1 = Evergreen 3_11 Release Notes =
16 == Lineitem Detail Audit Table ==
18 The default schema has added an audit table for the
19 `acq.lineitem_detail` table. The audit table is NOT created during
20 database upgrade. If you wish to add the audit table to your
21 Evergreen installation, you can run the following SQL in your
26 SELECT acq.create_acq_auditor ( 'acq', 'lineitem_detail' );
27 CREATE INDEX acq_lineitem_detail_hist_id_idx ON acq.acq_lineitem_detail_history( id );
28 CREATE INDEX acq_lineitem_detail_hist_lineitem_idx ON acq.acq_lineitem_detail_history( lineitem );
29 CREATE INDEX acq_lineitem_detail_hist_fund_debit_idx ON acq.acq_lineitem_detail_history( fund_debit );
37 == Enhanced Concerto dataset ==
39 An alternative sample dataset called "Enhanced Concerto" is now
40 available. This dataset includes a more realistic organizational
41 unit structure and additional data with which to test Evergreen
44 The "Enhanced Concerto" dataset supports human-driven testing
45 and community demonstrations. However, at present, automated
46 tests, particularly the ones found in `Open-ILS/src/sql/Pg/live_t`
47 and `Open-ILS/src/perlmods/live_t`, are not guaranteed to pass
48 with the "Enhanced Concerto" dataset; instead, they remain targeted
49 to working with the original "Concerto" dataset.
51 === Installing the dataset ===
53 The dataset can be loaded when installing Evergreen by using the
54 `--load-concerto-enhanced` option of `eg_db_config`. For example:
58 perl Open-ILS/src/support-scripts/eg_db_config --update-config \
59 --service all --create-database --create-schema --create-offline \
60 --user <user> --password <password> --hostname <hostname> --port <port> \
61 --database <dbname> --admin-user <admin-user> --admin-pass <admin-pass> \
62 --load-concerto-enhanced
65 The `--load-concerto-enhanced` switch is mutually exclusive with the
66 `--load-all-sample` switch to load the full original "Concerto" dataset
67 and the `--load-concerto` switch to load just the bibs, items, and
68 authorities from the original "Concerto" dataset.
70 === Updating the dataset ===
72 An experimental script called `make_concerto_from_evergreen_db.pl` is
75 * updating the dataset as Evergreen's schema evolves
76 * incorporating changes to the dataset from a running Evergreen system
78 The script compares data between different versions of an
79 Evergreen database depending on how it is invoked. This script has known
80 bugs and its output *must* be manually reviewed before being committed.
83 == --pipe option for marc_export ==
85 Add a --pipe option to marc_export to force reading of record ids from
86 standard input when one or more of the --library, or
87 --descendants options are used. This permits more flexibility when
88 exporting records with holdings for given libraries or subsets of a
91 It is an error to specify the --all or --since and --pipe options in the same
101 --pipe --library BR1 [Filter the list of bib ids by those
102 with BR1 as the Owning Library]
104 --pipe --descendants BR1 [Filters the list of bib ids by those
105 with BR1 or descendants as the Owning Library]
110 == --strip option for marc_export ==
112 The --strip option is used to suppress generation of specified elements
113 from the marc_export output. The option, which can be specified more than
114 once, is in one if these forms:
118 --strip <field RE>/<subfield RE>
119 --strip /<subfield RE>
124 --strip 856/0 [Delete subfield 0's in fields with tag 856.]
126 Regular expressions are accepted:
128 --strip 8../0 [Delete subfield 0's in fields with tag 800-899.]
130 If the field is omitted, it is as if you specified "..." for the field RE.
132 --strip /0 [Delete subfield 0's in all fields.]
133 --strip /[abc] [Delete subfield a, b or c in all fields.]
135 If the slash and subfield are omitted, it means to delete the given fields.
137 -strip 856 [Delete fields with tag 856]
139 If the slash is present, but the subfield is omitted, it means "all subfields"
141 --strip 856/ [Delete all subfields with tag 856]
145 == Applying Missing Database Upgrades ==
147 This patch fixes a situation where an Evergreen database that had
148 been been upgraded to 3.6.0 at some point in its past using the
149 3.5.1-3.6.0 DB update script may be missing some DB revisions.
151 The following bugfixes are affected:
153 - https://bugs.launchpad.net/evergreen/+bug/1788260
154 - https://bugs.launchpad.net/evergreen/+bug/1908727
155 - https://bugs.launchpad.net/evergreen/+bug/1835127
156 - https://bugs.launchpad.net/evergreen/+bug/1910891
157 - https://bugs.launchpad.net/evergreen/+bug/1882825
158 - https://bugs.launchpad.net/evergreen/+bug/1096209
161 == Improvements to Mapping Permissions to Groups ==
163 The dialog to add permission mappings to a group in the Permission
164 Groups administrative interface now allows multiple permissions
165 to be added in one invocation. This reduces the number of clicks
166 and keyboard interactions required when adding a large number of
174 == Malicious Search Protection ==
176 Evergreen sometimes sees some "novel" query strings in the wild that
177 cause the search backend to time out or worse. These are sometimes
178 malicious and sometimes accidental, but the effect on users is the
181 The changes here improve query compilation in several respects in order
182 to reduce the chances of an overly complex query causing problems for
183 the search subsystem.
185 More work is done up front to simplify and combine parts of the
186 resulting SQL, allowing more work to be done closer to the data.
187 This change allows Evergreen to handle many more tested or chained
188 boolean expressions, and negated terms are now handled directly in
189 line with other adjacent terms. Phrases (exact matches) are now
190 searched for using Postgres' adjacency tsearch operator.
192 All of these changes work together to improve performance by getting
193 more search work done in fewer database operations while protecting
194 against certain query constructs that have caused problems in the
199 == Angular and Bootstrap Updates for Staff Interface ==
201 The Angular staff interface now uses Angular 15 and Bootstrap 5. This
202 introduces various changes to how the staff interface styling is
203 done; developers should take note.
206 == Fix SQL Injection Vulnernability ==
208 An SQL injection vulnernability related to the implementation of
209 search term highlights is now closed.
214 This feature allows for the separation of bib and authority record
215 updates and the search (and other) indexing that occurs when a record is
216 modified in some way. Prior to this feature, bib and authority records
217 would be indexed immediately upon an update.
219 While individual record ingest has not become a problem with regard to
220 system performance or interface usability, there exist several batch
221 operations which aggregate many inserts or updates and whose aggregate
222 ingest time cost can be significant. These include, but are not
223 limited to, reingest caused by authority control propagation, reingest
224 required by the addition or modification of indexing configuration,
225 cataloging and acquisitions record import and overlay from the staff
226 interface, and upgrade-time reingest required by structural changes
227 to the underlying indexing and search system.
231 When Queued Ingest is enabled, a new control script, `ingest_ctl`, is
232 available to perform several functions:
234 * Run in the background to process the queues of indexing requests
235 * Display statistics of queued ingest activity
236 * Specify that a set of records should be reindexed.
238 Here are some examples of how it is used:
241 ------------------------------------------------------------------------------------
242 # Enqueue records 1-500000 for reingest later, just one worker for the queue
243 /openils/bin/ingest_ctl --queue-threads 1
245 --queue-run-at tomorrow
247 --queue-name "slowly updating records due to new RDA attributes"
248 --start-id 1 --end-id 500000
250 # Start the background worker
251 /openils/bin/ingest_ctl --coordinator --max-child 20
253 # Stop the background worker
254 /openils/bin/ingest_ctl --coordinator --stop
256 # Process whatever you can Right Now
257 /openils/bin/ingest_ctl --max-child 20
259 # Process a single queue Right Now
260 /openils/bin/ingest_ctl --queue 1234 --max-child 20
262 # Stats on Queued Ingest processing so far today
263 /openils/bin/ingest_ctl --stats --since today --totals-only
264 ------------------------------------------------------------------------------------
266 This script also requires the following switches (or environment
267 variables) in order to connect to the database:
269 * `--db_user` (or environment variable `PGUSER`)
270 * `--db` (or environment variable `PGDATABASE`)
271 * `--dbpw` (or environment variable `PGPASSWORD`)
272 * `--db_port` (or environment variable `PGPORT`)
276 This feature adds several new global flags:
280 | Global Flag | Enabled
282 | Queued Ingest: Abort transaction on ingest error rather than simply logging an error | no
283 | Queued Ingest: Queue all bib record updates on authority change propagation, even if bib queuing is not generally enabled | no
284 | Queued Ingest: Use Queued Ingest for bib record ingest on insert and undelete | no
285 | Queued Ingest: Use Queued Ingest for authority record ingest on insert and undelete | no
286 | Queued Ingest: Use Queued Ingest for bib record ingest on update | no
287 | Queued Ingest: Use Queued Ingest for authority record ingest on update | no
288 | Queued Ingest: Use Queued Ingest for bib record ingest on delete | no
289 | Queued Ingest: Use Queued Ingest for authority record ingest on delete | no
290 | Queued Ingest: Maximum number of database workers allowed for queued ingest processes | yes; default value 20
291 | Queued Ingest: Use Queued Ingest for all bib record ingest | no
292 | Queued Ingest: Use Queued Ingest for all bib and authority record ingest | no
293 | Queued Ingest: Do NOT use Queued Ingest when creating a new bib, or undeleting a bib, via the MARC editor | yes
294 | Queued Ingest: Use Queued Ingest for all authority record ingest | no
295 | Queued Ingest: Do NOT Use Queued Ingest when editing bib records via the MARC Editor | yes
298 This feature does not add any new library settings or permissions.
300 === Upgrade Notes ===
302 Queued Ingest is not automatically turned on upon upgrade. to enable it,
303 at minimum the following actions should be taken:
305 * Enable at least the "Use Queued Ingest for all bib and authority record
307 * Ensure that `ingest_ctl` is running with the `--coordinator` flag.
314 == Catalog Staff View ==
316 Adds a Staff View tab to the record details page in the staff catalog.
317 In addition to showing various fields from the bib record, it also shows
318 a count of hold requests and a break-down of available items versus
319 total items, and it shows a breakdown of similar records by formats and
320 language editions, based on the associated metarecord.
328 == Adjust Hold Cancel Reasons ==
330 The dialog to confirm canceling a hold in the staff interface
331 now lists only hold cancel reasons that can be manually applied,
332 excluding the ones that can only be automatically applied.
334 In addition, two more hold cancel reasons are added:
340 == New Permission for Viewing Holds Pull List ==
342 Access to the holds pull list is now restricted to users with the
343 VIEW_HOLD_PULL_LIST permission. By default, this new permission is granted to
344 all users with the VIEW_HOLDS permission.
352 == Angular navbar keyboard navigation ==
354 Adds basic keyboard navigation support to the Angular web client navbar as follows:
356 * Use the Tab key to move between the top-level menu items.
357 * Press Enter, Space, or the down arrow on a top-level item to open its submenu. Pressing Esc will close it.
358 * Shift-tab from the first submenu item back to the top level, and use Enter or Space to toggle the button again and close the submenu.
359 * Within the submenu, use either Tab and shift-Tab to move up and down, or the up/down arrow keys.
366 == Multi-term Did You Mean search suggestions ==
368 Expanding on the previous single-class, single-term search suggestion
369 development, this feature provides suggestions for single-class searches
372 * The Library Settings that were previously used to control the global
373 behavior of search suggestions have been moved to search class
374 configuration fields. This was done because the data in each search
375 class benefits from different setting values. If the Library Settings
376 had been set, they will be used to update the corresponding search
377 class configuration fields. Regardless, Evergreen administrators are
378 recommended to review the settings.
380 * If a patron's search matches a variant or non-preferred heading from
381 an authority record, if the main heading of that authority is linked
382 to at least bibliographic record, the system will provide that main
383 heading as a suggestion as well, along with spelling-corrected suggestions.
385 * Quoted phrases in user input require strict term order and adjacency
386 for the phrase portion of the suggestion generated for the phrase(s),
387 whereas unquoted input (or the portion that is not quoted) does not.
389 === MARC Search/Facet Class field additions ===
391 * variant_authority_suggestion Whether this class should attempt variant authority suggestions based on search-class/browse-axis mapping
392 * symspell_transfer_case Whether suggestions should retain user-supplied letter case
393 * symspell_skip_correct Only supply suggestions to misspelled words
394 * symspell_suggestion_verbosity Setting that controls the amount of effort, and therefore time, spent on suggestion generation
395 * max_phrase_edit_distance Maximum average per-word edit distance when evaluating suggestions
396 * suggestion_word_option_count Maximum alternate suggestions per word
397 * max_suggestions Maximum suggstions to present
398 * low_result_threshold Maximum hit count beyond which suggestions are not provided
399 * min_suggestion_use_threshold Minimum number of times a suggestion must exist in the corpus
400 * pg_trgm_weight Weight of the trigram similarity metric; 0 avoids calculation costs
401 * soundex_weight Weight of the soundex similarity metric; 0 avoids calculation costs
402 * keyboard_distance_weight Weight of the keyboard distance similarity metric; 0 avoids calculation costs
406 If the databse has authority records that are linked to bilbiographic
407 records, a reingest of the search suggestion dictionary is recommended.
409 Instructions for performing that reingest are included in the database
410 update scripts and will be output to the log when those scripts are
414 == Restrict login redirect ==
416 As a security best-practice, Evergreen should not allow arbitrary
417 redirection on successful login, but instead limit redirection to
418 local links or configured domains and schemes.
420 This feature is controlled by a new global flag called *opac.login_redirect_domains*
421 which must contain a comma-separated list of domains. All hostnames
422 under each domain is allowed for redirect, and the scheme of the
423 redirect URL must be one of http, https, ftp, or ftps.
427 == Accepting payments with SmartPAY ==
428 SmartPAY is a payment processing service that lets
429 sites take credit card payments without payment card information ever
430 touching the sites' own servers.
432 === Library Settings ===
433 The following settings need to be set at the appropriate org level for
434 sites wanting to use SmartPAY.
436 * "Allow Credit Card Payments" (should be 'true')
438 credit.payments.allow
440 * "Enable SmartPAY payments" (should be 'true')
442 credit.processor.smartpay.enabled
444 * "SmartPAY location ID" (value provided by Comprise)
446 credit.processor.smartpay.location_id
448 * "SmartPAY customer ID" (value provided by Comprise)
450 credit.processor.smartpay.customer_id
452 * "SmartPAY login name" (value provided by Comprise)
454 credit.processor.smartpay.login
456 * "SmartPAY password" (value provided by Comprise)
458 credit.processor.smartpay.password
460 * "SmartPAY API key" (value provided by Comprise)
462 credit.processor.smartpay.api_key
464 * "SmartPAY server name" (value provided by Comprise)
466 credit.processor.smartpay.server
468 * "SmartPAY server port" (value provided by Comprise)
470 credit.processor.smartpay.port
472 * "Name default credit processor" (should be 'SmartPAY')
474 credit.processor.default
480 * Add patron home library code as a column to the View Holds grid in the staff catalog record details page (LP#1991726)
481 * Include template ID in the template table in the Reporter (LP#1998386)
482 * Remove the `pub` flag from the `biblio.record_note` table (LP#1978978)
483 * Add the publication date to the Staff Catalog's Shelf Browse (LP#1999432)
484 * Resolve search performance degradation with PostgreSQL version 12 and up (LP#1999274)
485 * Improved styling of paid line items in acquisitions screens (LP#1999270)
486 * Improved styling of the keyboard shortcut info modal (LP#1999955)
487 * (Developer) Add Emacs mode to `fm_IDL.xml` (LP#1914625)
488 * `autogen.sh` can now accept a `-c` switch to specify the location of `opensrf_core.xml`. This is useful for certain multi-tenant setups of Evergreen. (LP#2003707)
489 * Better organization of acquisitions line item alert fields (LP#2002977)
490 * Prevent templates from applying or changing magical status in angular holdings editor (LP#1999401)
491 * Prevent directly editing the shelving location deleted field in the Shelving Locations Editor (LP#2002435)
492 * The "Strict Barcode" checkbox is now closer to the barcode input on the Check Out, Check In, and Renew Items pages (LP#1990968)
493 * LP1929593 UPDATE_COPY_BARCODE permission
495 This adds the permission UPDATE_COPY_BARCODE and a new API call,
497 open-ils.cat.update_copy_barcode
499 which explicitly tests for both UPDATE_COPY_BARCODE and UPDATE_COPY,
500 with either being sufficient for allowing a barcode change. Existing
501 Replace Barcode UI's in both Angular and AngularJS have been modified
502 to use this API call instead of the pcrud service. One side-effect of
503 this has been better surfacing of errors, as errors in pcrud were
504 uncaught and bypassing the normal error handling. This addresses
507 The upgrade script gives any permission groups that already have the
508 UPDATE_COPY permission the new UPDATE_COPY_BARCODE permission at the
509 same depth, though it's technically not needed.
510 * Patron and staff login forms now include a button to reveal the password input. (LP#1977554)
511 * Adds new Local Administration entries for Item Statistical Categories Editor and Patron Statistical Categories Editor, which are angularized interfaces.
512 * Tweaks eg-grids to underline hyperlinks within cells. This potentially affects multiple interfaces.
513 * eg-org-family-select now supports persistKey
514 * LP1965446 Option to Disable Title-Level Holds on Bib Records with Parts
516 This feature adds one global flag and one library setting, respectively:
518 * circ.holds.api_require_monographic_part_when_present
519 Holds: Require Monographic Part When Present for hold check.
520 * circ.holds.ui_require_monographic_part_when_present
521 Require Monographic Part when Present
523 Normally the selection of a monographic part during hold placement is optional if there is at least one copy
524 on the bib without a monographic part. A true value for this setting for any involved owning library for the
525 bib or for the global flag will require part selection even under this condition. This essentially removes
526 the All/Any Parts option from the part selection drop-down, for both versions of the public catalog (TPAC and
527 BOOPAC), and for the Angular staff catalog interface. It should be noted that if the library setting is set
528 below the consortium level, Title level holds may be allowed for some libraries and not others.
530 At the API level, we consider just the global flag and will throw a TITLE_HOLD_WHEN_MONOGRAPHIC_PART_REQUIRED
531 event for a title hold request when there are items with monographic parts on the bib. It is possible for
532 the library settings and the global flag to differ, but the global flag will catch every instance of hold
533 placement including those by third party callers, SIP, etc.
534 * Links the lineitem id link in Acquisitions search results to the lineitem detail page rather than the purchase order. (LP#2003946)
535 == Angular navbar keyboard navigation ==
537 Adds basic keyboard navigation support to the Angular web client navbar as follows:
539 * Use the Tab key to move between the top-level menu items.
540 * Press Enter, Space, or the down arrow on a top-level item to open its submenu. Pressing Esc will close it.
541 * Shift-tab from the first submenu item back to the top level, and use Enter or Space to toggle the button again and close the submenu.
542 * Within the submenu, use either Tab and shift-Tab to move up and down, or the up/down arrow keys.
547 == Acknowledgments ==
548 The Evergreen project would like to acknowledge the following
549 organizations that commissioned developments in this release of
553 * Evergreen Community Development Initiative
555 * King County Library System
556 * Pennsylvania Integrated Library System
557 * Westchester Library System
559 We would also like to thank the following individuals who contributed
560 code, translations, documentations patches and tests to this release of
567 * Andrea Buntz Neiman
578 * Blake Graham-Henderson
611 We also thank the following organizations whose employees contributed
618 * Equinox Open Library Initiative
620 * Georgia Public Library Service
621 * Kenton County Library
622 * King County Library System
623 * Lake Agassiz Regional Library
625 * Linn Benton Community College
629 * Princeton University
631 * Westchester Library System
633 We regret any omissions. If a contributor has been inadvertently
634 missed, please open a bug at http://bugs.launchpad.net/evergreen/