9.3.1Changelog: 2021

 

Legend

A new feature
An existing feature has changed
A bug fix
A performance improvement
A security issue has been corrected

9.3.2Smile CDR 2021.11.R03 (Raccoon)

 

9.3.2.1Release Information

Released 2021-12-17
Codename Raccoon
HAPI FHIR Smile CDR 2021.11.R03 is based on HAPI FHIR 5.6.2, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.2.2Changes

Backported from: 2022.02.R01

This version strictly exists to pin the log4j API version to 2.16.0. While Smile CDR is not vulnerable to the log4shell vulnerability as we do not use the log4j core, we are pinning the dependency to prevent false positives.

9.3.3Smile CDR 2021.11.R02 (Raccoon)

 

9.3.3.1Release Information

Released 2021-12-03
Codename Raccoon
HAPI FHIR Smile CDR 2021.11.R02 is based on HAPI FHIR 5.6.1, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.3.2Changes

Fixed migration for appSphere profile type population that was not working for MSSQL

9.3.4Smile CDR 2021.11.R01 (Raccoon)

 

9.3.4.1Release Information

Released 2021-11-18
Codename Raccoon
HAPI FHIR Smile CDR 2021.11.R01 is based on HAPI FHIR 5.6.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.4.2Changes

Added support for the prompt parameter during OAuth Authorization Code Flow, limited to the value login.

The MongoDB FHIR storage module now supports inline conditional URL references, which are used by Synthea-generated data. This change allows Synthea data to be ingested into MongoDB instances.

Added support for Basic Authentication fields in the Admin Console that will be sent to authenticate with the remote terminology server.

Added graphql support in fhir gateway as an operation route, also added FHIRGW_OPERATION_TARGET_PREINVOKE hook and changed all interceptor call in operations from FHIR_GW_READ_TARGET_PREINVOKE to the new hook

Add permission for operation $partition-management-list-partitions

Added a new setting to the Storage module which allows users to set index prefixes for any indexes created by Elasticsearch.

The Swagger/OpenAPI interface now supports OIDC authorization.

Ability to hide signup button on local security login page

Configurable additional logging for HL7 v2.x-to-FHIR conversion has been added to the transaction log.

The CCDA goals section can now contain the author entry when being generated

The CCDA immunization section can now contain the author entry when being generated for available entries

The CCDA procedure section can now contain the author entry when being generated for available entries with the correct data

The CCDA encounter section can now contain the author entry when being generated for available entries with the correct data.

When generating a CDA document, a Social History Observation entry will be added to the Social History Section for any Observation that does not correspond to one of the specialized entry types.

New configuration flags have been added to the MongoDB Storage module that can be used to disable server/type/instance level history operations. Disabling these can improve performance on servers that do not need to support these operations.

When generating a CDA document, a Pregnancy Observation entry will be added to the Social History Section for any Observation whose value is drawn from a list of codes relating to the patient's pregnancy status.

The CCDA social history section can now be generated with the tobbaco use entry

Populate information for Encounter and Provenance in the default javascript template. Improved error handling in AuthorParticipation when fields are not defined.

When selecting resources for inclusion in a CDA document, Observations can be grouped in a subsection of the vital signs section. The corresponding Vital Sign Observation entries will be grouped together in a Vital Sign Organizer entry in the generated CDA document.

The Javascript Execution Environment Fhir.search().forResource().where() chain would accept invalid arguments and simply not apply the where clause. It is now the case than an error is returned.

App Management Tools Console Managers' emails could now be set up to receive notifications when an app is registered or re-registered.

In order to support the US Core Implementation Guide's profile for the Device resource, Device is now included as part of the partient compartment. This is supported for READ, VREAD, SEARCH operations. Note that this implementation uses authentication as a mechanism of inclusion, so if you have replaced the CdrAuthorizationInterceptor, you will need to make the equivalent changes on your interceptor. More information can be found in the documentation.

Added support for $everything operator when using mongo persistence module

Added toggles in hl7v2 inbound module to allow Patient Account resource derived from PID18 segment, Related Person resource derived from gt1 segment, and Associated Party resource derived from NK113 segment to be mapped to standalone resources when identifiers are provided.

It is now possible to customize the CORS allowed request headers list. This can be done via the Cors Allowed Request Headers property.

Add support for Patient/123/$everything endpoint through fhir-gateway

Add new profile types to AG profiles, such as Individual, Business and Payer.

Added the Persist Process Level Metrics Job Enabled configuration under Cluster Manager Maintenance.

Added toggle on Smile CDR user management page to filter out users created by Federated OIDC or other external IdPs

Added a new Persistence module configuration option which generates appropriate indexes to allow searches to descend into contained resources.

Add $mdm-create-link operation

HL7 v2.x inbound support for OBX-5 values containing the ED datatype (used to contain binary content such as images and PDF documents) has been added.

HL7 v2.x inbound support will now attempt to recover from messages with invalid MSH-9-3 (Message Structure) values, instead of failing to process the message.

When parsing an HL7 v2.x inbound message containing an OBX-5 value of type NM where the supplied value is not actually a valid number, the segment will be treated as a string instead. This allows for more graceful processing of messages containing textual NM content which is common in real-world systems.

A new endpoint has been added to the user-management API in admin-json module, which allows you to fetch a single user's details by PID. This can be reached at GET [base]:9000/user-management/<NodeId>/<ModuleId>/<PID>. This requires VIEW_USERS permission.

Added support for $everything operation on Patient type through gateway.

Support on MongoDB for quantity searches (e.g. Observation?value-quantity=...) has been added.

Changed behaviour of user filter to moduleId filter

Added support for a mapping script javascript file path input configuration in the ETL Module

A new parameter, _id has been added to the Patient/$everything type-level operation. This allows you to pass in multiple patients as arguments, e.g. [base]/Patient/$everything?_id=1,2,3. This call would retrieve everything for patients with IDs 1,2, and 3. More information can be found in the documentation.

AppSphere now allows developers to upload supporting documents after app registration, which can be downloaded by console administrators

_id parameter on patient-type $everything operation has been extended to support the FHIR Gateway. Also, this fixed a regression which caused $everything to be an unrecognized operation.

_id parameter on patient-type $everything operation on FHIR Gateway now correctly strips resource prefixes from ID parameters.

Several improvements have been made to smileutil that improve performance of the synchronize-fhir-servers command. In COPY mode, when using a directory as the source the resources will no longer be copied to a temporary directory before uploading. A new argument has also been added that allows an arbitrary path expression to be used as a semaphore.

New configuration options have been added to help troubleshoot connection pool exhaustion issues. See Database Connection Pool for details

The ability to add Channel Prefixes automatically to broker channels has been removed due to a failure in implementation. While the configuration property still exists for now, this is effectively a no-op, and the property will be removed in a subsequent release.

Change the default value of db.connectionpool.test_on_return from false to true.

The $mdm-clear operation has been converted to a batch operation that can be managed in the Batch Jobs page of the Web Admin Console.

Previously, the admin-json system-config endpoint, which generates a zip file of all server information, concatenated all node properties into a single file. This has been changed, so there is a properties file on a per-node basis.

App Management Tools is now appSphere

$process-message operation in gateway return NPE if parameter is null. This has been corrected.

Swagger-ui doesn't work with Partitions. This has been resolved.

Fixed a bug wherein the smileutil Synchronize Fhir Servers command was not correctly applying a default request id to the requests it was making.

When using the MongoDB storage module, conditional updates performed as a part of a transaction resulted in a new resource version being persisted even if the resource body did not actually change. This has been corrected.

~~Custom user data added to the user session during login is now maintained into refreshed SMART sessions.~~ This fix was unsuccessful. Fixed in 2699.

Removes the duplication of the Template OIDs in every section of a generated CDA document

In moving from FHIR DSTU3 to R4, the URLs used in some of our CodeSystems were left outdated. This has been corrected.

Previously in MongoDB, during a transaction if a resource with conditional match URL relied on a resource only defined via another resource in the transaction, a PreconditionalFailedException would be thrown. This has been corrected.

Previously in a MongoDB transaction, if the resource contained a conditional URL which relied on a sibling resource in the same transaction, there was the potential for duplicates in high-concurrency situation. This has been resolved.

unable to access dropdown search parameter via the FHIR Web module due to a Javascript error. This has been fixed.

Previously, when resources failed validation during a PUT/POST, the transaction log would be missing the request body for the ENDPOINT_RECEIVE step. This has been corrected.

Additional CodeSystem URLs have been updated to properly reflect both FHIR DSTU3 and R4 uses.

Previously, creating and searching for resources in a Mongo database would fail if the resource type has a search parameter named resource, which is a reserved word in our model. This fix adds special handling to avoid the name collision.

Migration task failure when upgrading from 2021.08.PRE-38 to 2021.11.PRE-06

Fixed a bug where Conditional Updates and Conditional Creates in transactions were not being successfully retried when using MongoDB as a storage module

Fixed a bug in HL7 V2.x inbound mapping where Encounter.serviceProvider is not generated when PV1-39 is populated, updated documentation for PV1-39 segment

Fixed a bug which occured while multiple refresh attempts were made simultaneously against a single access token.

Add unsaved change warning for module add page and module edit page

The code editor fields in the web admin console were not resizeable, this has been fixed

Fixed a bug that produced this error: TemplateInputException: An error happened during template parsing (template: class path resource [META-INF/adminweb/views/runtime/batch/jobList.html]

Recover from MS SQLServer migration failure on the CDR_OAUTH2_REFRESH_TOKEN table that failed because the column name 'KEY' is a reserved word on MS SQLServer. The column has been renamed to TOKEN_KEY.

Add Support For $subsumes Against CodeSystem Resources As Well As $validate-code Against CodeSystem And ValueSet Resources

Fixed a bug resolving _include and _revinclude parameters in FHIR Gateway, which was causing the included resources to be omitted.

Previously when executing a PUT against a user by PID in the user-management API, only the UserDetails information that were passed in were subsequently returned. This has been changed so that the user's full deatils are now returned.

Post $mdm-update-link/$mdm-create-link return 403 forbidden. This has been resolved.

Fixed bug within the source code which was causing the Mongo database to incorrectly assess whether a resource was changed or not resulting in redundant resource updates.

FHIR_GRAPHQL permission gets filtered when narrowing scopes. This has been resolved.

Post $mdm-update-link/$mdm-create-link return 403 forbidden with specific permissions. This has been resolved.

Gateway resourceIdPrefix is incorrectly prefixed to contained references. This has been resolved.

In the RTE rules definition, nested child tables more than 1 level deep were not being processed at all, and therefore, those tables would not be populated using the $this placeholder as described in the documentation. This has been corrected.

Fixed a bug where during HL7v2 inbound, organizations reference id will be unsatisfied when useStandaloneNk113 is toggled. Changed useStandalone toggles' default value to false

When users use date picker in audit log page, the date picker cookie is not saved properly causing a bug. This has been fixed

Gateway GET operation returns a 500 if the target server's response bundle.total field is null. This has been resolved.

remove double password encoding for original seed in OIDC client secret generator.

Make add module list in WAC case sorted alphabetically and case insensitive

Remove ID prefixes in Graphql queries in FHIR Gateway. Added a check to ensure that prefixes match the given target.

Populate missing profile type for old appSphere applications so that filters would work properly.

Fixed a bug where ETL module searches could throw a transaction log error if they returned no resources.

Fix issue when creating confidential OIDC client for appSphere Sandbox. This change requires the OPENID_CONNECT_EDIT_CLIENT permission to be added to appSphere Developer user accounts.

Support for _revinclude has been added to MongoDB in limited fashion. It can be used when the original query is on a single resource. This enables support for Patient/[id]/$everything. Currently, Patient type-level $everything is still not supported.

Fixed a bug where gateway would return the incorrect total when any of the underlying fhir endpoints doesn't return the total. It should not return total. This has been corrected.

Fixed a bug on MongoDB where transactions containing entries, which in turn contained references that lacked an actual reference element, would cause an error during ingestion.

9.3.5Smile CDR 2021.08.R06 (Quasar)

 

9.3.5.1Release Information

Released 2021-11-23
Codename Quasar
HAPI FHIR Smile CDR 2021.08.R06 is based on HAPI FHIR 5.5.3, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.5.2Upgrade Instructions

9.3.5.3Changes

Backported from: 2021.11.R01

Gateway resourceIdPrefix is incorrectly prefixed to contained references. This has been resolved.

Backported from: 2022.02.R01

Gateway resourceIdPrefix is incorrectly prefixed to contained references. This has been resolved.

9.3.6Smile CDR 2021.08.R05 (Quasar)

 

9.3.6.1Release Information

Released 2021-11-08
Codename Quasar
HAPI FHIR Smile CDR 2021.08.R05 is based on HAPI FHIR 5.5.3, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.6.2Upgrade Instructions

Smile CDR 2021.08.R05 is intended only for Postgresql users, but is highly recommended for any users of Postgresql (any version) who are not able to upgrade to Smile CDR 2021.11.R01 or newer. It corrects a potential data loss issue with the Postgresql database driver. Users of any other RDBMS platform will not see any benefit using this version (as compared to the previous version, Smile CDR 2021.08.R04).

Postgresql users upgrading to this version should execute the following SQL statements on their cluster manager and FHIR storage databases.

Cluster Manager Script:

alter table cdr_user_details add column NOTES_m oid;
update cdr_user_details set NOTES_m = cast(notes as oid) where notes is not null;
alter table cdr_user_details drop column notes;
alter table cdr_user_details rename column NOTES_m to notes;
alter table cdr_audit_evt add column EVT_ADDITIONAL_JSON_m oid;
update cdr_audit_evt set EVT_ADDITIONAL_JSON_m = cast(evt_additional_json as oid) where evt_additional_json is not null;
alter table cdr_audit_evt drop column evt_additional_json;
alter table cdr_audit_evt rename column EVT_ADDITIONAL_JSON_m to evt_additional_json;
alter table cdr_cda_template add column TEMPLATE_CONTENT_m oid;
update cdr_cda_template set TEMPLATE_CONTENT_m = cast(template_content as oid) where template_content is not null;
alter table cdr_cda_template drop column template_content;
alter table cdr_cda_template rename column TEMPLATE_CONTENT_m to template_content;
alter table cdr_oa2_server add column JWKS_TEXT_m oid;
update cdr_oa2_server set JWKS_TEXT_m = cast(jwks_text as oid) where jwks_text is not null;
alter table cdr_oa2_server drop column jwks_text;
alter table cdr_oa2_server rename column JWKS_TEXT_m to jwks_text;
alter table cdr_module_cfg_prop add column VALUE_EXTENDED_m oid;
update cdr_module_cfg_prop set VALUE_EXTENDED_m = cast(value_extended as oid) where value_extended is not null;
alter table cdr_module_cfg_prop drop column value_extended;
alter table cdr_module_cfg_prop rename column VALUE_EXTENDED_m to value_extended;

FHIR Storage Module:

alter table trm_valueset_concept add column SOURCE_DIRECT_PARENT_PIDS_m oid;
update trm_valueset_concept set SOURCE_DIRECT_PARENT_PIDS_m = cast(source_direct_parent_pids as oid) where source_direct_parent_pids is not null;
alter table trm_valueset_concept drop column source_direct_parent_pids;
alter table trm_valueset_concept rename column SOURCE_DIRECT_PARENT_PIDS_m to source_direct_parent_pids;
alter table trm_concept add column PARENT_PIDS_m oid;
update trm_concept set PARENT_PIDS_m = cast(parent_pids as oid) where parent_pids is not null;
alter table trm_concept drop column parent_pids;
alter table trm_concept rename column PARENT_PIDS_m to parent_pids;
alter table hfj_search add column SEARCH_QUERY_STRING_m oid;
update hfj_search set SEARCH_QUERY_STRING_m = cast(search_query_string as oid) where search_query_string is not null;
alter table hfj_search drop column search_query_string;
alter table hfj_search rename column SEARCH_QUERY_STRING_m to search_query_string;

9.3.6.3Changes

Backported from: 2022.02.R01

A new setting called Read-Only Mode Enabled has been added to the FHIR Storage (RDBMS) module. This setting is an indication to Smile CDR that all database connections will be read-only. This is useful for multi-node architectures such as those leveraging read replication.

9.3.7Smile CDR 2021.08.R04 (Quasar)

 

9.3.7.1Release Information

Released 2021-10-28
Codename Quasar
HAPI FHIR Smile CDR 2021.08.R04 is based on HAPI FHIR 5.5.3, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.7.2Upgrade Instructions

9.3.7.3Changes

Backported from: 2021.11.R01

Added a new Persistence module configuration option which generates appropriate indexes to allow searches to descend into contained resources.

9.3.8Smile CDR 2021.08.R03 (Quasar)

 

9.3.8.1Release Information

Released 2021-10-07
Codename Quasar
HAPI FHIR Smile CDR 2021.08.R03 is based on HAPI FHIR 5.5.2, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.8.2Upgrade Instructions

In June 2021, a change accidentally introduced a connection pool leak into the system. this has been corrected.

9.3.8.3Changes

In moving from FHIR DSTU3 to R4, the URLs used in some of our CodeSystems were left outdated. This has been corrected.

Backported from: 2021.11.R01

In moving from FHIR DSTU3 to R4, the URLs used in some of our CodeSystems were left outdated. This has been corrected.

Additional CodeSystem URLs have been updated to properly reflect both FHIR DSTU3 and R4 uses.

Backported from: 2021.11.R01

Additional CodeSystem URLs have been updated to properly reflect both FHIR DSTU3 and R4 uses.

Previously, creating and searching for resources in a Mongo database would fail if the resource type has a search parameter named resource, which is a reserved word in our model. This fix adds special handling to avoid the name collision.

Backported from: 2021.11.R01

Previously, creating and searching for resources in a Mongo database would fail if the resource type has a search parameter named resource, which is a reserved word in our model. This fix adds special handling to avoid the name collision.

9.3.9Smile CDR 2021.08.R02 (Quasar)

 

9.3.9.1Release Information

Released 2021-08-31
Codename Quasar
HAPI FHIR Smile CDR 2021.08.R02 is based on HAPI FHIR 5.5.1, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.9.2Upgrade Instructions

This version of smile fixes a regression found in 2021.08.R01 in which bundles with identical conditional creates would not successfully collapse, resulting in the possibility of creating incorrectly duplicated data.

9.3.9.3Changes

9.3.10Smile CDR 2021.08.R01 (Quasar)

 

9.3.10.1Release Information

Released 2021-08-22
Codename Quasar
HAPI FHIR Smile CDR 2021.08.R01 is based on HAPI FHIR 5.5.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.10.2Changes

$mdm-query-links and $mdm-duplicate-golden-resources now enforce paging via parameters _offset and _count. More details can be found in the MDM Operations documentation. Furthermore, Smile CDR's internal APIs in the admin-json module also support these same new parameters.

The JSON Admin API's OIDC Sessions API will now revoke any accepted Terms of Service (TOS) when revoking a given client for a given user.

Hybrid providers will occasionally need to specifically be booted after a particular module. A new optional dependency of type Boot After has been added to hybrid provider endpoints. This will ensure that the module specified there will be booted before the hybrid provider.

Add AWS Secrets Manager JDBC Driver Support for PostgreSQL

The transaction log can now be configured to send events to a kafka queue for realtime reporting

Support for multiple header-passthrough option using -hp or --header-passthrough parameter was added to smileutil commands: map-and-upload-csv-bulk-import-file, upload-bundle-files, upload-examples, upload-sample-dataset and upload-terminology

Ability to maintain different version of attestations (add new, update existing one, retrieve all, retrieve current)

Log lines now identify the module running and the request being processed.

The SMART Backend Services authorization guide is now fully supported, and can be used to authenticate FHIR Bulk Export jobs as described in the guide.

A number of new fields have been added to the HL7 v2.x PV1, DG1, and AL1 segments.

Smile CDR now supports (and recommends) deployment on the OpenJDK 16.x JVM.

Users approving OIDC clients managed by the App Gallery will be presented with the plain-language version of the developer attestation

The SMART Outbound Security module can now be configured to require PKCE for all code exchanges, and to optionally disable the PLAIN challenge type.

Old (completed, failed, etc.) batch jobs in the FHIR Storage (RDBMS) after 48 hours.

The Batch Job JSON API has been improved to add an optional executionUUID parameter that can be used to search for a specific execution of a job.

A new set of configuration options has been added to the FHIR Storage (RDBMS) module to allow individual scheduled tasks to be selectively enabled and disabled on a given node.

The SMART Outbound Security module can now optionally present the user with a context selection screen during interactive login flows. This screen permits the user to choose a session context, such as the person whose data is being accessed.

It is now possible to configure the number of threads available to the batch job executor service for tasks like bulk import and bulk export.

Completely automate the provisioning of attestation html text for new SmileCDR App Gallery installation.

The SMART Outbound Security module revoke page now has a logout button.

A new property on the ETL Importer module allows you to enable Transaction Logging. Note that this will have heavy impacts to performance if enabled. Currently this is only supported for synchronous server-side ETL mode.

Added new Runtime -> Batch Jobs menu item in the Web Admin Console for viewing and stopping recently run jobs. In this initial implementation, the details of the last 5 jobs of each type are displayed and a button provided to stop any job currently running. The VIEW_BATCH_JOBS permission is required to view jobs and MANAGE_BATCH_JOBS permission is required to stop jobs.

Added a configuration property to Realtime Export module, allowing you to set the channel prefix when running in POINTCUT mode. This is useful in scenarios where you may have multiple RTE modules operating on multiple Storage modules.

Added ServletRequestDetails parameter to all FHIR Gateway pre-invoke pointcuts.

A new setting has been added to the FHIR Storage module that controls whether non-versioning changes to resources (such as Resource.meta chages) should result in subscription processing.

A new pair of settings on the FHIR Storage module allow SearchParameters to be automatically enabled and disabled on startup based on a specified set of patterns.

Added support to generate an AuthorParticipation CDA sub-section from FHIR provenance objects.

Add ability to sort by different columns names and select sort direction to app gallery REST API.

A new Storage Module config parameter called 'Request Validating Bean Types' has been added. Users can set the value of this config parameter to a comma-separated list of customerlib-provided subclasses of IValidationSupport to be added to the validation support chain.

Stale Batch jobs will now only be deleted 48 hours after they were last updated, as opposed to 48 hours after they were originally created.

The BatchJobs JSON Admin API now provides a count of how many records were processed by a given job instance.

The JSON Admin API for Batch Jobs now has new operations for stopping and restarting job executions.

Add requesting apps and helpdesk URL/Email address in App Gallery Smile config

A new setting on the FHIR Storage (RDBMS) module allows specific validation messages to be suppressed using one or more regex patterns.

A new administrative API has been added to the JSON Admin API that can be used to list currently approved SMART applications for a given user, and also to revoke specific ones.

Add privacy policy URL in App Gallery Smile config

Javascript Execution environment now supports the ability to check the presence of a profile on a given resource as follows: resource.meta.hasProfile('http://myprofile.com|1.0.0');

A user-specified list of HTTP headers can now be accessed on theRequest object in authentication callback scripts

The CCDA goals section can now be generated through the CDA Exchange module

Add developer note during registration to console and portal REST API.

Add in Smile Documentation, a sample MDM survivorship javascript function to copy identifiers in golden records, in MDM Survivorship Rules page.

Added a new broker option NONE that can be used to run without a broker.

The MongoDB History operations (Type-, and Instance- level) now support paging to descend farther into the history beyond what is shown on the first page.

Instance-level history is now supported on MongoDB.

Added a Config Diagnostics page to the Web Admin Console that detects and reports common misconfigurations. This page also lists configuration settings that could affect performance.

A new setting called Write-Semaphore Mode has been added to the FHIR Storage (RDBMS) module. This setting allows beter performance when writing highly concurrent data where multiple threads may try to create or update the same resource.

Generated CCDA documents can include an Encounters section (2.16.840.1.113883.10.20.22.2.22) containing Encounter Activity (2.16.840.1.113883.10.20.22.4.49) entries derived from Encounter resources.

Added AWS Secrets Manager JDBC support for DB types: MariaDB, MSSQL, MySql, Oracle, Postgres

A new setting has been added that enabled an asynchronous mode for audit log writing. This mode uses an internal in-memory queue for writing audit log events that reduces the latency of individual FHIR operations at the expense of some latency in the audit logs.

A new setting has been added to the FHIR Storage (RDBMS) module that forces the use of Offset Queries, which means that the Query Cache will never be used for FHIR searches.

Most heavily trafficked smileutil commands (upload-csv-bulk-import-file, map-and-upload-csv-bulk-import-file, synchronize-fhir-servers) have a new optional parameter, --request-id, which when populated will mark each log line in the Smile CDR server with the provided request id. This can be useful for matching logs to specific smileutil invocations.

Automatically include App Gallery into Smile CDR build.

The MongoDB Storage module now supports the _profile search parameter.

A new partitioning feature called Patient ID Partition Mode has been added. In this mode the partition ID is determined by the resource ID of the Patient compartment owner for the given resource.

Generated CCDA documents can include an Immunization section (2.16.840.1.113883.10.20.22.2.2.1) containing Immunization Activity entries (2.16.840.1.113883.10.20.22.4.52) derived from Immunization resources.

Added 'smileutil version' command that prints out the current version of Smile CDR and HAPI-FHIR.

Support creating apps in different App Gallery module to support multiple OIDC endpoints.

Backported from: 2021.08.R01

Support creating apps in different App Gallery module to support multiple OIDC endpoints.

Generated CCDA documents can include a Medical Equipment section (:2.16.840.1.113883.10.20.22.2.23) containing Medical Equipment Organizer (2.16.840.1.113883.10.20.22.4.135) entries derived from List resources, Non-Medicinal Supply Activity (2.16.840.1.113883.10.20.22.4.50) entries derived from DeviceUseStatement resources and Procedure Activity Procedure (2.16.840.1.113883.10.20.22.4.14) entries derived from Procedure resources.

The MongoDB Storage module now supports the _profile search parameter, allowing searches for resources with a given profile declaration.

The _total search parameter is now supported by the MongoDB FHIR Storage module.

The MongoDB FHIR Storage module now supports performance tracing, which can add the raw query sent to MongoDB and details about the response latency to the transaction log.

Generated CCDA documents can include a Procedures section (2.16.840.1.113883.10.20.22.2.7.1) containing Procedure Activity Act (2.16.840.1.113883.10.20.22.4.12), Procedure Activity Procedure (2.16.840.1.113883.10.20.22.4.14) and Procedure Activity Observation (2.16.840.1.113883.10.20.22.4.13) entries derived from Procedure resources.

Resource type is now populated in the SearchPageRequest parameter of the FHIRGW_SEARCH_PAGE_TARGET_PREINVOKE pointcut.

Enhance the CCDA document Immunization section (2.16.840.1.113883.10.20.22.2.2.1) to support entries with the INT mood code, derived from ImmunizationRecommendation resources.

Add new entry in App Gallery Smile config for PHI Warning URL.

A setting exposing the HAPI FHIR RestfulServer Bundle Inclusion Rule has been added.

Generated CCDA documents can include a Functional Status section (2.16.840.1.113883.10.20.22.2.14) containing Functional Status Observation (2.16.840.1.113883.10.20.22.4.67), Functional Status Organizer (2.16.840.1.113883.10.20.22.4.66) and Sensory Status (2.16.840.1.113883.10.20.22.4.127) entries.

OIDC/Federated setup allows for configurable external user names when creating local Smile CDR user records.

Add email server configuration to app gallery config.

Added email notification to App Gallery

Added a new $reindex operation with similar syntax to $delete-expunge that creates a spring-batch job to reindex selected resources. As with the $delete-expunge batch job, this $reindex job can specify a list of urls to be reindexed and the web admin console provides controls for viewing the job in progress as well as stopping and restarting it.

A new setting has been added disable Partitioning Security for systems that do not require it.

It is now possible to specify more than one target server for the smileutil synchronize-fhir-servers command.

An optimization has been made to the Javascript Execution environment's search() operations. They previously executed an additional search for each .where() clause. These additional searches have been removed.

Smile CDR will now automatically disable unicode strings for the MSSQL (SQL Server) driver, which significantly improves performance in some cases.

The Smile CDR RDBMS Connection Pool will no longer mark connections as autocommit-enabled when a connection is no longer needed. This removes a small piece of overhead for every database connection.

Added the individual Approved and Revoked SMART scopes to audit log entries.

DELETE _expunge=true has been converted to use Spring Batch. It now simply returns the jobId of the Spring Batch job while the job continues to run in the background. A new operation called $delete-expunge has been added to provide more fine-grained control of the delete expunge operation. This operation accepts an ordered list of URLs to be delete-expunged and an optional batch-size parameter that will be used to perform the delete expunge. If no batch size is specified in the operation, then the value of JpaStorageSettings.getExpungeBatchSize() is used.

Refactored the CDA Template Service. Created a separate CDA Document Service for clarity and testability.

The CDA Exchange module will generate documents based on R4 FHIR resources.

ConceptMap.group.element.target.display may now be up to 500 characters in length.

The list of ids of all Entry elements derived from FHIR resources will include the FHIR id of that resource as well as all external identifiers. The base URL to use as the root of local ids is a configuration parameter of the CDA Exchange module.

The HL7 v2.x inbound processor now considers the encounter when performing conditional updates of Observations derived from ADT OBX segments. This is in addition to the Observation's subject, code, and date.

The HL7 v2.x inbound processor previously required a value of MR be present in PID-3[0]-5. It will now accept a value of either MR or MB – depending on which is configured for a given HL7 v2.x Listening Endpoint module. In either case, this first repetition will be used as the primary business identifier for the resulting Patient.

Asynchronous-mode ETL Import jobs failed when executed against a partitioned server. This has been corrected.

When using MongoDB with Uplifted Refchains, an identifier with an Identifier.type.text value caused a crash. This has been resolved.

Fixed a bug wherein an Audit Log was only created for SECURITY_OUT_SMART_APPROVE_SCOPE if the related OIDC client was set to remember user-approved scopes. This has been fixed so that the audit log is created whether or not the scopes are set to be remembered.

In some situations, the cluster scheduler would prevent Smile CDR from starting with the error Couldn't get host name!. This has been corrected.

A bug was fixed for asynchronous ETL Jobs where the input CSV file contained multiple trailing newlines would cause a failure. sometimes result in the last segment of data not being loaded.

Default module names of especially verbose module sometimes exceeded the allowed length. This length has been increased.

During a previous upgrade of maximum module ID length, a particular validation check was missed. This has been corrected.

The JSON Execution Environment had an unnecessary restriction that prevented adding custom segments (Z-Segments) that had digits as a part of the segment name. This has been corrected.

A concurrency threading error was fixed in the HL7 v2.x Sending Endpoint module.

Fixed a bug wherein the Channel Import module would incorrectly use Cluster Manager channel prefixes for its channel names.

Fixed a bug where forcedEncoding setting was only applied to FHIR Operations, and not the standard Read/Search operations.

On Module "persistence_mongodb" setup, when adding FHIR Resource Types, some resource types were preventing the module to start. This has been corrected.

Database columns for OIDC Server Definitions used in federated mode were too short for real world URLs from some providers. These have been expanded.

Fixed CapabilityStatement returned by metadata in cases where a persistence module is configured with a fixed list of resource types (excluding Measure and CodeSystem).

The Hybrid Providers module incorrectly ignored FHIR search _include directives in the format [resourceType]:*. This has been corrected.

The Package Registry property was not working and was documented incorrectly. This has been corrected.

A constraint error on Oracle was resolved when performing the Refresh Tokeb flow using an authorization URL containing parameters with no value.

Resource profile declarations were not being preserved in the MongoDB Storage module.

Auto-retry on constraint errors was not being respected for MongoDB Storage Modules. This has been corrected.

The system had mistakenly applied the terms-of-service page to the session revoke page if called with a client_id parameter. This has been fixed.

Fixed a bug in the MongoDB module where date searches with low granularity (e.g. Observation?effective=2021-01-01) would not return all results. This requires the addition of a new top-level document field which contains the ordinal calendar date of any date-based search parameter. This setting can be controlled via a property on the module.

When using MongoDB with an uplifted RefChain, if the target of the refchain was also created in the same FHIR transaction bundle, race condition could cause a failure to save. This has been corrected.

Under some conditional, the unique constraint index in MongoDB was not correctly used to enforce conditional operations, leading to suboptimal performance. This has been corrected.

Fixed searchRevInclude elements in CapabilityStatement returned by metadata in cases where a persistence module is configured with a fixed list of resource types (excluding Measure and CodeSystem).

Fixed a bug introduced in 2021.08.PRE-14 that caused retired SearchParameters to be activated on startup by default.

Logout button on Revoke Page is not placed appropriately, its placed at extreme left corner of the screen. This has been corrected, and Logout button on Revoke Page is on top right now.

Added application last modified date to the payload and removed date of change from note payload

Numerous minor enhancements to Channel Import Retry Configuration.

  • 0 is now an allowable retry attempt count. It indicates that any failures should go directly to the failed channel.
  • Errors not considered retriable will now be sent directly to the failed topic, instead of dropped.
  • A new configuration option has been added to explicitly control the concurrent consumer count on the retry channel.
  • Channel Import will now fail to boot if retry is misconfigured. Previously it defaulted to a non-retriable channel.

When using the FHIR Gateway with ID Prefixes enabled, users with compartment-specific permissions were not able to access search results, as the authorization layer considered the non-prefixed IDs instead of the prefixed ones. This has been corrected.

SAML authentication option for FHIR Web module was not working. This has been fixed.

Backported from: 2021.08.R01

SAML authentication option for FHIR Web module was not working. This has been fixed.

Recent changes to CapabilityStatement to filter resource types not included in the allowed list inadvertently resulted in searchRevInclude references being excluded from the CapabilityStatement. This has been fixed.

When using a MongoDB storage module, the $validate operation did not use the supplied Validation Support dependency. This has been fixed.

The previous docker image used as a base for Smile CDR's docker image had various open vulnerabilities open against it. These have been remedied by changing the base image to use Alpine. This resolves the following CVEs:

The FHIR Gateway incorrectly returned an HTTP 500 if a consent service script rejected all resources in the response.

The MongoDB Storage module was incorrectly creating transaction sessions, meaning the aborted FHIR transactions could leave incomplete data in document collections. This has been corrected.

Bundle.total in FHIR Gateway module returns the number of resources in the Bundle. It should return the total number of matching resources for the search. This has been resolved.

On the MongoDB FHIR Storage module, resource updates that change nothing except the tags, profile declarations, or security labels resulted in a NO-OP that did not actually update the metadata. This has been corrected.

When executing a logout on a Smart Auth endpoint, the redirect to the signin page would fail if the module defined a custom context path. This has been corrected.

Correctly generate placeholder entries for Smoking Status and Sex Assigned at Birth when the Social History Section of a CCD document is empty

Fix the order of audit logs in App Gallery. Change from natural order to reverse order.

Fix registrationNote entry in App Gallery. Change the return type from NoteJson to String.

Fix Download System Configuration Button when Environment Variables are used as Admin Json Module context path.

When defining a module dependency in the properties file, Smile CDR now trims all surrounding whitespace. This prevents a rather insidious bug wherein a user could get mysterious failures if they added trailing whitespace to a module dependency.

Executing a ConceptMap/$translate operation nested within a FHIR Batch or Transaction bundle incorrectly resulted in an HTTP 500 error. This has been corrected.

A cache issue caused valid anonymous FHIR requests to occasionally fail with an error indicating that the user had no permissions. This has been corrected.

A bug prevented channel import from being used on a paertitioned server if the channel messages were raw FHIR resources and not CSV files. This has been corrected.

Right-side navigation bar in documentation/website in changelog links point to the incorrect section. This have been fixed

The Context Selection feature of the SMART Outbound Security Module did not function when the module was configured with a non-default web root context. This has been corrected.

The HL7 v2.x inbound processor was not issuing an error for ORM_O01 messages where an ORC (Order Control) segment was not populated. This has been corrected.

The HL7 v2.x inbound processor was incorrectly issuing an error for ORU_R01 messages where ORC-2 (Placer Order Number) was not populated. This has been corrected, and a warning is now issued instead.

Fix the rendering of PQ data type elements in a CDA document to derive the 'unit' attribute from the 'code' field of the source Quantity object if it is populated.

When a context path ending in '/' (and is not '/') is used for admin json module, its swagger-ui page couldn't be reached. This has been fixed.

Allow the Reason for Referral section of a CDA document to be generated using ServiceRequest resources in the context of the R4 model.

When generating a CCDA document, Allow an Allergy Concern Act to render if the corresponding AllergyIntolerance resource contains a code from any of NDF-RT, RxNorm or Smomed-CT code systems.

Fix search by Vendor Name on app gallery page.

Detect the interpretation code of a Vital Signs Observation using either OID or URI

When rendering a Result Observation entry in a CDA document, detect the interpretation code using either the code system OID or URI.

When creating a CDA document with a Results section, the reference range of each observation will be populated.

Fix a ClassCastException that was thrown while rendering the Procedures section of a CDA document if the Procedure contains a complicationDetail.

Adds a mapping from http://hl7.org/fhir/device-statement-status to ActStatus for the status code of the Non-Medicinal Supply Activity entry.

Previously when running in Partitioned mode, users did not require explicit access to access the DEFAULT partition. This has been changed, and now explicit access to the DEFAULT partition must be granted.

The Security Troubleshooting log contained a log message when logging in using the Local Inbound Security module that contained the hashed value of the user's password. This has been removed.

9.3.11Smile CDR 2021.05.R03 (Pangolin)

 

9.3.11.1Release Information

Released 2021-07-06
Codename Pangolin
HAPI FHIR Smile CDR 2021.05.R03 is based on HAPI FHIR 5.4.2, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.11.2Changes

Backported from: 2021.08.R01

The JSON Admin API's OIDC Sessions API will now revoke any accepted Terms of Service (TOS) when revoking a given client for a given user.

Backported from: 2021.08.R01

Add in Smile Documentation, a sample MDM survivorship javascript function to copy identifiers in golden records, in MDM Survivorship Rules page.

Backported from: 2021.08.R01

Added a new broker option NONE that can be used to run without a broker.

Backported from: 2021.08.R01

The MongoDB History operations (Type-, and Instance- level) now support paging to descend farther into the history beyond what is shown on the first page.

Backported from: 2021.08.R01

Instance-level history is now supported on MongoDB.

Backported from: 2021.08.R01

Added 'smileutil version' command that prints out the current version of Smile CDR and HAPI-FHIR.

Backported from: 2021.08.R01

The Smile CDR RDBMS Connection Pool will no longer mark connections as autocommit-enabled when a connection is no longer needed. This removes a small piece of overhead for every database connection.

Backported from: 2021.08.R01

DELETE _expunge=true has been converted to use Spring Batch. It now simply returns the jobId of the Spring Batch job while the job continues to run in the background. A new operation called $delete-expunge has been added to provide more fine-grained control of the delete expunge operation. This operation accepts an ordered list of URLs to be delete-expunged and an optional batch-size parameter that will be used to perform the delete expunge. If no batch size is specified in the operation, then the value of JpaStorageSettings.getExpungeBatchSize() is used.

Backported from: 2021.08.R01

Default module names of especially verbose module sometimes exceeded the allowed length. This length has been increased.

Backported from: 2021.08.R01

During a previous upgrade of maximum module ID length, a particular validation check was missed. This has been corrected.

Backported from: 2021.08.R01

Fixed a bug in the MongoDB module where date searches with low granularity (e.g. Observation?effective=2021-01-01) would not return all results. This requires the addition of a new top-level document field which contains the ordinal calendar date of any date-based search parameter. This setting can be controlled via a property on the module.

Backported from: 2021.08.R01

Added application last modified date to the payload and removed date of change from note payload

Backported from: 2021.08.R01

Numerous minor enhancements to Channel Import Retry Configuration.

  • 0 is now an allowable retry attempt count. It indicates that any failures should go directly to the failed channel.
  • Errors not considered retriable will now be sent directly to the failed topic, instead of dropped.
  • A new configuration option has been added to explicitly control the concurrent consumer count on the retry channel.
  • Channel Import will now fail to boot if retry is misconfigured. Previously it defaulted to a non-retriable channel.

Backported from: 2021.08.R01

The Security Troubleshooting log contained a log message when logging in using the Local Inbound Security module that contained the hashed value of the user's password. This has been removed.

9.3.12Smile CDR 2021.05.R02 (Pangolin)

 

9.3.12.1Release Information

Released 2021-06-15
Codename Pangolin
HAPI FHIR Smile CDR 2021.05.R02 is based on HAPI FHIR 5.4.1, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.12.2Changes

Backported from: 2021.08.R01

Add AWS Secrets Manager JDBC Driver Support for PostgreSQL

Backported from: 2021.08.R01

Ability to maintain different version of attestations (add new, update existing one, retrieve all, retrieve current)

Backported from: 2021.08.R01

Log lines now identify the module running and the request being processed.

Backported from: 2021.08.R01

The SMART Backend Services authorization guide is now fully supported, and can be used to authenticate FHIR Bulk Export jobs as described in the guide.

Backported from: 2021.08.R01

A number of new fields have been added to the HL7 v2.x PV1, DG1, and AL1 segments.

Backported from: 2021.08.R01

Smile CDR now supports (and recommends) deployment on the OpenJDK 16.x JVM.

Backported from: 2021.08.R01

Users approving OIDC clients managed by the App Gallery will be presented with the plain-language version of the developer attestation

Backported from: 2021.08.R01

The SMART Outbound Security module can now be configured to require PKCE for all code exchanges, and to optionally disable the PLAIN challenge type.

Backported from: 2021.08.R01

Old (completed, failed, etc.) batch jobs in the FHIR Storage (RDBMS) after 48 hours.

Backported from: 2021.08.R01

The Batch Job JSON API has been improved to add an optional executionUUID parameter that can be used to search for a specific execution of a job.

Backported from: 2021.08.R01

A new set of configuration options has been added to the FHIR Storage (RDBMS) module to allow individual scheduled tasks to be selectively enabled and disabled on a given node.

Backported from: 2021.08.R01

The SMART Outbound Security module can now optionally present the user with a context selection screen during interactive login flows. This screen permits the user to choose a session context, such as the person whose data is being accessed.

Backported from: 2021.08.R01

It is now possible to configure the number of threads available to the batch job executor service for tasks like bulk import and bulk export.

Backported from: 2021.08.R01

Completely automate the provisioning of attestation html text for new SmileCDR App Gallery installation.

Backported from: 2021.08.R01

The SMART Outbound Security module revoke page now has a logout button.

Backported from: 2021.08.R01

A new property on the ETL Importer module allows you to enable Transaction Logging. Note that this will have heavy impacts to performance if enabled. Currently this is only supported for synchronous server-side ETL mode.

Backported from: 2021.08.R01

Added new Runtime -> Batch Jobs menu item in the Web Admin Console for viewing and stopping recently run jobs. In this initial implementation, the details of the last 5 jobs of each type are displayed and a button provided to stop any job currently running. The VIEW_BATCH_JOBS permission is required to view jobs and MANAGE_BATCH_JOBS permission is required to stop jobs.

Backported from: 2021.08.R01

Added a configuration property to Realtime Export module, allowing you to set the channel prefix when running in POINTCUT mode. This is useful in scenarios where you may have multiple RTE modules operating on multiple Storage modules.

Backported from: 2021.08.R01

Added ServletRequestDetails parameter to all FHIR Gateway pre-invoke pointcuts.

Backported from: 2021.08.R01

A new setting has been added to the FHIR Storage module that controls whether non-versioning changes to resources (such as Resource.meta chages) should result in subscription processing.

Backported from: 2021.08.R01

A new pair of settings on the FHIR Storage module allow SearchParameters to be automatically enabled and disabled on startup based on a specified set of patterns.

Backported from: 2021.08.R01

Add ability to sort by different columns names and select sort direction to app gallery REST API.

Backported from: 2021.08.R01

A new Storage Module config parameter called 'Request Validating Bean Types' has been added. Users can set the value of this config parameter to a comma-separated list of customerlib-provided subclasses of IValidationSupport to be added to the validation support chain.

Backported from: 2021.08.R01

Stale Batch jobs will now only be deleted 48 hours after they were last updated, as opposed to 48 hours after they were originally created.

Backported from: 2021.08.R01

The BatchJobs JSON Admin API now provides a count of how many records were processed by a given job instance.

Backported from: 2021.08.R01

The JSON Admin API for Batch Jobs now has new operations for stopping and restarting job executions.

Backported from: 2021.08.R01

Add requesting apps and helpdesk URL/Email address in App Gallery Smile config

Backported from: 2021.08.R01

A new setting on the FHIR Storage (RDBMS) module allows specific validation messages to be suppressed using one or more regex patterns.

Backported from: 2021.08.R01

A new administrative API has been added to the JSON Admin API that can be used to list currently approved SMART applications for a given user, and also to revoke specific ones.

Backported from: 2021.08.R01

Add privacy policy URL in App Gallery Smile config

Backported from: 2021.08.R01

Javascript Execution environment now supports the ability to check the presence of a profile on a given resource as follows: resource.meta.hasProfile('http://myprofile.com|1.0.0');

Backported from: 2021.08.R01

Add developer note during registration to console and portal REST API.

Backported from: 2021.08.R01

Smile CDR will now automatically disable unicode strings for the MSSQL (SQL Server) driver, which significantly improves performance in some cases.

Backported from: 2021.08.R01

Added the individual Approved and Revoked SMART scopes to audit log entries.

Backported from: 2021.08.R01

Asynchronous-mode ETL Import jobs failed when executed against a partitioned server. This has been corrected.

Backported from: 2021.08.R01

Fixed a bug wherein an Audit Log was only created for SECURITY_OUT_SMART_APPROVE_SCOPE if the related OIDC client was set to remember user-approved scopes. This has been fixed so that the audit log is created whether or not the scopes are set to be remembered.

Backported from: 2021.08.R01

In some situations, the cluster scheduler would prevent Smile CDR from starting with the error Couldn't get host name!. This has been corrected.

Backported from: 2021.08.R01

A bug was fixed for asynchronous ETL Jobs where the input CSV file contained multiple trailing newlines would cause a failure. sometimes result in the last segment of data not being loaded.

Backported from: 2021.08.R01

The JSON Execution Environment had an unnecessary restriction that prevented adding custom segments (Z-Segments) that had digits as a part of the segment name. This has been corrected.

Backported from: 2021.08.R01

A concurrency threading error was fixed in the HL7 v2.x Sending Endpoint module.

Backported from: 2021.08.R01

Fixed a bug wherein the Channel Import module would incorrectly use Cluster Manager channel prefixes for its channel names.

Backported from: 2021.08.R01

Fixed a bug where forcedEncoding setting was only applied to FHIR Operations, and not the standard Read/Search operations.

Backported from: 2021.08.R01

On Module "persistence_mongodb" setup, when adding FHIR Resource Types, some resource types were preventing the module to start. This has been corrected.

Backported from: 2021.08.R01

Database columns for OIDC Server Definitions used in federated mode were too short for real world URLs from some providers. These have been expanded.

Backported from: 2021.08.R01

Fixed CapabilityStatement returned by metadata in cases where a persistence module is configured with a fixed list of resource types (excluding Measure and CodeSystem).

Backported from: 2021.08.R01

The Hybrid Providers module incorrectly ignored FHIR search _include directives in the format [resourceType]:*. This has been corrected.

Backported from: 2021.08.R01

The Package Registry property was not working and was documented incorrectly. This has been corrected.

Backported from: 2021.08.R01

A constraint error on Oracle was resolved when performing the Refresh Tokeb flow using an authorization URL containing parameters with no value.

Backported from: 2021.08.R01

Resource profile declarations were not being preserved in the MongoDB Storage module.

Backported from: 2021.08.R01

Auto-retry on constraint errors was not being respected for MongoDB Storage Modules. This has been corrected.

Backported from: 2021.08.R01

The system had mistakenly applied the terms-of-service page to the session revoke page if called with a client_id parameter. This has been fixed.

Backported from: 2021.08.R01

When using MongoDB with an uplifted RefChain, if the target of the refchain was also created in the same FHIR transaction bundle, race condition could cause a failure to save. This has been corrected.

Backported from: 2021.08.R01

Under some conditional, the unique constraint index in MongoDB was not correctly used to enforce conditional operations, leading to suboptimal performance. This has been corrected.

Backported from: 2021.08.R01

Fixed searchRevInclude elements in CapabilityStatement returned by metadata in cases where a persistence module is configured with a fixed list of resource types (excluding Measure and CodeSystem).

Backported from: 2021.08.R01

Fixed a bug introduced in 2021.08.PRE-14 that caused retired SearchParameters to be activated on startup by default.

Backported from: 2021.08.R01

Previously when running in Partitioned mode, users did not require explicit access to access the DEFAULT partition. This has been changed, and now explicit access to the DEFAULT partition must be granted.

9.3.13Smile CDR 2021.05.R01 (Pangolin)

 

9.3.13.1Release Information

Released 2021-05-20
Codename Pangolin
HAPI FHIR Smile CDR 2021.05.R01 is based on HAPI FHIR 5.4.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.13.2Changes

Added new Admin JSON endpoint /system-config, which prepares a ZIP file containing JVM information, a thread dump, the node module config, and node health statuses.

Realtime Export now supports a new property called Transaction-Based Processing. When enabled, Realtime Export will process full transactions as single logical units against the remote database.

Added bundle import support in channel import, which will behave similar to POSTing a bundle to '/' endpoint and depending on the bundle type will either treat the bundle as a resource and modify it depending on the operation type or ignore the operation type of the payload and handle each resource independently

Add a new property for cluster manager: audit_log.request_headers_to_store. This can be set to a comma-delimited list of header names. During Audit Event creation, Smile CDR will attempt to extract the named headers from the request and store them with the Audit Event

Support for accepting and processing HL7 v2.x VXU (Vaccine/Immuization) messages has been added.

Added support for Group Bulk export via the /Group/[id]/$export operation, which limited support for query parameters. The documentation indicate contains more details.

The FHIR Gateway module now supports the following additional search parameters:

Added support for system/ and user/ scopes, which mirror the patient/ scopes.

Extend ldap inbound to better support static and dynamic groups. Add optional attribute for member property to onSuccess handler context isMemberOfGroup(). Added queryStringAttributes() to onSuccess handler context to fetch attribute values during the callback. Add new config property authenticator.bind.user.attributes to the LDAP inbound security module to define a list of attributes to query during authentication.

A new setting has been added to the FHIR Gateway target configuration called headersToForward. HTTP headers identified in this configuration will be forwarded from the original client request through the gateway and on to the target server.

Add user data to UserSessionDetailsJson for use in hooks.

Added new config parameter to database connection called 'db.expect_writable', default false. When set to 'true', then health-checks on this server will fail if that database connection is read-only.

Support has been added for the fhirUser scope in the SMART Outbound Security module.

The FHIR Endpoint module can now be configured to return an HTTP 401 for all security issues, instead of returning a 403 when insufficient permissions are found for an otherwise authenticated user.

Added support for Fhir.patch operation in the JavaScript execution environment.

Hybrid Providers are now able to register their own health-checks to report on the status of their connection to external systems they depend on.

The SMART OIDC login flow now has an optional terms-of-service (TOS) page.

The ZIP file generated by admin-json endpoint /system-config now includes a file called cdr-version.txt which contains the HAPI FHIR and Smile CDR build versions

Support string values for resource versions in the audit log. This is needed by the Gateway when fronting servers that use non-numeric resource versions.

A new configuration item has been added to the FHIR Gateway Target document that allows a target to be configured to always use HTTP POST form for FHIR search operations.

Two new configuration properties have been added to the FHIR Endpoint modules that can be used to automatically populate missing Coding.display values, and to automatically enrich CodeableConcepts using available translations. Both features leverage a validation support repository and can be used on all kinds of FHIR endpoints. See Response Terminology Enhancement for more information.

Added configuration to Realtime Export module to allow for multiple consumers

When Auto-Create Placeholder Reference Targets is enabled, Smile CDR now automatically creates Search Parameters for the placeholder extension. This search parameter can be queried as Patient?resource-placeholder=true.

All FHIR Endpoint modules now include support for the Prefer: handling=lenient directive that allows for unknown search parameters to be ignored.

The CapabilityStatement exported by the FHIR Endpoint module will now include supported profiles (StructureDefinition.url) as well as any custom SearchParameter resources supported by the server.

The expect-writable heath-check was not accurately determining when the cluster-manager database is read-only. This has been corrected.

It is now possible to account for third-party Authorization (OIDC) servers that use nonstandard claim names to communicate the list of approved scopes associated with an access token.

The SMART Outbound Security module can now optionally be configured to allow self registration of users.

A new option has been added to the Storage Module, which enables :mdm search parameter qualifier. If an MDM module exists and this option is enabled, MDM search expansion will be enabled. You can read more about MDM expansion in the HAPI FHIR Docs

A new optional element has been added to the FHIR Gateway module's target configuration, serverCapabilityStatementValidationEnabled. If this is supplied a boolean value of false, the gateway will not validate the target server's CapabilityStatement with a request to /metadata. Default is true.

A new method getStringArrayClaim has been added to the JWT processing callback API, granting callback scripts access to claims in the form of an array of strings.

A new setting has been added to the validation section of the FHIR Storage (RDBMS) module called Unknown CodeSystem Validation Policy. When acting as a validation support repository, this setting controls how the system will respond when it encounters a Coding that uses a CodeSystem URL that can not be resolved.

A new optional feature has been added to the FHIR Gateway module's target client creation, to allow setting a client interceptor (using IClientInterceptor), before the FHIR client is called to read or search resources from targets. If this is supplied (via BaseRequest), the client interceptor will then be called before sending the request to a target server, and after the response is received from it.

A new option has been added to the ETL Import module that causes import jobs to be executed asynchronously. This can help to more evenly distribute load across a cluster and ensure that HTTP calls return faster.

When automatically creating a placeholder reference that is set to auto-populate identifiers, logic has been improved. If the reference does not contain an identifier, but the inline match URL does, the identifier found in the match URL will be added to the target. If both are populated, they will both be added to the target.

A new optional element has been added to the FHIR Gateway module's target configuration, allowedToFail, default value 'false'. If this is supplied a boolean value of true, the gateway will allow the target to fail silently (but with warning entries in the log), in search routes, without returning an error to the client unless all targets for a given search request have failed. This permits sending partial target results in response to client requests when a target cannot be reached or fails to handle the request. Read routes are not modified by this new configuration, and are still not allowed to fail on any target.

Added revoke-url, scopes and other recommended fields to the .well-known/smart-configuration url. Also, added a configuration item scopes_to_enforce to configure the scopes field. Renamed the user revoke endpoint to session management endpoint. The url changed from oauth/revoke to session/management

Added support for operations in FHIR Gateway. Currently only $meta and $process-message are supported.

Add getHeader function to RequestDetailsJson to allow to allow consent service to access request headers if exists

A new command has been added to the SmileUtil tool that can be used to ingest CSV Bulk Import files with the CSV-to-FHIR processing happening in the client instead of the server.

The relevant OIDC client was added to the audit log entries for SMART terms-of-service, and the OIDC scope revoke events.

A new setting has been added to the FHIR Storage (RDBMS) module called Enable Match URL Cache. This setting improves write performance on servers with frequent use of conditional URLs (e.g. conditional creates, conditional updates, etc.)

The HL7 v2.x Sending (outbound) endpoint now supports several new ADT and Orders transaction types, and several new segments, as well as support for DFT^P01 messages.

It is now possible to specify a tenant name for an HL7 v2.x Listening endpoint as a configuration option. Setting this on a partitioned server will determine which partition is used to store the data receievd in HL7 v2.x messages.

The Smile CDR Docker build has been bumped to a base of openjdk-11.0.11-slim-buster.

A new configuration option called Internal Synchronous Search Size has been added to Storage modules to allow control over the maximum synchronous load size during internal operations such as delete with expunge.

As of Smile CDR 2021.05.R01, users of the Infinispan Caching module will be required to include their own Infinispan client JAR in the customerlib directory of their installation. Previously, a client JAR version 9.4.21.Final was included. Note that there is now a known CVE reported that affects this particular version (CVE-2021-21295) so it is no longer recommended for use.

The version of the Bootstrap framework used in the SMART Outbound Security module has been bumped from 3.8.x to 4.6.x, due to the rising number of reported CVEs against the 3.x series. This change will affect any skins that have been developed using the built-in library.

Under some circumstances, processing a received HL7 v2.x ORU^R01 message failed with an unrecoverable NullPointerException. This has been corrected.

When using Smile CDR in Federated OAuth2 mode to connect to a third-party OpenID Connect provider, Smile CDR would fail to process the authorization if the third-party server used an ID Token signature algorithm other than RSA-256. This has been corrected.

The Fhir Web module would not work when partitioning was enabled with an URL_BASED Tenant Identification Strategy. A new configuration option has been added to the Fhir Web module to specify the named partition to use in this case.

A regression was fixed: If a FHIR Endpoint module is paired with a FHIR Storage module (RDBMS), the endpoint should use the FHIR Storage module for validation support if no explicit validation support module is specified.

The module-config/properties endpoint now correctly renders multiline scripts during export.

A regression in Smile CDR 2021.02 meant that OAuth2 Code Exchange flows required a client_secret request parameter, as opposed to also allowing authentication through an Authorization header. This has been resolved.

Smile CDR was not correctly recognizing the Group Bulk Export provider, this has been rectified.

The SMART Discovery Document served from the FHIR Endpoint module was not available on endpoints with a non-default context root. This has been corrected.

Change RTE single-quote escape policy from a backslash to doubled up quotes

When performing a federated OIDC login with a provider that has a JWKS containing both an EC256 and an EC512 key, the wrong key may be selected for verification, resulting in a false negative. This has been corrected.

A new pointcut has been added to the CDR Interceptor framework that allows FHIR Gateway search operations to be intercepted after the search has completed on each target server, potentially modifying the results before they are returned to the client.

The FHIR Gateway module will now gracefully handle search responses from any targets that do not correctly supply self or previous paging links in their search response Bundles.

Not all Mongo storage pointcuts were being called properly. Specifically, STORAGE_PREACCESS_RESOURCES and STORAGE_PRESHOW_RESOURCES were not being called for read, search and delete operations. This has been corrected.

When performing a cascading delete, information about the results of the cascade was not correctly showing up in the OperationOutcome resource returned to the client, even though the cascade succeeded.

The FHIR Gateway module will now gracefully handle search responses from any targets that incorrectly supply prev paging links instead of previous paging links in their search response Bundles.

Added support for enforcing resource profiles in the Mongo Storage Module via a repositoryValidationProvideRules() javascript function.

When using the SMART Outbound Security module to execute the Refresh Token flow, the Launch Context Resource IDs associated with the user session were not persisted with the refresh token, meaning they were not available to the callback scripts. This has been corrected.

The FHIR Gateway module was incorrectly invoking the FHIRGW_SEARCH_TARGET_PREINVOKE interceptor hook instead of the FHIRGW_READ_TARGET_PREINVOKE interceptor hook. This has been fixed.

Both the FHIR Gateway REST Endpoint and Hybrid Providers REST Endpoint modules provided configuration for consent service scripts; however, neither actually invoked these scripts. This has been corrected.

Removed reference to deprecated MDM-specific TerserUtil class from the SurvivorshipHelper class and added isGoldenResourceOlderThanTarget() method.

The initial implementation of FHIR Gateway module did not include support for _id and _source search parameters. Support for these search parameters has now been added.

In the SMART Outbound Security module, any authorities added to the user in the onTokenGenerating callback script were not respected in the eventual user session. This has been corrected.

The FHIR Gateway module was setting the fullUrl values incorrectly in search results when targets were configured without resourceIdPrefix value. This has been fixed.

Calls to /runtime-status/node-statuses/health-checks and /runtime-status/node-statuses/complete used to require both ACCESS_ADMIN_JSON and VIEW_MODULE_STATUS. This has been changed so that only VIEW_MODULE_STATUS permissions are required.

When processing an ORU^R01 message in the HL7 v2.x Listening Module, under some circumstances a message could cause a processing failure with an invalid request error. This has been corrected.

The SMART authentication module failed to process login when configured with a context path and the terms-of-service feature was active. This has been fixed.

The SMART authentication module failed to process login for a second application on the same user session when the terms-of-service feature is active. This has been fixed.

NPE Occurs When Issuing DSTU3 PUT ProcedureRequest Where occurrenceTiming.repeat.boundsPeriod.end Is Not Provided

SIU support was vulnerable to null pointer exceptions in various places. This has been resolved

SIU support mapped AIL-4 inconsistently. This has been resolved

Custom Kafka Config settings were ignored by the RTE module. This has been corrected.

Addressed the following CVE reports:

9.3.14Smile CDR 2021.02.R05 (Odyssey)

 

9.3.14.1Release Information

Released 2021-04-27
Codename Odyssey
HAPI FHIR Smile CDR 2021.02.R05 is based on HAPI FHIR 5.3.3, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.14.2Changes

Backported from: 2021.05.R01

NPE Occurs When Issuing DSTU3 PUT ProcedureRequest Where occurrenceTiming.repeat.boundsPeriod.end Is Not Provided

9.3.15Smile CDR 2021.02.R04 (Odyssey)

 

9.3.15.1Release Information

Released 2021-04-14
Codename Odyssey
HAPI FHIR Smile CDR 2021.02.R04 is based on HAPI FHIR 5.3.2, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.15.2Changes

Backported from: 2021.05.R01

A new setting has been added to the FHIR Gateway target configuration called headersToForward. HTTP headers identified in this configuration will be forwarded from the original client request through the gateway and on to the target server.

9.3.16Smile CDR 2021.02.R03 (Odyssey)

 

9.3.16.1Release Information

Released 2021-03-17
Codename Odyssey
HAPI FHIR Smile CDR 2021.02.R03 is based on HAPI FHIR 5.3.1, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.16.2Changes

Backported from: 2021.05.R01

The FHIR Endpoint module can now be configured to return an HTTP 401 for all security issues, instead of returning a 403 when insufficient permissions are found for an otherwise authenticated user.

Backported from: 2021.05.R01

The SMART Discovery Document served from the FHIR Endpoint module was not available on endpoints with a non-default context root. This has been corrected.

Backported from: 2021.05.R01

Change RTE single-quote escape policy from a backslash to doubled up quotes

9.3.17Smile CDR 2021.02.R02 (Odyssey)

 

9.3.17.1Release Information

Released 2021-02-23
Codename Odyssey
HAPI FHIR Smile CDR 2021.02.R02 is based on HAPI FHIR 5.3.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.17.2Upgrade Instructions

This version corrects an accidental dependency on JDK 11 that prevented Smile CDR 2021.02.R01 from starting correctly on JDK 8. This release is not necessary for users of JDK 11.

9.3.17.3Changes

9.3.18Smile CDR 2021.02.R01 (Odyssey)

 

9.3.18.1Release Information

Released 2021-02-18
Codename Odyssey
HAPI FHIR Smile CDR 2021.02.R01 is based on HAPI FHIR 5.3.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.18.2Upgrade Instructions

This release has some breaking changes that are worth knowing about.

  • EMPI module has been replaced by the MDM module
  • Hibernate Search (the backing engine for all fulltext functions like lastN/Terminology Expansion/Fulltext Search) has been upgraded, which causes a full reindex to be required..

EMPI to MDM

The EMPI module was capable of making golden record links for Patients and Practitioners. With the change to MDM (Master Data Management), it is now possible to do golden record linking for any resource that contains an identifier field. This is almost all clinical resources. For example, you can now perform matching on Organizations or Medications. Unfortunately EMPI and MDM modules are not fully compatible. To this end, we have fully deprecated the EMPI module. It no longer does anything, but still exists as a placeholder for configuration for existing installations.

Installations currently making use of EMPI should add a new module of type MDM. It bears nearly all the exact same configuration options as EMPI, with a notable exception. The EMPI Rule definition section has been changed slightly. Specifically, the JSON field now requires you to define which resource types you intend to perform matching on. This is done via a top-level key in the JSON, which can be set as follows:

{
   "mdmTypes": [
      "Patient",
      "Practitioner",
      "Organization"
   ]
}

This informs the module which resource types are of interest for MDM purposes.

This changes also removes the usage of the Person resource as a linking object. As Person is unsuitable for linking resource types such as Organization or Medication, the links instead are held in internal tables, and can be queried with MDM Operations.

Hibernate Search Upgrade

The engine in HAPI-FHIR which handles fulltext functionality has been upgraded a major version. This change necessitates a full reindex of data for any Smile CDR installations which make use of the following features:

  • lastN Operation
  • Fulltext/Content search
  • Terminology Expansion

To get these features functional again, a full reindex is required. To perform this, you can execute the $mark-all-resources-for-reindexing operation.

POST http://example.com:8000/$mark-all-resources-for-reindexing

The changes vary depending on if you are using Lucene or Elasticsearch as the backend.

Elasticsearch

The recommended version of Elasticsearch is now 7.11. 6.X clusters are no longer actively supported.

A new property has been added to support https Elasticsearch clusters. This is set via the Protocol property. Elasticsearch is now the only backend provider supported when running SmileCDR in a cluster with more than one node.

Lucene

Lucene is no longer supported while running Smile CDR in a cluster with more than one node. Lucene continues to be a viable option when operating on a single node.

9.3.18.3Changes

When converting HL7 v2.x messages via the HL7 v2.x Listening Endpoint module, if MessageHeader creation is enabled, the MSH-10 Control ID value will now be copied to an extension in the generated MessageHeader resource.

A new validation mode called Repository Validation has been added, as well as a new ability to use a FHIR Storage (RDBMS) module specifically to provide validation support. This significantly improves the ability to require conformance to specific IGs in FHIR CDRs.

Refactoring of the SmileCDR Enterprise Master Patient Index solution to a Master Data Management solution to accommodate corresponding changes in HAPI FHIR EMPI. The following changes were made:

  • Module name was changed from cdr-persistence-empi to cdr-persistence-mdm
  • EMPI match on the Patient / Provider resources was changed to use new MDM semantic
  • New MDM match ($mdm-match) operation was introduced.
  • EMPI operations were renamed to MDM. E.g. $empi-update-link to $mdm-update-link, $empi-merge-persons to $mdm-merge-golden-resources, etc.
  • RESTful Service Path URLs path prefix changed from /empi to /mdm
  • EMPI permission category, while still in existence, is deprecated
  • Permission category for MDM was added

Added new OAuth2Exceptions API within the SMART on FHIR Outbound Security JavaScript execution environment to support returning failure codes other than HTTP 500 Internal Server Error. Returning HTTP 401 Unauthorized and HTTP 403 Forbidden are now also supported.

An example user revocation page skin has been added to the Demo Skin for the SMART Outbound Security module.

The SMART Client Revocation Page will now revoke active access and refresh token, as well as forgetting any previously approved scopes.

Access tokens generated by the SMART Outbound Security module will now include a claim called scope that contains a list of approved scopes associated with the token.

As IT Admin, I need ability to allow SmileCDR clients automatically receive their OIC secrets during creation process

Added new CDS Hooks module that implements Version 1.1 of the CDS Hooks specification.

Support has been added for the launch (EHR Launch Context) scope in the SMART Outbound Security module.

Added new functionality to the Realtime Export module to support retaining all historical versions of resources. This can be enabled by setting retainAllHistory to true in the JSON configuration of Realtime Export.

Added two auto-prefetch features to CDS Hooks: auto prefetch from FHIR endpoint specified in request and auto-prefetch from FHIR Storage module.

Two improvements have been made to the Smile CDR .well-known discovery docs: * The OIDC discovery doc now includes the mandatory subject_types_supported element, which was previously missing * Support has been added for the SMART discovery endpoint, which supercedes the extensions added to the FHIR CapabilityStatement (although these have not been removed

Improved Channel Import to be able to handle plaintext, CSV, and non-FHIR JSON payloads. See the Documentation for more details about how to process incoming messages.

Added new variable ${client_attestation_accepted} that is now available to the login and approve skins that indicates whether or not that client has accepted the attestation to the policy.

Added support for the $evaluate-measure Operation as part of adding CQL support.

Two new variables ${client_scopes} and ${client_auto_grant_scopes} that are now available to the login skin that contain lists of oidc client scopes and auto-grant scopes respectively.

When using the Javascript Execution Environment Fhir object to access a FHIR Storage module that is configured to run in Request Tenant Selection Mode, a new method has been added to the JS API that allows tenant selection.

Mongo search default and maximum page sizes are now configurable. Also added Mongo support for searching with _offset.

The 2020.11.R01 release of Smile CDR introduced a new optimized SQL generator for RDBMS repositories. This new system was disabled by default in 2020.11 but has been enabled by default in 2021.02.R01

With a new version of HAPI comes an upgrade from Hibernate Search 5 to Hibernate Search 6. Anybody using fulltext search, terminology expansion, or the lastN operation will need to reindex all their data, as field formats have changed between versions. This change requires those using Elasticsearch as a backend to upgrade their Elasticsearch clusters to 7.10. Additionally, HTTPS connections to Elasticsearch clusters are now supported via the protocol property on the Elasticsearch Provider. WARNING: If you use Lucene in any capacity (fulltext search, terminology expansion, lastN), you must empty out your lucene storage directory before upgrading, as Lucene's index storage format has changed.

The instructions in the Smile CDR tutorial for launching the Growth Chart app have been replaced with new instructions that leverage the latest version of the app launched directly from the source code instead of using an old version that is bundled into Smile CDR.

When using the SMART Outbound Security module, the onTokenGenerating callback script was not called for authentications using the Client Credentials Grant type. This has been corrected.

When using the JSON API, searching the transaction log by transaction ID failed with a ClassCastException. This has been corrected.

With new modules accepting external input into kafka channels, Smile CDR now drops messages that fail deserialization (poison pills). Previously they would block the consumers as they were stuck on the poisoned offset.

When a client is configured to be allowed a SMART 'star scope' such as patient/*.read, it should be automatically permitted to request an equivalent but narrower scope such as patient/Observation.read. A regression in 2020.11 meant that the approval was allowed, but the narrower scope couldn't actually be used in any API calls. This has been corrected.

The onTokenGenerating(..) callback previously provided a mechanism to access approved scopes, but it was not populated and was therefore not usable. This has been corrected, and this function can now access and modify the list of approved scopes.

Fixed a bug that would cause message receive failure in Channel Import module when using ActiveMQ as a broker.

Smile CDR's JavaScript Execution Environment's FHIR Model API now supports extensions on primitive types using an underscore prefix (i.e. _).

A number of issues were found to occur when migrating Smile CDR databases with flyway disabled. These issues are now fixed.

When trying to retrieve a list of users from JSON Admin console, an error was returned if no sort criteria was selected. This has been fixed.

Tab is now supported as a delimiter by ETL Importer.

Addressed the following CVE reports via the removal of hibernate search 5, and related Elasticsearch libraries:

When Suppress Error Details was enabled, OIDC Client Credentials grants did not suppress the fact that an invalid client ID was truly unknown, allowing a malicious user to search for valid client IDs. This has been corrected.

9.3.19Smile CDR 2020.11.R02 (Numbat)

 

9.3.19.1Release Information

Released 2021-01-19
Codename Numbat
HAPI FHIR Smile CDR 2020.11.R02 is based on HAPI FHIR 5.2.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

9.3.19.2Upgrade Instructions

This version contains a backported fix for a bug with the --dry-run flag in the Smile util database migration command. There are no special upgrade instructions

9.3.19.3Changes