Release Notes

List of new features and improvements

Platform

• Add placeholders to blank cells in back-office data grids (BAP-20846)
• Back-office API for Search (BAP-12128)
• Update JS libraries for maintenance branches (BAP-21005)
• Create other status code for oro:install command (BAP-20923)
• Use fonts preload to improve performance on UI (BAP-20399)

List of fixed issues

Platform

• Client-Side JavaScript Prototype Pollution (BAP-21092) *
• Unwanted script execution possible in email template preview (BAP-20848) *
• "doctrine:mapping:convert" command corrupts Doctrine metadata cache (BAP-21072)
• DraftSourceListener failed in "doctrine:mapping:convert" command (BAP-21058)
• Issue with retrieving folders from Microsoft365 for email box with a large number of folders (BAP-21017)
• Unable to build extend caches after injecting oro_importexport.serializer to console command (BAP-21003)
• Acl and AclAncestor are ignored for invokable controllers (BAP-21000)
• Disable IMAP folder from the sync can lead to huge process of emails clear and can lead to the fatal by memory limit (BAP-20989)
• Error when updating CustomerUser email having workflow for this entity (BAP-20988)
• Email contexts are lost after mailbox sync update from IMAP to Office 365 (BAP-20983)
• The "meta" filter is added even if it is disabled for API resource (BAP-20958)
• "include" usage in API request leads to config options ignore (BAP-20943)
• OAuth2 Client Credentials token provide access based on Current Organization in user's UI (BAP-20937)
• Unexpected HTML escaping of some symbols in CSV file for enum fields (BAP-20922)
• Changes in only one of multiple multi-select attributes are recorded in change history (BAP-20920)
• Redis lock critical errors in prod.log (BAP-20915)
• Cannot run demo fixtures after clean install (BAP-20661)
• Error updating lead phone number using inline editing in Leads grid (BAP-20560)
• Deleted OneToMany attribute makes entity api unavailable (BAP-20467)
• Widget resizes when an error flash message is displayed (BAP-20070)
• Widget request loses parameters during request (BAP-19573)
• Wrong rendering of translated labels (BAP-18542)
• Slow performance on entity view with Activity List (BAP-14669)

Release Notes

List of new features and improvements

Platform

• Implemented user notification on errors during sync (BAP-20890)
• Enable Office 365 Single Sign-On functionality (BAP-20225)
• Remove sitemap index file compression (BAP-20428)
• Documented usage of the --skip-isolators option of bin/behat (BAP-20801)
• Simplify installation and upgrade in the TEST environment (BAP-20830)
• Lock mongodb php extension to 1.9.* (BAP-20862)
• Simplify using contact reason and preferred contact method fields of contact request entity in email templates (CRM-9312)

List of fixed issues

Platform

• Validation of the calendar event's organizer display name (BAP-18855) *
• XSS build failed on 4.2 branch: - can't install oro/test-security package (BAP-20832)
• "Import button is visible when write permissions are set to "None" (BAP-20506)
• Out of memory in GridFS guessContentType (BAP-20507)
• BAPRM cookie is removed after task opening (BAP-20550)
• Translation cache may not be updated due to wrong file stat cache (BAP-20674)
• Office365 email synchronization may fail because of message_id field length limit (BAP-20693)
• No translation for oro.google_integration.system_configuration.fields.sso_domains.tooltip key (BAP-20738)
• MS integration popup window closing leads to UI error (BAP-20755)
• "Parent Customer" autocomplete skips 11th suggested result" (BAP-20761)
• "Field ""Authorized redirect URIs"" is absent in Google Integration settings" (BAP-20783)
• Unchanged decimal/money field updates generate unnecessary dataaudit messages (BAP-20785)
• Doublication for the calendar events with attendees during sync with Microsoft 365 (BAP-20792)
• Wrong error log level for out of memory and fatal errors (BAP-20799)
• "MS Calendar integration corrupts "oro_calendar_recurrence" records" (BAP-20810)
• Prohibitive ACL mode used instead of permissive in workflow permissions in user roles (BAP-20813)
• "The calendar events grid ""Invitation Status"" column does not deliver real attendees response situation" (BAP-20814)
• Calendar events grid confuse users with representing of edited particular days of recurrent events (BAP-20815)
• Datagrid option "acl_apply_permission" is not applied to datagrid results (BAP-20833)
• Locked user is able to sign-in via SSO (BAP-20840)
• Recurrent error during sync of some Microsoft 365 IMAP folders (BAP-20851)
• Impossible to import empty attribute value (BAP-20869)

OroCRM

• Insufficient permissions check for lead disqualify action (CRM-9322) *
• Exception with date time processing during recurrence mapping in Microsoft 365 sync (CRM-9310)
• Message queues are overloaded with messages from Microsoft365 integration - Calendar sync (CRM-9311)

Release Notes

List of new features and improvements

Platform and OroCRM:

• Office 365 Tasks Integration (CRM-9255)
• Grid filters accessible by the keyboard (BB-18755)
• Symfony console command to sanitize WYSIWYG style fields (BB-20807)
• Improved performance of Oro\Component\PhpUtils\ClassLoader (BAP-19855)
• Locked symfony/yaml package to version 4.4.26 (BAP-20741)
• Code style cleanup. Removed @param and @return PHPDoc tags if they don't provide any extra information (BAP-20688)

List of fixed issues

Platform:

• Impossible to turn off twig cache (BAP-20794)
• UI controls disappeared with browser update (BAP-20740)
• Initializing doctrine Inflector as new object performance problem (BAP-20732)
• Tag are not displayed and cannot be edited in My Emails grid (BAP-20724)
• Installer can't find installed Libraries jpegoptim and pngquant (BAP-20715)
• Installation fails on "Check system requirements" step when using Redis cluster (BAP-20699)
• Root job status calculator may produce duplicated dependent jobs (BAP-20686)
• Excessive data hydrations in navigation menu rendering (BAP-20535)
• Email template plain text editor removes some diacritic characters (BAP-20469)
• File entity "filename" column is nullable (BAP-20206)

OroCRM:

• Office 365 Calendar Integration (fixed Re-process failed events, Process 410 response code, added custom headers to iterators, added transformer for HTML body content) (CRM-9242)
• Imap Email Sync setup is out of order (CRM-9313)
• LDAP Orphan Users Removal doesn't work with MySQL (CRM-9308)
• Double invitations to all the attendees during Microsoft 365 sync (CRM-9307)
• Mass delete action do not trigger integration actions (CRM-9301)
• Initial Microsoft Integration configuration saving erases its checkboxes values (CRM-9299)
• LDAP integration doesn't disable removed users (CRM-9254)
• New entity added to existing channel is not visible in channel menu without rebuilding cache (CRM-9244)
• Zendesk sync fails (BAP-19662)
• Associated account name cannot be used in opportunity email template (BAP-15117)

Release Notes

List of fixed issues and improvements

New features and improvements

• Implemented Office 365 Calendar Integration
• Upgraded Symfony to 4.4.24+
• Added a check of the required system components at the beginning of the Oro installation
• Added stylelint configuration to 4.2 version
• Allowed disabling the babel with the yaml configuration
• Implemented check definition of file managers services for import files

List of fixed issues

• Fixed possible out of memory exception in SendImportNotificationMessageProcessor
• Fixed some Redis cache eviction configurations may corrupt workflow transitions and process triggers cache
• Fixed Office365 integration cannot process OAuth tokens longer than 2048 bytes
• Fixed non-unique enum value translations prevent showing some product variants
• Fixed incorrect output encoding from WYSIWYGValidator/ErrorCollector

Release Notes

List of fixed issues and improvements

New features and improvements

• Added PHP 8 Support
• Added RTL support for the Management Console
• Import performance optimizations
• Implemented CLI command for 4.1 LTS files migration to 4.2 LTS file storage
• Implemented CLI command for multi-host operation execution
• Updated documentation for sessions lock and files storage
• Upgraded composer/composer to 2.0.13
• Upgraded Javascript dependencies
• Upgraded phpseclib/phpseclib
• Upgraded TinyMCE editor to the latest version

List of fixed issues

• Fixed date picker in datagrid filters slipped to top in narrow browser window
• Fixed filters are not applied to grouped columns in reports
• Fixed email template plain text editor removes some diacritic characters
• Fixed incorrect tags visibility across organizations
• Fixed export of report only repeats the first batch of records multiple times
• Fixed incorrect API request JSON data validation message
• Fixed duplicated processing of changed field for DataAudit
• Fixed provide way to execute datagrid navigation actions with opening URL in new tab
• Fixed incorrect translation key for OperationAlreadyExistsException
• Fixed temporary files are stored forever when using gaufrette adapter
• Fixed impossible to enable API for entity disabled in Resources/config/oro/entity.yml
• Fixed the meta properties are ignored in POST and PATCH API requests
• Fixed wrong breadcrumbs path in RTL mode
• Fixed unhighlight validation error leads to JS error in dev console
• Fixed doubled icons of maximize main menu
• Fixed empty blocks in layout caches when cache expires in the same web request
• Fixed dotmailer export status update stucks
• Fixed incorrect calendar event visibility across organizations

Release Notes

List of fixed issues and improvements

New features and improvements

• Allowed managing SameSite cookie value

List of fixed issues

• Fixed not found pages should not produce errors in logs
• Fixed use batches for Data Audit inverse relation processing
• Fixed Oauth application is not created after upgrade from 4.1.x to 4.2.x

Release Notes

List of fixed issues and improvements

New features and improvements

• Extended error handling in ApiBundle
• Implemented not fractional percent data type in API
• Added possibility to replace titles of API errors
• Upgraded PhpUnit to 9.5
• Upgraded laminas-mime to 2.8.0
• Upgraded theofidry/alice-data-fixtures to 1.4.0
• Upgraded nelmio/security-bundle to 2.10.2
• Upgraded nette/php-generator 3.5.3
• Upgrade stof/doctrine-extensions-bundle to 1.6.0
• Updated Google Maps loader
• Created a range validator for percentage values
• Created documentation for X-Localization-ID and X-Currency headers for Storefront API
• Minor upgrades of PHP dependencies to simplify feature PHP 8 support

List of fixed issues

• Fixed storage type unexpectedly changes from "table column" to "serialized field" when editing entity fields
• Fixed doctrine:schema:validate returns error
• Fixed Boolean fields cannot be added to search index
• Fixed incorrect root job status calculation
• Fixed 500 Internal server error at attempt to generate an OAuth access token for Password grant application type with incorrect client_id
• Fixed Schema Update fails after reducing column size for custom fields
• Fixed New Attribute data audit log shows wrong attribute state
• Fixed using a command oro:entity-extend:update-config out of schema update context
• Fixed impossible to create a report using filter with multiple condition groups applied to related entities
• Fixed locale column size is too short in oro_address_type_translation table
• Fixed JS error on email expanding in entity activity section
• Fixed serialized fields do not work with multi-host operations
• Fixed Datagrid Date Filter unnecessarily applies timezone
• Fixed lcobucci/jwt package requires ext-sodium php extension
• Fixed mistakes in documentation of API resources
• Fixed inline editing validation stop working after page reload
• Fixed PhpDoc mismatch and syntax errors
• Removed Oro\Bundle\TranslationBundle\Extractor\PhpCodeExtractor in favor of Symfony\Component\Translation\Extractor\PhpExtractor

Release Notes

List of fixed issues and improvements

New features and improvements

• Implemented not fractional percent data type in API
• Added Multihost operations support for translations cache
• Added possibility to replace titles of API errors
• Created a range validator for percentage values
• Drop dependency to the file-system npm package
• Published fork of jquery.uniform package with updated jquery version in requirements
• Upgraded TinyMCE text editor to the latest version
• Updated jquery-validation library from 1.16.0 to 1.19.3
• Refactored query designer and segmentation functionality to make it independent from single entity choice control
• Decoupled Query Designer Filters from Forms

List of fixed issues

• Fixed JSON API "include" works wrong for entities with "exclusion_policy: all"
• Fixed product attribute statuses are incorrectly after import
• Fixed Nested entities breadcrumbs are missed on reports creation form's "Column" dropdown
• Fixed Zendesk sync fails
• Fixed storage type unexpectedly changes from "table column" to "serialized field" when editing entity fields
• Fixed incorrect label for "Money" attribute type
• Fixed doctrine:schema:validate returns error
• Fixed Grid filter by EntityFieldFallback relation field contains all values in a drop-down
• Fixed boolean fields cannot be added to search index
• Fixed storefront landing page API exposes non-rendered Twig instructions and internal fields
• Fixed incorrect root job status calculation
• Fixed replace logical exception to log error message in localization fallback trait
• Fixed customer user cannot update own profile via storefront API
• Fixed use "Accept" header instead of "Content-Type" in API GET requests
• Fixed Forgot Password Message Format
• Fixed breadcrumbs not visible in report designer when entity relations used
• Fixed excessive
  tags are added to code in WYSIWYG editor
• Fixed Text block in WYSIWYG editor is not editable after file adding
• Fixed wrong logging level used by default
• Fixed deprecation messages in API response
• Fixed Webpack builder should utilize system version parameter for links to external files
• Fixed 500 Internal server error at attempt to generate an OAuth access token for Password grant application type with incorrect client_id
• Fixed header and footer paginators stick together in resized window
• Fixed Incorrect user avatar source is used on the profile page in back-office
• Fixed Symfony toolbar styles and ajax tab are broken after page reload
• Fixed "oro:api:doc:cache:clear" command is very slow and consume a lot of memory
• Fixed system caches are not warmed up by "cache:clear" command
• Fixed two-factor authentication form can be submitted multiple times
• Fixed websocket periodic timer is broken when all subscribers closed connections
• Fixed not possible to use several aggregation column filters in reports
• Fixed not possible to use Year, Month, Day and Day of year column functions in reports
• Fixed New attribute data audit log shows wrong attribute state
• Fixed using a command oro:entity-extend:update-config out of schema update context
• Fixed impossible to create a report using filter with multiple condition groups applied to related entities
• Fixed locale column size is too short in oro_address_type_translation table
• Updated Google Maps loader
• Fixed LDAP integration doesn't remove user roles

OroCRM 4.2 LTS version is now available

Please check the full release announcement in Oro blog.

Below are some selected (and more technical) highlights out of 500+ features, improvements and fixes included in this release. The BB- and BAP- references in parenthesis can be used to look for the related changes in the commit history (e.g. https://github.com/search?type=commits&q=org%3Aoroinc+BAP-20318).

• Minimum required PHP version for 4.2 LTS is PHP 7.4 (7.4.14 is the latest security release)
• Composer 2 is required for installation
• MySQL 8.0 is the minimum supported version
• Increased the maximum allowed field name length to 55 (BAP-19575)
• Configurable collection and display of security voter decisions in Symfony web debug toolbar (BAP-19516)
• All console commands now have full description and usage examples (BB-20228)
• More details are logged on workflow send email errors (BAP-19782)
• Dashboard entity is extendable (BAP-20031)
• Website configuration values are now resolved taking into account organization inheritance (BAP-20009)
• Permission categories for user roles are now configured via configuration files (BAP-20318)
• Javascript dependencies are not directly managed by Composer anymore, "node_modules" is now located in the application root (instead of vendor/oro/platform/build)
• symfony/symfony dependency was replaced with individual Symfony component dependencies only on the components that are actually used (BAP-20161)
• ZendFramework packages were replaced with Laminas alternatives (BAP-19880)
• Optimized performance of background jobs (removed ORM where not needed), made them less susceptible to interruptions (BAP-19826)
• Message queue messages can be filtered by feature toggle configuration (BAP-20181)
• Preloading entities through relations to reduce number of DB queries (BAP-20137) (see examples in BAP-20137, documentation on how to use will be available later)
• Sync jobs (oro_integration:sync_integration:*) are skipped for integrations without connectors (BAP-19792)
• Added support for libicu-65 (BAP-20088)
• Grid row action labels can be configured to use custom translations (BAP-19867)
• All "main" back-office grids now respect "Display in Grid" setting of extended fields (BAP-18091)
• Email attachment max file size is configurable through System Configuration (BAP-19671)
• In email compose customer user with matching email is automatically selected as context (BB-19206)
• Improved performance of back-office datagrids (6x-10x in some scenarios) (BB-19859)
• Default application configuration allows upload of Microsoft Office files and text (BAP-20114)
• Package manager and web-installer have been finally decommissioned
• GrapesJS and TinyMCE editors were updated to the latest versions
• HTML import validation in WYSIWYG was improved to provide more detailed error descriptions to the user

Release Notes

List of fixed issues and improvements

New features and improvements

• Added more MIME types to the configuration files
• Added additional checks and logs to get entity class functions

List of fixed issues

• Fixed user name stored in Remember Me cookie
• Fixed Secure and http-only flags configuration for cookies
• Fixed WYSIWYG formatting panel allows to create invalid HTML markup
• Fixed oro:assets:install failed during oro:install
• Fixed file entity "filename" column is nullable
• Fixed "oauth-token" post request does not support CORS
• Fixed session locking on media and AJAX requests
• Fixed not correct config provider for search and website search mapping caches
• Fixed "max_results" option doesn't work for API requests
• Fixed maintenance notifications functionality is out of order
• Fixed user can't add system mailbox with "other" account type
• Fixed Email sending doesn't work if From address linked with EmailOrigin and imap/smtp is enabled for this origin
• Fixed Add Embedded Forms to Your Site do not work