January 2025 Releases

Releasing locks on a page with unsaved changes will now show a confirmation prompt similar to when attempting to navigate away from the page.

This minor improvement to how locks are handled on pages will help prevent customers from losing page updates accidentally.

The Stale if error expiry time default has been increased from one to seven days.

Increasing the expiry time by this degree allows Edge to serve cached content better if Squiz Content Management cannot serve the page for a period that includes the weekend.

Squiz Link fields used as an array item have received a minor improvement in the component editing UI, improving usability when presented in narrower editing views. The updated design is visible for all existing components using Squiz Links on both content and standard pages.

The update changes the presentation of Squiz Link fields from a "primitive" array type to a complex array type that supports inputs. Complex array types (such as Cards) can offer more than one input type.

Changes introduced to the package controlling the formatted text editor (FTE) caused a regression in table borders and controls. Style overrides were added to the core styles to fix the underlying issue with the package.

An issue discovered in an internal API was discovered where warnings were being promoted to exceptions. This unintended escalation caused warning and notice-level alerts to halt function execution. An API mode that logs warnings without promoting them to error status was added. Genuine errors remain unaffected, and warnings are logged and appended to internal API responses.

User names were checked for uniqueness with a SQL LIKE instead of strict equality. If a username was set with a SQL wildcard character (% or _) it could have been detected as colliding with another username, even if it was unique. The LIKE check was replaced with a strict equality check, which correctly evaluates the uniqueness of user names.

Warnings on internal API and Asset Management API requests were being incorrectly converted into fatal errors, which caused those requests to fail unexpectedly. Exception handling was improved on the internal API and Asset Management API. Warnings generated in API calls will now log to error.log and not affect API request processing.

The request correlation ID, which users see in a fatal error condition (including exceptions) in version 6.51.0 of Squiz Content Management, was not displayed in error logs. Customers could not properly correlate the ID given in a fatal error to messages in the error log. The correlation ID is now available in the error log. Error logs now contain a portion stating the correlation ID and the source of it (normally Cf-Ray)

An issue with how Metadata screens were loading components and returning a ready state caused issues with updating or editing metadata fields. WYSIWYG fields were particularly affected by this issue. Lifecycle hooks with states were added when loading Metadata screens. The hooks get passed from children components to parent components, which allows the Metadata screen and its components to load correctly and then pass the ready state to Viper, so it is initialized correctly.

Access to remap rules was restricted to the Remap Manager’s Edit screen. Remap rules were not shown in read-only mode on the Details screen. Read access permissions used by other assets were added to the remap rules, which allow them to appear in read-only mode.

Logical comparison differed between displaying and activating triggers, which caused some imported triggers to appear deactivated but run when their conditions were met. The logical comparison was made consistent between display and activation, preventing triggers from running if they appear deactivated in the UI.

When initially created, the Send Email trigger action sent an unserialized empty array default value to an Email Format attribute object, which controls how the email options appear in the action. In PHP 8.0 or later, the screen would throw a TypeError exception and would not fully load. The default value is now changed to the serialized version of the previous default value, which allows trigger actions to load in PHP 8.1 environments.

The DN not found message was being logged for every LDAP user that was deleted or not found upon an action or refresh of an asset’s Details screen. This excessive logging overwhelmed the logs and made them unusable. After evaluating the value of the messages in the log, the solution was to remove the messages so that the logs could be used to troubleshoot issues again.

When opening the Version history screen on a redirect asset, an attempt was made to normalize some data not in the expected structure. A type mismatch resulted in PHP throwing a warning because there was an attempt to loop through data that was unparseable. Type checking was added to the control before the unexpected structure was passed, preventing the warning from occurring. The array type was added as a default value for the passed parameter, along with type hinting in the method’s signature.

An issue was discovered in the Set Metadata Field Date trigger action where an attempt was made to call end() on the result of an array function. PHP produced an Only variables should be passed by reference notice when using the Set Metadata Field Date trigger action with Metadata Date fields that had Contextable turned off. The offending code was removed in the Set Metadata Field Date trigger action, which fixed the issue.

Part of the dynamic membership code that controls whether the live or draft version of an asset should be shown to users was adding users even if no current user was set for the workflow. When this condition appeared, reference report generation failed with an “Asset ID cannot be empty” exception. A try/catch block was added around the dynamic membership code to catch the empty/invalid asset ID code and skip it if it is invalid (including empty). The dynamic membership code is now ignored if no user has been set as current or the user ID is invalid.

Previously, the Resource Browser and the Page Builder UI did longer round-trips through the Component Service to fetch asset info, which was much slower and unnecessary.

With this minor improvement, the Resource Browser and the input fields in Page Builder will get Matrix info directly from the Content Management instance. Removing the unnecessary round-trip through Component Service speeds up the load time experienced by Content Authors using content page assets.

When a formatted text editor block is edited in the preview panel, all editing overlays and tool capsules are hidden unless hovered over.

This minor improvement reduces the option clutter previously experienced by some customers when using the preview panel to edit text.

An issue was discovered where the test status in the A/B test list was hardcoded to Running and not dynamically set to the status of the test status in the Optimization dashboard, or the content page Settings dialog box.

The A/B Test statuses are now dynamically set based on the A/B Test status, which results in a more consistent experience between the list, page settings dialog box, and Optimization dashboard.

It was discovered that asset_lineage design areas could not be exported using Mirror without a start_at_level value set.

Design areas that did not contain this value prevented Mirror from performing export operations, which caused the export script to stop unexpectedly.

Checks have been added to skip empty start_at_level values, allowing the script to continue to the next export phase.

The View Records section of CSV data source assets has been updated to present CSV data using JSON instead of the built-in PHP print_r format.

JSON format is now the standard format for showing data structures. print_r is a PHP built-in format..

The View Records section of JSON data source assets has been updated to present JSON data using JSON format instead of the built-in PHP print_r format.

JSON format is now the standard format for showing data structures instead of print_r, a PHP built-in format. Transforming JSON data sources using print_r instead of directly rendering the JSON was unnecessary.

It was discovered that the content of large files was not limited to search indexing. In some circumstances, indexing these files could cause the system to run out of memory.

A limit was added to text-type files that only allows indexing until the limit is reached.

Due to the unavailability of V8 memory limit and time limit thresholds, the complex JS executions involved with Server-side JavaScript (SSJS) could cause customer instances to run out of memory. In some severe cases, this could result in the entire instance shutting down unexpectedly, potentially causing customer outages.

The fix adds V8 JavaScript time limits and memory limits, which can be configured by Root Users only through the System Configuration screen. The limits can be configured using the setTimeLimit and setMemoryLimit options in the user interface.

SSJS should run within the limits of V8 JavaScript and throw an exception if it reaches the limits instead of potentially causing a customer outage.

The solution authentication user ID was strictly checked to determine if it should be added to the cache key. The type was changed internally between integer and string.

These conditions prevented the solution authentication user from being flagged as relevant to the cache, which sometimes caused the wrong cache to get served when solution authentication was in use.

The user ID is no longer strictly checked, and a regression test has been added to capture this condition if it reappears.

Dependencies have been upgraded to address security issues, ensuring a safer and more reliable system.