Changelogs

dotCMS 24.07.19 offers some new and improved REST API functionality, the ability to generate images with dotAI directly from binary fields, better syntax highlighting, and the usual assortment of fixes.

It also contains our first breaking change in a while. We had quite a streak going — more than a year without! But alas, every once in a while they're just so called for.

Enhancements & Adjustments

• Updated the /v1/categories/children REST API endpoint to allow a search of the entire tree, starting from the specified inode. [#28896]
• Added v1/categories/hierarchy endpoint that takes a list of category keys and returns for each a list of parent categories. [#28894]
• Added the ability to use dotAI to generate images directly from binary fields. [#27458]

Interface

• VTL files now receive HTML syntax highlighting in the file editor. [#28084]

Fixes

• UVE Angular headless implementation authorizes across all modes properly. [#28949]
• The Workflow API no longer throws errors when operating on content that contains a Key/Value field. [#28930]

  Note: This originally appeared in 24.07.05, but was found to require more work.

• Fixed bug causing Kubernetes probe methods, under some conditions, to return erroneous 503 codes. [#28163]
• Changed default property to ensure upgrade procedures halt when any upgrade task fails. [#29240]
• Images uploaded in a non-default language now inherit permissions properly. [#28366]

Dependencies, Components, Etc.

• dotCLI now uses the highest available version of Quarkus capable of supporting both Java 11 and Java 21. [#28744]

Development Improvements

• Re-added procedure for deploying dotCMS instance using a custom database, such as from a database dump. [#28678]

Breaking Changes

• The poorly named access_token cookie has been renamed rme, as its only purpose is to establish a “remember me” login flow. rme cannot be used as a Bearer token in the header, and concerns itself exclusively with full login procedures that update the user's “last login” date. [#28747]

dotCMS 24.07.12 is a handy soul, bearing useful fixes for the command-line interface and more. That clicking sound you hear is another tumbler falling into place, as its deft hands move one step closer to unlocking the Java 21 transition…

Sorry about those gratuitous ellipses, by the way; we had to find somewhere to store them after yanking them out of the Publishing Queue.

Fixes

• dotCLI no longer truncates error messages. [#29072]
• dotCLI push commands no longer throw errors when using relative workspace paths. [#28847]
• dotCLI version is included with headers to allow compatibility validation. [#28594]
• Universal Visual Editor's Page API responses no longer include the additional layer of a containing entity property. [#28962]
• Fixed null pointer error when copying sites. [#28339]
• Select All checkbox now works properly in the Tags tool for Firefox users. [#25758]
• GraphQL page queries no longer throw errors when fetching the titleImage field that points to a dotAsset. [#28706]

  Note: This item originally appeared under 24.07.05, but required further QA work.

• Content search screen now automatically updates when AI content generation completes via workflow. [#28168]
• Child permissions within categories now load properly. [#28838]
• Removed ellipses from the end of bundle identifiers in the publishing queue; the identifiers weren't even being truncated. [#28509]
• Added a search field to the publishing queue to allow filtering for whole or partial bundle identifiers. [#28508]

Security

• Patched one medium security issue.

Dependencies, Components, Etc.

• Updated CLI native build options in preparation for Java 21 update. [#29110]

Development Improvements

• Fixed some Postman tests previously set to “ignore” for erroneous results. [#26676]

It's the midseason harvest, and dotCMS 24.07.05 is ripe and bountiful — rich in features and lean on bugs.

This crop goes with just about everything; a dev with the wherewithal could render the same page across two, even ten environments, if'n they wanted. And to haul it all to market, dotCLI is growing into a real beast of burden under that shell; give it an instruction, and it'll keep hauling in the background. Heck, you might spy one out yonder, plowin' RESTful fields so fertile, you can toss a UUID at the ground and watch a workflow sprout.

You say you ain't never seen a workflow sprout? Friend, that's a shame we aim to remedy!

Enhancements & Adjustments

• The Universal Visual Editor config now accommodates a allowedDevURLs parameter, which contains an array of URLs. These URLs will be allowed for use with the URL query parameter clientHost, which permits rendering of the same page content across different headless environments. [#28858]
• Added --watch [n] option to all dotCLI push commands, whether global or specific to a subcommand. This option allows dotCLI to passively scan every n seconds for changes in the specified workspace, and push them automatically when detected. [#28593]
• When saving content types through dotCLI, it is now easier to add workflows; just include a workflows property that contains an array of either workflow identifiers or names, and the system will replace the array of strings with an array of fully populated workflow objects. [#28265]
• Updating content types through dotCLI does not require identifiers; a variable name will suffice. [#28264]
• A Host column now appears in the References tab of the content editor, to better track content used on multiple hosts. [#28365]
• New REST API endpoints have been added allowing the creation of push publishing environments. [#28578]

Interface

• When previewing social media cards on traditional pages in the UVE, the status bar no longer cuts off early on the right-hand side. [#28959]
• The button to add a new device to the editor's Preview Devices now uses the “edit” pencil icon. [#28455]
• Updated checkmarks in category dialog dropdown menu to be visually consistent with current designs. [#29020]

Fixes

• In projects, DOTCMS_HOST URLs now support optional trailing / characters. [#28932]
• Direction parameter in dotCLI sorting commands now accepts case-insensitive directions — ASC or asc, DESC or desc. [#28143]
• Fixed error preventing the use of the dotCMS library as a plugin dependency. [#25836]
• Binary fields remain properly visible when creating new content. [#29127]
• Fields converted from WYSIWYG to Block Editor now render correctly; procedures expecting a JSONfly no longer prematurely open the cocoon before the markupillar is ready to emerge. [#28943]
• Suppressed a log error down to a warning when a user successfully signs in but lacks access to the default host. [#27069]
• Newly created file assets will respect the language selected on creation, rather than shifting to the default language. [#28489]

Development Improvements

• Split the default Postman collection into separate similarly portioned collections, to cut down on testing time. [#28423]

dotCMS 24.06.27 is a tiny pill that contains several essential nutrients. In the future, perhaps all meals will be taken in this form; for now, though, think of this as a sort of vitamin supplement.

Fixes

• UVE no longer crashes on an attempt to edit a contentlet outside of a container element. [#28928]
• Some dotCLI resources used at runtime were being deemed unnecessary by the compiling process, which would lead to errors in execution; these resources have been made explicitly necessary to build operations. [#28915]
• Content API now hits a cache instead of the database when determining whether a UUID passed is an identifier or an inode. [#28897]

Trumpets announce dotCMS 24.06.26, and a herald reads the decree: The kingdom recognizes the headless adventurers who thanklessly quest across the frontiers, wielding the esoteric arts inherited from the whispered land of OSGi. To these brave heroes, we offer succor, solace, and REST — that is, a whole new slew of REST API endpoints to administer plugins!

Gnomish caravans bring other goods: a variety of useful and important fixes, updated SDK examples, and more. What dragon would dare stand against your party, now?

(Roll for initiative!)

Enhancements & Adjustments

• Next.js and Angular library examples now include out-of-the-box support for custom 404 pages. [#28817]
• Improved error handling on the JavaScript SDK's client libary. [#28816]
• Expanded OSGi plugin REST API resources, to take over for previous OSGIAjax procedures; a full suite of plugin behaviors (deploying, undeploying, and more) is available via api/v1/osgi endpoints. [#27874]

Fixes

• UVE controls show properly when switching between preview and editor views. [#28960]
• Fetching of language identifiers now properly refers to cache, rather than calling the database every time. [#28890]
• Embedded contentlets in Block Editor fields are now stored by reference rather than by replicating the entire contentlet, and further limit relationship depth to 2 to prevent circularities. [#28659]
• API responses now return expected data for fields labeled description. [#28785]
• OSGi plugin fragments are discarded after processing, and system messaging now better reflects their addition to the exported packages list. [#26518]

Dependencies, Components, Etc.

• Redis implementation now supports ACL authentication via usernames and passwords. [#28863]

Development Improvements

• Added Postman tests for dotAI REST API resources:
  • Embeddings endpoints [#28721]
  • Search endpoints [#28720]

dotCMS 24.06.21 hauls, in the foreground, a couple of high-priority fixes and a dependency update. In the background, many other, less obvious changes have also occurred — steady construction toward future features.

Fixes

• Unified API responses for binaries to prevent type errors when fetching related content. [#28857]
• Fixed bug causing pages not to save template selections correctly when editing via the contentlet editor. [#28846]

Dependencies, Components, Etc.

• Updated GraphQL to 17.5. [#28420]

dotCMS 24.06.19 mostly hauls up a slew of fixes — some directly relating to the release two days prior, all useful. Use them in good health!

Enhancements & Adjustments

• As with the Next.js example in the last release, the Angular JavaScript SDK library example now includes Vanity URL handling. [#28815]

Fixes

• The Block Editor's bubble menu now behaves correctly. [#28839]
• The JavaScript SDK's getCollection method now properly returns default values for live and languageId properties. [#28830]
• Fixed bug causing default-language fall-throughs to fail. [#28769]
• When pushing a page that does not exist in the default language, the system will now properly evaluate its template. [#28760]

  Note: This issue formerly appeared in the release notes for dotCMS 24.06.17, but was revisited immediately thereafter.

• PATCH endpoint of /workflow/actions/fire API no longer throws a null pointer error when a content map is not included. [#28580]
• dotCLI no longer requires a page identifier for a url-mapped detail page in content type descriptor file; a path will suffice. [#28262]

  Note: This issue formerly appeared in the release notes for dotCMS 24.06.17, but was revisited immediately thereafter.

• Fixed regular expression governing password validation to behave more consistently with special characters at different points in the string, etc. [#23292]
• Universal Visual Editor's “Add Form” option is now hidden for non-licensed users. [#28900]

dotCMS 24.06.17 comes equipped with some hustle, some bustle, and no gristle. New embedded-contentlet editing through the Block Editor's trestle, growing the SDK's castle, more bugs defeated in a wrestle, et al. It's enough to make one whistle!

Enhancements & Adjustments

• You can now click through to edit contentlets embedded in a Block Editor field. [#26316]
• The Javascript SDK grows:
  • We've added a new Angular library! [#28404] [#28497]
  • Next.js and Angular examples in the Javascript SDK now employ Content API method. [#28807]
  • Next.js example app now handles vanity URLs via recent modifications to the Page API. [#28403]

Fixes

• Updated update task (a second-order update!) to fix the way it addresses the month of March with regard to Daylight Savings Time. [#28695]
• Removed ability to alter sort order from the Site Browser; changes to menu order require changes to the Sort Order field. [#27820]
• Push Publishing no longer has a 10,000-item limit. [#23131]

Development Improvements

• QA using new test case management system. [#28791]
• Added Postman tests for generative AI endpoints. [#28719]
• We added some Slack notifications to the dotCLI release workflow. This one's just for us, really. Still, now you know it; unknowing it will be the work of time and diligent focus on everything in life but this extremely minor fact. [#28673]

dotCMS 24.06.06 gazes down at 24.05.31. If the latter's show of force made an impression, the newcomer's eyes don't register it.

“'Fewer than ten business days,'” it intones.

Searing air casts a lone tumbleweed between the two, like a plea from the fates — a scraggly olive branch dipped in the Lethe, bent into inexorable flight. It bounces once, then fades from the world.

When next the challenger speaks, sight lines bend to converge or fall away in perfect tunnel vision; the winner has already been decided.

“…Try four.”

In this update, the dotAI Tool sits high in the saddle, no longer requiring any special setup; we've set a lookout over the gulch via improved security logging on Apps; the town padre, Page API, says a benediction over vanity URLs; and our saddlebags are packed with fixes.

Giddyup.

Enhancements & Adjustments

• Improved system logging on Apps operations. [#28646]
• Page API now supports and respects vanity URLs.[#28402]
• dotAI Tool is now visible from the admin panel by default. [#28121]

Interface

• Adjusted card list styling; first row no longer appears larger than subsequent rows. [#28725]

Fixes

• Copy URL button in page editor now copies URL to clipboard as expected. [#28627]
• Reverted page editor behavior: making layout changes from a page will always result in a custom page layout, and will never adjust a shared template — even if that page is the sole user of that template. [#28758]
• Updated MultiTreeCache to exhibit cluster-aware behavior for experiment variants. [#28588]
• System now properly evaluates and includes templates when push-publishing a page that does not exist in the system default language. [#28760]
• Fixed importation of page assets via export file. [#28306]
• Content types now properly display in the content search when the system property is true. [#28284]

Development Improvements

• WireMock server added to supplement Postman tests. [#28739]

dotCMS 24.05.31 is a modest release, as they go, comprising a handful of changes made over the span of fewer than ten business days. Still, there's more under the surface — chunks of work put toward other, larger ends still under construction. So this release is something of a codeberg. It's been a while since any kind of berg has made a lasting impression. I'll come right out and say it: Bergs are due a moment.

This one folds the asynchronous email actionlet into the core; allows automatic Time Machine backup pruning; and adds endpoints both of the immediate variety — such as the user updater mentioned below — and in support of forthcoming features, such as a localization revamp.

Enhancements & Adjustments

• Updating a Content Type via the CLI can proceed either via Content Type id or variable name. [#28263]
• The workflow actionlet to send an email asynchronously, formerly available as a plugin, has become a core functionality. [#28360]
• Added PUT api/v1/users/{id} endpoint for updating users via REST API. [#27794]
• Added job to prune old Time Machine backups; the PRUNE_TIMEMACHINE_OLDER_THAN_DAYS property has a default value of 90 (days), but can be manually configured. [#22033]

Fixes

• Fixed checks to prevent already-known language codes from being created; these checks now properly reference language codes instead of country codes. [#28640]
• Fixed “flickering” visual effect due to redirects on experiment variants. [#28291]
• Updated dotZapier integration plugin to address compilation error. [#28589]

Security

• Patched one medium security issue.

dotCMS 24.05.20 comes with a wealth of changes deep under the hood, many of which concern dependencies and the evolution of our own developmental workflows and automations; others pertain to larger efforts still in development. But that doesn't mean we've forgotten to include some goodies for you, the user!

We've added a new query-builder syntax intended for use with our JavaScript SDK, an important part of the forthcoming implementation of the Content API in the SDK's client library. We're also providing the usual assortment of fixes, including a pretty important one that makes the $ai viewtool work. This is key because, as Aristotle would no doubt observe, “working correctly” is an important quality determining the goodness of a tool in securing its telos as the object of human will — which is elevated in turn.

And, as it happens, we do seek to elevate this human project.

Enhancements & Adjustments

• Added new REST endpoint to access language variables stored as content; this is intended to support forthcoming localization changes. [#27979]
• Added query-builder syntax to allow JavaScript SDK users to build Content API queries. Wearing these gilded gloves, one need never make skin contact with the Lucene query syntax. [#28537]

Interface

• Implemented tertiary, icon-only button style into graphical system. [#28535]

Fixes

• Resolved several JavaScript-based dependency vulnerabilities:
  • Addressed JSON5 prototype pollution via parse method. [#28442]
  • Resolved unauthenticated denial of service via the octokit/webhooks library. [#28440]
  • Path traversal through webpack-dev-middleware? We think not! [#28437]
• The venerable # character is now decoded correctly when called upon in rules and vanity URLs. [#28089]
• Workflow selections are now mandatory when performing the import content job, to avoid system confusion when importing content that typically uses a custom workflow. [#28171]
• Changed the message that appears when exceeding a 100-character length on user name or email fields; dotCMS now tells you, in plain language, that a length has been exceeded, rather than pitching a SQL-flavored tantrum and evoking secondhand embarrassment in you, the one witnessing the spectacle. [#27725]

  Note: The above bullet originally appeared on 24.05.13's release notes, but was in fact delayed to this release for QA considerations.

• Squashed bug bedeviling the $ai viewtool's general functionality; the tool now works as intended. [#28571]

Dependencies, Components, Etc.

• Updating Junit and Mockito to address Java 21's restrictions on internal APIs. Mockito also obviates the need for Powermock; fare thee well, Powermock. [#27995]
• Upgrading Apache Commons Compress to 1.26.0. [#28445]
• Upgrading org.apache.xmlgraphics:batik-transcoder from 1.16 to 1.17. [#25873]

Development Improvements.

• The old vulnerability-scan GitHub workflow, long disabled, has been removed from our codebase. [#28609]
• continue-on-error property added to workflow to ensure the integration processes complete even when encountering a failure, while Artifactory changes are underway. [#28535]
• Built a generic artifact deployment GitHub action in support of CLI release process. [#28226]
• New CLI jars are now generated automatically on merges. [#27286]
• Integration tests added for AI viewtool. [#27959]

dotCMS 24.05.13 arrives on scene, the latest standard bearer of all that is new and improved. In the course of events, and the relentless march of time, the former will cease to be true; however, it will always be the case that 24.05.13 is improved over its predecessors.

Improved how? Our command-line interface grows mightier, for one thing. We've also got under-the-hood work from plugin endpoints to Java class refactorings; useful fixes, ever the crowd pleaser; and quite a lot more not even listed here — loads of work on features soon to see the light of day.

So, as the newness grows already old, pause to appreciate this moment — it passes, as do all moments, and surely won't be back. But when you're getting better with every new release, that's not a bad thing at all.

Enhancements & Adjustments

• When pushing or pulling hosts via dotCLI, site variables can now be included. [#28059]
• The CLI generates less log spam. [#28031]
• dotCLI log file has been scooted into the to .dotcms folder. [#27809]
• dotCLI no longer depends upon dot-service.yml; the addition of a --dotcms-url option allows its entire configuration to be encapsulated in commands, for more flexibility in one-off or programmatic use cases. [#27799]
• Updated Plugins tool with new OSGi endpoints. [#28320]
• Refactored OpenAI-using classes (such as in dotAI) to allow dependency injection for easier testing. [#28209]
• Added a job to prune old indexes. [#26069]

Interface

• Implemented new designs for tables in the admin panel. [#27940]

Fixes

• Apps configurations can now be properly imported from older versions. [#28427]
• Removed several CollectionUtils methods that are already handled natively on Java 11. [#28192]
• Introduced safeguards against system objects being push published. [#28173]
• Removing content boxes from the Template Designer can no longer break pages. [#27646]
• $dotcontent viewtool is now permissioned appropriately for the user when utilized in the Send email Workflow sub-action. [#28352]
• Previous versions of templates can now be properly rendered. [#23366]
• Flaky-tested and fixed unexpected RECEIVED_BUNDLE status in synchronous bundle-endpoint operations. [#28380]

Dependencies, Components, Etc.

• Updated GraalVM to prevent errors on native-imge generation for the CLI. [#28391]
• SnakeYAML update for dotCMS and dotCLI. [#24850] [#28325]
• Adjustments to Babel and tschaub gh-pages implementations to avoid vulnerabilities. [#28441] [#28436]

Development Improvements.

• Restricted approval of GitHub Workflows to a secretive tribunal of our wisest and most otherworldly shamans. [#28293]

dotCMS 24.04.24 is a next-day quickie. It has a minor tweak behind the scenes, but otherwise just the one tangible shift:

Interface & UX

• The Page Editor's “Open in New Tab” link now reads “Open Published Version” — clarifying that the user will view a live, rather than draft, version. [#28347]

dotCMS 24.04.23 is back from the code mines, hauling a rich new vein of improvements. A new endpoint can provide content reports that can better inform deletion decisions, streamlining licensing and JSON both, and friendly modals give AI-generated content a tidy staging area.

And as for the rest, you know us: Stuff gets fixed.

Enhancements & Adjustments

• Added /api/v1/contentReport endpoint, capable of providing a list of Content Types and any existing contentlets of each type that live under a given Site or folder entity. This is helpful when making structural decisions, such as the placement or deletion of those entities. [#27755]
• Language JSON files used by dotCLI now only require dotCMSObjectType and isoCode properties; other pertinent data is generated on the fly. [#27448]
• In line with changes in license distribution methods, we've removed the ability to copy and paste licenses into dotCMS from Settings -> Configuration -> Licensing; licenses are now applied exclusively via the Upload option. [#27891]

Interface & UX

• AI Blocks in the Block Editor initially generate their content in a modal dialog, for added clarity and conceptual separation of generated content. The modal likewise includes previews of generated images. [#27633] [#27632]
  • A “Cancel” button has been added to AI content modals, because humanity ought to have veto power over our synthetic-brained scions for at least a little while longer. [#28172]

Fixes

• “Open in New Tab” option in Page Editor now correctly displays the published version of of the page. [#28278]
• Restored file hyperlinks to the Binary Field info modal. [#28115]
• Updating a template that uses the same container in multiple boxes will no longer result in displaced content among pages using that template. [#27816]
• Fixed “Download DB Dump” functionality under Settings -> Maintenance -> Tools. [#27537]
• Deleting the parent page of an experiment no longer causes certain underlying Experiments API calls to fail. [#28238]
• Fixed a conflict in the analytics infrastructure causing errors at startup. [#28305]
• Binary field now correctly shows thumbnail previews of uploaded PDF files. [#28105]

dotCMS 24.04.16 boasts new options for Apps configurations, a few fixes, and quite a few other changes that it simply won't do to discuss here, yet — mainly work on new features in development, still awaiting release. Rowdy ones, at that: Some already demand to be seen!

“If patience were easy,” we remind them, “it wouldn't be a virtue.” That buys us a short reprieve, always briefer than the last.

Enhancements & Adjustments

• Apps configurations can now be overridden via environment variable, with options to show or hide altogether any values so overridden. This presents a clean, hierarchical method of App configuration in cloud or multitenant settings. [#25953]

Fixes

• Resolved discrepancies in representations of limited permissions with the dotCMS CLI; dotCLI now throws the correct errors (i.e., the authorization sort) on file pull operations for limited users. [#27386]
• dotAI tools now insert content into Block Editor interfaces in a more natural manner: as a set of separate blocks, as if pasting from another source, rather than a single, condensed block. [#28201]
• When duplicating content with certain relationship types — one-to-one, many-to-one — the copy will be created without duplicating those relationships, to prevent cardinality violations. [#26283]

As you may have noticed, dotCMS releases have had a faster cadence recently. While the typical release might not stretch into the mammoth manifests of yesteryear, there's still always something exciting in the works; dotCMS 24.04.05 is no exception.

Today, we're pleased to announce the official release of the dotCMS Command Line Interface, or dotCLI for short. This tool opens up new horizons for CI/CD operations and general automation of dotCMS instances or clusters. Everybody loves a good command line, and you can bet that we're already using this little wonder for our own sites.

Aside from that, we've begun the work of folding the dotAI Plugin into our main codebase, leaving the work of integration testing and activation. We also added new handholds to edit custom content tools, and bopped a solid bouquet of bugs — a little spate of spring cleaning.

Features

• The dotCMS CLI is officially released! [#27906]

Enhancements & Adjustments

• The dotAI Plugin code has been migrated into the dotCMS core, the first step toward turning it into a permanent core feature. [#27972]

  Important Note: If the dotAI Plugin was already deployed and running, some actions need to be performed both before and after upgrading:

  • Before upgrading to this version the plugin needs to be stopped and undeployed from the Plugins portlet.
  • After upgrading to this version the dotAI portlet needs to be added back via Roles and tools. There is a GitHub card to add the portlet automatically after the migration so this would not be needed in the future.

• Added API methods to update and fetch custom content tools. [#27920]

Fixes

• Pages with an active Experiment now also refer to the Site, and not just the path, when determining whether a redirect is necessary. [#27906]
• Thumbnails now display correctly in the Block Editor's Contentlet blocks. [#28055]
• Deleting a Site that contains Content Types and content items no longer silently fails, and now provides an extra prompt to warn of the deletion of such items. [#27862]
• The Secrets Viewtool can now properly parse the inode from URLs. This is important to ensure that it can properly check code's last editor to ensure they have permission to call on the secret. [#27516]
• Fixed error where, when push-publishing to two different environments — one static, one dynamic — the normally untracked entry for the static push would appear in the pushed assets table with a null endpoint. [#27928]
• Fixed Google Maps feature when setting rules related to visitor location. [#27531]
• Key/Value fields no longer perform HTML encodings on inappropriate characters (commas and colons) when returning HTML-encoded values. [#25903]

We've had dotCMS up on the lift for the last couple of weeks; it comes back down as dotCMS 24.03.22. After some work under the hood, she's purring like a kitten — with some new API functionality, more Page and Template editing horsepower, cleaner log exhaust, and more. We even threw in some routine maintenance and tire rotations at no charge.

Fuzzy dice mirror ornaments cost extra, though; sorry, we have to draw the line somewhere.

Enhancements & Adjustments

• Templates now also accept Themes specified as paths, rather than only via its folder identifier. [#27803]
• Added cluster prefixes to facilitate serving multiple dotCMS instances from one Redis database. [#26932]
• Page API additionally returns content related to the Page asset itself, on calls with a depth of 2. [#27775]
• Content Type API now accepts a sites query parameter to filter results by one or more Sites. [#27731]
• Added the ability to trigger Workflow actions while editing a headless page via the Universal Visual Editor. [#27159]

Fixes

• Scaled back some excessively verbose log entries. [#27910]
• Corrected role checks when requiring multiple roles to access a resource. [#27909]
• dotCMS dev container no longer fails to start without a license. [#27759]
• Variants can no longer render after an Experiment has been ended; attempts to do so will only render the default variant. [#27748]
• Updated docker compose examples with new flag configuration to prevent possible startup interruptions. [#27740]
• Left offsets in the Template are now correctly respected by the headless rendering behavior. [#27406]
• Fixed import behavior on content with Site/Folder fields, which was incorrectly expecting an inode instead of an identifier. [#27361]

Security

• Patched two medium security issues.

Dependencies, Components, Etc.

• Updated Postgres JDBC driver. The vulnerability this update resolves did not affect dotCMS, as we do not use the setting in question. Still, automated scans that don't know any better were very noisy about this. So… we may as well. [#27894]

After some of the hulks we've seen on our old, monthly release schedule, dotCMS 24.03.11 is a humbler affair, mostly focused on fixes and adjustments to recently released features, plus our usual assortment of general fixes.

It's kind of cute, in its way.

Enhancements & Adjustments

• Clicking a link in the Announcements menu will mark all announcements as read. [#27795]
• Improved usefulness of error messages on the /v1/users endpoint. [#27742]
• System table loading has been shifted from a purely lazy strategy to an eager preload on startup, plus caching. [#27020]
• Set Response Headers Rule Action now accepts double quote characters in the value field. [#26987]

Interface

• The Announcements menu now opens in the same spot as the Notifications menu. [#27685]
• Fixed link text on the License Needed screen. [#27672]

Fixes

• Fixed issue related to new Announcements menu that caused Community Edition to be unable to edit Pages or load the content palette. [#27773]
• Making layout changes in the Template Designer and directly to the Page content no longer causes inconsistencies in content placement within the Template. [#27689]
• Adjusted $UtilMethods.isImage() method to prevent it from blocking and thereby bogging down a system. [#27883]
• Fixed error that prevented the system from returning identity provider IDs instead of the Site identifier as part of the ACS URL in a SAML response, even if the properties are configured to behave that way. [#27832]
• The Site or Folder field was no longer visible in the Relate Content dialog, so we sawed a panel out of its wall, then slid the field in place behind, allowing its light to filter through. It really opens up the room. [#27563]
• Image fields now correctly receive headers in CSV exports of contentlets. [#26004]
• Fixed static push publishing to S3 buckets in the us-east-2 region. [#24698]

Development Improvements

• Altered handling of feature flags to simplify feature rollouts. [#27708]

dotCMS 24.03.01 bursts through the gate hot on the heels of 24.02.20. How much could have happened in just over a week? Quite a bit — especially when some of those things have been brewing alongside other features.

This one heralds our new Announcements menu, with no small relish; indeed, announcing announcements is the starkest form of metannouncery. So, hark: At the upper right corner of the admin panel, one may espy a small “megaphone” button. Click thee hence, and be informèd on the variety of topics we share — features, events, handy links, and more.

And above all, we promise we will not use this to jangle keys at you at all hours. We know the score; it's a once-in-a-while thing.

Also on deck: Experiments is now enabled by default. It still requires some setup for its back-end architecture; you can contact your customer success manager to get that process started. Either way: Experiments has graduated from its “beta” phase.

We've also included a smattering of fixes, because maintenance is a duty we take seriously enough to perform in perpetuity, hearts aglow with fortitude, humility, and fidelity. Possibly honor, as well, though further testing is needed to confirm.

Enjoy!

Features

• New Announcements menu shares important information from dotCMS, plus a friendly set of links. [#25733] [#25737]
• Experiments are now enabled by default. [#27671]

Enhancements & Adjustments

• The local.dotcms.site certificate has been updated for 2024. [#27384]

Interface

• Fixed responsive qualities of autocomplete in cases such as Tag fields. [#27421]
• Notifications dropdown now displays message indicating clearly when there are no new notifications. [#27368]
• The dropdown menu in the content comparison tool will now display more than 20 versions at a time for comparison. [#26815]

Fixes

• REST API sets language ID correctly when a new user is created via v1/users endpoint. [#27319]
• Bundles now display the user who created them to appropriately permissioned users. [#26224]
• Fixed errors when deleting unpublished bundles via REST API calls. [#26201]
• Bundles now properly display contents in excess of 20 items when expanded in the Publishing Queue. [#26170]
• Fixed unresponsive Import button when importing categories via CSV. [#25653]
• Limited users with appropriate permissions can now create Content Types on the System Host. [#25296]
• Custom Layouts now always push with their associated Page, even if selecting a Push Publishing filter that does not include Templates. [#22385]

dotCMS 24.02.20 arrives with another of the many promised features underway: Our dotAI plugin is here to allow you to integrate OpenAI tools in your dotCMS instance. Tired of tagging your own content? Let a machine do it! Generate images, text, and even dotCMS contentlets through a host of new methods — a Velocity viewtool, Workflow Sub-Actions, new API endpoints, and a new developer tool in the admin panel.

In the future, expect to see these tools natively integrated into the core of dotCMS — along with the possibility of using AI providers other than OpenAI. It's

This edition also includes new and improved systems for handling file metadata under the hood, new options for controlling your landing point after signing in, a smarter site selector, dependency updates, and the usual panoply of bug and design fixes.

But mostly we're excited about this plugin, here to remind everyone that it's no longer humanity's world, but a world of cold, algorithmic intellect — inscrutable, unstoppable, and often extremely useful!

Features

• Announcing our new dotAI plugin, a way to incorporate OpenAI tools into your dotCMS workflows, create semantic searches, and generate tags, content, and more. [#26495] [#27437] [#26505] [#26506]

Enhancements & Adjustments

• Implemented a chainable metadata provider that incorporates both file system and database elements that allows better performance, better file asset storage routines, and tidier S3 file asset storage. [#24307]
• Added DOT_REDIRECT_AFTER_LOGIN system property that allows overriding the default redirect after signing in to dotCMS; if you would rather it not send you straight to the admin panel, your wish is this property's command. [#27344]
• The Site selector's sorting criteria has been altered, now favoring the shortest match first; this avoids the behavior where many subdomains might top the list when you search for the parent domain. [#27447]

Interface

• Apps list now scrolls properly on small screens. [#26834]
• Helper dialogs providing information about fields have been updated to prevent content from overflowing their boundaries. [#26602]
• Fixed several cases where some menu items would overlap in improper ways due to absolute positioning. [#26603]
• Hid the download button for bundles pushed to static environment, as these are not downloadable. [#26542]
• In the Content Type editor, the Field list now scrolls all the way to the bottom, instead of bottoming out the scroll bar with a short ways to go. [#27399]
• Fixed Apps card styles such that the App integration icons aren't covered with a blue circle. [#27445]
• Changed checkboxes' transparent backgrounds to white. [#27486]

Fixes

• Updated starter image: The Language Variable Content Type has been flagged in the starter as not being a system type, enabling user creation of this content. [#25891]
• Corrected typo in a server-side validation error message. [#26729]
• Fixed an issue with the Template Designer that caused content to be added or removed when removing or adding Containers. [#26413]
• An Experiment can no longer continue to register events for a time after its scheduled ending date. [#27451]
• Content Search tool correctly displays checks in checkboxes beside results. [#27503]
• Fixed issue where contentlets can be uneditable when accessing through Card view in the Content Search. [#27522]
• Binary Field once again autocompletes the title and file name fields on upload. [#27389]
• Adding multiple Binary Fields no longer results in error prompts about their respective asset names. [#27523]
• Repaired uncaught Failed to Fetch exceptions when previewing a Page in Edit Mode with the SEO feature enabled. [#27601]

Dependencies, Components, Etc.

• Updated XStream library. We did so recently, but we've given it another bump — from 1.4.8 to 1.4.20. [#21060]
• Upgraded Tomcat from 9.0.60 to 9.0.85. [#26722]