0 from an earlier release of dotCMS, all Vanity URLs will have their case changed to lower case.

However certain Vanity URLs (such as 404 redirects) require a specific case to work properly.
Therefore it is recommended that, after upgrading to release 4.1.0, you manually review all upgraded Vanity URLs, and if necessary restore the case.

If you wish to avoid this issue when upgrading from an earlier version of dotCMS, you may upgrade directly to release 4.2.1 or higher instead of release 4.1.0.

Properties files are automatically reloaded after each change.

The dotmarketing-config.properties, dotcms-config-cluster.properties, and portal.properties files are now continually monitored for changes and automatically reloaded as soon as the file timestamp changes.

In previous versions of dotCMS, changes could take as long as 5 minutes to be reflected, but changes are now reflected almost immediately (typically within a few seconds).

If you wish to restore the previous behavior, you may add the following property to the dotmarketing-config.properties file: dotcms.usewatchermode=false.
For more information, please see the Reloading Property Files section of the Changing dotCMS Configuration Properties documentation.

CSV import now allows only Velocity field variable names as column headers.

You may no longer use field labels as column names.
For more information, please see the Importing Content documentation.

JGroups has been deprecated in favor of Hazelcast for cluster communication.

If you have jgroups cluster specific config, you will need to remove it and place such configuration in the Hazelcast .xml files.

Changes to Default Behavior

In addition, the following differences in default behavior in dotCMS 4.1.0 may change your expectations and require a review of your administration practices. Please review all of these changes before upgrading from a previous release:

All Vanity URLs, folder, file and page lookups are now case insensitive - they are forced to lower-case (#11264).

All new Vanity URLs will be forced to use only lower-case characters when created.
All existing Vanity URLs will be converted to lower-case (only) on upgrade to dotCMS 4.1.0 from an earlier version of dotCMS.

OSGI plugins that override dotCMS java classes now use ByteBuddy instead of jamm (#11142).This change will fix some issues with OSGI Plugins, however, all upgrading clients with a plugin that overrides the startup.sh/startup.bat files will need to modify their plugin to incorporate the new changes to those files.

In addition, a new addClassTodotCMSClassLoader(String className) method was added to the activator, which when called will add your class to the dotCMS Classloader.

The live cache and working cache have been removed.

If you have any plugins from earlier versions of dotCMS which make use of the live and working cache, you will need to update them for dotCMS 4.1.0 to use the new pattern.
For more information on these changes, please see issues #10947 and #11143 in the dotCMS Github repository.

Properties files now support the inclusion of environment and system variables.

For more information, please see the Property File Values section of the Changing dotCMS Configuration Properties documentation.

Properties files are now automatically and immediately reloaded any time they are changed.

For more information, please see the Reloading Property Files section of the Changing dotCMS Configuration Properties documentation.

Change in Variable Name used for Binary Uploads in the REST Content API

RESTfully POSTed content including Binary fields are now expected to use the variable binary + field order.

For example, if the binary field is the 6th field on the content type, the variable name to use is binary6.

If you have automated scripts posting binaries using the REST API, please ensure that you are sending the updated variable name in your POST. You can see the proper name on the Content Type definition screen.

Fixes

The 4.1.0 release includes fixes for a number of reported issues, including but not limited to the following:

Potential read timeout when using JWT authentication behind a proxy (#11348).
OAuth plugin did not respect the `json.web.token.allowhttp` property (#11412).
A structure reindex could not be run from the Content Search tab (#11347).
Hibernate second level cache changed from ehcache to NoCache (#11205).
Improved messages displayed when a user doesn't have permissions to edit some types of content (#11366).
Images were not always displayed on Events displayed on the front-end (#11388).

To view more information on these issues, please visit the dotCMS Github repository.

Upgrading to 4.1.0

Database
- DB User for dotCMS requires Drop/Add Trigger permissions in order for the database to successfully upgrade to 4.1.
- There are 2 SQL startup tasks that lowercase vanity urls and identifiers in the database. These are to help DB performance when doing url lookups when no cached object is found.
-javaagent in startup scripts
- The jamm.jar is no longer used. Please update any custom bin/startup.sh scripts and remove that as the -javaagent. Instead, set the -javaagent to ByteBuddy as seen here: https://github.com/dotCMS/core/blob/fc239043e782d04ca4a7830cee678f56cc838c92/bin/startup.sh#L60
H2CacheProvider is removed
- If you have any custom configed cache regions, you should change these to the newer H22Cache

Additional Changes and Improvements in dotCMS 4.1.0

Velocity performance improvements: A number of performance and memory usage improvements were made to the Velocity engine. Please click the links below for details on these changes:

Internal reliance on Velocity macros has been minimized, and dotCMS now relies on pure java Directives vs Velocity macros. This means more compiled code and less interpreted code, resulting in shorter and faster code execution. The #dotParse and #parseContainer macros have been replaced with Velocity **directives**, significantly improving their performance and memory usage (#11362).
Velocity Memory Improvements (#11236).
Velocity objects in-memory size reduced 50-75%.
All velocity objects are now cacheable and Velocity cache regions are much simplified.
Redundant evaluation of toString disabled in Velocity code (#11441).
Improved performance of DotTemplateTool and Live mode (#11084).

Updated the TestInitialContext.java file to read environmental variables (#11319).

Known Issues 4.1.0

License Notifications for MSSQL and Oracle (#11710)
Respect Default Page to Default Language Property (#11654)
Navigation Tool and Page Fall Thru Property (#11640)
Loading Users Needs Performance Improvement (#11519)

Deprecated Features Removed 4.1.0

Velocity Macros Removed:

#pullContent macro code should be replaced with the $dotContent Tool:

Change

#pullContent("+structureName:Client +Client.footer:yes*","6","random")

To

#set($list = $dotcontent.pull("+structureName:Client +Client.footer:yes*","6","random"))

#pullRelated macro code should be replaced with the $dotContent Tool:

Change

#pullRelatedContent("relationshipName" "211e0406-1c2e-4975-9027-3480c2088464" 10 "modDate")

To

#set($list = $dotcontent.pullRelated("relationshipName","$!{parent.identifier}",false,10,"modDate")

The #dotParse and #parseContainer macros have been replaced with Velocity directives but this requires no code changes, they simply work faster/better.
The following macros have been removed completely (replace with the $dotContent.find tool):

#getContent
#getContentDetail
#getContentDetailByIdentifier
#getContentMapDetail
#getContentMapDetailByIdentifier

Deprecated API's - see the new Content Type API Documentation

com.dotmarketing.portlets.structure.business.StructureAPI
com.dotmarketing.portlets.structure.business.FieldAPI
com.dotmarketing.portlets.structure.factories.FieldFactory
com.dotmarketing.cms.*
This includes all the legacy front end struts actions, including front end login, account creation and management, SubmitContent Macros, Webforms

dotCMS 4.0.1

Available: Mar 23, 2017

dotCMS 4.0.1 is a maintenance release to fix an important issue which affected some customers with the dotCMS 4.0.0 release.

Fixes

Fixed an issue causing an error on startup if the dotCMS server was not connected to the Internet (#11131).

To view more information on this issue, please visit the dotCMS Github repository.

← Newer Versions

Older Versions →