You are viewing the documentation for Blueriq 16. Documentation for other versions is available in our documentation directory.

1.  Highlights

Our design system now supports light mode and our first application that implemented this new feature is the Development Tools. Note that light theme is still in beta
See the screens below on how to change your current theming.

Development Tools: Dashboard

  1. Click on the cog left below, this will open a new dialog
  2. On the general tab you are able to switch between dark (default) and light (beta) theme


Development Tools: Toolbar

  1. Click on the 3 dots top right of the toolbar, a menu will appear
  2. Below of the menu you are able to switch between dark and light theme

2. Enhancements

Enhancement Details
Added a required parameter to the AQ_File_Upload container.

We have added required validation support to the AQ_File_Upload container in the form of an expression parameter. If the parameter evaluates to TRUE the container will validate if a file has been successfully uploaded to that container, when no files have successfully been uploaded the container will display a validation error.

The FileExtension and MaxFileSize parameters of AQ_File_Upload have been changed to expression fields.

To support more dynamic configurations, the FileExtension and MaxFileSize parameters have been migrated to expressions. The Updated AQ_File_Upload container type can be found in BlueriqBasicModelling Library 1.0.1.

Security improvement: Sensible default for the blueriq.fileupload.maxuploadsize property, and enforce it at the AQ_File_Upload container.

We have set a sensible default for the blueriq.fileupload.maxuploadsize property, this used to be '-1', which was unlimited. The new default setting is 10MB. This value is now also enforces by the AQ_File_Upload container. When the container is configured to have a higher value than the maxuploadsize, it will be converted back to maxuploadsize.

Security improvement: the Mode parameter of the AQ_File_Upload container has been changed into a MaxFileAmount expression to enforce a maximum amount of files that can be uploaded.

We have changed the Mode parameter of the AQ_File_Upload container into a MaxFileAmount expression parameter. This is done to mitigate a possible DOS attack by uploading infinite number of files when Mode parameter was set to 'Multiple files'. This parameter changes will be automatically migrated, 'Single file' will change into the value '1' and 'Multiple files' will change into '-1'. It is adviced to change the '-1' expressions to a more sensible values to avoid being prone to a DOS attack.

The expression editor has been updated to support bracket matching.

The expression editor in Encore will now highlight the nearest brackets when the cursor is located within brackets.

The reliability of ctrl+click behavior within the expression editor has been improved.

There could be situations where the expression editor would not enable you to ctrl/shift+click to the definition of a symbol in an expression. These situations should now correctly show underlines and enable you to click to the referenced element.

New mechanism for registering AuthenticationProviders.

The security configuration now allows to register AuthenticationProviders, by providing an implementation of an AuthenticationProviderFactory which can create the desired AuthenticationProvider. Note that the AuthenticationProvider still needs to be registered in the authentication provider chain as outlined in Runtime authentication.

3. Updated maven module structure

In this release, the blueriq-runtime maven module has been split up into several smaller modules. These modules aim to isolate functionality, which allows us to make more Blueriq components optional in the future, resulting in a runtime that can be customized by customers to only contain the functionality they need.

For now, all newly introduced modules are included in the blueriq-runtime module, so customers normally do not have to update their custom builds. However, as some of these modules are only included on runtime scope, customers that have custom code that depends on the blueriq-runtime module might have to depend on some of the new modules.

4. Documentation

Documentation on the new features and improvements of this release is linked in the respective topics.

5. Upgrade Instructions

See Release 16.1 Upgrade Instructions for the upgrade instructions for this release.

As a best practice

  • backup your repository
  • backup your database before running scripts
  • backup your spring.config.additional-location directory ([Blueriq installation directory]\Runtime)
  • backup any config files you have altered under [Blueriq installation directory]\Services

before you start the upgrade.

6. Artifacts

The Blueriq artifacts are available under name: 16.1.0.1404

This release includes these versions of Blueriq components with a separate life cycle:

Component

Version

Customer Data Service 4.2.0
DCM Lists Service 3.0.1
Material Theme 1.1.9
Development tools frontend 1.5.3
DCM Maintenance App 3.0.0
Audit Consumer 0.2.1
DCM Dashboard Service 0.2.1
Gateway Service 0.1.6
Document Renderer 1.1.2

7. Blueriq Libraries

The Blueriq Library has been updated, see below what has changed:

8. Libraries

In this release, the set of third party libraries that is used by Blueriq was updated. When your installation of Blueriq includes custom components (artifacts that do not ship with Blueriq, such as proprietary plugins), those components should be tested for compatibility with these changes.

ArtifactId

GroupId

License

Version in 16.0.1

Version in 16.1

accessors-smart

net.minidev

Apache License 2.0

2.4.9

2.4.11

guava

com.google.guava

Apache License 2.0

32.0.0-jre

32.0.1-jre

jackson-annotations

com.fasterxml.jackson.core

Apache License 2.0

2.14.2

2.14.3

jackson-core

com.fasterxml.jackson.core

Apache License 2.0

2.14.2

2.14.3

jackson-databind

com.fasterxml.jackson.core

Apache License 2.0

2.14.2

2.14.3

jackson-dataformat-xml

com.fasterxml.jackson.dataformat

Apache License 2.0

2.14.2

2.14.3

jackson-dataformat-yaml

com.fasterxml.jackson.dataformat

Apache License 2.0

2.14.2

2.14.3

jackson-datatype-jsr310

com.fasterxml.jackson.datatype

Apache License 2.0

2.14.2

2.14.3

jakarta.activation-api

jakarta.activation

Eclipse Public License - v 1.0

2.1.1

2.1.2

json-smart

net.minidev

Apache License 2.0

2.4.10

2.4.11

micrometer-commons

io.micrometer

Apache License 2.0

1.10.6

1.10.7

micrometer-core

io.micrometer

Apache License 2.0

1.10.6

1.10.7

micrometer-observation

io.micrometer

Apache License 2.0

1.10.6

1.10.7

micrometer-tracing

io.micrometer

Apache License 2.0

1.0.4

1.0.6

micrometer-tracing-bridge-brave

io.micrometer

Apache License 2.0

1.0.4

1.0.6

netty-buffer

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

netty-codec

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

netty-codec-dns

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

netty-codec-http

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

netty-codec-http2

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

netty-codec-socks

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

netty-common

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

netty-handler

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

netty-handler-proxy

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

netty-incubator-codec-classes-quic

io.netty.incubator

Apache License 2.0

0.0.39.Final

0.0.40.Final

netty-incubator-codec-native-quic

io.netty.incubator

Apache License 2.0

0.0.39.Final

0.0.40.Final

netty-resolver

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

netty-resolver-dns

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

netty-resolver-dns-classes-macos

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

netty-resolver-dns-native-macos

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

netty-transport

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

netty-transport-classes-epoll

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

netty-transport-native-epoll

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

netty-transport-native-unix-common

io.netty

Apache License 2.0

4.1.91.Final

4.1.94.Final

reactor-core

io.projectreactor

Apache License 2.0

3.5.5

3.5.6

reactor-netty

io.projectreactor.netty

Apache License 2.0

1.1.6

1.1.7

reactor-netty-core

io.projectreactor.netty

Apache License 2.0

1.1.6

1.1.7

reactor-netty-http

io.projectreactor.netty

Apache License 2.0

1.1.6

1.1.7

reactor-netty-incubator-quic

io.projectreactor.netty.incubator

Apache License 2.0

0.1.6

0.1.7

spring-aop

org.springframework

Apache License 2.0

6.0.8

6.0.9

spring-aspects

org.springframework

Apache License 2.0

6.0.8

6.0.9

spring-beans

org.springframework

Apache License 2.0

6.0.8

6.0.9

spring-boot

org.springframework.boot

Apache License 2.0

3.0.6

3.0.7

spring-boot-actuator

org.springframework.boot

Apache License 2.0

3.0.6

3.0.7

spring-boot-actuator-autoconfigure

org.springframework.boot

Apache License 2.0

3.0.6

3.0.7

spring-boot-autoconfigure

org.springframework.boot

Apache License 2.0

3.0.6

3.0.7

spring-boot-configuration-processor

org.springframework.boot

Apache License 2.0

3.0.6

3.0.7

spring-boot-starter

org.springframework.boot

Apache License 2.0

3.0.6

3.0.7

spring-boot-starter-actuator

org.springframework.boot

Apache License 2.0

3.0.6

3.0.7

spring-boot-starter-logging

org.springframework.boot

Apache License 2.0

3.0.6

3.0.7

spring-boot-starter-validation

org.springframework.boot

Apache License 2.0

3.0.6

3.0.7

spring-context

org.springframework

Apache License 2.0

6.0.8

6.0.9

spring-context-support

org.springframework

Apache License 2.0

6.0.8

6.0.9

spring-core

org.springframework

Apache License 2.0

6.0.8

6.0.9

spring-data-commons

org.springframework.data

Apache License 2.0

3.0.5

3.0.6

spring-data-jpa

org.springframework.data

Apache License 2.0

3.0.5

3.0.6

spring-data-keyvalue

org.springframework.data

Apache License 2.0

3.0.5

3.0.6

spring-data-mongodb

org.springframework.data

Apache License 2.0

4.0.5

4.0.6

spring-data-redis

org.springframework.data

Apache License 2.0

3.0.5

3.0.6

spring-expression

org.springframework

Apache License 2.0

6.0.8

6.0.9

spring-hateoas

org.springframework.hateoas

Apache License 2.0

2.0.3

2.0.4

spring-jcl

org.springframework

Apache License 2.0

6.0.8

6.0.9

spring-jdbc

org.springframework

Apache License 2.0

6.0.8

6.0.9

spring-ldap-core

org.springframework.ldap

Apache License 2.0

3.0.2

3.0.3

spring-messaging

org.springframework

Apache License 2.0

6.0.8

6.0.9

spring-orm

org.springframework

Apache License 2.0

6.0.8

6.0.9

spring-oxm

org.springframework

Apache License 2.0

6.0.8

6.0.9

spring-tx

org.springframework

Apache License 2.0

6.0.8

6.0.9

spring-web

org.springframework

Apache License 2.0

6.0.8

6.0.9

spring-webflux

org.springframework

Apache License 2.0

6.0.8

6.0.9

spring-webmvc

org.springframework

Apache License 2.0

6.0.8

6.0.9

spring-ws-core

org.springframework.ws

Apache License 2.0

4.0.3

4.0.4

spring-ws-security

org.springframework.ws

Apache License 2.0

4.0.3

4.0.4

spring-xml

org.springframework.ws

Apache License 2.0

4.0.3

4.0.4

9. Retirement announcement

There are no specific retirement announcements.

For a full list of deprecated features, go to Deprecated features.

10. Bug fixes


Identifier

Component

Issue

Solution

BQ-20419


CVE-2023-34462 was detected on the Gateway Service, for the Netty Library Upgraded the Spring boot dependency, which ships a newer version of Netty

BQ-20392

Encore

Encore incorrectly showed a pencil icon to change the entity of an attribute, relation or static instance even if the element is in an external library

When viewing an element in an external library or from a virtual view, the pencil icons in the entity input are no longer shown

CSD-4766

Encore
Studio Server

Rest service validation in Encore was missing some validations, while the validation in the Studio Server was not implemented correctly

Validation in the Studio Server was fixed for 16.1 (not for 15.13.2 due to the introduction of new validations), and the validation in Encore fixed in 16.1 and 15.13.2

CSD-4768

Encore

Encore could continue to indicate that a save operation is in progress

We believe to have addressed the issue by always synchronizing change notifications from the server

BQ-20259

Encore

The columns in the Resource where shown in the right order, but internally they where not sorted in the same way as they were shown. This caused a runtime error when parsing the exported project. Fixed the internal order of the columns such that they correspond with the order they are shown to make them usable by the runtime after an export.

CSD-4743

Encore

Required parameters on inline fields did not trigger validation errors when absent

The necessary validations have been added

BQ-20200


CVE-2023-2976 was detected on the guava library

Updated guava to 32.0.1-jre

CSD-4627

JAVA Runtime

When using OpenID Connect discovery, it was not possible to configure an URI for the OpenID Connect Provider to redirect to after signing out.

Introduced the blueriq.security.openid-connect.post-logout-redirect-uri property to make the post logout redirect URI configurable.

BQ-20157

JAVA Runtime

During file upload and document generation process, there is missing value for property CASE_ID in generated Metadata file

The CASE_ID property has been added to the metadata for DCM 2. For DCM 1 the PROCESS_ID property has been added to the metadata.


11. Known issues

For an overview of known issue please refer to: Known issues