11.1-MP4 Maintenance Patch Notes

March 2023

improvements

Experian Email Validation Robustness Improvement

The Experian Service API provides the ability to validate up to five (5) Experian jobs simultaneously per license key, each job has a capacity to process 100,000 email addresses. The integration with the Experian service has been improved, so the system now keeps track of all started Experian jobs. This ensures that no more than five Experian jobs are ever started at the same time, and it also makes the solution resilient to system restarts since the started job will now be continued after a restart. For more information, refer to the Experian Email Validation Integration topic in the Data Integration documentationExperian Email Validation Integration.

Business Rule Announcement

Impact to Certain JavaScript Business Rules

Starting in 10.3, JavaScript business rule performance improvements sometimes allowed JavaScripts with missing binds to run without generating an error. In 11.1-MP2 (and also in previous versions through 10.3-MP2 when patched in February 2023 or later), JavaScript business rules are prevented from sharing binds. After upgrading or applying one of these patches, a JavaScript business rule with a missing bind fails with an error.

Affected JavaScript business rules include:

  • Four business rules in Accelerator for Retail – these will be corrected automatically upon upgrade to 10.3, 11.0, or 11.1.

  • JavaScript business rules with missing binds that were created or edited between September 2, 2021, through February 2, 2023, on systems running 10.3 through 11.1-MP1 – these must be identified and corrected manually, as defined below.

To identify business rules that need correction prior to applying an upgrade or maintenance patch:

  1. Modify a 'shareconfig.properties' setting to disable the ability to omit binds without error in a non-production system:

    • For Stibo Systems SaaS customers, create a ticket in the Stibo Systems Service Portal to request setting the Script.Engine.Pool.Size= 0.

    • For on premise customers, add the case-sensitive sharedconfig.properties entry Script.Engine.Pool.Size= 0 and restart the non-production app server to apply the property change.

  2. Determine which JavaScript business rules were created or edited during the time period mentioned above.

  3. Run the Test Business Rule option for JavaScript business rules with testable binds.

  4. Test binds used in workflows and integration endpoints by running them in a non-production system on test data.

  5. Resolve any errors by adding the missing binds identified in your non-production systems and apply those changes to your production system.

  6. Restore the default property setting:

    • For Stibo Systems SaaS customers, create a ticket in the Stibo Systems Service Portal to restore the default setting on the Script.Engine.Pool.Size property.

    • For on-premise customers, remove the Script.Engine.Pool.Size= 0 setting and restart the non-production app server.

  7. Optional: If you have an affected system but are not ready for an upgrade yet, you may apply a hotfix (to:hotfix/602/issue-602261-HOTFIX-6356.spr) to your system. Applying this hotfix will prevent business rule executions with missing binds.

Bugfixes

ISSUE-486425 - Fix for Flex Attribute does not acknowledge LOV sorting

Changed GraphQL and GraphQLv2 LOV behavior so that it takes into consideration 'Use ids for sorting' when no explicit sorting is specified. There is a hotfix for this solution that is applicable to step-11.1 and step-11.1-mp1 / mp2.

ISSUE-497516 - Fix for attribute value not shown in Unmerge Screen in SaaS

Increased the max LOV values queried and displayed for the Unmerge Screen.

ISSUE-540459 - Fix for 'Save' operation fails in multi view on 'ProductSeries' attribute

Now, LOV values rejected by LOV filters will not be saved before a warning message is shown on Web UI Node List screen when attempting to save a value which does not fit the LOV filter.

ISSUE-553342 - Fix for findings from penetration tests

Introspection for GraphQL, GraphQLv2, and Sufficiency GraphQL can now be disabled. Additionally, GraphiQL resource access can be blocked for the same components. Contact Stibo Systems Support for assistance in disabling introspection and resource access.

ISSUE-564678 - Fix for Web UI display data container

Fixed a problem when Multi Editor for data containers was shown for hierarchically restricted object types in Web UI when it should not. An editor should not be shown for object types outside of restricted hierarchy in case if there are no existing data containers.

ISSUE-570326 - Fix for error message when assigning an authorization role

Fixed a problem in STEP Workbench when assigning a User to a User Group on the User editor screen.

ISSUE-576474 - Fix for Migrate Attribute Values Window/Utility does not open in UAT

Performance fix for query to determine attributes are being migrated. There is a step-10.3-mp4 and mp5 hotfix also available for this solution.

ISSUE-577359 - Fix for optimistic locks showing in Web UI

Now, optimistic lock exceptions are not shown on Web UI screens when alert notifications are about to be deleted in multiple threads. A hotfix is available for step-10.0-mp1 through step-10.0-mp5, and for step-10.2-mp3.

ISSUE-579097 - Fix for Web UI GraphQL error when navigating to an object on SaaS

Missing fields have been added to the GraphQL schema. This fix is included in step-11.0-mp5 and a hotfix is available for step-11.0-mp4.

ISSUE-582269 - Fix for Partial Approval functionality shows wrong information

Fixed problem when Partial Approval dialog in Web UI showed wrong information about revisions for dimension dependent unapproved attributes.

ISSUE-586837 - Fix for Swap User to run the IIEP as the logged-in Web UI user rather than the configured IIEP user functionality not working

Fixed problem when Swap User from File Loading Widget did not work for sub-BGPs spawned by IIEP with Web UI File Loading receiver.

ISSUE-588827 - Fix for external sensors returning a 500 error

Fixed a NullPointerException in the Event Queue monitoring plugin, which happened when an event queue cannot be found or has been deleted. A step-11.1-mp3 hotfix is also available for this solution.

ISSUE-589088 - Fix for issue with Run Business Action in Task List when confirmation dialog is used

Fixed an issue in Web UI where no action happened on clicking the 'Run Business Action' button from a Task List when the confirmation dialog has been used. A hotfix is applicable for step-11.0-mp4 and step-11.0-mp5.

ISSUE-589153 - Fix for STEP JDBC connection to database using the HA configuration

Normally an Oracle connect string looks like this:

{quote}

jdbc:oracle:thin:@//step111db.stibo.com:1521/step

{quote}

But it is also possible to write it like this:

{quote}

jdbc:oracle:thin:@(DESCRIPTION =  (ADDRESS_LIST =  (ADDRESS = (PROTOCOL = TCP)(HOST = step111db.stibo.com)(PORT = 1521)) (ADDRESS = (PROTOCOL = TCP))) (CONNECT_DATA = (SERVICE_NAME = step)))

{quote}

The SPOT command to access Oracle did not understand the latter format. This is a fix to make it work with both formats.

ISSUE-590590 - Fix for Image Conversion issue

Fixed issue where Image Conversion Settings were not being saved when edited using workbench. There is also a hotfix available for this solution that is applicable to step-11.1-mp2.

ISSUE-590644 - Fix for displaying inconsistent time zones in revisions

The problem is the time zone is not displayed in the OOB revision tab in the Web UI which is used to display the last revision details of the object. This will make operation inconvenience for user. To fix this problem, the time pattern was changed and time zone was added in Web UI revision component.

ISSUE-590848 - Fix for InDesign sidecar propertyintroduced with HOTFIX-5593 to be configurable

Added new configuration sidecar parameter to control the number of times the Status Reporter should attempt to retry reporting.Contact Stibo Systems support for assistance in applying the property.

ISSUE-591829 - Fix for getting Run Time Exception and End of File Exception while downloading asset content from one specific URL

Trying to load an EPS file with missing preview data into STEP would cause an exception to be thrown. Now, a warning is logged and the file is loaded. A step-11.0-mp4 and mp5 hotfix is also available for this solution.

ISSUE-592221 - Fix for error on Run Business Action

Fixed a problem occurring when a Business Rule, executed from the Run Business Action Toolbar action on a Web UI Node List was showing an error that a Business Rule was not applicable for the selected items' Object Types. The error was showing even though the Business Rule was valid for the given object types.

ISSUE-593631 - Fix for inconsistency in displaying color coding for inherited asset reference/attribute between Multi Context Editor Screen and Product Details Screen

Now, both inherited and context-inherited attribute values will be shown with red arrow-down marking on Multi Context Editor screen in the Web UI instead of green marking to make a behavior consistent with Node Editor screen.

ISSUE-594023 - Fix for Export Current View action with Select All option

Now, an Export Current View action on a Web UI node list will provide an option for the user to choose an exported node type in the event a Select All button was used before initiating the Export Current View action. It prevents the incorrect node type autodetection when the user exported entities, but the export mapping was done for products. A step-10.3-mp4 and mp5 hotfix is also available for this solution.

ISSUE-595205 - Fix for moving products in the Web UI using the 'Run Business Actions' when selection is not cleared

Introduced the ability to clear a Node List selection when executing 'Run Business Action' from a toolbar, and the configured Business Action returns Reload Selection. To activate this option, contact Stibo Systems Support. There is also a hotfix available for this solution that is applicable to step-11.1, step-11.1-mp1, and step-11.1-mp2.

ISSUE-597698 - Fix for translated values not stored in the right context for classification objects with two dimensions

Structured XML translation with multiple dimension dependencies will by default translate to the source context with the language replaced with the target language, even if there is no matching context. You can now set the configuration property 'Translation.Xml.UseExistingContext=true' to make the target context an existing context with the target language.

ISSUE-598357 - Fix for error when setting any value for unique attribute for an object type

This is a fix for Oracle In-Memory installations using unique keys. Added upgrade plugin for clearing unique key values that are null, since STEP 11.0 unique key values are read into In-Memory on Oracle installations - and null values are ignored. However, when writing values these null values produce constraints errors in DB. This is now fixed with this upgrade plugin.

ISSUE-598844 - Fix for 'Mark different' is not working for Data Container attributes on Multi Workspace Screen

Now, 'Hidden equal' and 'Mark different' actions will work correctly on Multi Workspace screen in the Web UI for Data Container Table Header Value component.

ISSUE-599245 - Fix for upgrade issue: repeated reload of Performance Analysis in Web UI

Fixed the issue with repeated reload of Performance Analysis Tools.

ISSUE-600388 - Fix for failure within the Unmerge process

Now, an Unmerge screen will be correctly displayed if the user, which is bound to one of the source revisions of potential duplicates, has been deleted from STEP. In this case, all the places on an Unmerge screen that were about to show this user information (for example, step #2 - cherry picking values) will display 'missing user' instead of the deleted user information. There is also a hotfix available for this solution that is applicable to step-11.0-mp4 / mp5 and step-11.1-mp2.

ISSUE-600471 - Fix for Privilege issue with 'Name' field

Now a 'Maintain Setup Entity' privilege will no longer be needed to edit names of non-setup entities in WebUI via Name table header/Name value components. Instead, a check for 'modify context name' privileges will be done in order to verify a possibility to modify selected item's name.

ISSUE-601410 - Fix for Multi Selection screen not working properly

Fixed a problem occurring when the Multi Selection screen did not display assets that did not belong to one of the configured tree navigator roots.

ISSUE-601686 - Fix for external penetration testing path traversal vulnerabilities

Fixed path traversal vulnerability for Theme and Script servlets in the Web UI. A step-11.0-mp4 and mp5 hotfix for this solution is also available.

ISSUE-602023 - Fix for bug in the attribute link GUI

Certain actions in the workbench (e.g., link to products and classifications in attributes) did not work if the user was placed in a user group hierarchy where its immediate parent groups had insufficient privileges. This has been fixed. There is a hotfix for this solution applicable to step-11.0-mp4 and mp5.

ISSUE-602037 - Fix for Internal Server Error 500 when clicking on thumbnail on the Web UI

Fixed problem when Thumbnail Header with Direct Download on the Web UI Node List did not allow to download assets displayed for products. A hotfix applicable to step-11.0-mp4 and mp5 is available for this solution.

ISSUE-602506 - Fix for progress of setting translation status is far too slow

Performance fix related to changing translation status.

ISSUE-602682 - Fix for job scheduler not working as expected and running out of order

Fixed a bug occurring when the Schedule Background Process did not respect the startAt date and used 'every=Minutes' parameter from the first try to start scheduled processes.

ISSUE-603557 - Fix for extend timeout for obtaining token in SaaSInfrastructureHealthSensor

Extended timeout for sensor used to determine the health status for SaaS V2 systems and introduced configuration parameters for Stibo Systems to control the sensor timeouts.

ISSUE-604340 - Fix for exceptions during inbound integration

Additional logging to uncover an original error message. A step-11.0-mp1 through mp5 hotfix is also available for this solution.

ISSUE-604877 - Fix for Name field not being editable on the Initiate screen in Web UI

Fixed problem when Name value on the Initiate Item Screen became read only without reason.

Fix for AutoCare ACES Application Exporter 'Region for' not working as expected (VCdb Region)

Fixed an issue occurring when the Application Exporter 'Region For' was not being used correctly when generating an export file. An automotive-7.0.45 hotfix is available for this solution, also. (Component: automotive)

Fix for cannot empty recycle bin

Fixed a problem which caused a purge recycle bin to fail with NoClassDefFound if List Processing's List Holder was put into recycle bin. (Component: list-processing)

Fix for ECLASS Advanced Importer - Import is not working without 'LANGUAGE' tag

BMECat imports without LANGUAGE tag are now working. Language is read from IIEP Added null check for missing iso_639_2 value on language dimension. (Component: eclass-advanced-model)

Performance Enhancements

ISSUE-601657 - Fix for collection refresh being very slow

Performance has been optimized for drill down searches on STEP systems with In-Memory enabled and having several excluding-below-search criteria. Previously, having many such excluding-below-search criteria would slow down the search. This has now been fixed. A step-10.3-mp4 and mp5 hotfix and an inmemory-7.0.62 hotfix is also available for this solution.

Patch

The 11.1-MP4 baseline patch can be installed with the following recipes:

spot --apply=to:step/platform/step-11.1-mp4.spr

— OR —

spot --upgrade=step:11.1*

*Before installing the recipe provided by the SPOT --upgrade functionality, review the baseline and component versions that the system will be upgraded to before applying. Verify that the baseline and/or components are the correct versions to be applied (i.e., the versions you did testing on—and not a higher, untested version).

Refer to the SPOT Program documentation for more information, including how to use the SPOT --upgrade command to also find compatible components that can be added at the same time as the baseline patch. SPOT Program information for on-premise systems can be found in the System Administration Guide within the Downloadable Documentation. For assistance, contact Stibo Systems Technical Services.

Note: Customers may want to search the Stibo Systems Service Portal for their Maintenance Patch Issue Numbers. To do so, while in the Service Portal, navigate to Issues (in the header bar) and then select 'Search for Issues.' Click on the 'Advanced' option on the filtering bar, and then type in 'issue=' and the Issue number from the Maintenance Patch Notes. Press Enter or click the magnifying glass icon to run the query. Users will only be able to view Service Portal issues for Maintenance Patch Issue Numbers that they have privileges to access. If the issue is not applicable to the user searching, then a 'No issues were found to match your search' message will be displayed.