Smile CDR v2024.05.PRE
On this page:

1.4.1Changelog: 2024

 

Legend

A new feature
An existing feature has changed
A bug fix
A performance improvement
A security issue has been corrected

1.4.2Smile CDR 2024.05.R01 (Borealis)

 

1.4.2.1Release Information

Released 2024-05-18
Codename Borealis
HAPI FHIR Smile CDR 2024.05.R01 is based on HAPI FHIR 7.2.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

1.4.2.2Upgrade Instructions

1.4.2.3Changes

The FHIR Gateway module will now more faithfully propagate errors returned by target servers back to the calling client. See Error Handling for more information.

The CDA Exchange+ module will throw an error if relying on a persistence module with partition enabled and partition mode set to PATIENT_ID.

The experimental CDA Exchange+ module will now populate FamilyMemberhistory.deceasedDate if information is available at (...).organizer.subject.relatedSubject.subject.sdtc:deceasedTime of a Family History Organizer (V3).

The experimental CDA Exchange+ module now supports the Nutrition section as a text-only section.

Added transaction log support for the CDS hooks endpoint.

Documentation was added for remote terminology $lookup and $translate operations.

The experimental CDA Exchange+ module now supports the Assessment section.

Added batch job framework for the $invoke-export operation to the System-to-System Data Exchange module.

Added a way to obtain an auth token for $member-match and $export requests in system to system data exchange module.

Added a step to the $invoke-export batch job that will call $member-match on the responder server. This feature is experimental.

Added a step to the $invoke-export member match job that will poll on export. This is a stop-gap step for V1 and will be updated accordingly. This feature is experimental.

Added a step to the $invoke-export batch job that will handle response of $export call on the responder server. This feature is experimental.

Added a step to the $invoke-export batch job that will transform the imported binaries into resources.

Added a step to the $invoke-export batch job that will finalize the results of the batch job. This feature is experimental.

Previously, attempting to run $cda-import set to binary_storage.mode=DATABASE_BLOB resulted in a database constraint error when attempted to save the document. This blocked a second error with processing a FHIR Enumeration. Both errors have been fixed.

A Camel broker consumer and producer has been added, which knows internal Smile message topics, allowing to simply reference them by name. See the HTTP Server Setup documentation for more information.

The CDA Exchange+ module now uses Value Set uris instead of Code System uris to determine the target scope of a vocabulary translation.

In the experimental CDA Exchange+ module when exporting an AllergyIntolerance resource if the clinical status is set to 'resolved' we will now set the CDA observation effectiveTime/high element with a nullFlavor of 'UNK'.

Several enhancements have been made to the FHIR Gateway module:

  • Update/Create operations are not currently fully aware of prefixes assigned to the target, resulting in invalid resources being sent to the target. This has been corrected.
  • A logger at info level currently logs every transaction through the gateway, which hurts performance. This has been reduced to DEBUG level.

Added System-to-System Data Exchange to Feature Comparison Summary to specify that it is not supported on MongoDB.

In the experimental CDA Exchange+ module, when importing a CDA document, any Planned Immunization Activity entries found in the Plan of Treatment section will be converted to MedicationRequest resources and linked to the CarePlan resource.

The experimental CDA Exchange+ module now supports the Instructions section as a text-only section.

In the experimental CDA Exchange+ module, when importing a CDA document, any Planned Medication Activity entries found in the Plan of Treatment section will be converted to MedicationRequest resources and linked to the CarePlan resource. When exporting a CDA document, any MedicationRequest resources found linked to the CarePlan will be rendered as Planned Medication Activity entries.

Added additional comments in the custom logging files provided in the customerlib folder and also the documentation discussing this aspect of the server.

In the experimental CDA Exchange+ module, the USCDI v1 plugin now produces MedicationRequest resources from planned immunization activity conforming to US Core 5.0.1 within CDA Plan of Treatment section.

In the experimental CDA Exchange+ module, the USCDI v1 plugin now produces MedicationRequest resources from planned medication activity conforming to US Core 5.0.1 within CDA Plan of Treatment section.

In the experimental CDA Exchange+ module Non Medicinal Supply Activity template embedded within CDA Medical Equipment sections are now mapped as Device resources.

Added OpenTelemetry tracing for camel routes

In the experimental CDA Exchange+ module Problem Observations coming from the CDA Problems section are now the source for Condition content when duplicate Problem Observations are encountered.

Previously, the HL7 v2.x inbound processor used a combination of ORC-2 and RXA-2 to populate MedicationAdministration.identifier. This has been preserved as default behaviour, and a new property called Use ORC-3 as Primary Identifier has been added. When enabled, ORC-3 will be used instead of ORC-2 when populating MedicationAdministration.identifier.

A sample project illustrating how to develop an IPS Generation Strategy has been added to the Smile CDR documentation.

Adding new configurable PAS module Payer Organization parameter.

Added a quickstart guide for setting up System 2 System Data Exchange / Payer to Payer transfers.

Added a diagnostic warning to module System to System Data Exchange when the Storage property auto_create_placeholder_reference_targets is disabled.

Enhanced the resource creation step in the $invoke-export batch job with placeholder ids.

On the FHIR Gateway module, it is now possible to disable paging links entirely on specific search routes.

DocumentReference ids will now be added to the Task.output of the Task returnd from the $invoke-export call.

dQM module hardening of resource validation, testing scenarios, and more meaningful error handling for invalid resources and operation parameters. This also provided a fix for issue ticket 5674 where the same population of subjects queried was getting inconsistent results. Enhanced batch2 evaluate to process empty MeasureReports without error to match non-async behavior. We added more metaData to batch2 to retrieve records processed qty. Improve readability of qpp-build feature by breaking into respective classes for functionality

A new optional setting called Narrow Conditional URL Search Scope has been added. This setting automatic search URL narrowing to also be applied to conditional URLs such as conditional create and conditional update URLs.

A new setting has been added to the SMART Outbound Security module which prevents user sessions from being reused between multiple Authorization Flows.

Previously, processing SIU^S13, SIU^S14, SIU^S15, SIU^S17, SIU^S26, OMG^O19, ORM^O01, ADT^A30 HL7v2 messages appeared as Unknown Message Trigger in the transaction log. This has been fixed.

Previously, a user missing authorization to manage batch2 jobs could cancel or restart jobs from admin json. This has been fixed.

Previously, displaying the body of a transaction log with a long line would cause the side panel to resize in a way that would make information hard to access. This issue has been fixed.

Previously, Grafana Dashboard JSON files downloaded from module metrics page in Web Admin Console had incorrect dashboard titles. This issue has been fixed.

Previously, when setting a custom context_path in admin web, when a session expired and a user clicked on a link, they were redirected to the root of the signin page without the context path, resulting in a 404. This has been fixed.

Previously the lastConnectedTime displayed in the Administration Console showed date/time in UTC. This has now been corrected. Date and time are displayed according to the local time zone.

Previously, the experimental CDA Exchange+ module support for the Instructions section was not working for the export path. This has been fixed.

Changed the status used in the Task related to $invoke-export batch jobs. Added Extension to the Task which contains the value of the related batch job instance id.

Updated the $member-match input parameters from "oidcServerId" -> "sourceIssuerUrl". Will now use the token endpoint from the configured oidcserver's .well-known endpoint for authentication.

In the experimental CDA Exchange+ module extra Encounter resources were being created when an encounter element was found in the Notes section of the CDA document. This has now been fixed.

Previously, while processing HL7v2 XCN segments, multiple given names would map to a single given name. This has been fixed.

Previously, we could not access fields via path for segments returned by HL7 v2.x JavaScript function findSegments(...). This has been fixed.

As a consequence of jakarta migration which took place in 2024-02 release, some endpoint URLs stopped working. This has now been fixed for admin-json and admin-web modules.

The Runtime Monitor charts in the Web Admin Console failed to load if a non-default context root was specified. This has been corrected.

When the validation data seeding has a disable pattern of *, and Automatically Create Placeholder Reference Targets is enabled, Smile CDR will no longer automatically create a Search Parameter for searching placeholders, since this causes thrashing as the system tries to create and disable this search parameter.

The Search Parameter Seeding: Disable Patterns will no longer disable custom search parameters which have been added to the database.

the $export call in the member match flow was using the Patient instance operation (ie, /Patient/{id}/$export. This is Smile specific and not part of the spec. It has now been updated to use type-based operation (ie, /Patient/$export) with the patient id being a part of the parameters instead to be spec compliant. Removed sourcePatientId from $invoke-export endpoint.

When starting up multiple instances of a FHIR Storage (RDBMS) module at the same time (e.g. in a cluster), the search parameter seeding module could sometimes collide across the processes and cause some or all processes to fail to start. This has been corrected.

When the FHIR Gateway module was making outgoing HTTP connections to target servers, it could get blocked waiting for a connection from an internal connection pool that was inadequately sized. This has been corrected.

FHIR Gateway responses will now include an X-Cache header in the response if the response was served by the Gateway Cache.

Previously, if an optional persistence dependency was set on the Smart Outbound module, the Fhir object was undefined in the JavaScript Execution Environment. This has been corrected and now the Fhir object properly provides FHIR operations in the Smart Outbound module from the linked persistence module.

A regression in Smile CDR 2024.02.R01 meant that in a multi-node configuration, UI would only display modules hosted on the same node as the web admin console. This has been fixed.

Previously, attempting to run $docref with CDA Exchange Plus set to binary_storage.mode=DATABASE_BLOB resulted in a database constraint error when attempted to save the document. This has been fixed.

The HL7 v2.x inbound processor was incorrectly populating Encounter participants of type ATND with a display of attending. This has been corrected to use the display attender as per the following code system: http://terminology.hl7.org/CodeSystem/v3-ParticipationType

In FHIR Gateway, if a target server returns a total size lower than the size of the matched resources, we previously truncated resources down to the provided total value. We now detect this edge case, and infer that the true total is at least the size of the matched resources in the provided bundle.

Previously, if the CDA Exchange+ module encountered an entryRelationship to an unexpected child entry, it would sometimes not skip to the end of the unrecognized element, resulting in unpredictable parse outcomes. This has been fixed.

A previous fix to allow using web context path without an ending slash broke the admin web module login sequence. This has been fixed.

Previously, $invoke-export member match job mistakenly used property identifier_system_for_local_patient instead of identifier_system_for_original_id for identifiers to store the original ID of the imported resources. This has been fixed.

1.4.3Smile CDR 2024.02.R01 (Apollo)

 

1.4.3.1Release Information

Released 2024-02-18
Codename Apollo
HAPI FHIR Smile CDR 2024.02.R01 is based on HAPI FHIR 7.0.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

1.4.3.2Upgrade Instructions

Migration to Jakarta EE

This release contains a large breaking change for authors of interceptors, custom camel processors, or other customer-provided beans. Internally, HAPI-FHIR and Smile CDR have swapped from using javax.* to jakarta.* packages. Please see the migration guide for more information. Without manual intervention, the majority of interceptors will fail at runtime unless they are upgraded.

Possible New Indexes on PostgresSQL

  • This affects only clients running PostgreSQL who have a locale/collation that is NOT 'C', such as en_US.UTF8
  • For those clients, the migration will detect this condition and add new indexes to:
    • hfj_spidx_string
    • hfj_spidx_uri
  • This is meant to address performance issues for these clients on GET queries whose resulting SQL uses "LIKE" clauses

These are the new indexes that will be created:

CREATE INDEX idx_sp_string_hash_nrm_pattern_ops ON public.hfj_spidx_string USING btree (hash_norm_prefix, sp_value_normalized varchar_pattern_ops, res_id, partition_id);
CREATE UNIQUE INDEX idx_sp_uri_hash_identity_pattern_ops ON public.hfj_spidx_uri USING btree (hash_identity, sp_uri varchar_pattern_ops, res_id, partition_id);

Deprecation of internal metrics

Internal Smile CDR metrics have been disabled and deprecated. It is recommended to externalize Smile CDR metrics using Prometheus (to pull metrics from Smile CDR) and Grafana (to visualize the metrics). See Externalized metrics for more information.

1.4.3.3Changes

This version of Smile CDR now requires a Java 17+ version of the Java JDK in order to run.

This version of Smile CDR now uses the JavaEE 9+ APIs, which have the jakarta.* namespace in place of the former javax.* namespace. This means:

  • Any interceptors which depend on javax.* classes such as HttpServletRequest and HttpServletResponse must be upgraded to use the new versions of these classes.
  • ActiveMQ users must upgrade to ActiveMQ 4.19.x as this is the first version supporting the new namespace.
  • Infinispan users must upgrade to Infinispan 14.x.x as this is the first version supporting the new namespace.

Added ability to restore the configuration of a server to a given history restore point. Added the /{node_id}/restorePoints/{id}/restore endpoint.

Added Troubleshooting Logs Controller to the JSON Admin API, which allows fetching and updating troubleshooting log configuration in runtime.

The CDA Exchange v2 module offers a new and improved solution for importing and exporting CDA documents. See the documentation for full details. This experimental module is not available to all clients.

Added a Microsoft SQL Server JDBC URL option to the example in our documentation to trust the Server Certificate: trustServerCertificate=true

In the experimental CDA exchange v2 module, CDA document import will now support documents that contain encapsulated data elements and will map as FHIR Attachment data type where applicable.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces CareTeam resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces AllergyIntolerance resources conformant to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Condition resources conforming to US Core 5.0.1.

Add various improvements to the RTE schema generation including lowercase, underscores, correct column grouping and ordering among other enhancements.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces a Results section conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Encounter resources conforming to US Core 5.0.1.

Added MDM support for R5 persistence module.

Make CDA Exchange v2 partition aware. Namely, ensure Fhir JavaScript API methods now respect partition IDs for search()/read()/etc and neither cross the partition boundary nor error out.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Note resources conforming to US Core 5.0.1.

The CDA Exchange v2 module now supports import and exports of CDA note sections

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces MedicationRequest resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces CarePlan and ServiceRequest resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Medical Equipment resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Procedure resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Immunization resources conforming to US Core 5.0.1.

FHIR Gateway did not previously support a target endpoint that returns non-Bundle resources. This has now been resolved.

The experimental CDA Exchange v2 module, when configured to use the US Core IG, will map between a CDA Social History section Birth Sex observation (2.16.840.1.113883.10.20.22.4.200:2023-05-01) and a FHIR extension (http://hl7.org/fhir/us/core/StructureDefinition/us-core-birthsex) on the Patient resource.

Providing the capability for clients to supply the FHIR Gateway module with custom Resource and system operation providers. Documentation regarding Gateway custom operation providers can be found [here].(/docs/fhir_gateway/custom_operations.html)

The experimental CDA Exchange v2 module will render C-CDA R1.1 template ids where appropriate in generated CDA documents to indicate backward compatibility with earlier versions of the IG.

Capability to perform terminology translate operation was added to Hl7V2 inbound interceptors by allowing them to autowire an ITermConceptClientMappingSvc

Added an Hl7V2 inbound demo project showcasing the use ITermConceptClientMappingSvc to perform terminology translate operation.

Demo project and documentation was added to support use of BundleUtil in Hl7V2 interceptors.

Added reference to example project showcasing the use of ITermConceptClientMappingSvc in HL7V2 interceptors to perform terminology translate operation.

Added JPA configuration property to handle blocking of resource updates causing the resource to change Patient compartment and load interceptor to enforce that.

Added transaction logging capability to camel smile and custom procedures. See the Camel Smile Processors Overview for details.

Exposing the username/clientId of the user initiating a batch job through the Batch Job Status API.

Added the ability to fetch persistence module id associated with MDM via MDMUI config endpoint.

Authorization scripts on the SMART Outbound Security module can now add approved scopes to a session even if those scopes aren't declared on the client definition.

The experimental CDA Exchange v2 module will now persist CCDs as-received for auditing purposes. A corresponding audit log can be found on an attempted CDA import operation, and the location of the resultant DocumentReference resource containing the CCD will be included in the endpoint response.

The experimental CDA Exchange v2 module will now parse the narrative block text for linked text on import. Links that are referenced within a document section will be resolved in the FHIR resource(s).

The experimental CDA Exchange v2 module will now map Vital Signs Organizer entries onto nested sections in the FHIR Composition to support user-defined grouping of Observations.

Add a new boolean property for persistence module(s) to control resource filter based on status during package installation

Added a Microsoft SQL Server JDBC URL option to the example in our documentation to trust the Server Certificate: trustServerCertificate=true

Added a Terminology Troubleshooting Log that is useful for troubleshooting terminology mapping issues.

Address a few small bugs in dqm persistence module, as well as bump clinical reasoning version that has breaking changes from hapi-fhir

Previously, only beans of type org.apache.camel.Processor were bound to the Camel registry from user-defined Spring Configuration classes. Now beans of type org.apache.camel.AggregationStrategy and org.apache.camel.support.jsse.SSLContextParameters are also bound.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now handles blood pressure panel vital signs Observaton resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now handles blood oximetry panel vital signs Observaton resources conforming to US Core 5.0.1.

Added the ability to handle custom matching script to the $member-match operation.

Updated System to System Data Exchange module to register an interceptor that will populate the memberId, consentId, and consentResource on Bulk Export parameters.

Added Consent services to Persistence module. Updated System to System Data Exchange module to work with this new Persistence module Consent Service to allow filtering on Bulk Export operations invoked via $member-match operations.

Added the /Patient/$invoke-export endpoint. This endpoint will be available in the SystemToSystemDataExchange module.

Added logic to create Task when $invoke-export is called. Added an interceptor to prevent modifying or deleting Task resources managed by the System 2 System module.

Added the template apply operation in the experimental CDA Exchange v2 module

The experimental CDA Exchange v2 module has been enhanced to support the scenarios where a patient is a member of their own care team or an author of their own goal.

To improve the reliability of zero-downtime upgrade, a new environment variable CDR_UPGRADE_MODE has been introduced. When upgrading servers in a cluster, it is recommended that all of the old servers set CDR_UPGRADE_MODE to 'true'. This will prevent scheduled jobs from running on the old servers and pause all message processing from all broker channels (JMS Queues and Kafka topics) on those servers. Lastly it prevents old servers from being changed in the Web Admin Console. Once a server has been upgraded, CDR_UPGRADE_MODE should be unset so that normal operation can be resumed.

Added new experimental module, System to System Data Exchange. This module is the home for all future System to System communication, including Payer to Payer flow.

Updated consent validation for PDex auth flow to use consent.patient instead of identifier.

Trying to create or update an OAuth client will fail if Authorization Code or Implicit Grant are selected as Grant Types but no Redirect URIs are specified.

Added $member-match endpoint in accordance to PDex specification in System-to-System Data Exchange module.

In the experimental CDA Exchange v2 module, when a field of the FHIR model has a data absent reason extension and the corresponding CDA field is mandatory, the CDA export operation will populate that field with a nullFlavor attribute. Also, the vocabulary mapping between the data absent reason code system and the null flavor code system has been refined.

The CDA Exchange v2 module will now render a null flavour UNK in an exported CCD when the value of Patient.gender is "unknown" in FHIR.

Deprecated module types can no longer be created via the Web Admin Console or the JSON Admin API. Configurations (DATABASE or PROPERTIES mode) that already have these module types are not affected.

Added ability to instrument SmileCDR process with open telemetry java agent. The open telemetry instrumentation. is enabled by setting an environment variable called CDR_OTEL.

Mongo internal transaction processing now supports nested transactions.

Updated Smart Out security to add custom claims to the access token. Smile CDR also reserves any custom claims prefixed with "smile_". Attempts by third party scripts or interceptors to add custom claims prefixed with "smile_" is verboten.

Token parsing in Smile has been updated to handle custom claims. All claims will now be added to the UserSessionDetailsJson.

Added clarification on when you should consider upgrading Smile CDR using the smileutil migrate-database utility command, instead of allowing it to automatically perform the upgrade.

The new, experimental CDA module has been renamed to CDA Exchange+. In addition, the display text in the IG Support drop list in the administrative interface has been updated to make it clearer which IGs are supported by each option.

The experimental CDA Exchange v2 will store unstructured document bodies as Binary resources.

Retrieving FHIR-id of resources in batch2 mode of evaluate-measure had poor performance, this improvement allows for query level return of ids without the need to return resources back in a bundle iterator, which is 2x faster

In the experimental CDA Exchange v2 module, planned immunizations are now supported and will be persisted as medication requests.

The CDA Exchange+ module's coverage of the US CDI 5.0.1 profile now accommodates additional varieties of missing data for Patient.birthSex

In the experimental CDA Exchange v2 module, importing unsupported data types now results in the value being skipped, and where applicable a data absent reason is created.

In the CDA Exchange+ module, when parsing a Device that is implanted as part of a Procedure, the deviceIdentifier field will be populated by precedence from the Device Identifier component of the UDI Organizer entry in the CDA document.

In the experimental CDA Exchange v2 module, the USCDI v1 plugin has been updated to enforce cardinality rules in the Patient resource.

Added additional metadata to $evaluate-measure batch2 MeasureReport to assist with UI. Corrected CQL documentation error. Version bumped Clinical Reasoning version, which included new operation $evaluate. Additional api definitions and configuration for CR operations: $care-gaps, $cql, $submit-data

In the experimental CDA Exchange+ module, when attempting to map a code that does not match with one of the expected values in FHIR, a verbose error is logged and the mapping is skipped.

A new Transaction Log module has been added which strictly outputs transaction logs to a remote broker such as Kafka or ActiveMQ. It follows the same configuration as the Cluster Manager's broker transaction log configuration.

Add payer organization resources to payer bundle in prior auth crd module

A new Persistence Module config diagnostic message has been added that writes out a WARNING message regarding the use of automatic upgrades on a PRODUCTION system.

Log CQL response received in prior auth module

The FHIR Gateway module will now allow multiple target definitions to use the same Resource ID Prefix value, if those targets are not used on the same route.

The FHIR Gateway operation caching mechanism now caches FHIR read requests as well as the existing FHIR search and operation requests.

The FHIR Gateway module now supports FHIR transaction operations.

Log parameter object passed into CQL engine in CRD prior auth flow

Additional telemetry data has been made available regarding hl7v2 inbound message processing when Smile CDR is run with open telemetry enabled. A parent span named 'smilecdr.hl7v2.inbound_message.process', and 2 metrics ('smilecdr.hl7v2.inbound_message.count' and 'smilecdr.hl7v2.inbound_message.error_count') are now being generated.

When performing UPDATE operations through the FHIR Gateway module, the gateway currently first attempts a READ operation against each target in order to determine whether any of the target servers hold a resource with the ID being updated. This has been optimized so that this READ isn't performed if only one of the targets is capable of servicing the request, either because of configured resource ID prefix rules, or because of interceptor results.

Support for JDK11 has been dropped. JDK17 is now the minimum supported version.

Swapped from using javax.* to jakarta.* packages. This may be a breaking change for some users who write custom code against Smile CDR. Specifically, any users writing interceptors that leverage the JavaEE Servlet API will be affected. Please see the migration guide for more information.

The FHIR Gateway module caching mechanism now defaults to NONE (disabled) and must be manually enabled through configuration.

Transaction Log broker messages and JSON representation will now show the transaction's GUID as a property.

Previously when transaction logs were sent to Kafka, the Key of the message would be randomly generated, or set to the PID of the parent transaction log if available. Now, all implementations will use the transaction GUID as the key

Internal Smile CDR metrics have been disabled and deprecated. It is recommended to use Externalized metrics instead.

Changed the wording of roles and permissions header within the OpenID Connect Clients section on the Web Console

Previously, if the cluster manager was configured to store Audit Events asynchronously, there was a bug where very high load could cause java.lang.IllegalStateException: Queue full. This fix causes the calling thread to perform audit log storage if the queue happens to be full. The result of this that extremely high throughput will be limited by the speed of the audit log storage, but the system will not crash. This is a temporary fix until a more permanent solution is implemented in 2024.02.R01.

Previously, the HL7 v2.x inbound processor would continue transformations for RDE_O11 message structures where no ORDER groups were present. This has been fixed.

Previously for mongoDB with version lower than 6, when sorted queries consumed more than 10Mb of memory, they were throwing an exception. This has been fixed for versions 4 and up.

Smile CDR documentation for the HL7 v2.x SIU_S12 structure definition incorrectly identified support for the SERVICE and GENERAL_RESOURCE groups, and the AIS and AIG segments. This has been corrected.

Edited WebAdminUI so that archived module does not appear in drop down menu. Also disabled the ability to add a user to an archived module.

Previously in the experimental CDA Exchange+ when a call to $import-cda failed the server would return a 200 OK status code. This has been fixed.

Previously, when multiple custom @Configuration classes with the same name but different package were added to the Camel module, only beans from one @Configuration class were added to the application context. This has been fixed.

Previously, additional headers provided through a FHIR gateway pre-submit interceptor would not be forwarded to a target endpoint. This problem has been fixed.

Previously, a bulk export operation initiated with a '_type' parameters provided with the request URL would ignore the provided parameters. This issue has been fixed.

As per FHIR Spec Patient and Encounter resource types should not be present in the fhirContext array unless they contain a role other than 'launch', where the absence of a role property is semantically equivalent to a role of 'launch'. This fix ensures that these elements are not present in the fhirContext array and also changes the json serialization for the fields in the elements of the array so that the properties are printed correctly.

Previously, the list of PKCE code challenge methods supported by the Smile CDR built-in authorization server was not returned by the OpenID Connect metadata endpoint (/.well-known/smart-configuration). This issue has been fixed.

Previously, restarting module DQM would throw an exception. This issue has been resolved.

Previously LIKE queries against resources would perform poorly on PostgreSQL if the database locale/collation was not 'C'. This has been resolved by checking hfj_spidx_string.sp_value_normalized and hfj_spidx_uri.sp_uri column collations during migration and if either or both are non C, create a new btree varchar_pattern_ops on the hash values. If both column collations are 'C', do not create any new indexes.

When attempting to 'Download Grafana JSON' from the Runtime > Monitors and Health Checks > Cluster Overview page an error was thrown. Now, the grafana JSON downloads successfully.

In the experimental CDA Exchange v2 module, some of the default vocabulary mappings have been updated.

Previously bulk export operation was returning an empty response when no resources matched the request, which didn't comply with HL7 HAPI IG. This has been corrected.

MegaScale now supports loading Subscriptions from tenant shards, in addition to the default shard.

Webadmin Cache was set to 365 days, this meant that users would not see updates unless they cleared their cache. This has been fixed by reducing the cache period to 1 hour.

Previously, the HL7v2 Inbound module would not boot if realtime export through POINTCUT was enabled. This issue is fixed.

Previously, the FHIR Gateway module diagnostic would cause FHIR Conformance request failure on the target FHIR server. This has been fixed.

PROPERTIES_UNLOCKED propertysource resulted in an error when adding a new module and a loss of edits to a module. Both issues have been fixed.

Previously, the experimental CDA Exchange v2 module was generating duplicate copies of certain elements in the Goals section on CDA export. The extra elements have been removed.

Previously, the experimental CDA Exchange v2 module would throw an exception while formatting a Provenance resource if the recorded field is not populated. This has been fixed.

Previously, the web admin console was displaying resolved token values instead of the tokens themselves. This has now been fixed but booleans and dropdown selects will still resolve and display properly.

Previously, when restoring to a restore point it was possible to encounter an error when retrieving a config key from a module config key. This would occur as we were attempting to substring the key element out of the module config key, without fully validating that the provided key conformed to the expected format. This fix adds an additional check to ensure that the key starts with 'module.' before attempting the substring which prevents occurrence of StringIndexOutOfBoundsException.

In the experimental CDA Exchange v2 module, the core mappings for AllergyIntolerance.type and AllergyIntolerance.category have been changed to align better with implementer consensus.

When processing incoming HL7 v2.x messages, fields that are being converted to markdown have all punctuation characters escaped. This change fixes a problem with incorrect escaping of the comma character.

In the experimental CDA Exchange v2 module, the mappings for the Result Organizer entry have been updated so that when exporting a document, the value of the status field will be derived from the statuses of the contained Observations rather than being directly mapped from the DiagnosticReport resource.

Previously the experimental CDA Exchange v2 module did not set dataAbsentReason information on Observations when importing values with a nullFlavor. This has been fixed.

Previously, if client used the HTTP Basic authentication scheme to get an access token from Smile CDR built-in authorization server, it would receive an access denied error. This issue has been fixed.

Previously, the experimental CDA Exchange v2 module was not thread safe, and was encountering errors when trying to process multiple documents in parallel. This has been fixed.

Swapped dependencies from javax to jakarta in accordance with the migration to Jakarta EE. This is a breaking change. If you have any interceptors or beans which rely on javax imports, you will need to update them to use jakarta imports instead.

MDM expansion of search and $everything queries in a multi-tenant server may include results from other tenants if mdm matches cross tenant boundaries. Also, POST $everything queries didn't allow MDM expansion. MDM expansion will now only include matches within the current tenant. The $everything operation now supports the _mdm expansion flag on POST.

Previously, the Support Consent Filtering configuration item had no effect on the $member-match operation. This is now fixed.

Previously module environment variables of type: JavaScript, integers, and JSON would not be resolved. This is now fixed.

Previously, when removing a resource from the generated Bundle in the experimental CDA Exchange v2 module, a reference to that resource might be left behind in the Provenance resources. We now clean up these dangling references correctly.

Previously, an exception was thrown during the FHIR Gateway module shutdown process. This issue is fixed.

Previously, when encountering an entryRelationship element without a nested templateId, the CDA Exchange+ module would abort parsing and throw an exception. This has been fixed. The parser will now skip the invalid element and continue parsing with the next element.

MongoDB previously threw an exception when a canonical reference was used in a resource. MongoDB does not support canonical references. This fix adds a simple check to check if the reference is canonical and if so, does not attempt to resolve the reference.

The documentation now makes it clear that $trigger-subscription is not supported under MongoDB.

Previously the new experimental CDA module parsing of note document was skipping some required fields. This has been fixed

Previously trying to parse resources with attachment field with no content type in the new CDA plus module would throw an exception. This issue has been fixed.

Previously, the Javascript documentation would indicate that any Javascript method which returned a Set-String or List-String as returning a List-String. This change fixes the auto-generated Javascript documentation to correctly identify API methods as returning a Set-String instead of List-String where appropriate.

Previously the experimental CDA Exchange+ module set Provenance references on resources that might not exist in the bundle. This has been fixed.

Previously in the experimental CDA Exchange+ module when importing CDA documents with mandatory elements omitted, the parsing would not set the data absent reason extension on those fields. This has now been fixed.

Return an error response card if the CRD module is unable to process the resulting Request Group resource from the $apply operation

When updating permissionEnum value from previous value of 'FHIR_OP_CQL_EVALUATE_MEASURE' to 'FHIR_OP_EVALUATE_MEASURE' there were unintended outages in webadmin console and errors generated for any users associated to the deprecated value. This fix updates deprecated value to correct value

Previously, processing an ORU^R01 message in the HL7 v2.x Listening Module with a missing PV1-2 segment would cause a processing failure with an invalid request error. This has been fixed.

Previously, the AppSphere application had 'document.write' script in the 'index.html'. This code is considered as vulnerable to cross-site scripting (XSS) attacks. The 'document.write' script code is removed from 'index.html'.

Previously, obtaining an OAuth token would fail with a valid client secret if the OAuth client contained more than one secret. This has been fixed.

Added the previously-deleted smart-apps-host ModuleTypeEnum back in.

The FHIR Gateway module failed to perform search operations when authenticated using an OAuth2 Client Credentials grant type. This has been corrected.

Previously, the CDA Exchange+ module was not de-duplicating Encounter resources correctly. This has been fixed.

Previously, the CDA Exchange+ module might enter in infinite loop trying to parse a CD field with a comment embedded inside it. This has been fixed.

Previously, the MDM UI application had 'document.write' script in the 'index.html'. This code is considered as vulnerable to cross-site scripting (XSS) attacks. The 'document.write' script code is removed from 'index.html'.

Previously the default cache provider for the FHIR Gateway was set to CAFFEINE, instead of being disabled as per the documentation. This change sets the default value to NONE.

A bug was introduced where all enum dropdowns in admin web panel were incorrectly displaying !MESSAGE! rather than the intended message, this has been fixed

Related to 5592. Fix cross-site scripting vulnerability for any appSphere context.

Previously if a module was added in DATABASE mode and Smile CDR was restarted in PROPERTIES mode, the added module would be present in the admin console(stopped) and starting this module would throw an error. This fix ensures that in node.propertysource=PROPERTIES mode, only modules configured in the specified properties file are shown in the admin console.

Previously, a module that failed to perform environment substitution on a property value (#{env['username']}) during the module booting process would corrupt the module's properties. This issue has been fixed.

Previously the experimental CDA Exchange+ module would not populate ServiceRequest requester and authoredOn fields when importing a planned act. This has been fixed.

Previously, the CDA Exchange+ module was representing the issuer of the device identifier on a Device resource using an OID. This has been changed to use the equivalent URI.

Previously, the experimental CDA Exchange+ module had an incorrect mapping for the Social History Observation status code. This has been fixed.

Previously, PA CRD module used to query PractitionerRole via a TokenParam which caused issues retrieving the resource. This has been fixed.

Fix issue where the edit module page in the web admin page does not display localized text for enums

Fix issue where the authorship date was not being parsed when parsing fhir resources into CDA documents in the new CDA + module

Moved the payer resources for the CQL context to its own parameter within the cql request and added validation for provider prefetch resources in the prior auth module.

Previously, performing a search operation from a JavaScript environment with MDM search expansion enabled would raise an exception. This issue has been fixed.

Previously, the experimental CDA Exchange+ module was creating an incorrect reference when a CDA Procedure Activity Procedure entry had an explicit relationship to an encounter defined elsewhere in the document. This has been fixed.

Previously, the experimental CDA Exchange+ module was not correctly handling the scenario where an entry was accidentally or deliberately duplicated within a CDA document. The de-duplication algorithm has been enhanced to block by default the insertion of a resource into the generated bundle if it duplicates a resource that is already present.

Previously some configurations including option to load scripts or routes from text or file definitions were considering text definition first, which made using file definition hard when default text existed. This has been fixed and now file definitions take precedence to text definitions.

Previously, exceptions resulting from target invocation were not made available for processing by custom operation providers. This issue has been fixed.

Fixes MeasureReport measureScoring bug impacting any measures currently using denominator-exception population will incorrectly calculate the score without following specification. This fix adds an extension to MeasureReport Groups to capture calculated denominator and numerator to bring transparency to the measureScore calculation and act as a dataSource of measureScore instead of behind the scenes calculations. This also required a change to measureReport aggregation and qpp-build transformation to account for new extension. This also includes a bug fix for individual patients processed via batch2 evaluate-measure where patient reference was being concatenated with resource string incorrectly. closes client tickets SMILE-7977, SMILE-7952, SMILE-7799

Previously, mapping a ServiceRequest Resource to an OBR segment would fail due to issues in converting dates from a FHIR to HL7v2 format. This has been fixed.

Previously, an OAuth token request with an invalid token would wrongly return a 401 unauthorized error. This has been fixed by correctly returning a 400 bad request error.

The Inline Storage Mode Below setting has been removed from the FHIR Storage (RDBMS) module, as it is no longer used.