INC-217855 · Issue 731911
Uncommitted hotfix able to Rollback All after install
Resolved in Pega Version 8.8
A security hotfix was installed through Hotfix manager and left as uncommitted. When new hotfixes for the same files were received, the process required the uncommitted hotfixes to be rolled back, but attempting to do so generated exceptions in the logs reading "Exception in rolling back the archive PegaRULES Process Commander: code: 0 SQLState: Message: java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (PRPC_RULE_ADM_P7.PR_ENGINECLASSES_PK) violated". The issue was caused by the Date field only accepting dd/mm/yyyy HH:MI:SS, so attempting to insert two records of the same jar in the pr_engineclass generated this error from pr_data_restore in Oracle. To resolve this, an update has been made to insert rolled-back jar removals with their original patch date to avoid PK conflicts.
INC-222835 · Issue 721065
UI messages updated for hotfix catalog issues
Resolved in Pega Version 8.8
Here is the issue/enhancement request that was seen and can be a more general issue. After the restart there is not a catalog available and for environments that cannot access the internet this means they cannot actually do anything like commit all or rollback all. When clients tried this they clicked on the button and nothing happened. If you look in the PegaRules log you see a message that tells you that the catalog is not available.
INC-223074 · Issue 720454
Fallback handling improved for import synchronization
Resolved in Pega Version 8.8
Upgrade to CRM 8.7 was failing during the import of the CRM jar. There are some rare edge cases where instances may be in the database, but not visible to the engine until the import is already underway, such as when rollback has deleted a class definition and mapping but not the instances of the class itself. To mitigate the risk of PK constraint violations when this happens, the process has been modified to mark all the instances that cannot be directly synchronized as updates so that the data layer will upsert them.
INC-229641 · Issue 739454
Enhanced logging related to rule skimming
Resolved in Pega Version 8.8
In order to assist with diagnosing issues related to skimming of a ruleset, an update has been made which will log the complete stack trace along with the pzinskey being processed in debug mode.
INC-RCA-921 · Issue 713987
Updated debug logging
Resolved in Pega Version 8.8
Debug logging within IndexReferenceSynchronizer and FastLoader has been updated. With this update, IndexReferenceSynchronizer debug logging will indicate what the action is for each instance, FastLoader will include information about the keys being loaded and statements being executed, and duplicate logging has been removed from BatchSQLExecutors.
INC-173596 · Issue 673104
Apache Commons HttpClient dependency removed
Resolved in Pega Version 8.8
As part of moving from the Apache Commons HttpClient project (which is at end of life and no longer being developed) to the Apache HttpComponents project, openws dependencies on the commons-httpclient jar have been removed.
INC-188127 · Issue 678350
Updated cache key generation for ROPC
Resolved in Pega Version 8.8
After configuring outbound email functionality using MSGraph with OAuth 2.0, sending the emails failed consistently following passivation. Running "Test connectivity" in the Email Account data instance then seemed to restart the functionality and the automation "Create And Send Email" subsequently worked. This was traced to a missing username in the cache key generation for the Resource Owner Password Credentials (ROPC), which caused the same token to be fetched when attempting to dynamically generate different usernames, and has been resolved.
INC-194865 · Issue 695620
Corrected report definition save-as-image option
Resolved in Pega Version 8.8
Attempting to save a report definition as an image resulted in an access denied error stating "Browser fingerprint validation failed : A request was received with an invalid or missing browser fingerprint. The request was denied", and the user session was closed. The security SECU0017 alert is generated when a request is sent to a Pega application and the browser fingerprint is either missing or does not match the expected value. The system tries to check the type of request for every requestor ID and fetch the CSRF token, but in this case it was not matching with the token present on the requestor thread. This has been resolved by adding scripts to send the hidden input value needed.
INC-198571 · Issue 708634
SSO update
Resolved in Pega Version 8.8
In order to ensure shared SSO direct links are used as intended, an update has been made which will explicitly require re-authentication for each use of a direct link.
INC-202702 · Issue 713725
Ruleset creation process updated to maintain thread scope
Resolved in Pega Version 8.8
On creating a ruleset, the system generated the error "There has been an issue. Please consult your system administrator." If browser cookies and site settings were cleared and the browser was relaunched before logging in and creating a ruleset, the issue did not occur. Investigation showed that the Application page was at the Requestor scope for some of the threads due to handling in the ruleset creation process that removed the Application page and recreated it in the default scope of the thread with the latest state. To resolve this, the process for deleting the Application page and recreating it on the Requestor page has been removed.