🚀 v5.17

This changelog provides a detailed overview of technical changes, including new features, bug fixes, and maintenance updates. It is intended for developers, DevOps engineers, and technical teams to track system improvements and API modifications.

Each update is categorized into:

  • Added – New features and functionality improvements
  • 🛠️ Fixed – Bug fixes and stability enhancements
  • 🔧 Chore – Code refactoring, performance optimizations, and internal updates
  • ⚠️ Breaking change – Changes that modify existing system behavior or require adjustments in configuration, calculations, templates, or integrations


[5.17.6] - 2026-06-24

🛠️ Fixed

  • tas-3526 AuthorizationAuthController - restore authority fallback on login: when the default authority is used and rejects the credentials, the other enabled credential-based authorities (password/ldap) are retried in authOrder, so a user can still sign in through whichever one accepts them
    Note: Fallback only runs for the default-authority path (no explicit auth_id); an explicitly selected authority is not silently retried elsewhere. AuthorityFactory.getSortedFallbacks(excludeAuthId?) returns the enabled password/ldap authorities ordered by authOrder, excluding the already-tried one.
  • tas-3201 [Emails] MailUsageStatisticsCron: fix the finishedTasksStatistics attachment filename, which was sent as finishedTasficsStatisticson (missing .json extension) and could be misinterpreted by mail clients as a binary file; the email body and the attachment now derive the reported month/year from a single previousMonth source so they can no longer drift apart
  • tas-3486 [Calculations] Transpilation - change Array.map() and Array.flatMap() transpilation from Promise.all() to a sequential for-loop so calculation scripts run their async callbacks in deterministic order; the callback is now invoked directly, preserving the element, index and array parameters as well as destructuring patterns and function references, and flatMap flattens one level (spread arrays, push scalars)
    Note: Callbacks now run sequentially instead of in parallel, which is intentional but may run slower for scripts that relied on parallelism. Existing transpiled calculations keep the old Promise.all pattern until they are re-transpiled; use the system console commands sys.retranspileCalculationsByProcessId(tprocId), sys.retranspileCalculationsByTaskId(ttaskId) or sys.retranspileGlobalScripts() to re-transpile them.
  • tas-3509 FirebaseConnector - fix startup verification: replace the auth listUsers + dry-run messaging send (which always threw on the deliberately invalid token and proved nothing) with a side-effect-free credential.getAccessToken() credential check, wrap init in try/catch, and log the actual error via console.error on init failure
  • tas-3510 Fix cronRun failing to find error on heartbeat monitor

[5.17.5] - 2026-06-18

✨ Added

  • tas-3432 [Emails] EWS removal safeguard - migration now logs the stored configuration of any remaining legacy EWS email cron (EwsCreateProcessesFromMailCron/EwsCheckUnprocessedMailsCron) during the update, so it can be recovered from the update log before the orphan-cron cleanup deletes the row
    Note: If an EWS mailbox configuration needs to be migrated to the MS Graph cron after the update, retrieve it from the update log line tagged [tas-3432], which contains the full CRON_PARAMETERS of each EWS cron that existed at update time.

🛠️ Fixed

  • tas-3479 [Prints] PDF print - fix net::ERR_BLOCKED_BY_RESPONSE when rendering over internal container URLs; backend resources embedded in the print page (logos, asset/file images) are no-cors loads governed by Cross-Origin-Resource-Policy, which helmet's same-site default blocked once the page runs on the internal frontend origin. Default CORP changed to cross-origin
  • tas-3479 [Prints] PDF print over internal container URLs - fix the "Unable to connect to server" overlay / Navigating frame was detached failure. When the print page runs on the internal frontend origin it calls the internal backend cross-origin, which made browser.require.js bootstrap the legacy xdomain CORS-proxy; its /proxy/ iframe is blocked by the backend CSP frame-ancestors 'self', so xdomain timed out and replaced the app. Skip xdomain on the internal print origin and rely on direct CORS (headless Chrome supports it and the internal origin is already in the backend CORS allowlist). Normal users on the external frontend URL are unaffected
  • tas-3479 [Prints] Internal URLs are no longer exposed in window.config for every client - the frontend server now injects frontendInternalUrl/backendInternalUrl only when the page is served on the internal frontend origin (the PDF render), so internal container DNS is not leaked to normal external clients
  • tas-3428 [Emails] MailUsageStatisticsCron: monthly report date range now shows the last day of the previous month (e.g. 01. 04. 2026 - 30. 04. 2026) instead of the first day of the current month; display-only fix, gathered data unchanged
  • tas-3480 cron-runs - populate cron relation in GET /cron-runs so cron history table displays cron name
  • tas-3496 [Calculations] AxiosCalculationAbstraction - add optional ciphers option to applySslConfig so HTTPS calls to peers whose certificate chain uses a weak signing digest (OpenSSL ca md too weak) can succeed
    Note: Forward the ciphers string to the underlying https.Agent. Pass ciphers: 'DEFAULT@SECLEVEL=0' to lower the OpenSSL security level for a connection whose CA/server cert is signed with MD5/SHA-1. This is independent of rejectUnauthorized, which does not affect the weak-digest check. Re-issuing the certificate with SHA-256 remains the recommended long-term fix.
  • tas-3107 [DMS] AssetService - ensure the configured asset root folder exists before any read/write operation, so document scenarios (manuals, logos, visual-identity, images, documents, ai-content, csv) no longer fail when a root folder was never created; getRoot now performs an idempotent recursive mkdir

[5.17.4] - 2026-06-12

✨ Added

  • tas-3412 Ollama smart event plugin - add OllamaSmartEvent plugin for running AI prompts against locally hosted Ollama models (supports custom host configuration)
  • tas-3388 SmartEvent default-platform-ai - add Default Platform AI smart event that uses the configured system AI without requiring additional setup, allowing prompts and optional context to be sent directly to the platform AI
  • tas-3396 OpenAISmartEvent - extend configuration with optional custom OpenAI API endpoint URL (e.g., for Azure OpenAI or proxies)
  • tas-3204 System notification redesign

🛠️ Fixed

  • tas-3479 [Prints] PDF print - route BE↔FE traffic over internal container URLs;
  • tas-3401 Licenses - reload the whole app after adding or removing a license so newly licensed features/modules/limits take effect immediately instead of only refreshing the licenses grid

[5.17.3] - 2026-06-10

✨ Added

  • tas-3464 [Calculations] Axios - support for SSL client certificates (mutual TLS) via applySslConfig() method; accepts raw strings/buffers or file system reads with fs.readFileSync() for SOAP services and other SSL-certificate-requiring endpoints
    Note: Axios calculation abstraction supports SSL/TLS client authentication. Pass CA bundle, client certificate, and private key as raw content or Buffer. Optional passphrase and rejectUnauthorized control (defaults to true).

🛠️ Fixed

  • tas-3304 Migration - fix secret-store data migration failing when pre-existing secrets exist;

📦 [5.17.2] - 2026-06-02

🛠️ Fixed

  • Overview settings — tooltip for the "Name" field was not displayed
  • tas-3399 Fix of the setEventFilter function in EvalMathApi 🛠️
    Note: Fixed incorrect behavior of setEventFilter in EvalMathApi so event filtering now evaluates as expected.

📦 [5.17.1] - 2026-05-28

✨ Added

  • tas-2991 Licenses — admin grid extended with license ID, note, issuer name, validity dates, active-only filter, and a delete action ✨
    Note: The license admin grid now shows more details per license and lets you filter active licenses and delete entries directly.

  • tas-3327 Licenses — key validation before saving ✨
    Note: An invalid key is now rejected with a reason on hostname mismatch or an invalid/expired key. Domain comparison ignores the http/https protocol and ignores the port for localhost. The key input field is now multi-line.

  • tas-2926 Template export/import — case overview sections are now included ✨
    Note: Exporting and importing templates now carries the case overview sections along with the template.

  • tas-3159 CO Builder — step 5 (Dr. Max friendly builder) ✨

  • tas-2930 CO Builder — step 4 ✨

  • tas-3097 AI chat — finetuning v1 ✨

  • tas-3177 AI chat — generation of short conversation titles and persistence of LLM runs used for title generation ✨
    Note: Conversations now get auto-generated short titles, and the LLM runs that produce them are persisted.

  • tas-3231 Dynamic config — full AI provider settings are now exposed; the host field is required only for Ollama ✨

  • tas-3243 GenerateThumbnailsCron — added parameters offset, startFromNewest, continueOnItemError, and suppressItemErrorLogs
    Note: The thumbnail generation cron can now be paged with offset, processed newest-first via startFromNewest, and made resilient to per-item failures with continueOnItemError and suppressItemErrorLogs.

  • tas-2982 Loading of user information in the Dynamic Conditions Builder ✨

  • tas-3284 Plugins — KSeF plugin for API V2 ✨

🛠️ Fixed

  • tas-3200 template-task-calculations — debugging of the new calculations v2 design 🛠️

  • tas-3276 Moved the Template Logs tab button to the right

  • tas-3329 Dynamic Conditions Builder — wrapped the "Operation with numbers", "Dynamic link", and "Dynamic date" expressions in an arrow function 🛠️
    Note: These expressions are now evaluated when the dependent variable changes instead of at script parse time.

  • tas-3330 Number variable — alignment setting is now respected in the task form 🛠️

  • Hotfix DatabaseConnector — fixed MSSQL NTLM connection handoff 🛠️

  • tas-3339 DataGrid — pressing Enter in the delete confirmation modal no longer triggers opening the row in the grid 🛠️

  • tas-3277 [DMS] FileEncryptionServiceModule — fixed createLegacyDecipher 🛠️
    Note: Key/IV derivation now follows OpenSSL EVP_BytesToKey, restoring decryption of legacy-encrypted files.

  • tas-3240 Process history — added featureFlag.processHistory.createTechnicalCaseHistoryEntry

  • tas-3243 GenerateThumbnailsCron — skips missing files, prevents the batch from getting stuck, and fixes a missing em.flush 🛠️

  • tas-3243 ImageMagickConnector — memory/disk limit per invocation 🛠️

  • [Calculations] Fixed lib.convertDmsFile() returning undefined 🛠️

  • tas-3252 Fixed the fullscreen keyboard shortcut (Shift+F)

  • tas-3157 Mobile app — getDomainWhitelist now returns the shouldActivatePushNotifications flag 🛠️

  • tas-3153 5.17 — Variable assignment — scroll

  • tas-3005 AI backend — removed the legacy AI client and the /ai/chat route 🛠️

  • tas-3221 Mobile devices — DataGrid touch on a row (fix)

  • tas-3225 Overviews — fullscreen and landscape (fix)

  • tas-3070 5.15 — Attachments tab in CO — height (tuning)

  • tas-3203 AI chat — title generation for conversations without a persisted ID 🛠️

  • tas-3284 ZipApi — skips non-existent files during extraction 🛠️

  • tas-3244 getCachedUser used for getUserHrMeta with the parameter onlyIfUserIsActive = false

  • tas-3102 xml-process-import — import and attachment paths restricted to allowed sources 🛠️
    Note: Import and attachment paths are now limited to allowed sources, preventing reads from arbitrary locations.

  • tas-3122 Status controllers — now return HTTP 503 in the CRITICAL state (instead of always 200) 🛠️

  • tas-2984 Overview filter — fixed filtering of values containing quotation marks 🛠️

  • tas-3128 SmartEventHttpRequester — auth fields are no longer required, and headers are always synchronized before saving 🛠️

Frantisek Brych Updated by Frantisek Brych

🚀 v5.7

Contact

Syca (opens in a new tab)

Powered by HelpDocs (opens in a new tab)