General Enhancements and Changes

Summary

The following enhancements and changes have been made as part of the 2025.1 update:

  • Performance is improved, and reliability is enhanced for the workbench launcher.

  • Although external authentication is commonly used for user logins, STEP also supports managing user accounts internally. Based on valuable feedback, the login experience for STEP-managed user accounts has been enhanced. These improvements are being gradually rolled out to all SaaS customers in the coming months, independent of the 2025.1 update, and include:

    • Alignment with our latest styling standards

    • Improved environment identification

    • Expanded error messaging

    • A more streamlined Multi-Factor Authentication (MFA) user experience

  • New GraphQL logging is available in the Administration Portal on the Logs tab. Log entries for GraphQL POST requests include the 'query' and 'operationName'; introspection queries are omitted.

  • Starting with STEP 2025.1, the IBM WebSphere MQ library will no longer be supported.

  • When initiating a Lock Free Schema Change background operation, the system now checks if any other background processes are currently 'waiting' to perform a LFSC operation on the same object. If there are, several background processes may run in a sequence.

  • A new configuration field called 'ZIP Include Timestamp' has been added to the Delivery Method editor for REST Direct Outbound Integration Endpoints. When enabled, a timestamp is included in the file name of the ZIP file that is generated when a REST call is made, helping users differentiate the files.

  • Several third-party libraries have been updated for DaaS.

  • Starting with STEP 2025.1, updating to the latest STEP version may automatically reindex Elasticsearch configurations present on the system. If an Elasticsearch configuration or Elasticsearch event processor has not been active for 90 days, the related index may be removed. If an index has been removed no results will appear on the faceted search screen in Web UI or Instrument.

  • Reference Target Lock Policy is now set to 'relaxed' by default when creating assets, entities, classifications, or product object types to improve performance of parallel creations of multiple references to the same target object. Refer to the Reference Target Lock Policy on Object Types topic in the System Setup documentation.

The following enhancements and changes are documented in the SaaS Self Service 'User guide':

  • Configuration properties that are used within custom extensions are now available in the SaaS Self-Service UI. This simplifies maintenance and removes the reliance on Stibo Systems support, specifically in cases where the configuration property values must be modified often. To support this functionality, submit a custom extension change request ticket in the Stibo Systems Service Portal to allow maintenance of the properties in the Self-Service UI.

  • Four new properties have been added to the SaaS Self-Service UI which allow the user to customize the system badge name and color. These properties include: 'Workbench.Environment.Color.Back', 'Workbench.Environment.Color.Fore', 'Workbench.Environment.Type.Long', and 'Workbench.Environment.Type.Short'. If the values for any of these configuration properties are null or invalid, then the badge name and color display using the default settings.

  • New sensitive files management functionality allows a user to upload sensitive files within the SaaS Self-Service UI, eliminating uploads over SFTP and the need for assistance from Stibo Systems' support. Uploaded files are encrypted and cannot be accessed externally. The maintenance of configuration properties SaaS Self-Service UI has been extended to support referring to these sensitive files. This functionality is available when using SSH private keys for the SFTP delivery method, the Change Package Git delivery method and the Git delivery method, as well as for keys with a Google Cloud Storage gateway integration endpoint, and credential files for Amazon SQS delivery and receiver methods.

These enhancements and changes have been made as part of the 2025.1 update and are described in the Details section that follows:

  • Administrators can view the last active date for users, which enables identification of inactive users.

  • Administrators can identify business rules that have the greatest impact on system performance with the new Business Rules screen in the Performance Analysis Tool.

  • Users can now gather node-level task-related workflow data based on new admin-selectable function input property parameters for the HTML Function component in Web UI.

  • Users will have an easier time changing the column width within a Node List with updated drag handle functionality.

  • Reflection in JavaScript business rules will be disabled with the 2025.3 update. Refer to the Details section below to find information on how to identify rules that need to be rewritten before reflection is disabled.

  • Users can now invoke a patch request through REST gateway via a business action.

Details

New last active date information for Users

Admins can now easily determine the last activity date for users by configuring a date attribute that records daily if a user accessed STEP. Searching for the date attribute with Advanced Search allows users to save the results in a collection, export the results as STEPXML, or run a bulk update on the results. Last active date functionality provides information often required by auditors and can be used to report on active and/or inactive users.

To enable last active date tracking, the new LastActivityDateAttributeID property must be configured to specify the ID of a last active date attribute. The associated attribute must be a description attribute, have no dimension dependencies, be valid on User objects, and use the 'ISO Date' validation base type.

For more information, refer to the User Last Activity topic in the System Setup documentation.

Performance Analysis Tool now includes business rule data

The Performance Analysis Tool now includes a Business Rules screen that can help identify business rules that have the greatest impact on system performance based on the evaluation time, transactions performed, and objects cached. Admins can use this data to target business rules that may be improved by refactoring or rewriting, or using other functionality to eliminate the need for a business rule, thereby improving system performance.

For more information, refer to the Performance Analysis Tools topic in the Performance Analysis documentation.

Extended parameters for the Web UI HTML Function component

The properties for the HTML Function component, used to render the output of a called business function as HTML, have been expanded to include selectable function string input parameters. Changing the parameter values allows admins to determine what task-related information (i.e., workflow / workflow state) to show for an object within a Node Editor, helping users gather needed data. This functionality first became available with the 2024.4 update.

Expanded area for cursor response when changing column width of a Node List

Node List column resizing in the Web UI has been enhanced with a larger drag handle, making column width adjustments easier. This update eliminates the need for super precise cursor placement at column boundaries.

Use of reflection in JavaScript business rules will be disabled in 2025.3

In JavaScript business rules, reflection has been used to access non-public methods in the API. Since reflection can be a security risk and can also potentially lead to performance issues and unexpected issues during upgrade, it will be disabled with the 2025.3 update.

With the 2023.3 update, a Configuration healthcheck 'Reflection usage in business rules' was made available. It identifies business rules that use reflection, and a warning with the text 'Attempted to call reflection API...' is written to the step.0.log. To prepare for restricted access of reflection usage, rewrite the reported business rules to use publicly available methods. If the needed functionality is not public, create an idea in Community or reach out to your Stibo Systems representative.

For information on the healthcheck, refer to the Healthcheck Test Index topic in the Administration Portal documentation.

New 'patch' Gateway REST method

The JavaScript API has been extended to include a Patch Gateway REST method for com.stibo.gateway.rest. This new invoke action can modify the response body as well as headers.

For more information on the JavaScript API functionality, refer to the Technical Documentation, accessible at [system]/sdk or from the system Start Page, within the Extension API and Scripting API sections from the Javadoc link.

For more information on REST gateway, refer to the Gateway Integration Endpoint Bind topic in the Resource Materials documentation.