Published Release Notes

New Automated Testing landing page

The new Automated Testing landing page displays all the PegaUnit test cases in your application. You can use it to quickly access, run, and view results of tests. In addition, if you have the AutomatedTesting privilege enabled, you can switch to the Automated Unit Testing landing page to access rules that are supported by both PegaUnit testing and Automated Unit Testing, such as activities.

For more information, refer to Automated Testing landing page.

New hashing algorithm for Password property types

To provide extra protection against brute-force attacks, a new hashing algorithm has been added to the Pega 7 Platform. Bcrypt is used as a default hashing algorithm for Password property types. The bcrypt key setup algorithm takes a long time to process. This means that potential attackers would have to spend a substantial amount of time testing every possible key.

For more information, see Using the bcrypt hashing algorithm for Password property types.

Discovery features for access control policies

Access control policies now support discovery features that allow end users to view limited, customizable information about class instances that fail Read policies but satisfy Discover policies. Two types of Discovery gadgets are provided, and when discovery features are enabled, a Discovery gadget is included in the Report Viewer and in search results. Developers can customize these gadgets and include them in other parts of an application user interface.

For more information, see Discovery features for access control policies.

Enhancement for specifying filter conditions in reports

You now have the option to select comparison values from a list of available values when you add or edit the filter conditions for a report in Pega Express. This option is available for all columns, except for numeric or text columns when the comparator setting is Greater than, Greater than or equal, Less than, or Less than or equal.

For more information, see Adding filter conditions.

Update and delete actions available in access control policies

Access control policies support update and delete actions on objects. These actions control which specific instances of a class can be created, updated, or deleted by an end user in a case.

For more information, see Creating an access control policy.

Define hotfixes as dependencies for product rules

When you package an application or product rule for export, you can specify a list of required hotfixes. Those dependencies are validated when you import. The import operation proceeds only if all required hotfixes are installed on the target system. For more information, see Packaging an application.

Export branches from the command line

Use the prpcServiceUtils command-line tool to export branches to an archive. You can later import the branch archive to another system.

For more information, see Exporting products, applications, or branches from the command line.

Update access groups from the command line

Remotely update access groups by using the prpcServiceUtils tool. This feature is useful in automated deployment scenarios when you want to provide access to a new application version.

For more information, see Updating access groups from the command line.

Terminate sessions for operators from outside the Pega 7 Platform

The newly added Users REST API allows an authorized administrator to terminate sessions for one or more operator IDs from outside the Pega^® 7 Platform. A typical use case for this API is to terminate a user’s session when the user's security credentials, which are stored externally, are known to have changed.

Access the Pega API by clicking Resources > Pega API.

Cluster-wide tracing for service rule

RuleWatch Tracing of Service Rules has been enhanced to support cluster-wide tracing. Cluster-wide tracing makes it easier for you to troubleshoot services in clustered configurations where a load balancer dynamically assigns service requests to nodes in the cluster. This functionality is especially useful for debugging mobile applications, REST Web Services, and other stateless service executions. When tracing across the cluster, the trace feature captures only one trace at a time, which might result in some concurrent service executions not being traced. All other concurrent service executions in the cluster continue unimpeded. When the trace in progress is completed, the next new service execution in the cluster is traced. For example, you might see traces for invocation one on node A, invocation two on node C, and invocation four on node B. This selective tracing approach ensures that tracing with a breakpoint will not stop all service executions across the cluster. The trace/cluster/ServiceRuleWatchmaxProductionLevel Dynamic System Setting has also been added, which allows you to selectively disable tracing based on production level to eliminate performance issues related to tracing in production systems.

As a result of this enhancement, only one user can trace a service rule at any given time. An error message is displayed if you try to trace a service rule that is being traced by another user.

For more information, see Cluster-wide tracing of service rules.