Added generate-rte-schema cli command to generate configuration and database schema for Smile CDR Realtime Export based on an Implementation Guide.

Previously, when Kafka was used as a message broker, hyphen characters (-) were replaced with periods (.) for all Smile generated channel names. A new property called Kafka Replace Hyphens with Periods has been added to disable this functionality.

Added support for FHIR UPDATE and CREATE operations to FHIR Gateway. This includes support for creates with client supplied ids, which are handled in the same way as an UPDATE.

A new module type called Audit has been added to Smile CDR. This permits users to separate audit logs from the main Cluster Manager database. Read more about it here.

Providing capabilities for self registered users to reset their password through the user interface.

A new utility will periodically log statistics about available RAM and CPU utilization to the system log for troubleshooting purposes.

The $delete-expunge operation and the _expunge query parameter are now supported for MongoDB.

Added _total request parameter handling to FHIR Gateway.

Configuration was added to allow defining javascript function (text or file) to be invoked to generate kafka partition key for each processed resource.

In admin web, a user has the ability to configure an persistence module to use that same module as validation support. smilecdr will not boot and will be difficult to shut dowh. Admin web has been fixed to remove this module from the dropdown. If a user had previously set up this configuration, smilecdr as a whole will start and only the module itself will not start with a clear error.

Previously the function btoa() was not working in the JavaScript Execution Environment. This function has now been added with the name Converter.base64Encode(). The decoder has also been added with the name Converter.base64Decode().

The Bulk Export operation now respects SMART session scopes that use SMART v2.0 resource constraint filters.

appSphere: Allow the Application Developer to choose sandbox authentication settings.

Add DQM module with clinical reasoning features & capabilities into Smile CDR, which includes distributable $evaluate-measure operation as well as measure tests. You can read more about this in the DQM documentation

SMART Outbound now provides optional processing to lookup the relevant Consent during the PDEX member-directed flow. When active, token generation will use the optional member_id to lookup the matching Consent. When present, it will be available to the onTokenGenerating() callback on the OAuth2AuthorizationRequestDetailsJson parameter.

The metrics endpoint now records authentication success/failure for SMART Inbound Security module and HTTP response metrics for Package Registry module.

Automatic reindexing of resources impacted by SearchParameter changes is now supported in MongoDB. Previously this feature was only available in RDBMS storage modules.

Smile CDR documentation pages for module configuration parameters now contain a link to the documentation for the module(s) that the parameter applies to.

Previously, client-confidential-asymmetric was not a part of the Capability Sets. This caused an error when trying to add it in the smile config. This has now been fixed, client-confidential-asymmetric has been added to the SmartCapability enum.

When a user initiates an $export operation, if they do not specify which resource types to include as an input parameter, the result will automatically be restricted to the resource types they have authorization to access.

Added CdrEndpointRequestDetailsJson supplier in FHIR REST Endpoint Spring context, to allow interceptors to modify request details headers used to build Audit Log entries. Using ICdrEndpointRequestDetailsJson from public API to prevent interceptor projects from having a direct mandatory dependency on jars from Smile CDR module, which can be problematic as they are non-public. Added sample AuditLogHeaderUpdateInterceptor in interceptor starter project to demonstrate how to use it.

Added support for FHIR DELETE operation to FHIR Gateway.

Update request new app fields in appSphere gallery

appSphere: Expired application emails will now be sent every 7 days

Previously, when viewing a transaction log of an update/create request of a patient, the information of the patient was visible. This is now configurable through a setting in cluster manager, to show and hide that information in the logs to prevent the showing of PHI or PII.

appSphere: Attestation warning will now be sent after updating developer profile

When parsing a CDA file, if there are multiple references to a single service delivery location, these will be deduplicated into a single Location resource in the output Bundle.

Previously, if the HealthLake connector module received an error response from Amazon Healthlake, it would retry the request indefinitely, unless the error is “Unsupported resource”. A retry limit with a default value of 20 has now been added, any amount of retries above the set amount will now be moved to Dead Letter Queues (DLQs)

Support has been added for Combo Unique and Combo Non-Unique SearchParameter resources in MongoDB.

Added new section to the platform requirements doc page, that details the supported versions of java in previous releases of smile.

Added resourceType parameter to $mdm-query-links

appSphere: Return permissions with application summaries & allow filtering via permissions in the admin console

Split out the licensing service from the clustermgr, adding in a separate license module that will handle licensing itself.

License module will display warnings or errors in startup logs. These logs will also be displayed on a daily timer to alert users when licenses are about to expire.

Web admin console now displays success/failure messages to users trying to enable TFA

Support was added for Reference and Uri combo search parameters in MongoDB.

The transaction log was previously enabled by default with a retention period of 90 days. It is now disabled by default in cdr-config-Master.properties and there is a default retention period of 7 days. The production_checklist.md documentation has been moved to installation notes production checklist

Added resourceType as a parameter to $mdm-duplicate-golden-resources operation.

Added sorting capability to $mdm-query-links operation. See: MDM Operations for more information.

Previously when navigating to a chapter in the docs page that does not exist, it displays a page with the exception message. Now it displays the Smile 404 page.

Added audit and transaction logs for P2P batch job.

Operation of search total counts will be unavailable when 'automatically_narrow_search_scope' is enabled to avoid accidental disclosure of non-narrowed resource counts. The property description has been updated according to this intended behaviour.

A new experimental feature for automatically generating International Patient Summary (IPS) documents has been added.

The metrics endpoint now records min, max, and mean latency times for persistence module.

Licensing is now enabled on all Smile CDR installations. View our license documentation for more details. Reach out to your Customer Success Advocate to discuss licensing. Currently, the AWS Healthlake Module, Payer-to-Payer Module, and the new DQM Module require a license.

List resource type has been added to the default Mongo DB Persistence resource types, as it is required for bulk export.

The filter of PHI and other sensitive data in the log has been extended to stack trace messages.

The MongoDB persistence module will cache instances of resource DAOs for reuse rather than creating a fresh instance every time they are needed.

Replace usages of ResourcePersistentId with an interface IResourcePersistentId and parameterize specific implementations of it in classes that rely on a specific implementation.

The default (out of the box) Smile CDR configuration will now configure a maximum of 4 GB of RAM instead of the previous maximum of 2 GB.

Previously, jobs were scheduled via a @PostConstruct annotated method. This has been changed to an implementation of IJobScheduler interface so the job scheduler can schedule all the jobs after it has been started.

The HL7 v2.x Listening Endpoint module has been changed to use FHIR ConceptMap resources in place of hard-coded lookup tables. This allows for the customization of such mappings, and affects most HL7 v2 processing; for complete details, see FHIR-based Terminology Translation.

Fhir resources in JSON or XML format will be scrubbed from log messages at level INFO or higher as they may contain PHI.

Previously, it was possible to have multiple clustered persistence scheduler names because the scheduler name was created using node id and module id. This has been changed, and now all clustered persistence schedulers are named cdr-persistence.

Logos in Web Admin Console changed from old Smile CDR logo to the new Smile Digital Health logo.

A new Persistence Module configuration setting has been added called dao_config.job_fasttracking_enabled, default false. If this setting is enabled, then gated batch jobs that produce only one chunk will immediately trigger a batch maintenance job. This may be useful for testing, but is not recommended for production use. Prior to this change, fasttracking was always enabled which meant if the server was not busy, small batch jobs would be processed quickly. However this lead do instability on high-volume servers, so this feature is now disabled by default.

Implements the streaming functionality for MongoDB that is used for batch jobs. This functionality fixes bulk export jobs with low max file size that were getting stuck in the FINALIZE state.

Updated the Payload Search Result Mode section in the document indicating that this feature also applies to Message channel type now.

The HL7 v2.x Listening and Sending Endpoints are compatible with partitioning, but still currently log a warning when partitioning is enabled. This has been corrected.

Attempting to use Channel Import with partitioning enabled would result in an error in most cases. This has now been fixed by allowing the client to pass a partitionId in the message payload. See the documentation for an example.

Resolved NullPointerException issue in the PartitionSecurityInterceptor that could occur when a user configured a named partition but then requested access to the default partition.

Creating an HL7 outbound module config with MLLP_OVER_TCP starting, then updating to HL7_OVER_HTTP and restarting causes a ClassCastException. This has now been fixed.

Previously, if a child element's length of a resource was called in the function of HL7 v2.x Listener Script several times and the child element was empty initially, then the length will appear to be different in each call. This was because of automatically generated placeholder. The issue has been fixed by adding a check condition to drop the empty placeholder from the existing value list.

Previously, subscription producers and consumers on separate nodes were not able to see one another's channels since the node name was added to the channel name. This has been changed by allowing the name of the subscription matching channel to be unqualified.

Previously, an HL7 v2.x VXU message did not correctly process an immunization manufacturer. Now, this issue has been fixed.

Added the function addContained() to the FHIR storage callback script execution environment to allow the user to create contained resources.

Previously, sending an HL7 v2.x SIU message that included multiple NTE segments was processing incorrectly. Now, this issue has been fixed.

Fixed a display issue with HL7 messages in the Web Admin Console transaction log

Updating the HL7V2 Structure Definition documentation to match the HL7v2 Generic Mapper.

Supplying ActiveMq with an error handler to prevent logging payload when encountering issues while processing received JMS messages.

Editing the 'Applies to Modules' column in the documentation for property 'Mark Resources for Reindexing after SearchParameter change' to not include mongoDB.

Previously, sending an HL7 v2.x inbound message that includes a numeric datatype variable in OBX segment with a positive leading sign was getting a processing issue. Now, this issue has been fixed.

Previously, a bulk import with DSTU3 would fail due to the valueUrl data type not existing. Now, documentation has been changed to use the valueUri type.

Realtime Export currently does not support a number of data types, including DATE_ONLY and DATE_TIMESTAMP. DATE_ONLY and DATE_TIMESTAMP are now supported.

Previously, instead of narrowing the search results, specifying resource-specific scopes in a SMART token would result in an Access Denied error. This is now fixed.

Mongo database users would always have search references replaced with resource ids inline during create/update. This is now configurable in mongo, and is defaulted to true for all dbs.

Previously, JavaScript version of translate operation only returned one result even when there were multiple matches. Now, this issue has been fixed by adding two new api method chains called 'andReturnMultipleCodings()' and 'andReturnMultipleCodesAsString()' which will return all the matched results as a list.

Previously, when \n, \r, or \t was used as a delimiter in the HL7 v2.x inbound mapper (i.e. Observation NTE, Observation OBX or Order Observation NTE), the mapped FHIR resource escaped the delimiter resulting in text that contained \\n, \\r, or \\t respectively. Now, this has been fixed.

There is inconsistent validation in the case of an incorrect communications language coding due to validation that looks for the first correct Coding. In the case of a single incorrect code there is one validation result. In the case of one correct code and one incorrect code, there is an entirely different result. This has been fixed by introducing a new optional configuration, turned off by default, that allows clients to toggle the behaviour.

Cross-partition subscription PUT with a custom interceptor will fail on validation because the read partition ID is validated. This has been fixed by making use of a hapi-fhir fix that skips validation if the validator invoked during an update operation

Previously, an exception would be thrown while parsing a CDA document if a social history observation had a nullFlavor on the root element. This has been fixed.

Realtime Export currently does not support the DOUBLE data type. This is now fixed.

Support for the CLOB datatype was added to Realtime Export.

Support for the BLOB datatype was added to Realtime Export.

Existing response watermark constant has a typo. Introduce a correctly spelled constant, deprecate the old one, and continue to support it.

Previously the example in documentation for Converter.base64Encode was incorrect. This has been fixed.

Realtime Export currently fails with a DATE_TIMESTAMP field on Postgres and potentially other DBs. This is now fixed.

Before, MDM operations invoked from Admin JSON were not generating audit log. This has been fixed.

Previously, in the JSE, resource.id returned the id containing the resource and the history version ex. Patient/123/_history/1, which violates the fhir specification. This has been fixed, and resource.id will only return the bare id (ex. 123). To preserve previous workflows, the resource type can be accessed via resource.resourceType, and the version number via resource.meta.versionId.

Previously, deleted resources were not being expunged properly with MongoDB. This was resulting in a ResourceNotFoundException whenever a resource level /history query was performed after using expunge. This has been corrected.

When an invalid JWT auth token is used during bulk export, a 401 Unauthorized failure response is given. This has been changed to return 400 Bad Request to match client test cases.

Restores the ability to invoke the $export operation using an HTTP GET request.

Previously, the description of Forward Persisted Messages property in HL7 V2 Outbound Module documentation was not displaying as a link. This has been fixed.

Before, the input for each field when creating a new module would be blank. The default values are now given for each field.

The results of the GET Patient/$everything command when using Mongo DB differ from the results when using JPA/RDMS. The Mongo implementation has been improved to be much closer to the JPA implementation.

Previously, when the Realtime Export module was started with the dao_config.auto_create_placeholder_reference_targets.enabled set to true a PreconditionFailedException was thrown resulting in a start up failure. This has been fixed.

Before MDM Partition Key Generator type had to be configured through system properties. A Web Administration option has been added to allow configuring it.

Kafka message processing could log PHI during after delivery failures to both the target, and the dead-letter queue. This message body is now redacted.

Before Web Admin configuration properties help target was not specific when property name contained parenthesis. This has been fixed.

Previously, the Kafka SASL JAAS Config and Kafka SSL Key Password properties would be visible in the Web Admin Console. These properties are now hidden.

Trying to delete a resource through FHIR gateway configured in DSTU3 no longer returns a 500. Now delete is processed in the same way as a gateway configured in R4.

A recent change to automatic resource type selection for Bulk Export accidentally caused DSTU3 Bulk Exports to fail. This has been corrected.

When cleaning up expired OAuth2 authentication codes from the database, if a record was present in the database from an older version of Smile CDR the cleanup loop could occasionally fail. This has been corrected.

An occasional processing error caused an exception to be thrown when submitting data to a MongoDB Storage module with MDM enabled.

A race condition caused Batch2 job processing to stall occasionally on MongoDB storage modules if an unexpected error occurred. This has been corrected.

Improved fhir-gateway troubleshooting logging by providing extra debug entries.

Previously, when combo search parameters were created in MongoDB, the SearchParameter.name value was used for the name of the MongoDB document key that held the combo index value. This has been corrected and now the SearchParameter.code value is used.

Previously, combo unique search parameters were not properly enforcing uniqueness after being updated in MongoDB. Now, when a combo SearchParameter is changed from unique to non-unique, duplicate values are accepted. Similarly, when a combo SearchParameter is changed from non-unique to unique, duplicate values are rejected.

MongoDB Storage module sorting on the _lastUpdated parameter produced incorrect results.

Previously, the MongoDB FHIR Storage module would always use the Internal Synchronous Search Size configuration property as the number of documents to fetch, regardless of the details of the request. Now, the property will be used as an upper limit, but callers can request a smaller result set.

Fixed a bug with batch jobs in Mongo, where occasionally in a concurrent environment, messages could be double-delivered, causing batch jobs to hang due to the unknown state.

Fixed bug where the context path of the FHIR endpoint was being omitted in the generation of GraphQL URIs.

During CDA Import, some resources of types CarePlan, CareTeam, Condition and Device were not populating their identifier field. This could result in duplicate resources being created under some circumstances. This has been fixed.

Previously, queries in Mongo DB that used _include parameters could accidentally include multiple versions of a resource. This has been corrected.

A MongoDB patient $everything request was returning duplicate organizations after POSTing a Bundle with a Patient, Organization and Consent. This has now been fixed by filtering out the duplicate organizations from the response.

A bug existed where importing a CDA document that contained Blood Oximetry (code 59408-5) and OxygenConcentration (code 3150-0) observations but was missing FlowRate (code 3151-8) would result in an error. This has now been fixed.

Fixed bug when users are seeded with default launch contexts.

When using smileutil generate-rte-schema, REFERENCE resource fields were being converted to BLOB in JSON and oid in postgres SQL. This has been fixed by ensuring they are now converted to STRING/varchar(255), respectively.

Previously, the CDA Import feature was not populating 'No Known Allergies' codes correctly in AllergyIntolerance resources. This has been fixed.

The HL7 v2.x Listening Endpoint module used to handle OBR-4 fairly strictly. Sparser values are now accepted.

Previously, the default logging would log all Kafka config properties. This has been downgraded to DEBUG log level. To view these config properties in log, you can modify logback.xml and create a logger named ca.cdr.broker.kafka.config set to DEBUG level

Proper experimental tag added to documents to indicate correct level of maturity model for feature.

Previously, a CDS endpoint would return HTTP 500 when encountering issues parsing user submitted payload . This has been corrected.

When performing a P2P data transfer as the receiving system, MDM metadata in receieved data is now discarded, in order to avoid collisions with the MDM system on the receiving system.

Added a migration for older versions of smile which were storing the enforce_referential_integrity_on_write configuration item as a string instead of a boolean.

A new command in smileutil called clear-migration-lock has been added. This command can be used to clear a stale database migration lock row.

Bulk export jobs that are COMPLETED in Mongo DB were missing reports. This has been fixed by resolving a race condition where the report was overwritten with a null report.

Previously, it was not possible to clear a migration lock applied to the audit table with cdr-cli. This has been fixed.

$mdm-submit would throw a class-cast exception when running on mongo. This has been corrected.

The official Smile CDR Docker image now runs as a non-root user, and is based on an alpine image (amazoncorretto:17-alpine3.17).

Backported from: 2023.02.R01

Previously, queries in Mongo DB that used _include parameters could accidentally include multiple versions of a resource. This has been corrected.

Backported from: 2023.02.R01

When performing a P2P data transfer as the receiving system, MDM metadata in receieved data is now discarded, in order to avoid collisions with the MDM system on the receiving system.

Backported from: 2023.02.R01

A new Persistence Module configuration setting has been added called dao_config.job_fasttracking_enabled, default false. If this setting is enabled, then gated batch jobs that produce only one chunk will immediately trigger a batch maintenance job. This may be useful for testing, but is not recommended for production use. Prior to this change, fasttracking was always enabled which meant if the server was not busy, small batch jobs would be processed quickly. However this lead do instability on high-volume servers, so this feature is now disabled by default.

Backported from: 2023.02.R01

The results of the GET Patient/$everything command when using Mongo DB differ from the results when using JPA/RDMS. The Mongo implementation has been improved to be much closer to the JPA implementation.

Backported from: 2023.02.R01

Fixed a bug with batch jobs in Mongo, where occasionally in a concurrent environment, messages could be double-delivered, causing batch jobs to hang due to the unknown state.

Backported from: 2023.02.R01

A MongoDB patient $everything request was returning duplicate organizations after POSTing a Bundle with a Patient, Organization and Consent. This has now been fixed by filtering out the duplicate organizations from the response.

Backported from: 2023.02.R01

Added support for FHIR UPDATE and CREATE operations to FHIR Gateway. This includes support for creates with client supplied ids, which are handled in the same way as an UPDATE.

Backported from: 2023.02.R01

Resolved NullPointerException issue in the PartitionSecurityInterceptor that could occur when a user configured a named partition but then requested access to the default partition.

Backported from: 2023.02.R01

An occasional processing error caused an exception to be thrown when submitting data to a MongoDB Storage module with MDM enabled.

Backported from: 2023.02.R01

A race condition caused Batch2 job processing to stall occasionally on MongoDB storage modules if an unexpected error occurred. This has been corrected.

Backported from: 2023.02.R01

MongoDB Storage module sorting on the _lastUpdated parameter produced incorrect results.

Backported from: 2023.02.R01

$mdm-submit would throw a class-cast exception when running on mongo. This has been corrected.

Backported from: 2023.02.R01

Supplying ActiveMq with an error handler to prevent logging payload when encountering issues while processing received JMS messages.

Using passwordless IAM authentication for AWS RDS is now supported via the new Use IAM Auth. More information can be found here.

The cdr-endpoint-hybrid-providers-demoproject module was enhanced with additional code samples about internal Dao access (for DSTU2, DSTU3 and R4) and Custom operations. Hybrid Providers section in Smile CDR documentation was updated with two new sub-sections about Dao access and Custom operations implementation.

Added a new setting for Bulk Export that changes how many resources are stored in each binary output file. The default value for the setting is 1000 resources per file.

A new section has been added to the Smile CDR documentation called FHIR Standard which contains tutorials on beginner and advanced FHIR topics. Over time we will continue to add to this section.

Support for import of a CDA CCD document with a non-standard Assessments section has been added.

Support for the import of a CDA CCD document with a care team section has been added.

Support for import of a CDA CCD document with a Goals section has been added.

Support for import of a CDA CCD document with a Health Concerns section has been added.

Support for import of a CDA CCD document with a Notes section has been added.

MongoDB FHIR Storage module now supports performance tracing similar to the RDBMS module. Additionally, enabling Capture SQL results in individual MongoDB queries being captured and traced.

FHIR Persistence (MongoDB) modules now support native MongoDB Sharding, using Smile CDR partitioning mode. See MongoDB Sharding for more information.

Support for import of a CDA CCD document with a Note section has been enhanced to be able to conform to the US Core IG.

Import of the CDA CCD Result section to a FHIR DiagnosticReport resource did not set a category. The mapping accounts for the US Core IG if conformant data are found.

Support for import of a CDA CCD document with a Goals section has been enhanced to be able to conform to the US Core IG.

Import of the CDA CCD Medications section to FHIR did not handle a case that was required for optional US Core compliance. If a Medication Activity has an entryRelationship with templateId root = 2.16.840.1.113883.10.20.22.4.17 and classCode = "SPLY" and moodCode = "INT," then the whole Medication Activity will now be mapped onto the US Core MedicationRequest Profile.

Support for import of a CDA CCD document with a ProductInstance entry following the Implantable Device template has been enhanced to be able to conform to the US Core IG.

Import of a CDA CCD to a FHIR Organization resource did not set active, nor did handle the case of an OID of 2.16.840.1.113883.4.6, which corresponds to the URI http://hl7.org/fhir/sid/us-npi. Support for these has been added for optional conformance to the US Core profile for the resource.

Further support for patient demographics and clinical health information has been added to CDA import. This includes extensions for patient religion, race, ethnicity, and place of birth according to the US Core IG.

The HL7 v2.x inbound processor now maps repetitions of PID-26 (Citizenship) to patient-citizenship extensions on the Patient.

Adding support for _sort on mongodb for date parameters when querying data, also added exception when attempting to sort by unsupported search parameter types

Adding support for _sort on mongodb for remaining unsupported parameters.

Improving option documentation for smileUtil command import-csv-to-conceptmap. Current documentation does not include references to flag '-s' for specifying the concept map status although being required when validation is enabled.

Added support for OpenSearch. Added support for IAM authentication to Elasticsearch/OpenSearch. If you set the AWS Region property, IAM authentication will be attempted to the host.

Support for import of a CDA CCD document with a Product Instance entry (or entries) of a Procedure section has been added.

CDA Import now supports the mapping of certain fields populated with nullFlavors to FHIR fields with dataAbsentReason extensions for optional compliance to the US Core IG.

Support for import of a CDA CCD document with a Plan of Treatment section has been added.

Transaction and Audit logs will now store the Request ID and Transaction GUID for all FHIR requests where these details are available. In addition, the Audit Log can now be searched using a Transaction GUID.

A new feature called Response Watermarking allows FHIR REST responses to automatically have their associated transaction GUID injected into resource bodies for traceability purposes when at rest.

Previously, DELETE request type is not supported for any operations. DELETE is now supported, and is enabled for operation $export-poll-status to allow cancellation of jobs

Providing the capability to add launch context parameters other than resources to the response token in SMART Outbound Security.

When importing a CDA document, if the patient's birth sex is available, it will be mapped to the USCoreBirthSexExtension extension to conform to the US Core Patient Profile.

Added $submit-attachment system-level operation to support a solicited attachments workflow. Requests include: a tracking ID that corresponds to an existing Task in the repository by Task.identifier; and one or more attachments. The operation identifies an existing Claim in the repository via the Task, associates the attachments with the Claim, and then updates Task.status accordingly.

Update TransactionLogSvcImpl to be able to return a pageable result

OIDC Clients can now be configured with a remote JWKS Url for Client Credential flow. This url will be used in place of the inline JWKS json when present.

New attribute added for the @Operation annotation to define the operation's canonical URL. This canonical URL value will populate the operation definition in the CapabilityStatement resource.

The 'effectiveTime' of the CDA Note Section is mapped to 'DocumentReference.context.period'.

The cdr-interceptor-starterproject module was enhanced with additional code samples about internal Dao access (for R4), Spring configuration class, MDM interceptor and FHIR client calls. Interceptors section in Smile CDR documentation was updated with new sub-sections about Subscription and MDM interceptor sample implementation.

The cdr-interceptor-starterproject module was enhanced with additional code samples for all SERVER_XXX pointcuts for the FHIR Endpoint interceptor, all STORAGE_XXX pointcuts for the Persistence interceptor, all SUBSCRIPTION_XXX pointcuts for the Subscription interceptor, all FHIRGW_XXX pointcuts for the FHIR Gateway interceptor and finally all CLIENT_XXX pointcuts for the FHIR client interceptor. Interceptors documentation was modified to include new starter classes as examples. A new section about Client interceptor was also added.

Added support for multiple OR reference parameters in queries to the MongoDB persistence module. E.g. example Observation?subject=Patient/1,Patient/2 will now work.

Previously, MongoDB did not support MDM expansion over the $everything operation. This has now been added.

A new configuration option has been added to the FHIR Endpoint modules, allowing specific FHIR interactions to be selectively enabled in cases where you want an endpoint to only provide and advertise a specific set of interactions.

Several new options have been added to FHIR Endpoint CapabilityStatement/OpenAPI/Swagger generation: * The Swagger-UI page can now show resource types on separate pages (currently the only option) or show a combined single page with all resource types * Additional CSS can be supplied to be added to the Swagger-UI page * The exported software name and version strings can now be customized (previously these were hardcoded to 'Smile CDR') * The banner logo on the Swagger-UI page can now be customized

Extend $member-match to store Consent resource when there is a matching patient.

If a member_id parameter is passed to /oauth/token endpoint, it will be passed down to the onTokenGenerating script.

A hard-coded mapping for the transmitter agent is added to the generated Provenance resource.

The cdr-endpoint-hybrid-providers-demoproject module was enhanced with additional code sample about Custom operations returning other data types than FHIR. Some basic unit tests were also added to demonstrate how to use JUnit 5 / Mockito to test Hybrid Providers. Hybrid Providers section in Smile CDR documentation was updated with more details about Custom operations implementation.

Adding a new sub-section in Troubleshooting PostgreSQL section of Smile CDR Docs about potential issues with 'pg_largeobject' table in PostgreSQL, how the Persistence module 'Inline Resource Storage Below Size' property can be used to mitigate them, and how to run 'vacuumlo' command to remove orphaned large objects stored in 'pg_largeobject' table from a PostgreSQL database.

HL7 error messages in the logs will now contain the message control ID in order to help debugging

Added a new DB Index to the CDR_AUDIT_EVT table on the EVT_TIMESTAMP column.

To be consistent with US regulation, SMART public clients created by appSphere will no longer be granted refresh tokens, and SMART confidential clients will have a default expiry of 3 months.

Add update classifications endpoint to appSphere Admin Console.

Prevent modification of configurations when the application properties are loaded from the properties file.

Adding smileutil support (module-config-properties-export) to export module/node properties to a specified properties output file in the way that admin web allows.

Previously, successfully authenticated credentials in the inbound security modules were always cached for 20000 ms (20 seconds) when the Cache Successful Credentials property was enabled. This value is now configurable by specifying a value for the Authentication Cache Duration property.

appSphere registration process allows a Developer to request bulk transfers of various permission levels.

By default, if the $export operation receives a request that is identical to one that has been recently processed, it will attempt to reuse the batch job from the former request. A new configuration parameter Enable Bulk Export batch job reuse has been introduced that disables this behavior and forces a new batch job on every call.

appSphere - developer can select maximum bulk transfer permissions for their sandbox.

Import of the CDA Medications section to the FHIR MedicationRequest resource did not populate encounter. The field will now be populated with a reference to the first FHIR Encounter resulting from the first entry in the CDA Encounters section.

The MDM documentation was enhanced with a new subsection about rule definition, to provide more detailed information about rule definition fields, with use cases, pitfalls and performance tips.

Smile CDR console web UI will allow to modify some attributes for OpenID Connect Clients managed by appSphere.

Creation of Observation resources from Import of a CDA CCD did not set Observation.component.dataAbsentReason when appropriate. This capability has been added.

The MongoDB Storage module now implements Auto-Create Placeholder Reference Targets, which was previously only supported by the RDBMS module.

The creation of a FHIR Device during CDA Import did not set Device.udiCarrier.deviceIdentifier. This has been added for optional compliance to the US Core IG.

The MDM documentation was enhanced with a new subsection about using Enterprise Identifiers (EID) in MDM Rule Definition. It explains what the optional 'eidSystems' field does exactly more clearly, during candidate search phase and during matching phase. It also gives more details about using 'Prevent modification of External EIDs' and 'Prevent multiple EIDs from existing simultaneously on a target resource' MDM options.

A new propertysource mode called PROPERTIES_UNLOCKED has been added for troubleshooting purposes. In this mode, module configuration changes may be made at runtime through the web admin console, but these changes are lost and reset when Smile CDR restarts.

All Spring Batch dependencies and services have been removed. Async processing has fully migrated to Batch 2.

Removed Flyway database migration engine. The migration table still tracks successful and failed migrations to determine which migrations need to be run at startup. Database migrations no longer need to run differently when using an older database version.

The cdr-endpoint-hybrid-providers-demoproject module includes Patient resource provider implementation demonstration with a simple search method, findPatientsByName, which should support search by family name. The search method used an incorrect comparator and as such never returned any patients even when a valid family name parameter was provided. This has been corrected.

Previously, a bundle of type BATCH which contained GET requests would not use the permissions of the caller, but instead be executed as an anonymous user. This caused authorization failures in multitenant installations. This has been corrected.

Previously, user's name appearing in password validation was case sensitive, this has been corrected and validation is now case insensitive.

Previously, the value of 'Kafka Consumer Config Properties text' was never displayed. Also, if multiple configs were added at the same time separated by space, they would be mistakenly recognized as one whole config. These issues have been fixed, and Kafka configs can be correctly recognized and displayed.

Previously, on an HL7V2 listening endpoint was incorrectly using the DSTU3 URI for Condition category-code, even when running an R4 persistence module. This has been corrected, and R4 with newer versions will now use http://terminology.hl7.org/CodeSystem/condition-category.

A log message related to health check size appears in the logs every time when /endpoint-health is requested. Now, this message has been removed.

Previously, when using PostgreSQL, LOB table will retain resources when operation $expunge is run on the persistence module. This is now fixed, as it's required to set the Inline Resource Storage Below Size if using PostgreSQL, which will prevent writing to the LOB table for smaller data entries.

Fixed an issue with the server context path not being handled correctly if a non-empty (ie, not '/') context_path was specified.

Previously smileutil would throw an Exception on an incorrect thread count argument. This has now been fixed by automatically adjusting the thread count when appropriate.

Import of the CDA CCD Encounters section to a FHIR Encounter resource did not set the participant.type, participant.period, or reasonCode fields. This has been corrected for optional compliance to the US Core Encounters profile.

Import of the CDA Plan of Treatment section to a FHIR CarePlan missed certain fields with cardinality modified by the US Core IG. This has been corrected. The fields in question were CarePlan.text, CarePlan.text.status, CarePlan.category.coding.code, and CarePlan.category.coding.system.

Import of the CDA Health Concerns section to a FHIR Condition resource did not set Condition.verificationStatus. This has been corrected.

Import of the CDA Problem section to a FHIR Condition resource did not set Condition.verificationStatus. This has been corrected.

Import of a Performer entry in a CDA CCD to a FHIR Practitioner resource missed a case required for conformance to the US Core IG. Namely, an OID of 2.16.840.1.113883.4.6 should map to http://hl7.org/fhir/sid/us-npi. This has been corrected.

In Hl7v2 inbound mapper, previously the identifier-type url for R4 was mapped to the url for DSTU3, now it has been updated

Previously, birthDate is missing in the transaction outcome when input HL7 message included year only birthdate (For example, 1967). The issue has been fixed since a year only birthDate is an acceptable input value.

Previously, support for default SearchParameters was disabled in order to improve performance. This was resulting in the inability to use the built in SearchParameters that are provided by HAPI FHIR. Support for default SearchParameters is now configurable by enabling the search_parameter_seeding.support_default_search_parameters property in the persistence module.

Previously, documentation for PID-28 (Nationality) indicated the HL7 v2.x inbound processor would treat this field as having a cardinality of 0..*. This has been corrected to a cardinality of 0..1.

Previously, when an HL7V2 IN1-16 segment was populated, the inbound mapper created a RelatedPerson with a missing Patient resource inside the Coverage resource. This has been corrected.

Previously, when downloading the system config from the support page, the smart_capabilities_list will be downloaded with a bunch of backslashes. This was incorrect because in some cases it reads that as just one big line. Now, this error is fixed.

Previously, sending a SIU^S12 HL7v2 message appears as Unknown Message Trigger in the transaction log. This has now been fixed to SIU^S12 (Appointment Scheduling).

The admin console UI Batch2 job cancellation feature (blue stop button) would not correctly cancel jobs when MongoDb was used as supporting persistence module. This issue has been fixed.

Previously, NullPointerException is thrown when propose SIU^S12 message with an NTE segment. However, an NTE segment should be allowed to follow SCH. This issue has been fixed.

Previously, the Mother's Maiden name extension was incorrectly created as a HumanName. This has been corrected and is now a StringType extension. In addition, all HL7V2 inbound mapper test results (i.e. Bundles) are validated using the FHIR Validator. This has resulted in multiple enhancements including updating out-of-date code system urls, mapping additional segment fields to populate required Resource fields, and setting default values for Resources with required fields that have no data available.

When activating the consent service with custom JavaScript [consentStartOperation()] that refers to a Fhir.search() on a resource with _id in the where clause, any operation on that resource will fail with an _id not found Exception. This MR fixes this issue so that the error no longer occurs.

Previously, the SIU^S12 message that has chosen to omit the optional SCH-9 and SCH-10 fields will result in an error. This has been corrected, and SIU^S12 messages without those optional fields can be processed with no error.

HL7v2 mapper POST ifNoneExist field currently contains the resource (ex Patient) in the String. This fix removes the resource and the ? from that String.

Previously, $delete-expunge url included a slash in the documentation. Now, this error is fixed.

Updating documentation of applicable modules for properties of the Sessions configuration category.

Import of a CDA document containing an Encounter with Activity.code.translation set to 'IMP' would result in an error. This has been corrected.

Previously, Smile mapped SCH-6 (Event Reason) to a specific hardcoded system and ignored any message values inputted by the client that does not match with the CodeSystem. Now, user-defined service type code and display are valid. In addition, client can also specify a custom code system in SCH-6.3. Smile documentation is also updated accordingly.

Previously, when a client would provide a requestId within the source uri of a Meta.source, the provided requestId would get discarded and replaced by an id generated by the system. This has been corrected. And now it depends on configuration.

Previously, a user will be unauthenticated when using the Client Credentials with JWT Credential flow for bulk export. This has been fixed.

Execute a NO-OP UPDATE statement when running on MySQL and attempting to INSERT into the AG_CLASS Table, since MySQL does not have a NEXTVAL FUNCTION.

Previously, there were documentation links in the Web Admin Console (User Manager, OpenID Connect Client, and OpenID Connect Servers) that were broken if a context path was specified in the Web Admin Console configuration. This has been fixed.

Previously, when an access token was revoked and then introspected, the server responded with a 500 - Internal Server Error. This has been corrected and now when introspecting invalid tokens, or tokens that have been revoked, the server will respond with a 404 - Not Found invalid token introspection response.

CDA import previously mistakenly mapped Immunization Refusal Reason to Immunization.explanation.reasonNotGiven in FHIR DSTU3. This has been corrected to the equivalent R4 field, Immunization.statusReason.

Cascading deletes don't work correctly if multiple threads initiate a delete at the same time. Either the resource won't be found or there will be a collision on inserting the new version. This changes fixes the problem by better handling these conditions to either ignore an already deleted resource or to keep retrying in a new inner transaction..

CDA import mapped Patient.communication.language.coding to a ValueSet instead of a CodeSystem. This has been corrected.

Previously, the default Smile HL7 to FHIR translator still handled messages despite setting doNotAutoConvert=true in the onPreConvertHl7V2ToFhir() function of the HL7v2 listener script. This has now been fixed.

CDA import mapped Condition.category.coding to a ValueSet instead of a CodeSystem. This has been corrected.

Previously, mongodb delete-by-url would delete a maximum of 10 resources per request. This has been fixed by setting the limit to the internalSynchronousSearchSize which is extracted directly from JpaStorageSettings and has the default value of 10,000

Previously, the $reindex operation would fail with a ResourceVersionConflictException when MongoDB was used for the storage module. This has been corrected and now the $reindex operation completes without errors and processes the right number of resources.

CDA import of address use periods contained a bug that would set dates in the epoch BCE. This has been corrected.

The CDA mappings of agent.type.coding.id and agent.role.coding.id have been removed; generated Provenance is no longer conditional on an assembler device id; and mappings of agent.type, agent.who, and agent.onBehanlfOf have been changed to the US Core Profile.

Import of the CDA Vital Signs section to a FHIR Observation resource did not set Observation.category. This has been corrected.

Import of various CDA sections following the Observation structure did not codify units using the UCUM code system for values of type PQ. This has been fixed.

Fast-tracking batch jobs that produced only one chunk has been rewritten to use Quartz triggerJob. This will ensure that at most one thread is updating job status at a time. Also jobs that had FAILED, ERRORED, or been CANCELLED could be accidentally set back to IN_PROGRESS; this has been corrected.

Previously, the OAuth2 state value was limited to 124 characters which caused some authentications to fail. The maximum state value length now has expanded to 256 characters.

Previously, a SQL statement was exposed in the error message when client submit a state parameter with more than 124 characters. Now, this issue has been resolved and the error message will notify user that their input state variable exceed the state maximum length.

Previously, when importing a CDA document including an immunization with the negationInd set to true, the status code of the generated FHIR Immunization record was not being set correctly. This was also preventing the refusal reason code from being captured. Both these problems have been fixed.

Previously, when importing a CDA document with a Procedures section, Product Instance entries were being ignored. This has been fixed, and these entries will now be converted to Device resources as intended.

The 2022.02.R01 release introduced a regression for leaking connection pools, specifically in Realtime Export module. This has been corrected.

Previously bulk import would return a 500 HTTP status code if there was an invalid JWT token. This has now been fixed returning a 401 with an appropriate error message instead.

Previously if you had the HTTP troubleshooting log enabled, binary files would fail to write to disk with an error. This has been corrected.

Fixed CDA Vital Signs 'valueQuantity.system' to 'http://unitsofmeasure.org' instead of 'http://unitsofmeasure.org/'

Previously the hl7 appointment status codes (sch-25) Proposed and Arrived were not mapped. Now they have been added.

Fixed parsing of a HL7v2 message with a ZXT segment at the end, now this segment will be added to the Bundle regardless of its location in the HL7 message

In order to accommodate Smart V2 scope translation, the maximum allowed length of a scope string has been increased to 764 characters for all scope and scope related columns.

When using a repository in Forced Offset Mode, validation resource seeding could prevent the server from starting if the server already has a large number of resources.

Previously, custom SearchParameters with identical codes and bases could be created. This has been fixed. Right now, removal of the target base resource from the existing SearchParameter base list is required before creating the new definition, and corresponding instructions have been added to the documentation.

Creation of FHIR Practitioner resources in the import of a CDA CCD could result in invalid Identifier.systems. This has been corrected to set a URI rather than an OID where possible.

CDA Import of patient's implatable devices did not allow for manufacturing observations such as Serial number that populated their values as type ED, but with plaintext in the reference field. This has been corrected for leniency.

The 'BP Systolic/BP Diastolic' of the CDA Vital Sign Section was mapped to separate observations.  Now only one 'Blood pressure' observation is created. Same for 'Oxygen saturation in Arterial blood  (by Pulse Oximetry)', only 'Oxygen saturation in arterial blood by Pulse Oximetry' is created.  This fix only applies to observations that have the same identifier.

GraalScriptExecutor.callForJavaObject() was not handling the returned Value correctly, resulting in intermittent race conditions. Now that method will call returnExecutor() resulting in proper behaviour.

As of the Aug release, if the FHIR Endpoint specifies both a validation dependency and a persistence dependency, a duplicate bean error will be thrown. This adds a config diagnostics that helps the user understand the problem and fix it.

Previously, the setting to enable the MDM Search Expanding interceptor was missing from the Mongo Persistence Web UI. this has been corrected.

When importing a CDA CCD Results section, the mapping attempted to populate valueAttachment on a resultant FHIR Observation resource. This is valid only for DSTU3 resources, while CDA Import is currently restricted to FHIR R4. This has been corrected to now populate DiagnosticReport.presentedFrom in the resultant Bundle instead.

PractionerRole resource does not get created if there is no representedOrganization populated in the assignedEntity section of the CCDA. This issue has been fixed.

When fixing the CDA provenance us profile in ticket 3431, the agent of the device assembler was removed. This issue has been fixed.

Previously an edge case could have lead to the mismapping of CDA Observation entries within a Results section to the US Core DiagnosticReport profile. This has been corrected.

Mdm messages were using the resource id as a message key when it should be using the EID as a partition hash key. This could lead to duplicate golden resources on systems using Kafka as a message broker.

CDA Import did not properly set dataAbsentReason extensions on FHIR AllergyIntolerance.identifier when a nullFlavor was provided. This has been corrected.

Previously, when Smile encountered an invalid client_assertion_type parameter in an OAuth2 token request, it would skip JWT bearer authentication and move on to other authentication methods, which might ultimately result in either a return status of 200 or 401. In order to pass Inferno conformance testing, if the client_assertion_type parameter is present and contains an invalid value, Smile will now return a status 400 code.

When enabling partition on tenant ID and turning on reindexing after sp change, smilecdr will fail to start with an error complaining about a missing tenant ID. This is now fixed by adding ALL_PARTITIONS as a tenant ID on the validation initializer service.

Added additional validation checks for $submit-attachment parameters: PayerId must match Task.owner.identifier MemberId must be a an identifier for a valid Patient in the system. Must match Task.for.reference ServiceDate (if present) must match Task.input.valueDate AttachTo must match Task.reasonReference.reference and Claim.use

Fixed display of the archived modules with custom context path of the web admin module

CDA Import was not case insensitive when translating fields with tables of expected values in some cases. This has been corrected.

CDA Import supports mapping nullFlavors to dataAbsentReason extensions for the sake of (optionally) complying with the US Core IG. Certain fields did not actually need this functionality, and this has been corrected.

CDA Import did not set Device.patient in some cases. This has been corrected.

Due to a known issue in higher versions of java, attempts to save complex (ie, non-primitive, non-strings) to UserData in onTokenGenerating script will throw an error. Smile CDR will now log a warning and encourage serializing any complex JSON objects before saving them to UserData. (This can also be fixed by setting JVMARGS="$JVMARGS --add-opens=java.base/java.util=ALL-UNNAMED in the setenv file.)

Fixed issue with the latest created mongo persistence module being used as the persistence for mdm links, instead of the persistence that's specified for mdm/fhir endpoint.

Import of a CDA Results Organizer-templated Organizer would result in a FHIR DiagnosticReport with a missing encounter. This has been corrected.

The mapping attempted to fill in 'DocumentReference.type' with 'code' and 'translation code' while importing a CDA CCD consultation section. This is fixed. Now the 'DocumentReference.type' is populated by the 'translation code' only.

The jpa persistence module failed to start up when the database was in read-only mode due to an attempt to perform a database migration. This has been corrected.

The MongoDB Storage module previously incorrectly returned an HTTP 404 if a delete was issued against a non-existent resource. A correct 200 is now returned.

The CDA import was using the wrong code system URI when mapping the 'Condition.category.coding.system' from a CDA Indication. This has now been fixed.

Fixed a regression that was causing many batch jobs to be created on boot if mark resources for reindexing after search parameter change was enabled.

Clarifying documentation pertaining to Packages and Implementation Guides and correcting typos.

Previously, the batch2 maintenance job was still running, even when the suppress scheduled maintenance jobs property was set to true. This has been corrected, and now, the batch2 maintenance job will not run when the property is set to true.

Added configuration option for processing Z-segments in HL7 messages. It determines whether they are parsed in the root of the message or in the current segment.

When fetching pages of search results after the first page through the FHIR Gateway module, if multiple target servers were accessed in a parallel configuration, the call could occasionally fail due to a race condition. This has been corrected.

Previously, user provided field SCH-6.3 (Name of Custom Code System) was not mapped into the appointment resource, and the field SCH-6.1 (Service Type Code) was not allowing alphanumeric codes. Both issues have been resolved, and the SCH-6.2 field definition was updated to be required in the docs.

Fixed usage of exception for P2P ingestion step to retry instead of terminate.

Fixed transformation of bundle for ingestion to allow broken resource references.

commons-text has been pinned to 1.10.0 to avoid CVE-2022-42889. Having done an internal investigation, we have found that we do not use the affected vulnerable classes. This version pinning is done only out of an abundance of caution.

Backported from: 2022.11.R01

commons-text has been pinned to 1.10.0 to avoid CVE-2022-42889. Having done an internal investigation, we have found that we do not use the affected vulnerable classes. This version pinning is done only out of an abundance of caution.

Backported from: 2022.11.R01

Mdm messages were using the resource id as a message key when it should be using the EID as a partition hash key. This could lead to duplicate golden resources on systems using Kafka as a message broker.

Backported from: 2022.11.R01

Added support for OpenSearch. Added support for IAM authentication to Elasticsearch/OpenSearch. If you set the AWS Region property, IAM authentication will be attempted to the host.

Backported from: 2022.11.R01

When using a repository in Forced Offset Mode, validation resource seeding could prevent the server from starting if the server already has a large number of resources.

The 2022.02.R01 release introduced a regression for leaking connection pools, specifically in Realtime Export module. This has been corrected.

Backported from: 2022.08.R02

The 2022.02.R01 release introduced a regression for leaking connection pools, specifically in Realtime Export module. This has been corrected.

Previously if you had the HTTP troubleshooting log enabled, binary files would fail to write to disk with an error. This has been corrected.

Backported from: 2022.08.R02

Previously if you had the HTTP troubleshooting log enabled, binary files would fail to write to disk with an error. This has been corrected.

Previously, Smile Util commands that made HTTP requests could only be used for HTTP endpoints. This feature adds support for HTTPS endpoints by using TLS authentication for MapAndUploadCsvBulkImportFileCommand, SynchronizeFhirServersCommand and UploadSampleDataset.

Added new setting HISTORY_REWRITE_ENABLED on Storage Modules which permits users to edit historical versions of a resource. This comes along with a new permission for this, FHIR_UPDATE_REWRITE_HISTORY.

Added new cdr kafka config files to change the default timeout settings on kafka.

A new binary storage mode has been added to support Azure blob storage.

Added a new property to FHIRWeb and Web Admin Console modules which allows you to configure the maximum number of concurrent web sessions for a given user.

Added Privacy Security Notice Agreement page after the sign-in process and before the user gets to the web admin.

One can now store original HL7v2 messages as-is on a MessageHeader extension. If "create MessageHeader for each message" is enabled, Smile will reuse the created MessageHeader resource.

Limited support for SMARTv2 filter expressions has been added. Use requires an active consent interceptor, and is restricted to read and write permissions (not cruds), e.g. patient/Observation.read?code=55399-0.

Added support for mdm on mongo persistence

Support has been added for the $expunge operation for MongoDB storage. Smile CDR can now expunge data from a MongoDB repository at the instance, resource or system level, using the expungeDeletedResources or expungePreviousVersions input parameters.

Previously, there was no way to add record headers to outgoing kafka messages, for example for MESSAGE type subscriptions. . This is now possible by use of the customHeaders field of the outgoing ResourceModifiedJsonMessage. More documentation can be found here.

• Changed P2P endpoints (api/oidc_servers/{serverid}/batch_job, api/oidc_servers/{serverid}/batch_job/{id} so that returned batchJobId is no longer a number, but a string. - Implemented Batch2 P2P steps - Removed SpringBatch P2P; implemented/enabled Batch2 P2P job (with support for Mongo)

The HL7 v2.x Message Listener module callback script can now implement custom message processing for arbitrary message types (i.e. message/transaction types for which no built-in translation exists) and can also entirely replace built-in conversion rules. See Custom Processing Logic for more information.

A new troubleshooting log called the HL7 v2.x troubleshooting log has been added. This log contains additional processing details about HL7 v2.x processing.

Added new pointCut CdrPointcut.SERVER_CONFIGURATION_KEYSTORE allowing customers to a supply a Java keystore through for TLS support.

Added new options (--debug, --no-column-shrink, --skip-versions <Versions>, --strict-order, -x --flags <Flags>) to smileutil migrate-database command documentation.

Users with the FHIR_AUTO_MDM permission will have mdm expansion automatically applied to all queries for resources in the Patient compartment. SMART clients can assign this permission to their users by requesting the cdr_mdm scope.

Allow modification of the scopes and auto-grant scopes during the SMART login context selection callback. OAuth2SmartContextSelectionChoicePerson now has two lists of scopes to be added to the client request: auto-grant scopes and requested scopes. These lists can be populated by addAutoGrantScopes() and addRequestedScopes() in the OAuth2SmartContextSelectionChoicePerson. A new method addDisplayTranslation() on Auth2SmartContextSelectionChoices allows customizing the scope display text.

SMART Outbound Security module has a new Context Selection field which allows installing custom skins for the Context Selection page. Templates now have a new variable user_data, which contains client-populated user data.

Added JavaScript debugging support to the HL7v2 Listening Endpoint module.

Updated smileutil migrate-database command documentation for the --dry-run option.

Added metadata and country fields for Marketplace registration

Updated mongo support to allow for batch2 reduction step

Added 2 new config diagnostics entries. The first to check the persistence db and cluster manager db are not the same. The second to check if we are running postgres that inline_resource_storage_below_size is not zero.

Previously, interceptor beans could be loaded by name. Now, the interceptor bean types field also supports naming a Configuration class. If this is used, the configuration class will be loaded, and any beans annotated with @Interceptor will be extracted. This permits you to create interceptors that rely on your own beans that have been loaded into that application context.

Previously, hybrid provider interceptors had to be loaded through the interceptor_bean_types field. Now, interceptors can be defined and marked for registration inside of your Spring Context Config class. This allows your interceptors to make use of beans defined in your custom context. More details can be found in the docs.

Changed documentation on Response Terminology Mapping and Enable Response Terminology Mapping setting to include bulk export as a supported operation

Previously, there was no OIDC client id in any of the consent scripts. This features adds an additional parameter named theClientSession (of type ClientSessionJson) to all consent scripts (consentStartOperation, consentCanSeeResource, consentWillSeeResource, completeOperationSuccess, completeOperationFailure). The ClientSessionJson object has a single field called clientId that is the OIDC client's ID for their OAuth2 session.

Supporting PATCH operation with a MongoDB backend.

Adding new optional search parameters to existing GET /openid-connect-servers/

Fhir.translate() method now works with clients created using the FhirClientFactory.

Added configuration for coding system of admission type field (PV1-4) for Hl72InboundMapperImpl and Hl7V2OutboundMapperSvcImpl

Support has been added to MongoDB for Uplifting Strings via reference chains. This adds support for queries such as Task?requestor.given=Homer.

Added admin-json methods to query and cancel batch2 jobs.

Added additional search parameters being searched when $everything operation is invoked on mongodb persistence.

Make sure that current developer details are displayed in appSphere gallery

A new setting called Enable storing resource bodies in Lucene which allows some queries to be resolved directly from the Elastic/Lucene indexes.

All recent batch jobs per module will now be accessible in the batch jobs listing page.

When sending HL7 v2.x messages over HTTP, one can now re-use persisted messages and send them downstream verbatim.

Add request new app feature in appSphere gallery

Updated MongoJobPersistenceImpl to take advantage of new paging api for JobCoordinator

Allow removal of a requested scope or an auto-grant scope during the SMART login context selection callback. These scope can be removed by removeAutoGrantScopes() and removeRequestedScopes() in the OAuth2SmartContextSelectionChoicePerson.

Add captcha when requesting new app in appSphere gallery

Add feature for viewing new app requests in appSphere admin console

Added a new Maximum Expansion Size property to persistence modules, which permits you to set the maximum size of a valueset expansion in a query. This will permit queries using code:in and code:not-in to be performed on valuesets larger than 1000 codes.

The Legacy Search Builder has been removed.

The Delete Expunge operation has been moved from Spring Batch to Batch 2.

LiveBundle now fully supports partitions.

In order to accommodate Smart v2 fine-grained scopes with filters, the maximum allowed length of a scope string has been increased to 764 characters.

Previously, support for the configuration parameters Allow Multiple Delete Enabled and Client ID Mode was added to the MongoDB persistence module, but the parameters were not added to the module's page in the web administration console. The parameters can now be viewed and set through the console.

Fixed a bug where the multitarget gateway operation GET Patient $meta returns the response id as null.

Fixed a bug for importing ZXT segments in HL7 v2. Previously, if the ZXT segment was nested within a message structure in the input (such as found in RDE, ORU, or ORM messages), it would not be found nor mapped. This has now been fixed.

Updating validation message to Validation Passed with Warning for unknown code system.

Resolved the NullPointerException thrown when running smileutil hl7v2-analyze-flatfile on a message file with an Organization. Organizations will be created with the data in the message file instead of searching when analyzing flat files.

Previously, MDM features still worked even when mdm.enabled was set to false in the persistence module. This has now been fixed.

Update Mongo implementation of IIdHelperService that was modified in the corresponding Hapi-Fhir Pull Request (https://github.com/hapifhir/hapi-fhir/pull/3694). The Hapi-Fhir fix resolved the issue of deleted resources with client generated ids being including in the bundle total when searching by _id.

Added code to fix importing ORU messages with OBX-8 being incorrectly mapped to the (DSTU3 CodeSystem) [http://hl7.org/fhir/stu3/v2/0078/index.html] instead of the (R4 CodeSystem) [http://terminology.hl7.org/CodeSystem/v3-ObservationInterpretation] when using R4.

The Delivering Delete Events property in AWS Healthlake was behaving incorrectly. It has been removed, this property and Delivering Latest Version are now instead handled by default when Auto-Manage Subscription is enabled. These two extensions are now enforced via interceptor when creating a Subscription.

Fixed a bug in AWS Healthlake module where disabling the Auto-Managed subscriptions setting would not actually disable the existing subscription. This has been fixed, and disabling this setting will set the existing subcription to the OFF status.

It was not possible to debug javascript running in Smile CDR inside a docker container. This has been corrected.

Previously, when JavaScript execution environment debugging was enabled, and a path specified, Smile would assign a new URL every time the module was restarted by appending a numeric suffix to the specified path. Now, the URL will be reused when possible, and the suffix will only be appended to prevent a conflict with another active instance of the debugger.

Fixed spelling mistake on ValueSets in Create Module Page - Dependencies - Validation Support

Previously, it was possible to create two overlapping SearchParameters with the same base and code. This could cause non-deterministic search behaviour at runtime. Smile CDR now prevents the creation of a second search parameter that could conflict with an existing one.

HL7 Listener mapping Location System url typo fixed.

When using the gateway, configured forewarding headers were not actually passed from the gateway to the target server for FHIR extended operation invocations.

Fixing regression to allow setting of task status during start and completion of job. Failure states may require further work

Inconsistency in search results between RDBMS and MongoDb persistence when searching _tag with invalid search parameter system|value.

Added checks for empty values when creating PV1-20 Financial Class components: Financial Class Code, Effective Date

Previously, import-poll-status operation was throwing exception of don't know how to handle operation. This has been fixed, and the import-poll-status operation is now working as expected.

Changed log level in CsvProcessorContextJsonImpl from INFO to DEBUG

Previously, Smile was using it's own private version of ISubscriptionDeliverer. This fix removes the private ISubscriptionDeliverer (ca.cdr.api.pub.fhir.ISubscriptionDeliverer) and replaces it with the public api version (ca.cdr.api.fhir.interceptor.ISubscriptionDeliverer) to allow for more customization.

Previously, unsupported resource posted to AWS endpoint threw an InvalidRequestException. This fix, changes the log to handle the exception in a more graceful way, without errors and retries.

Previously, VIEW_MODULE_CONFIG permission was accidentally required to view transaction logs. This has been corrected.

Previously Multitarget Gateway was ignoring the parallel field in the configuration json, and was always sending out requests in parallel. This is now fixed.

Fixed a bug for the $everything instance-level operation for MongoDB. Previously, if you had referential integrity disabled, and you requested the $everything operation for an instance that did not exist in that database, Smile CDR would treat it as a type-level $everything operation. This has been corrected.

Previously, when an ADT message was created, the birthTime extension was being added to the Patient resource. This has been corrected and now the birthTime extension is added to the birthDate element. Additionally, now if there is no time specified in the birthDate element (i.e. 1970-01-01), then no birthTime extension will be added at all.

Fixed a bug where Batch2 jobs registered to a Mongo DB persistence module did not appear in the runtime batch jobs page.

Previously, configuring the Creation Mode - Practitioner to CONDITIONAL_CREATE in the HL7-v2 listening module also applied the conditional create to Appointments. This has now been changed so that the Creation Mode - Practitioner property only applies to Practitioners and Appointments are always treated as conditional updates.

Fixed an issue where the module setting for reindex operations was missing from MongoDB persistence module.

updated the mongo job persistence layer to take advantage of new API to hand back the WorkChunk after updating error count

Previously, if the Realtime Export module threw an error while attempting to write to the remote database, it could print query values to the logs. This has been corrected and now only placeholders will be logged.

Update documentation for Store resource bodies in Lucene parameter to indicate full lucene reindex is required for previously indexed resources.

Previously, some of the endpoints in the well-known JSON in SMART configuration appeared as manage, introspect, and revoke. In order to allow for automated discovery, these have been changed to management_endpoint, introspection_endpoint, and revocation_endpoint respectively.

Previously, a NullPointerException might be thrown during some operations when the Enable Search Expanding Interceptor property of the persistence module is enabled. This has been fixed.

Previously, if the property module.persistence.config.dao_config.mark_resources_for_reindexing_after_sp_change was true, the persistence module might fail to start up. This has been fixed.

Previously there was missing logging information for the AWS HealthLake Export Module. New logging has been added for the time taken to fetch credentials from AWS, sign the credentials, and PUT resources to AWS HealthLake. Additionally, a new AWS HealthLake Troubleshooting Log has been created to log the new events, as well as all other events related to the AWS HealthLake Export Module. The Log Requests to System Logs configuration property has also been removed along with the associated LoggingInterceptor. As a result there are no longer request / response bodies in the logs. Finally, x-amz-security-token, Signature and Credential information has been removed from the logging output.

Previously the embedded FHIR client inside the AWS HealthLake Export Module was making an additional GET /metadata request when data was PUT to the server. This request has been removed to increase performance.

Previously, when OIDC clients tried to access endpoints using access tokens generated with Grant Type: Authorization Code, and an Authorized Redirect URL there was no information available in theClientSession parameter of the consent callback scripts. This fix populates theClientSession using user session details if they are present.

Previously, custom operations would fail when registered on a FHIR Endpoint module. This has been corrected.

Fix issues with mongoDB persistence and MDM operations $mdm-submit and $mdm-merge-golden-resources

MongoDb $mdm-update-links was creating duplicate records for the old and new link. This has been corrected.

Added replacement of keypass field data with [REMOVED] when downloading System Config from Admin GUI

Backported from: 2022.08.R01

When using the gateway, configured forewarding headers were not actually passed from the gateway to the target server for FHIR extended operation invocations.

Backported from: 2022.08.R01

Fixed a bug for the $everything instance-level operation for MongoDB. Previously, if you had referential integrity disabled, and you requested the $everything operation for an instance that did not exist in that database, Smile CDR would treat it as a type-level $everything operation. This has been corrected.

Backported from: 2022.08.R01

Added 2 new config diagnostics entries. The first to check the persistence db and cluster manager db are not the same. The second to check if we are running postgres that inline_resource_storage_below_size is not zero.

Backported from: 2022.08.R01

The Delivering Delete Events property in AWS Healthlake was behaving incorrectly. It has been removed, this property and Delivering Latest Version are now instead handled by default when Auto-Manage Subscription is enabled. These two extensions are now enforced via interceptor when creating a Subscription.

Backported from: 2022.08.R01

Fixed a bug in AWS Healthlake module where disabling the Auto-Managed subscriptions setting would not actually disable the existing subscription. This has been fixed, and disabling this setting will set the existing subcription to the OFF status.

When importing a Clinical Document Architecture (CDA) document, if a Procedure Activity Procedure section contains a Medication Activity subsection, this will be converted to a MedicationStatement resource and linked to the Procedure resource that corresponds to the Procedure Activity Procedure section using the partOf relation.

The Oracle OJDBC driver has been bumped to version ojdbc11-21.5.0.0

New OpenID Keystores have been added as a way to save and manage JWKS for outbound security module. Using the new Keystores, JWKS can be updated while server is running and the security module referencing them will not need to be rebooted. We have also deprecated the JWKS configs on the smart-out-security module in favour of defining a Keystore and linking the module to a keystore id. The former JWKS security configs will remain for now, but will be removed in a future version. It is advisable that consumers switch to the new keystore solution instead.

Added configuration check to ensure the http context_path configuration item agrees with base_url.fixed configuration item.

Implemented system-level MongoDB expunge everything operation.

Added support for debugging JavaScript callback functions. When enabled, the server will log the URL that a Chrome browser can open to establish a remote debugging session with the JavaScript Execution Environment and debug callback functions live as they are being executed.

Mdm links are now partition aware, incoming resources will only attempt mdm operations against golden resources in the same partition. Mdm operations are also partition aware.

Added a new column to keep track of when a user last logged in and display that in the web admin console.

When importing a Clinical Document Architecture (CDA) document, if a Procedure Activity Procedure section contains a Reaction Observation subsection, this will be converted to an AdverseEvent resource and linked to the Procedure resource that corresponds to the Procedure Activity Procedure section using the suspectEntity.instance relation.

When importing a Clinical Document Architecture (CDA) document, if the Social History Section contains a Pregnancy Observation entry, which in turn contains an Estimated Date of Delivery sub-entry, the fields of the sub-entry will be mapped as a component of the resulting FHIR Observation.

When importing a Clinical Document Architecture (CDA) document, if the Social History Section contains a Caregiver Characteristics entry, the fields of any participants in the entry will be mapped to fields of the resulting FHIR Observation.

When importing a Clinical Document Architecture (CDA) document, if a Social History Section is present, all entries within the section will be converted to Observation resources.

When importing a Clinical Document Architecture (CDA) document, if the Procedures Section contains one or more Procedure Activity Observation sections, each of these will be converted to an Observation resource with additional subordinate resources as needed.

When importing a Clinical Document Architecture (CDA) document, if the Procedures Section contains one or more Procedure Activity Act sections, each of these will be converted to a Procedure resource with additional subordinate resources as needed.

Previously, if a Health Check was unhealthy, the /endpoint-health endpoint would return a 200 response code along with the health check failure message. That status code is now configurable via the Unhealthy Status Code property.

Subscriptions on the default partition in partitioned systems can have an extension that allows it to listen to changes to resources in all partitions. Also added setting to disable this feature.

Provide the capability to have the body of a transaction log step serialized as inline (without formatting) or as inflated (with formatting) JSON

Previously, there was no way to setup the transaction log so that it only sent to a broker, and was not persisted. This is now possible. If you disable the transaction log database, and enable the transaction log broker, the log events will be sent directly to the broker. Note that when running in this mode, that asynchronous events (such as MDM steps and hl7v2 inbound steps) will only be linked to their parents via the transaction GUID.

MongoDB storage now supports searching on number types and not equals (ne) prefix based searching on quantity types. Additionally, searching with the not equals prefix on date types in MongoDB and RDBMS has been implemented.

The HL7 v2.x outbound processor now supports transforming DiagnosticReport.presentedForm attachments to Encapsulated Data in OBX-5.

The endpoint at /runtime-status/health-checks now supports a new boolean query parameter, onlyRunning. When set to true, only health checks on running processes are returned. E.g. /runtime-status/health-checks?onlyRunning=true

A pair of new permissions have been added that allow search results to be blocked from access if they contain a code (or do not contain a code) that is matched by a given ValueSet. See Block Unless Code in ValueSet for more information.

OIDC clients created via appSphere now has Remember User Approved Scopes flag set to true

Added new advanced persistence module config called 'Nickname Search' that when enabled allows searching by names using the :nickname modifier. E.g. /Patient?given:nickname=Kenny will match a patient with the given name Kenneth.

Update app registration fields in appSphere- increase long description length, add sales contact info

The well known management, introspection, and revocation endpoints were missing in the CapabilityStatement while included in the well known config (/.well-known/smart-configuration). The endpoints have been added to the CapabilityStatement.

The MongoDB Storage module now has a configurable search/query timeout setting.

appSphere: moved sales contact email field to profiles, added marketplace flag (for internal use)

When the Create Message Header for Each Message property is enabled, the HL7 v2.x inbound processor will map MSH-5 (Receiving Application) to MessageHeader.destination.name and MSH-6 (Receiving Facility) to MessageHeader.destination.receiver.identifier.

A new interceptor called Provenance Injection Interceptor has been added. This interceptor will inject transient/non-persisted Provenance resources into a response at the request time. This interceptor may be enabled either by the $everything operation or the ?_revinclude=Provenance:target search request.

Anonymous users can now request the version of a server by calling /version on the admin-json endpoint. Display version number on top-right of all cdr documentation pages.

P2P Client generates Provenance resources for incoming data.

Add support for saving draft registrations in appSphere

The Web Admin Console now runs Config Diagnostics on a module before presenting the module config page for that module, and displays any security, error, or warning issues at the module edit page.

Added all our documentation to sitemap.xml for Google to find.

New properties in the Cluster Manager permit you to modify the Audit Log Broker Channel Name and the Transaction Log Broker Channel Name.

Add support for saving multiple draft registrations in appSphere.

A new experimental external binary storage mode has been added to support AWS S3. This implementation also supports MinIO instances.

Added new MDM configuration fields in P2P Module for Patient records ingested as part of P2P transfer.

Providing Support to inject client supplied resource providers through property resource_provider_bean_types.

Added reads with theDeletedOk boolean in MongoDB. This previously threw UnsupportedOperationException. Additionally, the read() method calls were reordered to match that of JPA.

Added a configuration option to enable validation to the audience claim (aud) during the SMART on FHIR authorization process to conform to OAuth2 specifications.

Add support for saving re-registrations as draft in appSphere.

Add can re-register flag to appSphere to separate re-registration flow from new registrations.

Previously, if Intermediate Logging was enabled for an HL7V2 Listener endpoint, the endpoint would execute two bundle transactions. This could cause the version of the resources to increase. This has been corrected.

Added support to launch web apps directly from appSphere's gallery.

Added two new settings for Binary Storage Interceptor. One for the ability to prevent binaries from being automatically inflated on a request and another to control how many bytes can be automatically inflated per request, if it is enabled.

Config Diagnostics are now available on the admin-json endpoint at the path /diagnostics. The VIEW_MODULE_CONFIG user permission is required to access these diagnostics.

Added a new setting for Bulk Export, which adds the ability to set retention time of collection files. This is useful for instances where bulk export jobs take a long time due to high resource count. Previously, the hard-coded limit of 2 hours was causing in-flight jobs to be purged. If this value is set to 0 or less, the files are never removed.

Add configuration diagnostics messages for modules depending on persistence modules that do not fully support partitioning yet.

Restrict modification of OIDC clients generated by appSphere outside of appSphere.

Batch2 jobs were not displayed in Admin-Runtime-Jobs pages. They are now displayed.

Nickname search support has been added to MongoDB.

Previously, the STORAGE_PRESEARCH_REGISTERED pointcut was not being called for installations running MongoDB. While MongoDB does not require registered searches in the traditional sense, this pointcut permits searches to be modified before execution, and so is being added.

In order to enable more detailed error reporting, the entrypoint of the CDA Import feature has moved from the Channel Import module to the CDA Exchange module. The CDA Exchange module exposes an $import-cda operation that accepts a CDA document in XML format as input and returns an OperationOutcome resource containing a collection of error and warning messages.

Previously, when importing a Clinical Document Architecture (CDA) document, if an Encounter entry contained Indication sub-entries, these would be mapped to FHIR Conditions and linked to the Encounter via the diagnosis.condition reference. Now, the Conditions derived from Indications are linked via the reasonReference, and diagnosis.condition is used to refer to Conditions derived from the EncounterDiagnosis sub-entries.

Previously, when importing a CDA document with a Medications Section, all of the Medication Activities would be converted to FHIR MedicationStatement resources. This mapping is only appropriate for Medication Activities with an EVN mood code. Any Medication Activity with a different mood code will be skipped and a warning returned to the caller.

P2P Batch job submission API change. Moved Task, Consent and Organization creation to backend to provide complete API solution.

Support for Java 8 has been dropped. Minimum version to run Smile CDR is now Java 11. All demo projects have been updated to use Java 11 as well.

Searches using the _lastUpdated parameter with prefixes in the multi-target gateway used to return HTTP 400 response. This has been fixed, and these searches now return properly.

Previously, Multi Target Gateway would ignore the offset for an initial search request which used _offset=X. This has been corrected.

When calling an unsupported operation on a MongoDB server, the server used to respond with a cryptic 500 error. It now responds with an informative 501 error along with a message that explains the specific operation that is not yet implemented for MongoDB.

Previously, messages ingested via HL7V2 would have missing entries in the transaction log broker. This has been corrected and all steps of transaction log events will now appear in the broker.

On the MongoDB FHIR Storage module, searching for string Search Parameters will now correctly perform a prefix match as opposed to an exact match.

Reduced false exceptions at startup and shutdown.

When cross-partition reference Mode is used, the rest-hook subscriptions on a partition enabled server would cause a NPE. Cause of this is from the reloading of the subscription when the server is restarted. This issue has been fixed. Also fixed issue with revinclude for rest-hook subscription not working.

Support for the HMAC-SHA256 hashing algorithm has been added.

Fixed where the abortTransaction is invoked so that the MongoServerExceptions error will show up in the log file.

Improved the Smile CDR startup log messages. Removed extraneous lines and resolved warnings.

In the past, it could take up to an hour for an updated SearchParameter to start indexing new resources. This has been reduced to 10 seconds. This is accomplished via a new database table that is used to synchronize all caches across the cluster (SearchParameter, Subscription, and Library) every 10 seconds.

Fixed a regression in the Web Admin Console which caused users to be unable to view archived modules.

Fixed the bulk export permission issue on MongoDB. The user is now only allowed to bulk export the resources for which they have permissions, as defined on the FHIR_OP_INITIATE_BULK_DATA_EXPORT permission.

The manage, introspect, and revoke endpoints URLs in the CapabilityStatement did not match the structure definition causing Touchstone testing to fail. This has been fixed.

Fixed a bug where _id was not usable in a _has query.

Added version requirements to documentation for Kafka, ActiveMQ, and Infinispan, as per client request.

Add missing configuration categories to documentation pages. (appSphere and P2P modules)

Latest sales emails should always be used for appSphere applications

There was no way to recreate freetext indexes for terminology TermConcept and TermConceptProperty. Batch command reindex-terminology was created for this purpose.

Previously when using the $everything operation on the FHIR Gateway, the total element of the returned bundle, and the next links, were not being set correctly. This has been fixed.

The recent speedup of Search Parameter syncing was not functional for Postgresql. This has been corrected.

On Oracle Database, when a user refresh token concurrently, sometimes the concurrent requests throw a 500 deadlock error. This has been corrected by adding an index to the child table of the records being deleted. The deadlock may be caused by the child table not having index for the foreign key.

Previously, a bug caused binaries stored to an external binary storage system via the $binary-access-write operation to be stored as empty files. This has been corrected.

A recent switch to Alpine as a base docker image caused snappy compression in kafka to stop working. This has been corrected.

Fixed an issue where creating a new module in another node would result in an error.

Fixed an issue where requesting MDM clear returned HTTP 500.

Fixed a bug in viewing transaction log bodies where thymeleaf would throw an exception, but otherwise work.

In earlier versions, it was possible in the JavaScript Execution Environment to loop over fhir element arrays by calling .entries() on the element. This has been restored. E.g. It is once again possible to write a loop like for (let [i, identifier] of resource.identifier.entries()) { ...

Smile CDR documentation and configuration incorrectly referred to CDS Hooks as CDS-Hooks. This has been corrected.

Fix issue where Oracle throws an ORA-01795 ERROR when the StaleBatchJobCleanupSvc tries to delete more than 1,000 expired jobs at once.

Providing audience parameter validation against an allowed resource URL list when initiating an OId Connect request.

$graphql was not working properly with the Fhir Gateway endpoint. This has been resolved.

Fix issue Font Awesome Icons are not showing properly.

Fix for exception thrown when exporting Diagnostic report with document to HL7V2.

Fix exception in audit log to record when Observation $lastn operation is performed.

Backported from: 2022.08.R01

Previously Multitarget Gateway was ignoring the parallel field in the configuration json, and was always sending out requests in parallel. This is now fixed.

Backported from: 2022.05.R01

Previously, a bug caused binaries stored to an external binary storage system via the $binary-access-write operation to be stored as empty files. This has been corrected.

Bump the version of HAPI-FHIR to rely on one that is not vulnerable to Spring4Shell.

Added subscription delivery retry handling for Remote ActiveMQ and External Kafka. Strategy will use the retry-count extension from the subscription to retry message delivery retry-count times with exponential backoff before giving up and dropping failed message into the default DeadLetterQueue of the system (ActiveMQ.DLQ for ActiveMQ, KAFKA.DLQ for Kafka

A new setting called Enable Indexing of Search Parameters has been added to the FHIR Storage (RDBMS) module. This setting enables indexing of token, string, and reference search parameters in the Lucene index. This add support for :text to token search parameters, and adds support for :contains and :text to string search parameters.

All Swagger v2 descriptions in Smile CDR (JSON Admin API, CDS Hooks Server, SMART Outbound Security module, etc.) have been migrated to support OpenAPI v3.

Two new node configuration items have been added. These must be set in the Smile CDR properties file. If 'node.config.locked' is set to true, then module configuration can not be changed via the json endpoint or web admin console. If 'node.security.strict' is set to true, then the server will not start if the admin user still has the default password, any anonymous user has superuser privileges or if any Smart Outbound Security module is using the example keystore. Furthermore FHIR Endpoint access will be denied to any user with both anonymous and superuser privileges if 'node.security.strict' is enabled.

A new configuration setting has been added to the SMART Inbound Security and SMART Outbound Security modules that allows the cache timeout for remote JWKS files to be configured or disabled entirely (previously it was set to a hardcoded value).

Add Enforce Referential Integrity on Write Config in MongoDB.

Configuring database-backed modules with a default_query_timeout_seconds greater than remove_abandoned_timeout_seconds will now throw a configuration exception. This is to prevent theoretically good queries from being abandoned because they are taking longer than the abandoned_timeout, but not the default_query_timeout.

Added the capability to use multiple threads for MDM if you are using eidSystems and Kafka as a message broker. See the documentation for details.

Modified the Admin Json mdm-clear endpoint to support tenant identification as part of the request body via the tenantId field.

Enable rudimentary import of CDA documents via the channel import module.

Added integration tests for subscription on a partitioned server. Deprecated Delivery to Site-defined External Queue extension, to use message channel type instead.

When calling the system-config endpoint of the JSON Admin API, there is now an optional boolean query parameter called includeLogs. If enabled, smile CDR will search through all file appenders of the logging system, and collect the contents of the log files to be added to the generated zip file. Note that this should be used with caution, as there is a risk of PHI being contained in your logs.

Added delivery module for AWS HearthLake, using a rest-hook subscription. Includes an extension which allows propagating also DELETE actions and a request interceptor to sign requests according to AWS Signature Version 4 specification.

Added operations equivalent to $mdm-clear and $mdm-submit to admin-json / swagger.