Jiglu 12.0 release notes

New feature highlights

• Search enhancements
  Use more powerful queries to search and in your search results see the text that matched your query.

• More attachment metadata
  When you view the attachments index or a search matches an attachment you’ll see more details about the attachment.

• Incorporate any contribution into an existing knowledge entry
  If you find some useful information that you want to add to an existing knowledge entry you can now quickly incorporate it and keep a link back to where it came from.

• Invitation improvements
  Include the individual’s name in an invitation to make it more personal. If you’ve sent someone an invitation they’ll get a reminder after 3 days if they haven’t yet joined.

• Availability times
  Choose when you want the system to be available, allowing you to limit access outside working hours except for those with permission.

• Logging of downloads and user download quotas
  Log every attachment download and set a daily quota for users that will limit unauthorised bulk downloading.

• Log export
  Download CSV files of activities that have been taking place in the system.

• Architecture and performance improvements
  New mail and search subsystems, faster page loading, lower resource and memory usage, Java 11 and many other behind-the-scenes improvements.

For end users

Searching

• When you carry out a search with a text query you will now be given an extract showing you the best match for that text in the resources you searched with the words highlighted.
• More powerful searches are now available, including searches on particular phrases, using wildcards and negative terms. For more information see the searching article in the help system.
• When you carry out a search of everything in the system or everything in a group you will now get more information about any attachments that matched, including the title, keywords, author, organisation and thumbnail image when available. Attachment filenames will also now be matched when you are searching everything.
• When you carry out a search of everything in a group this will no longer match on source item URLs. Searching source items will still do this search.
• To improve performance, the ‘Previous page’ button has been removed for the global search and group index pages which need to check the permission of every possible result before it is shown. A new button will return you to the first page in the search.
• On searches that support a time span there are new options for newer than 30 days, newer than 90 days, older than 30 days and older than 90 days.

Radar activity stream

• Attachments are no longer listed in the stream. Instead there will be an attachment icon next to contributions with attachments and you will need to open the contribution to see the attachments.
• If you select a tag in the activity stream, you will now only see occurrences of it from the previous month.
• Mentions in blog posts and knowledge entries will now appear in your notifications stream.

Contributions

• You can now incorporate any contribution into an existing knowledge entry, resulting in a new version with the text and attachments of both.
  • When you select the ‘Transfer’ action there are new choices in the pop-up menu for incorporating the contribution into an existing knowledge entry in either the current or another space. When chosen, you will be shown a new pop-up menu that lets you search for the entry you want to incorporate the contribution in and then you will be taken to the editor with the new combined version.
  • Viewing the new published knowledge entry will show links to all the contributions it was incorporated from.
• The ‘Transfer’ pop-up menu will now only show the other groups that you can transfer a message to when you select one of those options.
• Attachments are now listed immediately after the main text of a contribution and with a new icon representing the media type. There is also now always a ‘Download all’ link for when a user prefers to save an attachment to their local machine rather than let the browser decide what to do.
• When editing a contribution the attachments list now shows an icon instead of the media type.
• Blog posts and knowledge entries are now always in HTML format. There is no longer the preferences option to choose the input method you want to use for these types. This ensures formatting is maintained across versions. The ‘Raw HTML’ input method has also been removed.
• If you upload a plain text or HTML attachment it will now appear as a downloadable attachment rather than being shown on the page after the main text.
• If you forwarded an email as an attachment to a discussion message then this is now shown using similar formatting to the message it is attached to.
• There are further improvements in support for HTML 5 within contribution text. A number of elements that were previously removed when a contribution was saved are now correctly preserved.
• There have been changes to how HTML is cleaned and sanitised. In particular, some styles that were previously allowed will now be removed.

Attachments

• The attachments index now contains more information about the attachments, including the title, keywords, author, organisation and thumbnail image when available.
• In the attachments index you can now search for attachments with a particular filename.
• In the attachments index you can now directly download an attachment rather than having to go to contribution it was contained in first.
• The system now supports download quotas. If quotas are enabled and you try and download more attachments than you are allowed in a day then you will be given an error message and administrators will be notified.
• Support has been added for searching and tagging CSV, Open Office and Word Perfect attachments while support for PST files has been dropped.

Email

• Changes have been made to the format of discussion message emails:
  • Enhanced delivery format emails (the default) have their look closer to that of the web site.
  • Original delivery format emails retain all the styles from the original message while still being cleaned of malicious payloads.
  • Plain text delivery format emails now have better conversion from messages that were originally in HTML.
• To match the web interface, discussion message enhanced emails, digest enhanced emails and group newsletters now list attachments in alphabetical order, rather than the order they were added.
• Email notifications are now all in a smarter HTML format.
• Newsletters now have their look closer to that of the web site and when the ‘Striped’ theme is chosen this style is now used for section lists.

Other changes

• The system now supports availability times, letting administrators decide what hours they want the system to be accessible to users. If you try and log on outside these hours you will be given a message explaining why you cannot log on.
• The blogs, monitors and spaces indexes now show you all the groups that you have access to. Previously if a group was private it would not appear in the index even if you were a member.
• Attachment contribution, domain contribution, link contribution, alerts and search feeds no longer include enclosures for the links and attachments of the contributions. This has been done for performance reasons.
• Minor improvements have been made to the look of pages when printed.

Fixes

• Incorrect handling of new sessions when a user logs on meant that sometimes you could find yourself locked out of the system because of reaching the limit for how many sessions you are allowed to have. Downloading a feed would also open a new session each time but fail to close it afterwards, leading to similar problems. These issues have been resolved.
• When you transfer a blog post or knowledge entry and change the subject then the URL of the post or entry will now be updated to match the new subject. Previously it would continue to use a URL based on the original subject.
• When you withdraw or republish a knowledge entry version you will now be asked to confirm that you want to do this.
• Swapping the main name of a tag with one of its alternative names could previously result in the change not being applied or the tag ending up in an inconsistent state. This has been resolved.
• After editing the name of a tag you no longer get shown a spurious message about the tag not being found.
• The last release introduced issues with the pop-up menus for merging discussion threads and tags which have now been resolved.
• Issues have been resolved when you need to merge two versions of a blog post or knowledge entry. Merging is required if you try and publish a new version but someone else has published a new version first. In recent versions when editing on My Radar you would get an error when you tried to publish and on the editors within a blog or space not all the differences would be shown.
• In a contribution editor, if you chose the ‘Remove’ button for an attachment and then changed your mind and chose the ‘Undo’ button this would previously fail for some filenames. This has been fixed.
• Issues with autocomplete of mentions in all contribution editors have been resolved.
• Previously if a user was the editor of the most recent version of a blog post or knowledge entry then the Edit and Purge buttons would appear when they viewed that post or entry even though they did not have permission to carry out this action. This has been fixed.
• When you add a blog comment it now always uses the correct input method that you chose in your preferences.
• A number of issues affecting responding to status updates and viewing status update responses have been resolved.
• Some characters that were not allowed in email addresses but should have been are now permitted.
• A number of other minor issues have been fixed.

For group administrators

Tasks

• If a task has already been actioned by somebody else when you go to the page for the task (such as from an email notification) or try and action just after they have then the error message will now show who it was that actioned it.

Invitations

• You now have the option to include the name of the person you are sending an invitation to, not just their email address. This will be used in the invitation email and on the registration form if they need to register as a new user.
  • If you are inviting just one person using the link from the group home page the form will now require you to give that person’s name.
  • If you are inviting people to join from the ‘Invite members’ option in the Users section then you can optionally include their name on the same line after the email address.
• When inviting new members, instead of limiting you to inviting 50 email addresses at a time, there is now a limit of 2,000 characters for the list of addresses.
• Invitation emails now start with a greeting, then what group they are being invited to and by who, then the personal message from the user who invited them, then the standard details of how to respond to the invitation. You may wish to confirm that the text in the invitation settings on the ‘Member notifications’ settings category is still appropriate.

Member management

• The file produced by the ‘Download a CSV file of members’ action in the Members section now includes the date the user last logged on (when the downloader has permission to view users) and the date of the user’s last contribution to the group. The file also now includes headers to identify the columns used and the members that are included will match the current search filter in use.
• If download logging is enabled then in the blog or space activity log you will be able to view all the attachment downloads by members.
• The option to notify system administrators by email when a member leaves a group has been removed. There is still the option to notify the group administrators.

Group newsletters

• You now have the option to copy a group newsletter to a new newsletter when you want to base a newsletter on an existing one without having to set up all the sections again from scratch. Choose the ‘Copy’ option from the pop-up menu on the right of its name.
• The ‘Separator line’ section type has been removed as it did not make sense with the way the newsletter is now laid out.

Discussion messages

• In the discussion message workflow category there are new group settings for the maximum number of parts that a message may contain and the action to take when a message exceeds the maximum number of parts.

Most messages will contain one parent container part, one text part and then one part for each attachment, but it is possible to attempt a denial-of-service attack by sending an email that nests parts in a way that uses up unnecessary resources in their processing. By default, any message with more than 32 parts will now require moderation.

Access control

• Previously access to the attachments, domains and links indexes in the Discovery section was controlled by the ‘Tag’ resource type. There is now a new ‘Content entity’ resource type that controls access to these pages, including whether a user is able to download attachments from the attachment index page.

For system administrators

Invitations and registration

• When inviting new users to the system and selecting groups for them to join, if group categories are in use then you can now filter the list of groups by category.
• You now have the option to include the name of the person you are sending an invitation to by including their name on the same line after their email address. This will be used in the invitation email and on the registration form when they register as a new user.
• When inviting new users, instead of limiting you to inviting 50 email addresses at a time, there is now a limit of 2,000 characters for the list of addresses.
• Invitation emails now start with a greeting, then the personal message from the user who invited them, then the standard details of how to respond to the invitation. You may wish to confirm that the text in the invitation settings on the ‘User notifications’ settings category is still appropriate.
• When an invitation to a new user is sent, if the user does not register within 3 days then a reminder email will now be sent. Note that this is only for user invitations – there will be no reminder for invitations sent within a group.
• The number of days to wait and the message to send for an invitation reminder can be configured in the User workflow and User notifications settings categories respectively.
• The invitations index by default now shows only invitations to register on the system. To also show invitations to individual groups choose ‘All’ from the Invitation type search filter on the left.
• When a new user requires approval, when you go to action the task you will now see a list of all the groups that they will be joined to when they are activated.
• Unlike invitations from groups, old system invitations were previously not expired. They will now be removed according to the application log expiry time.
• If a user registers and confirms their email address but requires approval from an administrator for their new account then rejecting the user would give a system error and if the task timed out then the system would repeatedly try and fail to expire it. This has now been resolved.

Availability times

• Jiglu now supports availability times, letting you decide what hours you want the system to be accessible to users.
• You can choose what times you want the system to be available by going to system settings and choosing the User limits You can select what start time and end time you want to have the system available each day and whether access is permitted at weekends.
• If you want to allow some users access outside of the availability times then you can choose a role which will allow users with that role to override the restriction. Note that users with the System administrator role will always have access at any time.

Download logging and quota

• The system now supports the logging of all user downloads of discussion message, knowledge entry and blog post attachments. To turn this on go to system settings, choose the ‘User limits’ category and then change ‘Download logging’ to yes.
• The system now supports a daily download quota to prevent unauthorised bulk downloading of documents. To turn this on go to system settings, choose the ‘User limits’ category and then the ‘Daily download quota’ setting as appropriate.
• If the download quota for a user is exceeded then it will be logged in the system activity log and listed in the next administrator newsletter.
• When download quotas are in use you can view how much data a user has downloaded that day by visiting their user profile.

Common content

• There is now a separate stylesheet for the public home page so these styles no longer need to be in the main system stylesheet.
• There is a new ‘Common content images’ settings category where you can upload up to four images for use on the public home page or common page elements such as footers. You can select these images from the image dialog when you choose the image button in the page elements or public home page HTML editors.

Other changes

• You can now view all the current active user sessions by going to the user index and choosing the ‘View active user sessions’ action. This will show who is currently logged on, the last time in each session they were authorised for an activity and when they logged on.
• The file produced by the ‘Download a CSV file of members’ action in the Users section now includes the date that they last received a non-delivery notification, should messages to them have been recently bouncing. The file also now includes headers to identify the columns used and the users that are included will match the current search filter in use.
• The user profile now shows the last date that a non-delivery notification was received by the system for that user when messages to them have been bouncing.
• You can now only set the hour that the daily digests for spaces will be sent out, not the minute.
• The system settings for blog post and knowledge entry allowed input methods in the ‘User defaults’ category have been removed.
• The option to have a pop-up menu that would allow users to share pages with other sharing services has been removed. This was not used by any current customers and widely available browser functionality now handles this better.
• If you set a system stylesheet it will no longer be validated for correctness.

For operations engineers

Upgrade

• Jiglu now requires Java 11 instead of Java 8. For instructions on how to upgrade your Java, see https://support.jiglu.com/spaces/installation/knowledge/java-installation.
• Because of the improvements to the search system, search indexes will need to be rebuilt. See https://support.jiglu.com/spaces/installation/knowledge/rebuilding-search-indexes for instructions on how to do this if you host your own system.
• There are significant changes to the properties configuration file which will require it to be manually updated during the upgrade.
• When using a PostgreSQL server, because of changes to trigger functions and naming, prior to installing the upgrade the sql script should be run and then after the upgrade the create_triggers.sql script should be run.

Security

• The HTML editor has had a security issue fixed relating to parsing HTML comments and CDATA although this was not exploitable as these are removed in the sanitisation process.
• The legacy components used to tidy and sanitise HTML from emails or entered in the web site have been replaced. HTML sanitisation is now done by a third-party library which has undergone an adversarial security review.
• All JMX / Multitool operations that modify data are now logged with the user that requested the operation. User authentication is already logged.
• Authentication failures, whether through the webapp or JMX, are now logged with the username that was supplied.
• The new group setting for the maximum number of parts that a discussion message may contain provides new protection against attempted denial-of-service attacks that nest or otherwise use large numbers of MIME parts in a way that uses up unnecessary resources in their processing. Commands sent to the mail server are very limited in processing size so this attack should not be an issue there and forwarded messages do not have parts processed.
• The Java API now uses additional authorisation controls when retrieving group settings.
• Newer versions of some third-party libraries have minor improvements in security handling.

Distributed services

• Distribution of Jiglu server services over multiple machines is again supported.
• When Jiglu services are distributed onto different machines, jobs and agents now reside on the same machine. The jiglu.services.jobs property in the bootstrap.properties configuration file has accordingly been removed.

Architecture

• Performance improvements have been made across the Jiglu server, most notably in better matching eager / lazy loading in the server to the webapp, eliminating some unnecessary database retrieval and streamlining permissions checking.
• Major improvements have been made to the mail subsystem:
  • The incoming and outgoing mail queues are now handled by a pool of thread workers, greatly increasing email throughput.
  • The generation of discussion message live mail, discussion digests and group newsletters is now handled by agents, eliminating a bottleneck in the system and making their delivery more timely.
  • When a new discussion message is distributed that takes the discussion digest over the limit for the maximum number of messages or maximum size then the digest will now be sent as soon as the live message has been processed.
  • Further improvements have been made to memory usage when sending messages with large attachments. Sending discussion messages and digests to large numbers of group members is also now much more efficient.
  • When sending discussion messages and digests with attachments, Java would sometimes close these streams prematurely, resulting in a delay until the message was retried later. This issue has been resolved.
• Group housekeeping activities, such as expiring old resources, is now carried out overnight alongside system housekeeping activities. Previously this would take place for different groups at different times of the day.
• Processing of work from jobs has been made more robust and efficient. Agents now handle the assigned work instead of it being carried out by the jobs themselves and smaller transactions are utilised that minimise concurrency issues.
• Efficiency improvements have been made to the handling large binary objects, such as attachments and images.

Other changes

• All HTML emails are now in HTML 5.
• Code dating back to the earliest days of the product which obfuscated email addresses to avoid spam harvesters has been removed. Email addresses continue to be removed from pages when a user is not logged on and there are settings to do this for logged-on users too should that be required.
• JMX / Multitool operations for reindexing and retagging resources now all take place asynchronously.
• When an upgrade requires it, you can now retag all the contributions in the system by selecting the (A) option from the Multitool contributions menu. Previously this required configuration of a special job.
• You can now clean the system of suspended groups and the users that are not members of any groups by starting Jiglu with the -clean option. This can be useful when transferring a subset of groups and users onto a new Jiglu instance. This replaces a previously undocumented job for doing this.
• For PostgreSQL, the sql script has been updated so it now works on AWS PostgreSQL database instances.
• Third-party libraries have all been updated to the latest recommended versions.
• There have been a number of other minor improvements throughout the Jiglu system.