stSoftware October 2016 Release Notes

Take a look at what's new

DBResult will page ahead for large record sets using a separate thread.
Reduce logging of deprecated ReST calls ( was once every call, now once a minute)
No need to check if user "System" can access a record. It can always access a record.
Always search by concrete fields first then derived fields.
Search by the paths with the least steps first
Use LargeLongArray instead of very large native long[] as the G1 garbage collector segments the heap into thousands of smaller heaps. A large native long[] array causes "stop the world" pauses.
DBReslt is now multi-thread safe.

A Excel template for fetching data via ReST services can be downloaded here.

Pop open windows will now automatically expand to the content size.

Invoices and contacts can now be automatically sync'd to Xero when created in ST

New validation on all text&string fields to make sure the character values are within the illegal XML/HTML character range.
Special parameters are checked to make sure they pattern match expected values if not a status 400 is returned.
Special parameters for controlling window flow are sanitized.
Automated unit test added which randomly injects standard attack strings into random screen parameters added to the daily builds.
Validate all search parameters are valid before attempting the search

The text expander has be fixed to expand the text box to 80% of the window width

save image

ReST v5/sync has been enhanced to call v7/class
Fix issue where one call setting the cursor size could leak over to a later call ( because of thread pooling).
de-duplicate paths parameter
return status 400 for classes that don't record journal data
Correctly handle classes that have fields/subclasses defined in different layers
Scan the trans_data table instead of joining to trans_record
Removed the select overhead in isApplicable() method completely.
Adjust page size to fix within desired maximum block time.

fixed issue found in v6/class when the _href is repeatedly followed from one call to v6/class to another.
Fixed a n! performance issue in v6/class when scrolling very large data sets ( tested on a production 500k recordset), this is fixed by the cursor id which is passed back in the next parameter. The new ReST v7/class now supports cursors for scroll very large datasets ( 500k+) plus setting the cache headers when a key & timestamp are passed.
Issue with v6/class where the transaction/layer part of the key passed to class rest service gets translates to a timestamp then linked records keys are returned with the maximum transaction for that record. When you then ask for the next record the process repeats but the next linked records will be as of the timestamp of the second linked record.
Corrected handling of fetching records for classes without a primary key in v6/class
Validate the parameters better to prevent 500 statuses in v6/class ( 400 instead)
Corrected support for cache headers ( only set cache headers when archive is used)
deprecated v6/class

sanity checks

Don't use Archive for private database sites
heartbeat to check the last back up time.
fixed margin & alignment in member payment report
new field Business:displayABN which correctly formats the ABN
ReST to allow call timeout
Handle guest sessions in server clusters.
Mask password in logs when failing to connect to an SFTP server.
Check Integer overflow in ReST services.
Fixed file location to contain layer id.
Fixed issue where searching for temporary rows ( performance issue as row will never be found)
Retry connection to mail server. Suppress error message if retry succeeds.
Removed unused GWT modules. All GWT modules are now deprecated and will be removed over time.

Tags: release XSS