Change log
IBM® Safer Payments 6.3.0.02 includes major and minor bug fixes and APARs.
Critical changes
- None
Major changes
- Remote instances might crash when running a curtail masterdata job (APAR PO09584).
- An instance might be invalidated after restart when a revision was created, then the instance was shutdown, the API instance was changed and a golive was triggered on the new API instance.
- When changing pages in the user interface there was a chance that the user gets an Unexpected Error page (APAR PO09240).
- The maintenance function
skip current FLI messages
was displayed in the maintenance dropdown even when user privilegeReset FLI
was missing, causing a popup privilege error when executing the maintenance function. - An instance might crash in rare cases if the operating system was able to open a file but might not close the file properly for some reason (APAR PO09547).
- Earlier log message number zero was used to log allocation / deallocation of an attribute's simulation MDC. To keep this simulation logging enabled all the time, a dedicated log message number 826 was added since log message number zero is for development purposes.
- Deactivating the MCI when Bypass was enabled might cause a crash (APAR PO09553).
- Switched OpenSSL 1.1.1.k to OpenSSL 1.1.1.l as countermeasure against CVE-2021-3711 and CVE-2021-3712.
- The performance on the user interface has been improved when performing changes in the forms for configurations with many mandators.
- The setOffline request did not close files obtained by the application before this fix, which might have caused problems during backup of an instance after using the setOffline request. Now after the setOffline API request execution, all files obtained by the application instance except the backtrace file will be closed. The request setOffline will re-obtain files.
- The End of day job performance was improved during index purging for configurations with many mandators (APAR PO09426).
- Any string containing
+/()[]{}
in a rule condition would throw a validation error. These characters are now supported when the attribute being set is of type Text (APAR PO09580). - When an attribute was displayed in a query result, and its data was not available, and it had categories enabled, the columns would be shifted on the user interface (APAR PO09568).
- The application might have crashed shorty after manual case creation or creating cases from a query (APAR PO09515).
- Added a checkbox named Include byte order mark in CSV exports to the user account page. If this checkbox is enabled, byte order mark (BOM) is included in CSV files that are exported using the user interface. The setting does not affect CSV files that are exported using jobs. By default, byte order mark is not included in CSV exports. For new user accounts, its default can be configured using the setting Include byte order mark in CSV exports for new user accounts on the settings page.
- When a user clicked Work case it might happen that an already closed case (belonging to a working queue that was configured to contain closed cases) was loaded as the next case to work on. Now, clicking Work case always returns an open case (APAR PO09493).
- An investigator was able to execute case transitions while not belonging to the transition's user group. Also, the assignment of closed investigation cases to working queues was not done properly and as a result of that in some scenarios it was not possible to reopen a case (APAR PO09509, PO09514).
- It was possible to do certain changes, for example copying/deleting elements via context menu, on a revision that was waiting to perform a golive, for example, if interlock was enabled and the instance had to wait for the required number of instances to be available. In that case, a remote golive might have failed, causing the remote instance to shut down and become invalidated (APAR PO09477).
- When saving the settings page it would always say that the watchdog and persistent connections thread pool values had changed even though there was no change to these settings.
- When a cluster update happened on an instance while it was shutting down a crash might occur. It might for example happen during a restore on the restore recipient instance (APAR PO09480).
- Starting a simulation while saving a revision element might cause a crash (APAR PO09483).
- Query results might contain invalid JSON, if the query did not include the DDC and the CSV export
options for nil values were set to
empty value
and the query returned data that was only available in DDC but not MDC. Under these circumstances the query result would not load and produce an error on the user interface (APAR PO09452). - The retention administration page might only be fully utilized by users that had the role privilege to either view the model tab on all mandators or to view the mandator administration for all mandators. Additionally the user also needed the global privilege to view the system configuration. Now only the global privilege for retention administration is needed. Note though, that this privilege still allows a user to view the hierarchy of mandators on the retention page.
- The retention settings page on the administration tab was hard to use because too much content was visible at the same time. The layout of the page was changed and individual parts split up into sub-pages that can be viewed one at a time without the others being visible on screen. To make the form more intuitive the behavior of the reset button was changed. When performing this action the pending settings are overwritten by the active settings and a corresponding audit trail entry is produced. Apart from this, the remaining workflow and API requests have not been changed.
- When having more than one instance in the cluster, filtering the status alarm indicators in the dashboard would cause some SAIs to be duplicated (APAR PO09440).
- The detail view of a defined risk list entry did not initialize the Expires at field properly when being opened from the Risk list hits widget on the case investigation screen.
- When starting a rule report
without context
, a complete simulation would be started instead of just simulating the elements relevant for the simulation of this particular rule like it was in the old user interface. - The tables in the user interface now have borders around each cell to make reading densely packed tables easier.
- Tabs (for example in cluster settings or latency report page) did not show up below each other in case they overflew the screen and might not be seen.
- It was possible that index entries and entries in index using elements such as masterdata, events, calendars and device identifications were duplicated after running a recreate index job with deferred writing enabled (APAR PO09454).
- In the user interface, the date selector did not allow to define the time in hours, minutes, and
seconds in following places: defined risk list import page for expires / starts at, case transition
follow up on
field, defining a timestamp reporting attribute in create CPP from a query. Additionally, the timestamp that was saved was not at 00:00:00 of the user's time zone as expected. - Investigation cases from different Index Based Evaluation case classes that use the same index were not consolidated (APAR PO09444).
- Users using encoded categories with PMML might only encode data of type double. This behavior restricted users from using other types of data in encoded format.
- A IBM Safer Payments instance while starting up might be wrongly considered to be ready to process transaction, resulting in wrong evaluation of number of active instances in cluster for the interlock functionality (APAR PO09462).
- The privilege check for unreserveCase request was simplified to avoid unnecessary no privileges errors (APAR PO08515).
- The justification code was missing in the data sent to the server with the request of a bulk case transition, which prevented the transition from being executed in the case of a mandatory justification code (APAR PO09470).
- Safer Payments now supports all Python 3 versions starting with 3.2.
- When a PMML model component is copied, the uploaded PMML file would be copied as well. Therefore, the PMML model file won't be missing (APAR PO09379).
- When saving the same model element twice at the same time, the system might have crashed if during save an output attribute was replaced (APAR PO09446).
- Saving the simulation data selection repeatedly during a small frame of time might lead to a crash (APAR PO09449).
- On the Case Investigation screen, when case action confirmation was turned on, previewed case actions of type SMTP were triggered and sent before the confirmation was given.
- Model test (sandboxing) functionality was not working for PMML models and internally trained models.
- While an instance is offline, it was possible for its interfaces to become active when cluster
update action is performed. Now interfaces of an offline instance would not be activated even after
cluster update actions. Also, a new status named
Offline
is added to indicate the status of an offline instance in the cluster settings page (APAR PO09284). - Deleting a Key Performance Indicator might rarely result in an application crash.
- A backtrace might have happened in index-based evaluations due to outdated condition references.
- A deadlock might have occurred when a modeling workflow was running in a challenger revision and at the same time the revision was deleted or taken over by a user who did not have simulation memory assigned (APAR PO09461).
- Using cluster interlock can result in golive being stuck for long time, if restore is in progress with in the cluster. This fix let's golive proceed if minimum active instances condition is satisfied (APAR PO09378).
- When simulating rules, more rules than necessary might have been simulated leading to prolonged simulation times. Rules that alter the same outputs and are computed before the simulated rules are automatically included. However, rules that are computed after the simulated rules were also simulated although not required to get valid simulation results (APAR PO09428).
- In attribute settings of the user interface, after changing storage type to not stored the attribute might only be saved if the DDC capacity had been set to 0 manually before that.
- The default storage type and xdc capacities defined in system configuration were not used when creating new attributes in counters, profiles, and device identification. Additionally when changing storage type in an attribute definition capacities might have been predefined to zero instead of the default value (APAR PO09397).
- Large redundant data was stored in the configuration file when the storage type in an attribute definition was changed and saved from the user interface (APAR PO09410).
- Performing a change on an attribute in a sub mandator while executing a golive on an upper mandator, might lead to a crash (APAR PO09495).
- Changing the data selection on a rule generation that is already running might lead to a crash (APAR PO09450).
- Simultaneous shutdown of MCI interface and an MCI connection request might result in an instance crash. Closing an MCI connection during deactivation of the MCI might be slower than before in case the sending side keeps the connection to IBM Safer Payments open until the MCI is deactivated. In a worst case scenario the overall additional time it takes during the deactivation of the MCI might be the number of connections * 1 second (APAR PO09435).
- A defect in outgoing persistent connection might cause the user interface to become unresponsive.
- When Text or Hex values were computed with Python, which is used in Conclusion or Formula expressions, the return values leaked in memory (APAR PO09405).
Minor changes
- It was not possible to generate the French and Portuguese manual (APAR PO09577).
- The user interface was attempting to parse any response as JSON and would fail, for example, when a Proxy/CDN returns a non JSON response that gives the Unexpected token < in JSON at position 0 message, this behavior is now replaced with a more informative modal (APAR PO09504).
- A new event log ID 827 was added for errors from file closing, instead of using the event log ID 0.
- When using a shared NFS folder for DDC, the file ddc/lock.iris was not unlocked automatically when the operating system crashed and rebooted. An option called Check for other instances was added to system configuration to skip the lock to allow an easy restart when using a shared directory for DDC. This option is true by default to not change the current behaviour.
- The IP addresses of internal interfaces SCI, ECI, and FLI were not updated in case that domain name were used and the DNS server changed the address resolution to a new IP unless the cluster page was saved again. IP addresses are now reloaded after receiving a to be ignored IP, if the IPs have not been reloaded already during the last 10 seconds.
- On the transition to the
Followup
case state, the transitioning user was able to select a follow-up user belonging to a mandator higher up in the mandator hierarchy than their own. Now the user is limited to users assigned to own or descendant mandators, being in accordance with the user selection on the case selection form. - Case investigators might see case transitions which they had no execution privilege for.
- Writing large numbers in the time field of a date picker field caused the selected date to change to a value further in the future (APAR PO09540).
- The application's built-in help did not explain how privileges to change a given type of element on one mandator affect other mandators. The change privilege on one mandator actually implies a view privilege on higher mandators to avoid creating duplicate elements. A hint was added to the online help for user accounts.
- The ability to filter the Status Alarm Indicators by instance on the dashboard was missing from the user interface.
- Position settings for Status Alarm Indicators were not reflected on the dashboard page (APAR PO09326).
- The charts of the dashboard wouldn't automatically refresh after the configured refresh interval. The values were also not reloaded after manually refreshing the page (APAR PO09319).
- On the inbound page, the label and check boxes of the Kafka instance failover priority selection appeared on different lines of the form.
- It was not possible to delete a modelling workflow, if it was used in a simulation of a challenger or a retired revision within the same mandator. It's now possible to delete workflows as long as they are not used within its own challenger or challengers of submandators (APAR PO09298).
- Normally users that can change an element on a lower mandator automatically are allowed to view this element type on higher-level mandators. This behavior was not true for index-based evaluations. The table did not include higher-level mandators if the requesting user only had the privilege on alower-level mandator.
- Sending the confirmGolive API request with an invalid revision uid caused the API instance to create a backtrace and a unrecoverable error log message (APAR PO09386).
- The icon of the account number of records action available for simulation and investigation queries was changed to an uppercase sigma.
- The revision general page did not show the revision status information correctly. Also, the menu bar showed incorrect information text that the revision would be editable during golive report.
- In reports, if every value of a report result row is 0, a hint text is displayed now instead of a pie chart with invalid data (APAR PO09545).
- In the case workflow definition it was possible to set a comment for a case transition as mandatory, but not allowed, which might block the user from submitting the case transition.
- In the General Revision Settings page, a pie chart will be displayed only after a user clicks a value in the Memory Statistics table. Now the MDC memory consumption column is selected by default. Users can still click other columns to change the displayed chart. Additionally, a misleading text was displayed when the selected column did not contain enough data to display a pie chart.
- Sorting of numeric columns in query results that belong to output attributes would be sorted alphabetically instead of numerically (APAR PO09488).
- The persistent connection occ is cluster-dependent. Its configuration of connection pool priorities was not adapted to the cluster change.
- For model revision elements, the New element button is active for inherited elements, even though that is not possible.
- The Logout and My account menu options were separated into their own icons based on customer feedback.
- The version information was removed from getUserProfile API request. There was no further impact for the user interface or server.
- There were some typographical errors in the online help and the user interface that have been corrected (APAR PO09441).
- In the user interface, shortcut Ctrl+S didn't save changes that are done to date fields when the field was still focused.
- The limitation on reports pages to only allow filtering for time ranges in the past was removed. Additional validation was added for the time ranges.
- When adding a new common point query it was not enabled by default in the user interface.
- It was not possible to filter for defined risk list entries that were last edited by deleted users. Entries from all users will now be displayed when no user is selected in the filter (APAR PO08657).
- In attribute definition and in default xdc capacities setting in system configuration in the user interface, it was not validated that the MDC is smaller or equal to DDC capacity. However, this was validated on server. Additional validation behavior was improved in attribute and index sequence settings.
- Adjusted the displayed values in the query results when the attributes were not present in DDC and include DDC is disabled in the query, and when data is not available (APAR PO09132).