All notable changes to Jupiter project will be documented in this file. Jupiter is a University of Alberta Libraries-based initiative to create a sustainable and extensible digital asset management system. Currently it is for phase 1 (Institutional Repository). https://era.library.ualberta.ca/.
The format is based on Keep a Changelog and releases in Jupiter project adheres to Semantic Versioning.
- bump omniauth from 1.9.0 to 1.9.1 PR#1513
- bump puma from 4.3.1 to 4.3.3 CVE#2020-5247
- bump loofah from 2.3.0 to 2.4.0 CVE#2019-15587
- bump nokogiri from 1.10.4 to 1.10.9 CVE#2019-13117
- bump brakeman from 4.7.0 to 4.8.0 CVE#2019-18409
- add
noopener noreferrerwhen opening a link in a new tab
- delete the list node and indirect container proxy when you purge a fileset #1354
- Removed Rack Attack
- add omniauth-rails_csrf_protection gem and only use post requests to mitigate CVE-2015-9284 PR#1221
- bump rubocop-performance from 1.4.0 to 1.4.1 and use match? instead of =~ PR#1226
- display graduation date in season year format #1003
- Improvement on rack-attack configuration #1247
- Lifting of embargo now stores item in embargo_history #1219
- bump ruby from 2.4 to 2.6 in travis jobs #1214
- Make supervisor and department facets to use existing functionality (requires reindex) #1002
- bump faker from 1.9.6 to 2.1.0 and fix breaking changes to dev seed data PR#1231
- allow batch ingest to lookup older licenses #1115
- Added selectize '|' delimiter to separate authors or subjects #1211
- Added javascript for thumbnail replacement on error #1228
- bump mini_magick from 4.9.3 to 4.9.4 PR#1212
- initializer for fits characterization (configuration change) #1215
- bump rubocop from 0.71.0 to 0.72.0 and add rubocop-rails gem PR#1183
- bump rubocop-rails from 2.1.0 to 2.2.1 and remove unnecessary disabling of Rails/TimeZone PR#1205
- bump nokogiri from 1.10.2 to 1.10.3 PR#1098
- Ruby 2.5 to travis ci testing matrix PR#1040
- Added configuration for active storage to allow tifs to have a thumbnail #991
- Added missing contoller tests #865
- i18n fallback to english (configuration change) PR#1058
- pin rubocop version for hound PR#1080
- Skip flapping tests on travis CI #1181
- Made multiple seeds of db not duplicate types, languages, or institutions #1117
- Cleared visibility_after_embargo and embargo_end_date when embargo option is not selected PR#1041
- fixed error in dangerfile #1109
- regression tests for downloading restricted items from search results PR#1070
- Added danger gem to project #988
- Added rack-attack for rate limiting #954
- nginx configuration for docker-compose deployment (UAT, etc) so that active_storage/blobs are not served (configuration change) PR#1081
- use the download url helper on the search results page PR#1079
- Addresses #1069 but without gem updates.
- anonymous users should not be able to download ccid protected items from search results #1069
- Bumps rails from 5.2.2 to 5.2.2.1. This update addresses Two Vulnerabilities in Action View. PR#1042
- Search supervisor and department from link #1002
- Changed from Ruby Sass to sassc-railsis as Ruby Sass is deprecated and will be unmaintained as of 26 March 2019#PR1032
- Removed workarounds for Datacite EZ API PR#1030
- Add proper version file, meta generator tag and tool for managing releases #55
- Fix wrong orientation in thumbnails for portrait mode images PR#783
- workarounds for Datacite EZ API for tests PR#945
- Fixed a firefox text overflow bug where filenames would overflow the file section sidebar PR#980
- Update to Bootstrap 4.2.1 #683
- Bumps rails from 5.2.1 to 5.2.1.1. This update includes security fixes for ActiveStorage and ActiveJob. PR#933
- Fix year limiter on collection item results #931
- can delete additional contributors #830
- Tuned SQL query for the gargage collection job to remove orphaned files #888
- Fix time in sidekiq cron schedule, convert time to use UTC timezone (ualbertalib#892)
- fixes typo for conference paper item type #879
- remove references to mbarnett properties #868
- improvement on flagging tests #875
- Security update: bump nokogiri from 1.8.4 to 1.8.5
- Multiple dependency updates
- View object in the browser PR#866
- Dependency for deployment of 1.2.0 in the release note.
- Error handling and additional logging in data migration from Fedora to ActiveStorage PR#860
- Batch ingest with spreadsheet #762
Conference PaperItem Type should be mapped toConference/Workshop Presentationinstead #789
- Main search results will sort by relevance by default #693
- Deposit into Fedora is pushed into the background.
-
This release contains a significant data migration of data currently stored into Fedora onto the gluster storage. Serving files to end users is now provided by Rails/ActiveStorage rather than through interacting with PCDM filesets.
-
For deployment, we will need to put both app servers into maintenance mode, and run the rake task
rake jupiter:migrate_filesets, which will copy all existing files out of Jupiter and onto the Gluster. This is likely to take a SIGNIFICANT amount of time, and the app will not run properly until this is complete. We should thoroughly test this process on Staging, by doing a complete clone of Production Fedora and Solr back to the Staging environment, to get a feel for how long this will take in Production and catch any errors that may arise during this process before going live. It is possible, maybe even likely, that we may see Fedora lock up during this process, as it has never reacted particularly well to large numbers of downloads. -
We will need to know the size of datastreams in Fedora to verify we have enough space provisioned on Gluster storage, plus headroom, as all deposits from now on will be stored in both Fedora (for preservation) and on the Gluster (for long term preservation)
-
One additional package needs to be added for ActiveStorage to server the PDF thumbnail is Poppler (Details here). The package needs to be installed separately on application servers.
-
Starting with this release, new deposits will be uploaded to the gluster immediately, and then be ingested into Fedora in the background. This means we expect CPU usage and jobs processed on the sidekiq server to increase permanently to handle this new process.
-
Newly deposited items will initially show a 'This file is processing and will be available shortly' message in place of download link(s), until the background job has finished ingesting the file into Fedora. While we can revist this in the future, for the moment this is necessary as we require Fedora to finish ingesting the datastream and assign it an ID before we can provide a permanent URL for the file.
-
A new periodic task has been added to Jupiter to periodically delete unused, orphaned files from the gluster filesystem to prevent them from piling up endlessly. This is run automatically via schedule.yml queuing up a GarbageCollectBlobsJob every 12 hours. When necessary this can also be run manually by running the rake tast
rake jupiter:gc_blobs
-
- Embargo expiry job to remove elapsed embargoes from object #526
- Upgrade to Rails 5.2 #471
- Pushmi-Pullyu integration changes #702
- Added Content Security Policy as part of the front end checklist #562
- Institutional Repository basic functions based on IR Phase 1 Requirements