Documentation Home
Changelog

Broadleaf Commerce 6.2.5-GA

Released on February 10, 2023

This is the 5th patch release for Broadleaf Framework 6.2.x. To upgrade a 6.2.x application to the 6.2.5-GA release, it should only require updating the parent pom.xml broadleaf-boot-starter-parent to 6.2.5-GA.

New and Noteworthy

Library version upgrades

Following libraries were upgraded for security:

  • Spring : Updated to 5.3.23
  • Spring Security : Updated to 5.8.1
  • Hsql : Updated to 2.7.1
  • Owasp Dependency Check: Updated to 7.3.2
  • Owasp ESAPI : Updated to 2.5.1.0
  • Jettison : Updated to 1.5.3
  • jQuery DataTables : Updated to 1.13.2
  • Moment js : Updated to 2.29.4

Spring security upgrade

Spring security has been upgraded to 5.8.1. WebSecurityConfigurerAdapter has been deprecated so it will require updating the configuration. Here is spring blog with the explanation.

Email tracking and purging

Email tracking is introduced with this release along with a purge job to clean up the BLC_EMAIL_TRACKING table periodically. Retention policy is set by the job parameter RETENTION_DAYS. It defaults to 90 days if nothing is defined.

Property to enable tracking:

notifications.email.tracking=true

Here is an example of how to setup the job in Mysql:

INSERT INTO `BLC_DATA_DRVN_ENUM_VAL`
    (`ENUM_VAL_ID`,  `DISPLAY`, `HIDDEN`, `ENUM_KEY`, `ENUM_TYPE`)  VALUES
    (-35007, 'Email Tracking Purge', 0, 'EMAIL_TRACKING_PURGE', -35000);

INSERT INTO `BLC_SCHED_JOB`
(`SCHED_JOB_ID`, `ARCHIVED`, `CRON_EXPRESSION`, `ADMIN_ADDITION_STATUS`, `ENABLED`, `EXECUTED`, `MANAGE_IN_ADMIN`, `NAME`, `TYPE`) VALUES
    (100, 'N', '0 0/59 * * * ?', 'CONFIRMED', 0, NULL, 1, 'Email Tracking Purge', 'EMAIL_TRACKING_PURGE');

INSERT INTO `BLC_SCHED_JOB_DETAIL` 
    (`SCHED_JOB_DETAIL_ID`, `ARCHIVED`, `FRIENDLY_NAME`, `NAME`, `VALUE`, `SCHED_JOB_ID`) VALUES
    (1, 'N', 'Clear records older than', 'RETENTION_DAYS', '90', 100);

An at-a-glance view of the issues that were closed in this release:

Major Bugs(3)

  • Removed the class level @Transactional annotation in DialectHelper as that is causing an excessive number of transactions and JDBC commits.
  • In blc-admin.js, improved the handler that calls logJavaScriptError to prevent infinite loop.
  • If value is string but metadata is broadleaf enumeration, final value should be a friendly type of broadleaf enumeration. CHanged BasicPersistenceModule and DefaultFieldPersistenceProvider to make sure it is.

Minor Bugs(6)

  • Fixed the EntityManager error which occurs when using multiple threads in MultiTenant Module.
  • Added validation of the customer ID during customer password reset workflow.
  • Fixed various issues with the misalignment of listgrids.
  • Fixed various issues with the misalignment of filter boxes above listgrids.
  • Added the missing 'emailType' for blSendAdminResetPasswordEmail and blSendAdminUsernameEmailInfo in bl-open-admin-contentCreator-applicationContext.xml.
  • It was possible to create a 'Boolean' field and have 3 or more options for Product Option, so improved the validation for the 'Boolean' and 'Decimal' types.

Enhancements(7)

  • Made ProcessDetailLogger more extendable.
  • Added null protection in BroadleafCheckoutController.
  • Added cache hint to readOrderById() query in OderDaoImpl.
  • Improve exception-handling for the CSRF verification flow.
  • Removed SkuActiveDateConsiderationContext from SkuImpl.
  • Added support for the new Email tracking purge job mentioned above.
  • Upgraded libs mentioned above.

Total Resolved Issues: 16