Home » Oreps » Dataverse » All Releases » v4.19 Release
iqss/dataverse
Open source research data repository software
Watch
1
Commit Activity
Directory Browser
Velocity History
Releasesv4.19
Basic Details Issues Addressed Top Contributors Directory Browser Release Notes
Dataverse v4.19

Dataverse: v4.19 Release

Release date:
January 21, 2020
Previous version:
Could not determine previous release version
Magnitude:
0 Diff Delta
Contributors:
0 total committers
Data confidence:
Commits:
0 impacting commits

84 Features Released with v4.19

6083 documentation update native api examples
#6579
Merge v4.19 into master
#6552
revert formatting changes in branch
#6509
6506 4.19 release notes
#6539
Make connection pool fair with respect to waiting threads.
#6416
#6504 fix lock refresh
#6508
Shib attribute character set conversion enabled
#6956
Allow ActiveSupport::Deprecation features to be used by rails applications and library authors
#6348
Fix a problem of translate_exception method in a Japanese (non English) environment.
#6397
Authenticity token div in form_for causing display issues
#6403
properly handling invalid scryRenderedDOMComponentsWithClass args
#6529
Fixed bug where enums limit were getting set as 0
#6432
select_date html_options problem ?
#6506
keep integration (4 widgets) working with Drupal 8 version (under development) of OpenScholar
#6381
Redirect route inspect
#6391
Webview on android doesn't load embed youtube url
#6405
Translation to Spanish: Verify and update translation of bootstrap.json
#6498
[Guides] refactor rakefile to have a :guides namespace and a task that shows help
#6502
Reorder deep_symbolize_keys methods
#6493
Return Pathname from Rails::Paths::Path#paths. Fixes build 4008.1
#6483
Absolute partial paths need to be preserved in namespace
#6478
fix(provide): provide should default to parentVal during merging, fix #6436
#6473
Properly discover a connection is closed in postgresql_adapter
#6477
Add license field to gemspecs, by Matt Griffin
#6462
Fixes various typos, fetch_url now working, changed command composure for wait_for_service
#6460
Added session.keys and session.values back to ActionDispatch::Request::Session
#6453
Add unknown property warning for use of `autofocus`
#6461
url_for(:controller => 'un_existing', :action => 'show) returns /assets url in 3.2
#6459
Refactor date related input helpers
#6452
Upgrade to Chrome 49
#4714

Browse Other Releases

Latest Pending Unreleased 😎
v5.1.1 Released October 8, 2020
0 Δ
v5.1 Released October 5, 2020
0 Δ
v5.0 Released August 18, 2020
218 Δ
v4.20 Released March 30, 2020
408 Δ
v4.19 Released January 21, 2020
0 Δ
v4.18.1 Released November 20, 2019
0 Δ
v4.18 Released November 13, 2019
62 Δ
v4.17 Released October 3, 2019
0 Δ
v4.16 Released August 28, 2019
0 Δ
v4.15.1 Released July 10, 2019
0 Δ

Top Contributors in v4.19

Could not determine top contributors for this release.

Directory Browser for v4.19

We couldn't find a release before this one

Release Notes Published

Dataverse 4.19

This release brings new features, enhancements, and bug fixes to Dataverse. Thank you to all of the community members who contributed code, suggestions, bug reports, and other assistance across the project.

Release Highlights

Open ID Connect Support

Dataverse now provides basic support for any OpenID Connect (OIDC) compliant authentication provider.

Prior to supporting this standard, new authentication methods needed to be added by pull request. OIDC support provides a standardized way for authentication, sharing user information, and more. You are able to use any compliant provider just by loading a configuration file, without touching the codebase. While the usual prominent providers like Google and others feature OIDC support there are plenty of other options to easily attach your installation to a custom authentication provider, using enterprise grade software.

See the OpenID Connect Login Options documentation in the Installation Guide for more details.

This is to be extended with support for attribute mapping, group syncing and more in future versions of the code.

Python Installer

We are introducing a new installer script, written in Python. It is intended to eventually replace the old installer (written in Perl). For now it is being offered as an (experimental) alternative.

See README_python.txt in scripts/installer and/or in the installer bundle for more information.

Major Use Cases

Newly-supported use cases in this release include:

  • Dataverse installation administrators will be able to experiment with a Python Installer (Issue #3937, PR #6484)
  • Dataverse installation administrators will be able to set up an OIDC-compliant login options by editing a configuration file and with no need for a code change (Issue #6432, PR #6433)
  • Following setup by a Dataverse administration, users will be able to log in using OIDC-compliant methods (Issue #6432, PR #6433)
  • Users of the Search API will see additional fields in the JSON output (Issues #6300, #6396, PR #6441)
  • Users loading the support form will now be presented with the math challenge as expected and will be able to successfully send an email to support (Issue #6307, PR #6462)
  • Users of https://mybinder.org can now spin up Jupyter Notebooks and other computational environments from Dataverse DOIs (Issue #4714, PR #6453)

Notes for Dataverse Installation Administrators

Security vulnerability in Solr

A serious security issue has recently been identified in multiple versions of Solr search engine, including v.7.3 that Dataverse is currently using. Follow the instructions below to verify that your installation is safe from a potential attack. You can also consult the following link for a detailed description of the issue:

<A HREF="https://github.com/veracode-research/solr-injection#7-cve-2019-xxxx-rce-via-velocity-template-by-_s00py">RCE in Solr via Velocity Template</A>.

The vulnerability allows an intruder to execute arbitrary code on the system running Solr. Fortunately, it can only be exploited if Solr API access point is open to direct access from public networks (aka, "the outside world"), which is NOT needed in a Dataverse installation.

We have always recommended having Solr (port 8983) firewalled off from public access in our installation guides. But we recommend that you double-check your firewall settings and verify that the port is not accessible from outside networks. The simplest quick test is to try the following URL in your browser:

  `http://<your Solr server address>:8983`

and confirm that you get "access denied" or that it times out, etc.

In most cases, when Solr runs on the same server as the Dataverse web application, you will only want the port accessible from localhost. We also recommend that you add the following arguments to the Solr startup command: -j jetty.host=127.0.0.1. This will make Solr accept connections from localhost only; adding redundancy, in case of the firewall failure.

In a case where Solr needs to run on a different host, make sure that the firewall limits access to the port only to the Dataverse web host(s), by specific ip address(es).

We would also like to reiterate that it is simply never a good idea to run Solr as root! Running the process as a non-privileged user would substantially minimize any potential damage even in the event that the instance is compromised.

Citation and Geospatial Metadata Block Updates

We updated two metadata blocks in this release. Updating these metadata blocks is mentioned in the step-by-step upgrade instructions below.

Run ReExportall

We made changes to the JSON Export in this release (#6426). If you'd like these changes to reflected in your JSON exports, you should run ReExportall as part of the upgrade process. We've included this in the step-by-step instructions below.

BinderHub

https://mybinder.org now supports spinning up Jupyter Notebooks and other computational environments from Dataverse DOIs.

Widgets update for OpenScholar

We updated the code for widgets so that they will keep working in OpenScholar sites after the upcoming upgrade OpenScholar upgrade to Drupal 8. If users of your dataverse have embedded widgets on an Openscholar site that upgrades to Drupal 8, you will need to run this Dataverse version (or later) for the widgets to keep working.

Payara tech preview

Dataverse 4 has always run on Glassfish 4.1 but changes in this release (PR #6523) should open the door to upgrading to Payara 5 eventually. Production installations of Dataverse should remain on Glassfish 4.1 but feedback from any experiments running Dataverse on Payara 5 is welcome via the usual channels.

Notes for Tool Developers and Integrators

Search API

The boolean parameter query_entities has been removed from the Search API. The former "true" behavior of "whether entities are queried via direct database calls (for developer use)" is now always true.

Additional fields are now available via the Search API, mostly related to information about specific dataset versions.

Complete List of Changes

For the complete list of code changes in this release, see the <a href="https://github.com/IQSS/dataverse/milestone/86?closed=1">4.19 milestone</a> in Github.

For help with upgrading, installing, or general questions please post to the <a href="https://groups.google.com/forum/#!forum/dataverse-community">Dataverse Google Group</a> or email [email protected].

Installation

If this is a new installation, please see our <a href="http://guides.dataverse.org/en/4.19/installation/">Installation Guide</a>.

Upgrade

  1. Undeploy the previous version.
  • <glassfish install path>/glassfish4/bin/asadmin list-applications
  • <glassfish install path>/glassfish4/bin/asadmin undeploy dataverse
  1. Stop glassfish and remove the generated directory, start.
  • service glassfish stop
  • remove the generated directory: rm -rf <glassfish install path>glassfish4/glassfish/domains/domain1/generated
  • service glassfish start
  1. Deploy this version.
  • <glassfish install path>/glassfish4/bin/asadmin deploy <path>dataverse-4.19.war

  1. Restart glassfish.

  2. Update Geospatial Metadata Block

  • wget https://github.com/IQSS/dataverse/releases/download/v4.19/geospatial.tsv
  • curl http://localhost:8080/api/admin/datasetfield/load -X POST --data-binary @geospatial.tsv -H "Content-type: text/tab-separated-values"
  1. (Optional) Run ReExportall to update JSON Exports

http://guides.dataverse.org/en/4.19/admin/metadataexport.html?highlight=export#batch-exports-through-the-api

GitClear uses cookies to ensure you get the best experience on our website. Learn more