The 2020.05.R02 point release corrects two issues: * An inefficient SQL query was created when repository searches were performed containing multiple chained search parameters. See HAPI FHIR Issue 1842 for information on this issue. * Two new columns were added to the RDBMS repository index table supporting date based searches. A database index was missed, resulting in slow performance for some date based searches. Users of the FHIR Storage (RDBMS) module are advised to upgrade to this point release instead of 2020.05.R01. Other users are not affected.

A new feature called Partitioning has been added to the FHIR Storage (RDBMS) module. This can be used to create Multitenant servers, set up logical data sharding, and other similar configurations.

By default, LiveBundle Watchlists are cached in memory and refreshed on read once a minute. This has been changed so that only individual subscriptions are cached as opposed to the entire list. Also, a new config parameter has been added to disable this cache.

The $livebundle-watchlist-subscribers command now supports _include and _include:recurse parameters.

The setKeepReferencesPath() method is now available on all Keepers. (Previously it was available only on toggle keepers.)

The $livebundle-watchlist, $livebundle-watchlist-subscribers, and $livebundle now all support multiple subscriberGroup parameters.

Added Date Type SearchParameter support for MongoDB.

Implemented FHIR endpoint custom SearchParameter search support for MongoDB.

Implemented FHIR endpoint search by match support for MongoDB.

Implemented FHIR endpoint History support for MongoDB.

There is now basic support for Elastic APM agent, including transaction naming based on the HTTP request and its query parameters.

The JavaScript execution environment HTTP Client API now has additional options for using custom TrustStore/Certificates/KeyStore files for executing TLS/HTTPS calls.

Add a new system monitoring mechanism using Elastic APM

Added support for the "message" subscription channel type.

Documentation has been added showing how to add the Troubleshooting Logs to the console logging, which is useful for docker based deployments.

A new setting has been added to the FHIR Storage (RDBMS) module called Resource Deletion Enabled. This setting should be disabled on systems where resource deletion is not being used, as this avoids the need for some resource deletion checks during write operations, and therefore increases overall write performance.

The HL7 v2.x inbound processor now supports PR1-1 (Set ID - PR1). If PR1-1 is populated, the value will be stored within a procedure-sequence extension at the root of the resulting Procedure resource.

A setting to Smile CDR HTTP server modules has been added that forces the server to behave as though incoming requests are HTTPS even if the request is not. This is useful for interacting with some network infrastructure that does not correctly provide forwarding headers.

The FHIR Gateway module now supports FHIR Delete operations, including cascaded deletes.

Added a property to toggle the usage of ordinal dates for day-precision searches. If enabled, will do a strict numeric comparison on the yyyymmdd value, ignoring all time. Property is module.persistence.config.dao_config.use_ordinal_dates_for_day_precision_searches. Default is true.

MongoDB FHIR Storage modules now support chaining searches. Note that this support is currently limited to token-based chains only, but other types are planned. Supported chains must be explicitly declared in advance of data population. See Uplifting Reference Chains for more information.

FHIR Subscriptions are now supported on MongoDB FHIR Storage modules.

The Oracle OJDBC driver has been bumped to version 19.6

It is now possible to pre-seed a new installation of Smile CDR with Users, OpenID Connect Client Definitions, and OpenID Connect Server Definitions using the new Pre-Seed feature. Note that this changes the way that the initial admin user is seeded into a new environment, so it will be a breaking change for any Node Configuration Property File what was being used to pre-seed an admin user with a non-default password.

The Web Admin Console process list will no longer show stopped processes for a node that has at least one running process. Showing stopped processes was generally reported to be misleading and/or confusing, and did not add value.

The Subscription processing engine has been significantly reworked in order to improve maintainability. This change has one user-facing consequence: The version-specific Subcription Processing modules have been replaced with a new version independent one.

The LDAP Inbound Security module previously output unhelpful error messages in the event that it was unable to bind to the LDAP server. The error messages output by this module have now been greatly improved.

A bug was fixed in the Web Admin Console, where changing a module dependency and restarting that module immediately afterwards sometimes resulted in the dependency reverting to its previous value.

FHIR search was returning deleted resources from the MongoDB storage module. This has been corrected.

Fixed issue for MongoDB Module where SearchParameterRegistry was not updated with custom SearchParameters.

Fixed issue in the Web Admin Console where an error occurs when multiple nodes are configured and the user attempts to access configuration for a module.

When using the MongoDB Storage module, credentials that were placed in the username and password configuration properties (as opposed to being embedded in the connection URL) could cause an error on startup. This has been corrected.

A bug in the cluster manager was fixed that could allow two processes to claim the same process ID if they happened to start at the exact same time.

The $snapshot operation failed to execute due to an audit log error. This has been corrected.

When a module was added to a running Smile CDR instance, for example using Web Admin console, the new module would not start until the application was restarted. This has been corrected.

loincupload.properties in path/to/smilecdr/terminology/loinc/ has been updated.

The HL7 v2.x outbound processor was failing where Specimen.identifier.type was not populated with an expected value. This has been fixed.

Documentation for the Subscription Custom Delivery Class has been corrected to identify a package, and to use the correct class name. Subscription.channel.endpoint was removed from the example for clarity.

When performing a FHIR update using the MongoDB storage engine, the server response contained the contents of the previous version of the resource instead of the new contents. This has been corrected.

When shutting Smile CDR down, an error was sometimes printed to the console towards the end of the shutdown, even though the shutdown was successful. This has been corrected.

If a Process ID is being reused by a new process (because it was previously shut down), the associated Process Name was not updated leading to misleading details in the Web Admin console. This has been corrected.

When an environment variable substitution was performed within a configuration property file, an incomprehensible error message was returned if the variable did not actually exist. This has been corrected.

It is now possible to enable/disable the automatic pre-seeding of validation and conformance resources such as StructureDefinitions, CodeSystems, and ValueSets. These resources were automatically seeded beginning in Smile CDR 2019.11.R01, but this feature is now disabled by default and can be enabled if required.

Added new $livebundle-reseed function to purge and reseed all bundles for the given rule.

Changed the meaning of the db_schema_update_mode config param. It used to set the hibernate auto-migration value. Now it determines Smile CDR startup behaviour when a Smile CDR database is out of date. When set to 'UPDATE' Smile CDR will now automatically update the database. When set to 'NONE' Smile CDR will abort startup if the database is out of date and expect you to update it manually using 'smileutil migrate'.

Support for ElasticSearch has been added as an alternative to Lucene for fulltext/terminology indexing. This is now the recommended mechanism for performing indexing in a clustered environment. See Lucene Indexing for more information.

Support has been added to the SMART Outbound Security module for the Proof Key for Code Exchange (PKCE) extension to the OAuth2 protocol. PKCE is an extra layer of security that is useful for public client applications that are unable to keep a secret (e.g. SPAs).

The metrics endpoint now supports a whitelist and blacklist that can be used to trim the number of metrics exported by the endpoint.

A new 'trace mode' has been added to the HTTP Troubleshooting Log that enables extra verbosity in this log in order to help diagnose networking issues.

Sites now have the option to create subscriptions that will deliver resources to a site-defined and externally readable message queue.

Scope claim in JWT Access Token can now be an array instead of a simple string, in order to support default format exported by ForgeRock IAM.

It is now possible to specify a socket timeout for HL7v2 inbound listener ports, and a default timeout of 30 seconds is set. Previously no timeout was applied (or possible) meaning that a misbehaving client could cause a connection leak if it did not properly close the connection.

Previously, Livebundle subscribers were added to subscriberGroups via the $livebundle-watchlist-add operation. Adding and removing subscribers from `subscriberGroup1s has been moved into two new operations: $livebundle-group-add, and $livebundle-group-delete.

It is now possible to skin the Two Factor Authentication page on the SMART Outbound Security module.

With the introduction of the Subscription Processor module type in 2019.11.R01, it was no longer possible to register interceptors against the SUBSCRIPTION_xxx pointcut family. A new module setting on the subscription module has been added that allows interceptors to be registered there.

The User Session was not provided to consent service scripts when Basic Auth was used. This has been corrected.

LiveBundle keepers used to be able to store a different tracking id from their filter watchlist subscriber id. This is no longer the case. This has consequences for rule scripts and the LiveBundle API. In the API, when requesting a LiveBundle, the trackingId parameter has been renamed to subscriberId. LiveBundleRule.setTrackingType() has been removed since that can now be derived from the Watchlist.subscriberType. Lastly, pathToSubscriber has been renamed to subscriberSearchParam. This field was incorrectly named as a path; it has always been a search parameter.

LiveBundle keepers can now have a list of FHIR paths of references to keep. (Previously, only one FHIR path was supported.)

Kafka configuration was appearing on Storage and Subscription module config when it should only appear on the Cluster Manager config. This has been corrected.

When performing a SMART Authorization on a SMART Outbound Security module with an alternate context root specified, the flow failed if a user with two-factor authentication enabled tried to authenticate. This has been corrected.

An issue in FHIRWeb was fixed where requests could fail with a cryptic error in cases where the target FHIR Endpoint had a Fixed Base URL that did not match the server Context Path.

A regression in Smile CDR 2019.11.R01 was fixed: When using the SMART Inbound Security module, users with only the ROLE-SUPERUSER or ROLE_FHIR_CLIENT_SUPERUSER permissions were sometimes denied access to FHIR operations.

The amount of database activity generated by the Web User Session manager (used by the Web Admin console and the SMART Outbound Security module) has been significantly reduced. This should reduce the load on the database, and improve responsiveness for console users. This also has the side effect of avoiding an occasional error message when using the H2 embedded database. In addition, a but was fixed that prevented old sessions from being purged from the database in some cases.

When a user was saved with invalid permission arguments, in some cases it was not possible to edit or use this user any longer due to an overzealous validator when loading the user from the database. This has been corrected.

A Google Analytics tracker was inadvertently added to the Web Admin Console homepage. This has been removed.

When using the SMART Inbound Security module, some RSA JWK keystores failed to parse if a key in the keystore did not explicitly declare which algorithm it used. This has been corrected.

The Web Admin Console user manager showed incorrect page numbers in the description below the pager widget. This has been corrected.

The CapabilityStatement generated for R4 FHIR servers did not include SMART URLs when equipped with a SMART on FHIR authorization module. This has been corrected.

When performing normal FHIR queries against a FHIR CDR, a number of unnecessary accesses to the Cluster Manager database have been removed, which should improve performance on heavily loaded systems.