INC-223851 · Issue 722731
Property encryption documentation updated
Resolved in Pega Version 8.7.3
Documentation on encryption has been updated to clarify that Property Encrypt policies can only be created in Work- Data- , and Index class descendents.
INC-220622 · Issue 711374
Libraries updated
Resolved in Pega Version 8.7.3
The following libraries have been updated to the most recent version: - commons-collections - cxf-rt-rs-security-oauth2 - derby - dom4j - google-oauth-client - groovy - jackson-databind - postgres - snakeyaml - spring-core - xmlsec The following library dependencies have been deprecated, excluded, and/or removed: - ant - bsh - commons-compress - gson - io.netty - jackson-mapper-asl - jdom - jdom2 - jdom-legacy - jetty-http - jetty-io - jetty-server - jetty-util - junrar - netty-handler - plexus - plexus-utils - xercesImpl - xstream
INC-221019 · Issue 725147
Modified timestamp query used by ClusterAndDBCleaner
Resolved in Pega Version 8.7.3
The job pyClusterAndDBCleaner was failing with the error "ORA-01861: literal does not match format string". This was traced to the sub-activity pzClearOldQueueProcessorBrokenMessages which was not able to remove broken items with encryption in an upgraded environment due to an incorrect timestamp format passed to the Oracle database. This has been resolved by modifying the query to use a timestamp built using INativeSqlBuilder which will include only the information necessary for the deletion of the item.
INC-224954 · Issue 727043
Enabled turning off general metrics when queue processing metrics are disabled
Resolved in Pega Version 8.7.3
A memory leak related to QPGeneralMetrics was consuming heap and causing performance issues. Investigation showed queue processor metrics were gathered even when disabled. To resolve this, turning off "General Metrics Handler" while turning off the QPGeneralMetrics has been enabled. Queue processors should now skip the process of collecting general metrics while running activities. This will prevent storing unused (and uncleared) metrics in memory and prevent heap exhaustion.
INC-225519 · Issue 724397
Improved handling for thread resolution issues
Resolved in Pega Version 8.7.3
Queue Processor/Dataflow was moving to STOPPED state due to failed records in its execution. Investigation showed there was a minor logic issue in the queue processor activity which allowed the Page-Remove step to be called even before the pages were actually created, and this has been resolved by improving the recovery from a cleared ThreadContainer which might cause thread resolution issues.
INC-201109 · Issue 701941
Servlet management documentation updated
Resolved in Pega Version 8.8
The documentation for Servlet management has been updated to clarify that before you can move URL patterns using the Servlet Management landing page, you must remove the web.xml file from your Pega Cloud environment. If the * URL pattern is still available in the web.xml file, it remains in read only mode and cannot be edited using the indicated steps. More information is available at https://docs.pega.com/security/87/moving-url-pattern-between-servlets
INC-205525 · Issue 699064
Documentation updated for Samesite settings
Resolved in Pega Version 8.8
The documentation for enabling and configuring cross-site scripting settings has been updated to clarify the definitions of the Samesite settings Lax, Strict and None: https://docs.pega.com/security/88/enabling-and-configuring-cross-site-request-forgery-settings None – If you select this option, Pega Platform offers no protection. The browser attaches the cookies in all cross-site browsing contexts. Lax – If you select this option, Pega Platform provides a reasonable balance between security and usability for websites that want to maintain logged-in sessions after users arrive from an external link. The browser does not send cookies in requests from non-originating sites. Strict – If you select this option, Pega Platform prevents the browser
INC-209744 · Issue 703275
Documentation for job schedulers updated
Resolved in Pega Version 8.8
The documentation for how job schedulers use System Runtime Context (SRC) has been updated to specify that at run time, any application-specific metadata such as work ID prefixes, in any of the applications in the SRC stack, is not available to the job activity.
INC-214974 · Issue 721179
Documentation updated for accessing D_pyUserInfoClaims
Resolved in Pega Version 8.8
When logging in using Org Credentials, trying to get the user details from D_pyUserInfoClaims did not return any information. This was due to the D_pyUserInfoClaims datapage being available only after authentication, so the claims information was not available during operator provisioning. The documentation located at https://docs.pega.com/security/88/mapping-operator-information-openid-connect-sso-authentication-service has been updated to include the following note: "This page becomes available and can only be accessed post authentication."
INC-217942 · Issue 716932
BIX article updated for XML extract rules
Resolved in Pega Version 8.8
The BIX article "Creating and running an Extract rule" has been updated to reflect that the "Get all properties" option fetches basic properties only, and that properties must be selected manually for non-BLOB tables.