DXP Releases for 2025

Releasing locks on a page with unsaved changes will now show a confirmation prompt similar to when attempting to navigate away from the page.

This minor improvement to how locks are handled on pages will help prevent customers from losing page updates accidentally.

The Stale if error expiry time default has been increased from one to seven days.

Increasing the expiry time by this degree allows Edge to serve cached content better if Squiz Content Management cannot serve the page for a period that includes the weekend.

Squiz Link fields used as an array item have received a minor improvement in the component editing UI, improving usability when presented in narrower editing views. The updated design is visible for all existing components using Squiz Links on both content and standard pages.

The update changes the presentation of Squiz Link fields from a "primitive" array type to a complex array type that supports inputs. Complex array types (such as Cards) can offer more than one input type.

Changes introduced to the package controlling the formatted text editor (FTE) caused a regression in table borders and controls. Style overrides were added to the core styles to fix the underlying issue with the package.

An issue discovered in an internal API was discovered where warnings were being promoted to exceptions. This unintended escalation caused warning and notice-level alerts to halt function execution. An API mode that logs warnings without promoting them to error status was added. Genuine errors remain unaffected, and warnings are logged and appended to internal API responses.

User names were checked for uniqueness with a SQL LIKE instead of strict equality. If a username was set with a SQL wildcard character (% or _) it could have been detected as colliding with another username, even if it was unique. The LIKE check was replaced with a strict equality check, which correctly evaluates the uniqueness of user names.

Warnings on internal API and Asset Management API requests were being incorrectly converted into fatal errors, which caused those requests to fail unexpectedly. Exception handling was improved on the internal API and Asset Management API. Warnings generated in API calls will now log to error.log and not affect API request processing.

The request correlation ID, which users see in a fatal error condition (including exceptions) in version 6.51.0 of Squiz Content Management, was not displayed in error logs. Customers could not properly correlate the ID given in a fatal error to messages in the error log. The correlation ID is now available in the error log. Error logs now contain a portion stating the correlation ID and the source of it (normally Cf-Ray)

An issue with how Metadata screens were loading components and returning a ready state caused issues with updating or editing metadata fields. WYSIWYG fields were particularly affected by this issue. Lifecycle hooks with states were added when loading Metadata screens. The hooks get passed from children components to parent components, which allows the Metadata screen and its components to load correctly and then pass the ready state to Viper, so it is initialized correctly.

Access to remap rules was restricted to the Remap Manager’s Edit screen. Remap rules were not shown in read-only mode on the Details screen. Read access permissions used by other assets were added to the remap rules, which allow them to appear in read-only mode.

Logical comparison differed between displaying and activating triggers, which caused some imported triggers to appear deactivated but run when their conditions were met. The logical comparison was made consistent between display and activation, preventing triggers from running if they appear deactivated in the UI.

When initially created, the Send Email trigger action sent an unserialized empty array default value to an Email Format attribute object, which controls how the email options appear in the action. In PHP 8.0 or later, the screen would throw a TypeError exception and would not fully load. The default value is now changed to the serialized version of the previous default value, which allows trigger actions to load in PHP 8.1 environments.

The DN not found message was being logged for every LDAP user that was deleted or not found upon an action or refresh of an asset’s Details screen. This excessive logging overwhelmed the logs and made them unusable. After evaluating the value of the messages in the log, the solution was to remove the messages so that the logs could be used to troubleshoot issues again.

When opening the Version history screen on a redirect asset, an attempt was made to normalize some data not in the expected structure. A type mismatch resulted in PHP throwing a warning because there was an attempt to loop through data that was unparseable. Type checking was added to the control before the unexpected structure was passed, preventing the warning from occurring. The array type was added as a default value for the passed parameter, along with type hinting in the method’s signature.

An issue was discovered in the Set Metadata Field Date trigger action where an attempt was made to call end() on the result of an array function. PHP produced an Only variables should be passed by reference notice when using the Set Metadata Field Date trigger action with Metadata Date fields that had Contextable turned off. The offending code was removed in the Set Metadata Field Date trigger action, which fixed the issue.

Part of the dynamic membership code that controls whether the live or draft version of an asset should be shown to users was adding users even if no current user was set for the workflow. When this condition appeared, reference report generation failed with an “Asset ID cannot be empty” exception. A try/catch block was added around the dynamic membership code to catch the empty/invalid asset ID code and skip it if it is invalid (including empty). The dynamic membership code is now ignored if no user has been set as current or the user ID is invalid.

Previously, the Resource Browser and the Page Builder UI did longer round-trips through the Component Service to fetch asset info, which was much slower and unnecessary.

With this minor improvement, the Resource Browser and the input fields in Page Builder will get Matrix info directly from the Content Management instance. Removing the unnecessary round-trip through Component Service speeds up the load time experienced by Content Authors using content page assets.

When a formatted text editor block is edited in the preview panel, all editing overlays and tool capsules are hidden unless hovered over.

This minor improvement reduces the option clutter previously experienced by some customers when using the preview panel to edit text.

An issue was discovered where the test status in the A/B test list was hardcoded to Running and not dynamically set to the status of the test status in the Optimization dashboard, or the content page Settings dialog box.

The A/B Test statuses are now dynamically set based on the A/B Test status, which results in a more consistent experience between the list, page settings dialog box, and Optimization dashboard.

It was discovered that asset_lineage design areas could not be exported using Mirror without a start_at_level value set.

Design areas that did not contain this value prevented Mirror from performing export operations, which caused the export script to stop unexpectedly.

Checks have been added to skip empty start_at_level values, allowing the script to continue to the next export phase.

The View Records section of CSV data source assets has been updated to present CSV data using JSON instead of the built-in PHP print_r format.

JSON format is now the standard format for showing data structures. print_r is a PHP built-in format..

The View Records section of JSON data source assets has been updated to present JSON data using JSON format instead of the built-in PHP print_r format.

JSON format is now the standard format for showing data structures instead of print_r, a PHP built-in format. Transforming JSON data sources using print_r instead of directly rendering the JSON was unnecessary.

It was discovered that the content of large files was not limited to search indexing. In some circumstances, indexing these files could cause the system to run out of memory.

A limit was added to text-type files that only allows indexing until the limit is reached.

Due to the unavailability of V8 memory limit and time limit thresholds, the complex JS executions involved with Server-side JavaScript (SSJS) could cause customer instances to run out of memory. In some severe cases, this could result in the entire instance shutting down unexpectedly, potentially causing customer outages.

The fix adds V8 JavaScript time limits and memory limits, which can be configured by Root Users only through the System Configuration screen. The limits can be configured using the setTimeLimit and setMemoryLimit options in the user interface.

SSJS should run within the limits of V8 JavaScript and throw an exception if it reaches the limits instead of potentially causing a customer outage.

The solution authentication user ID was strictly checked to determine if it should be added to the cache key. The type was changed internally between integer and string.

These conditions prevented the solution authentication user from being flagged as relevant to the cache, which sometimes caused the wrong cache to get served when solution authentication was in use.

The user ID is no longer strictly checked, and a regression test has been added to capture this condition if it reappears.

Dependencies have been upgraded to address security issues, ensuring a safer and more reliable system.

The push data source and filter classes ignored the filter.class configuration key. This key was required for each MODIFY request sent to the push API. The lack of the configuration key caused unexpected behavior between data sources depending on the type.

The change implemented applies the filter.classes configuration key value for push data sources if no filter query option is provided with the push API request.

The SEO auditor returned internal content created for accessibility auditing purposes. The incorrect common words appeared in the audit results, making it difficult to interpret them.

The content was removed from the SEO auditor to no longer affect legitimate results returned to users.

The StringDocumentFilter generated an illegal character error when processing a URL set by the plugin, which caused errors while updating the data source with plugins applied.

The plugin framework tool can now handle special characters such as | in the start URLs. A raw string is first converted to a Java URL object and then encoded into a Java URI object while ensuring special characters are accepted by URL and not URI.

Users can now preview configuration files, including metadata-mappings.cfg, xml-index.cfg, and site_profiles.cfg through WebDav and the configuration file manager.

The configuration is displayed in raw format, and users can copy it between different instances or resources.

This minor improvement removes the often cumbersome, time-consuming, and error-prone approach of manually entering the configuration information using the dedicated Administration UI.

The username or password label used for form authentication could be inconsistent. For example, the form label for the username could be email instead of username. Under these conditions, the external crawler could not find the matched username/password value(s) for pre-crawl authentication.

Data source configuration keys were added for username and password labels when encountered in either pre-crawl or in-crawl authentication requests. Username and password labels that are not the typical username/password form labels are now handled correctly.

If a user did not have the correct permission to modify configuration keys in an attempt to update it, instead of the relevant error message the UI was displaying [object] [object].

The error handling under these circumstances was improved so that the user either receives useful feedback about the invalid value of the configuration key or the lack of permissions they hold to modify the key.

Cutting out and pasting back exactly the same content into a FreeMarker template was causing the system to save an empty file.

The system now prevents empty files from being saved when cutting and pasting the same content into the template editor.

The push system attempted to clean up all data sources running as query processors but failed because the document data and delete lists were missing. When setting the push optimization features, the “prepare Funnelback for upgrade” feature failed.

Push optimization features were adjusted to skip cleaning up data sources in SLAVE mode when preparing to run an upgrade. These adjustments allow the optimization features to iterate past the skippable collections and complete the process.

The !FunDoesNotExist:padrenull plugin query appeared in analytics reports because it indicated empty search results. Customers were unsure what the plugin query meant in the context of the analytics report. This confusion caused unnecessary support cases requesting that the plugin query be manually added to the denylist of each affected Squiz Search instance.

The item !FunDoesNotExist:padrenull was added to the global denylist, which prevents the plugin query from appearing in analytics reports.

If the display of a key depended on the value of another key with a parameter, only the first key value with a parameter would be taken into account, instead of any that fulfilled the condition. Adding the next key with a wildcard that fulfilled the dependent key condition would not display the dependent key form to provide its value.

The fix displays the dependent key form if any key with a parameter fulfills the condition instead of only the first key value. Users are now able to provide plugin configuration details.

A new plugin named Faceted navigation - advanced sort by date lets you sort faceted navigation based on dates that use a custom format. This plugin provides an input date format and converts it to a consistent and sortable output format of YYYYMMDDhhmmss.

You can sort a metadata-based facet by date, where the dates are represented in a custom format. If you have facet categories like Jan 2010, Jun 2021, Nov 2019, the facet categories can now be sorted by a normalized date. The plugin converts the metadata labels to dates internally before sorting.

The original maximum timeout that could be set for crawl requests to a web page was 30 seconds. Pages that exceeded the 30 second crawl timeout would not be processed during an update.

The maximum timeout that can be set for crawl requests (crawler.request_timeout) was increased to two minutes (120 seconds). If the crawl request timeout configuration is set to the maximum value, then web pages that take over 30 seconds will now be processed

An aurora replication lag between the read and write database caused issues with determining which metadata version to use when a chained metadata trigger applied updates to an asset. If a chained metadata trigger update was in progress, a second running trigger failed to update the metadata value.

Time checks were added between saving and the next attempt to read the database to determine if the trigger should read from the original database instead of the replica database. This check ensures the most current database is used.

The following types of transient errors were causing OAuth to unexpectedly fail, triggered fatal errors, and ultimately prevented users from continuing with the authentication flow:

Users experiencing these transient errors would see an ungraceful failure in the authentication process and would need to manually restart their attempt.

OAuth authentication has been updated to automatically retry the process in the event of transient errors. Instead of immediately triggering a fatal error, the system now attempts multiple retries before stopping authentication completely.

This change significantly reduces the likelihood of failures and ensures a smoother experience.

Content Management users with system administrator or root user permissions can now set a custom warning message and limit through the Global preferences  Configure warning and limit for containers per standard page setting.

The alert appears when content authors have either reached or exceeded the recommended number of components on the standard page they are creating.

This setting will help content authors make better decisions about how they are building content using standard page assets and will avoid performance issues when configuring too many CCTs on a standard page.

Asset listings were using inefficient methods to query data, work on the data structure, and sort the result. As a result, sorting and rendering results in asset listings was slow, and memory intensive.

Improvements were made to provide a more efficient approach of querying data, modifying data structures and sorting results. These improvements result in better asset listing load performance.

When an asset was published or set to live, a bug with how version history event listeners were loaded caused minor version history entries (for example, 0.x.0) to not be recorded. This issue caused inconsistencies between the documented versioning rules and the stored version history, making it difficult for users to track version changes.

The event listeners are loaded before proceeding deep into the HIPO execution path. Customers can now reliably track minor version history updates made to assets.

There was no mechanism in the stylesheet to show a scrollbar when the root node drop-down height exceeded the browser viewport’s height. When many root nodes were in the drop-down, some entries at the bottom could not be selected.

Updated stylesheet rules were applied to the root node drop-down to show the scrollbar when needed. The stylesheet change lets users scroll the asset tree and select the asset they need from the list.

A blank content page triggers an issue where the reload button appears clickable but does nothing, leading to user confusion.

The logic for the reload button was modified to perform its intended function even when there is no content to be reloaded. With these changes, the reload button now correctly performs a reload action and animates upon click.

A recent issue occurred when an unexpected and unhandled error was detected within a component while evaluating JSON schema for live previewing Squiz Content Management asset pointers. This error prevented all of Page Builder from loading.

Error handling has been added to mitigate JSON schema interactions that cause errors when fetching Squiz Content Management asset pointers. A customError block issue type and improved error messaging have also been introduced to report errors handled by the system, providing users with instructions on how to proceed correctly.

In Preview mode, users encountered an issue where the total segment count was not visible when selecting multiple segments, particularly when the longest priority segment had a lengthy name.

This limitation has been addressed by displaying the total segment count in Preview mode, even when the highest priority segment is selected with a long name.

Following feedback from our APB beta testing, it was observed that users were experiencing confusion between the Page Builder Edit mode toggle button and the button used to acquire page locks in Matrix.

To clarify this, we have renamed the "Edit mode" toggle button to simply "Build mode", streamlining the user interface to reduce potential misunderstandings.

Previously, the File Store UI did not support uploads larger than 50 MB while the API handled up to 100 MB.

This change brings the UI up to API feature parity, offering a more convenient way to manage files through the UI.

When configuring a CDP event with an Authorized condition, the Events UI did not protect against selecting unsupported rule types or typing string values when the condition required boolean values.

To fix this problem, the Authorized event condition now automatically fills the correct values, which are read-only and set to equals true. Users can now configure Authorized event conditions that behave as expected.

Fixed how the Queues page renders for retry flows.

Fixed a RangeError: Maximum call stack size exceeded console error when navigating to a locked workspace using the Tenant Admin UI.

Fixed an issue where the erroneous filter was not applying when redirecting from the Dashboard to Executions.

Fixed an issue where some threads were missing on the Execution page after applying specific filters.

Fixed an issue where the three-dots menu was not clickable when the full-screen mode was toggled for the credentials menu.

Fixed an issue in the Implement tab where changes to the shutdown timeout for a flow did not apply without refreshing the page.

Fixed an issue where unnecessary \ characters were added to the $getPassthrough() expression when the user switched the mapping section from developer mode to integrator mode.

This component is a copy of the existing Email component, enhanced with the ability to set custom credentials.

This addition allows flexible management of different domains, workflows, and API keys.

Users can now upload a PNG, JPEG file, or WEBP avatar image up to 500KB to their Squiz Integrations user profile.:

This feature lets users add a small personalized touch to user profiles. Customers can now see uploaded avatars when they are in their Squiz Integrations instance.

The Workspaces, Contract Settings pages, and several dialog boxes have all received improvements to responsiveness through their conversion over to React.

This update brings the benefits of React’s component-based architecture, enhancing responsiveness and interactivity for users.

The Executions page has been updated to sync pagination as it is received through connected WebSockets. This enhancement enables real-time updates and seamless navigation when viewing execution data.

Users can experience synchronized pagination that automatically adjusts as data is received through WebSockets, ensuring that the displayed information remains current and accurate.

The API endpoint GET /workspaces/get_workspaces_all_list can deliver a sorted list of available workspaces based on user permissions within the corresponding contract.

The enhanced workspace management capabilities provided by this new endpoint let users retrieve a comprehensive view of all workspaces they are authorized to access, streamlining workspace navigation and organization.

The GET v2/recipes API endpoint now allows users to search for Recipes based on a specific word or phrase in the recipe title.

By incorporating this search functionality into the API and UI, users can locate and access recipes that match their search terms, streamlining the recipe discovery process and improving overall usability within the system.

Sailor-NodeJS has been upgraded to v2.7.4 to fix the error location when a component uses the Rebound functionality.

This upgrade also improves the performance of several components that received this upgrade in the Integrations v25.06 release.