Smile CDR v2024.05.PRE
On this page:

1.4.1Changelog: 2023

 

Legend

A new feature
An existing feature has changed
A bug fix
A performance improvement
A security issue has been corrected

1.4.2Smile CDR 2024.05.R01 (Borealis)

 

1.4.2.1Release Information

Released 2024-05-18
Codename Borealis
HAPI FHIR Smile CDR 2024.05.R01 is based on HAPI FHIR 7.2.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

1.4.2.2Upgrade Instructions

1.4.2.3Changes

Added transaction log support for the CDS hooks endpoint.

Documentation was added for remote terminology $lookup and $translate operations.

The experimental CDA Exchange+ module now supports the Assessment section.

Added batch job framework for the $invoke-export operation to the System-to-System Data Exchange module.

Added a way to obtain an auth token for $member-match and $export requests in system to system data exchange module.

Added a step to the $invoke-export batch job that will call $member-match on the responder server. This feature is experimental.

Added a step to the $invoke-export member match job that will poll on export. This is a stop-gap step for V1 and will be updated accordingly. This feature is experimental.

Added a step to the $invoke-export batch job that will handle response of $export call on the responder server. This feature is experimental.

Added a step to the $invoke-export batch job that will finalize the results of the batch job. This feature is experimental.

A Camel broker consumer and producer has been added, which knows internal Smile message topics, allowing to simply reference them by name. See the HTTP Server Setup documentation for more information.

Several enhancements have been made to the FHIR Gateway module:

  • Update/Create operations are not currently fully aware of prefixes assigned to the target, resulting in invalid resources being sent to the target. This has been corrected.
  • A logger at info level currently logs every transaction through the gateway, which hurts performance. This has been reduced to DEBUG level.

Added System-to-System Data Exchange to Feature Comparison Summary to specify that it is not supported on MongoDB.

In the experimental CDA Exchange+ module, when importing a CDA document, any Planned Immunization Activity entries found in the Plan of Treatment section will be converted to MedicationRequest resources and linked to the CarePlan resource.

The experimental CDA Exchange+ module now supports the Instructions section as a text-only section.

In the experimental CDA Exchange+ module, when importing a CDA document, any Planned Medication Activity entries found in the Plan of Treatment section will be converted to MedicationRequest resources and linked to the CarePlan resource. When exporting a CDA document, any MedicationRequest resources found linked to the CarePlan will be rendered as Planned Medication Activity entries.

Added additional comments in the custom logging files provided in the customerlib folder and also the documentation discussing this aspect of the server.

In the experimental CDA Exchange+ module, the USCDI v1 plugin now produces MedicationRequest resources conforming to US Core 5.0.1 within CDA Plan of Treatment section.

Previously, the HL7 v2.x inbound processor used a combination of ORC-2 and RXA-2 to populate MedicationAdministration.identifier. This has been preserved as default behaviour, and a new property called Use ORC-3 as Primary Identifier has been added. When enabled, ORC-3 will be used instead of ORC-2 when populating MedicationAdministration.identifier.

A sample project illustrating how to develop an IPS Generation Strategy has been added to the Smile CDR documentation.

Added a quickstart guide for setting up System 2 System Data Exchange / Payer to Payer transfers.

On the FHIR Gateway module, it is now possible to disable paging links entirely on specific search routes.

Previously, processing SIU^S13, SIU^S14, SIU^S15, SIU^S17, SIU^S26, OMG^O19, ORM^O01, ADT^A30 HL7v2 messages appeared as Unknown Message Trigger in the transaction log. This has been fixed.

Previously, displaying the body of a transaction log with a long line would cause the side panel to resize in a way that would make information hard to access. This issue has been fixed.

Previously the lastConnectedTime displayed in the Administration Console showed date/time in UTC. This has now been corrected. Date and time are displayed according to the local time zone.

Previously, the experimental CDA Exchange+ module support for the Instructions section was not working for the export path. This has been fixed.

Changed the status used in the Task related to $invoke-export batch jobs. Added Extension to the Task which contains the value of the related batch job instance id.

The Runtime Monitor charts in the Web Admin Console failed to load if a non-default context root was specified. This has been corrected.

When the validation data seeding has a disable pattern of *, and Automatically Create Placeholder Reference Targets is enabled, Smile CDR will no longer automatically create a Search Parameter for searching placeholders, since this causes thrashing as the system tries to create and disable this search parameter.

The Search Parameter Seeding: Disable Patterns will no longer disable custom search parameters which have been added to the database.

When starting up multiple instances of a FHIR Storage (RDBMS) module at the same time (e.g. in a cluster), the search parameter seeding module could sometimes collide across the processes and cause some or all processes to fail to start. This has been corrected.

When the FHIR Gateway module was making outgoing HTTP connections to target servers, it could get blocked waiting for a connection from an internal connection pool that was inadequately sized. This has been corrected.

FHIR Gateway responses will now include an X-Cache header in the response if the response was served by the Gateway Cache.

1.4.3Smile CDR 2024.02.R01 (Apollo)

 

1.4.3.1Release Information

Released 2024-02-18
Codename Apollo
HAPI FHIR Smile CDR 2024.02.R01 is based on HAPI FHIR 7.0.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

1.4.3.2Upgrade Instructions

Migration to Jakarta EE

This release contains a large breaking change for authors of interceptors, custom camel processors, or other customer-provided beans. Internally, HAPI-FHIR and Smile CDR have swapped from using javax.* to jakarta.* packages. Please see the migration guide for more information. Without manual intervention, the majority of interceptors will fail at runtime unless they are upgraded.

Possible New Indexes on PostgresSQL

  • This affects only clients running PostgreSQL who have a locale/collation that is NOT 'C', such as en_US.UTF8
  • For those clients, the migration will detect this condition and add new indexes to:
    • hfj_spidx_string
    • hfj_spidx_uri
  • This is meant to address performance issues for these clients on GET queries whose resulting SQL uses "LIKE" clauses

These are the new indexes that will be created:

CREATE INDEX idx_sp_string_hash_nrm_pattern_ops ON public.hfj_spidx_string USING btree (hash_norm_prefix, sp_value_normalized varchar_pattern_ops, res_id, partition_id);
CREATE UNIQUE INDEX idx_sp_uri_hash_identity_pattern_ops ON public.hfj_spidx_uri USING btree (hash_identity, sp_uri varchar_pattern_ops, res_id, partition_id);

Deprecation of internal metrics

Internal Smile CDR metrics have been disabled and deprecated. It is recommended to externalize Smile CDR metrics using Prometheus (to pull metrics from Smile CDR) and Grafana (to visualize the metrics). See Externalized metrics for more information.

1.4.3.3Changes

This version of Smile CDR now requires a Java 17+ version of the Java JDK in order to run.

This version of Smile CDR now uses the JavaEE 9+ APIs, which have the jakarta.* namespace in place of the former javax.* namespace. This means:

  • Any interceptors which depend on javax.* classes such as HttpServletRequest and HttpServletResponse must be upgraded to use the new versions of these classes.
  • ActiveMQ users must upgrade to ActiveMQ 4.19.x as this is the first version supporting the new namespace.
  • Infinispan users must upgrade to Infinispan 14.x.x as this is the first version supporting the new namespace.

Added ability to restore the configuration of a server to a given history restore point. Added the /{node_id}/restorePoints/{id}/restore endpoint.

Added Troubleshooting Logs Controller to the JSON Admin API, which allows fetching and updating troubleshooting log configuration in runtime.

The CDA Exchange v2 module offers a new and improved solution for importing and exporting CDA documents. See the documentation for full details. This experimental module is not available to all clients.

Added a Microsoft SQL Server JDBC URL option to the example in our documentation to trust the Server Certificate: trustServerCertificate=true

In the experimental CDA exchange v2 module, CDA document import will now support documents that contain encapsulated data elements and will map as FHIR Attachment data type where applicable.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces CareTeam resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces AllergyIntolerance resources conformant to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Condition resources conforming to US Core 5.0.1.

Add various improvements to the RTE schema generation including lowercase, underscores, correct column grouping and ordering among other enhancements.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces a Results section conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Encounter resources conforming to US Core 5.0.1.

Added MDM support for R5 persistence module.

Make CDA Exchange v2 partition aware. Namely, ensure Fhir JavaScript API methods now respect partition IDs for search()/read()/etc and neither cross the partition boundary nor error out.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Note resources conforming to US Core 5.0.1.

The CDA Exchange v2 module now supports import and exports of CDA note sections

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces MedicationRequest resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces CarePlan and ServiceRequest resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Medical Equipment resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Procedure resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Immunization resources conforming to US Core 5.0.1.

FHIR Gateway did not previously support a target endpoint that returns non-Bundle resources. This has now been resolved.

The experimental CDA Exchange v2 module, when configured to use the US Core IG, will map between a CDA Social History section Birth Sex observation (2.16.840.1.113883.10.20.22.4.200:2023-05-01) and a FHIR extension (http://hl7.org/fhir/us/core/StructureDefinition/us-core-birthsex) on the Patient resource.

Providing the capability for clients to supply the FHIR Gateway module with custom Resource and system operation providers. Documentation regarding Gateway custom operation providers can be found [here].(/docs/fhir_gateway/custom_operations.html)

The experimental CDA Exchange v2 module will render C-CDA R1.1 template ids where appropriate in generated CDA documents to indicate backward compatibility with earlier versions of the IG.

Capability to perform terminology translate operation was added to Hl7V2 inbound interceptors by allowing them to autowire an ITermConceptClientMappingSvc

Added an Hl7V2 inbound demo project showcasing the use ITermConceptClientMappingSvc to perform terminology translate operation.

Demo project and documentation was added to support use of BundleUtil in Hl7V2 interceptors.

Added reference to example project showcasing the use of ITermConceptClientMappingSvc in HL7V2 interceptors to perform terminology translate operation.

Added JPA configuration property to handle blocking of resource updates causing the resource to change Patient compartment and load interceptor to enforce that.

Added transaction logging capability to camel smile and custom procedures. See the Camel Smile Processors Overview for details.

Exposing the username/clientId of the user initiating a batch job through the Batch Job Status API.

Added the ability to fetch persistence module id associated with MDM via MDMUI config endpoint.

Authorization scripts on the SMART Outbound Security module can now add approved scopes to a session even if those scopes aren't declared on the client definition.

The experimental CDA Exchange v2 module will now persist CCDs as-received for auditing purposes. A corresponding audit log can be found on an attempted CDA import operation, and the location of the resultant DocumentReference resource containing the CCD will be included in the endpoint response.

The experimental CDA Exchange v2 module will now parse the narrative block text for linked text on import. Links that are referenced within a document section will be resolved in the FHIR resource(s).

The experimental CDA Exchange v2 module will now map Vital Signs Organizer entries onto nested sections in the FHIR Composition to support user-defined grouping of Observations.

Add a new boolean property for persistence module(s) to control resource filter based on status during package installation

Added a Microsoft SQL Server JDBC URL option to the example in our documentation to trust the Server Certificate: trustServerCertificate=true

Added a Terminology Troubleshooting Log that is useful for troubleshooting terminology mapping issues.

Address a few small bugs in dqm persistence module, as well as bump clinical reasoning version that has breaking changes from hapi-fhir

Previously, only beans of type org.apache.camel.Processor were bound to the Camel registry from user-defined Spring Configuration classes. Now beans of type org.apache.camel.AggregationStrategy and org.apache.camel.support.jsse.SSLContextParameters are also bound.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now handles blood pressure panel vital signs Observaton resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now handles blood oximetry panel vital signs Observaton resources conforming to US Core 5.0.1.

Added the ability to handle custom matching script to the $member-match operation.

Updated System to System Data Exchange module to register an interceptor that will populate the memberId, consentId, and consentResource on Bulk Export parameters.

Added Consent services to Persistence module. Updated System to System Data Exchange module to work with this new Persistence module Consent Service to allow filtering on Bulk Export operations invoked via $member-match operations.

Added the /Patient/$invoke-export endpoint. This endpoint will be available in the SystemToSystemDataExchange module.

Added logic to create Task when $invoke-export is called. Added an interceptor to prevent modifying or deleting Task resources managed by the System 2 System module.

Added the template apply operation in the experimental CDA Exchange v2 module

The experimental CDA Exchange v2 module has been enhanced to support the scenarios where a patient is a member of their own care team or an author of their own goal.

To improve the reliability of zero-downtime upgrade, a new environment variable CDR_UPGRADE_MODE has been introduced. When upgrading servers in a cluster, it is recommended that all of the old servers set CDR_UPGRADE_MODE to 'true'. This will prevent scheduled jobs from running on the old servers and pause all message processing from all broker channels (JMS Queues and Kafka topics) on those servers. Lastly it prevents old servers from being changed in the Web Admin Console. Once a server has been upgraded, CDR_UPGRADE_MODE should be unset so that normal operation can be resumed.

Added new experimental module, System to System Data Exchange. This module is the home for all future System to System communication, including Payer to Payer flow.

Updated consent validation for PDex auth flow to use consent.patient instead of identifier.

Trying to create or update an OAuth client will fail if Authorization Code or Implicit Grant are selected as Grant Types but no Redirect URIs are specified.

Added $member-match endpoint in accordance to PDex specification in System-to-System Data Exchange module.

In the experimental CDA Exchange v2 module, when a field of the FHIR model has a data absent reason extension and the corresponding CDA field is mandatory, the CDA export operation will populate that field with a nullFlavor attribute. Also, the vocabulary mapping between the data absent reason code system and the null flavor code system has been refined.

The CDA Exchange v2 module will now render a null flavour UNK in an exported CCD when the value of Patient.gender is "unknown" in FHIR.

Deprecated module types can no longer be created via the Web Admin Console or the JSON Admin API. Configurations (DATABASE or PROPERTIES mode) that already have these module types are not affected.

Added ability to instrument SmileCDR process with open telemetry java agent. The open telemetry instrumentation. is enabled by setting an environment variable called CDR_OTEL.

Mongo internal transaction processing now supports nested transactions.

Updated Smart Out security to add custom claims to the access token. Smile CDR also reserves any custom claims prefixed with "smile_". Attempts by third party scripts or interceptors to add custom claims prefixed with "smile_" is verboten.

Token parsing in Smile has been updated to handle custom claims. All claims will now be added to the UserSessionDetailsJson.

Added clarification on when you should consider upgrading Smile CDR using the smileutil migrate-database utility command, instead of allowing it to automatically perform the upgrade.

The new, experimental CDA module has been renamed to CDA Exchange+. In addition, the display text in the IG Support drop list in the administrative interface has been updated to make it clearer which IGs are supported by each option.

The experimental CDA Exchange v2 will store unstructured document bodies as Binary resources.

Retrieving FHIR-id of resources in batch2 mode of evaluate-measure had poor performance, this improvement allows for query level return of ids without the need to return resources back in a bundle iterator, which is 2x faster

In the experimental CDA Exchange v2 module, planned immunizations are now supported and will be persisted as medication requests.

The CDA Exchange+ module's coverage of the US CDI 5.0.1 profile now accommodates additional varieties of missing data for Patient.birthSex

In the experimental CDA Exchange v2 module, importing unsupported data types now results in the value being skipped, and where applicable a data absent reason is created.

In the CDA Exchange+ module, when parsing a Device that is implanted as part of a Procedure, the deviceIdentifier field will be populated by precedence from the Device Identifier component of the UDI Organizer entry in the CDA document.

In the experimental CDA Exchange v2 module, the USCDI v1 plugin has been updated to enforce cardinality rules in the Patient resource.

Added additional metadata to $evaluate-measure batch2 MeasureReport to assist with UI. Corrected CQL documentation error. Version bumped Clinical Reasoning version, which included new operation $evaluate. Additional api definitions and configuration for CR operations: $care-gaps, $cql, $submit-data

In the experimental CDA Exchange+ module, when attempting to map a code that does not match with one of the expected values in FHIR, a verbose error is logged and the mapping is skipped.

A new Transaction Log module has been added which strictly outputs transaction logs to a remote broker such as Kafka or ActiveMQ. It follows the same configuration as the Cluster Manager's broker transaction log configuration.

Add payer organization resources to payer bundle in prior auth crd module

A new Persistence Module config diagnostic message has been added that writes out a WARNING message regarding the use of automatic upgrades on a PRODUCTION system.

Log CQL response received in prior auth module

The FHIR Gateway module will now allow multiple target definitions to use the same Resource ID Prefix value, if those targets are not used on the same route.

The FHIR Gateway operation caching mechanism now caches FHIR read requests as well as the existing FHIR search and operation requests.

The FHIR Gateway module now supports FHIR transaction operations.

Log parameter object passed into CQL engine in CRD prior auth flow

Additional telemetry data has been made available regarding hl7v2 inbound message processing when Smile CDR is run with open telemetry enabled. A parent span named 'smilecdr.hl7v2.inbound_message.process', and 2 metrics ('smilecdr.hl7v2.inbound_message.count' and 'smilecdr.hl7v2.inbound_message.error_count') are now being generated.

When performing UPDATE operations through the FHIR Gateway module, the gateway currently first attempts a READ operation against each target in order to determine whether any of the target servers hold a resource with the ID being updated. This has been optimized so that this READ isn't performed if only one of the targets is capable of servicing the request, either because of configured resource ID prefix rules, or because of interceptor results.

Support for JDK11 has been dropped. JDK17 is now the minimum supported version.

Swapped from using javax.* to jakarta.* packages. This may be a breaking change for some users who write custom code against Smile CDR. Specifically, any users writing interceptors that leverage the JavaEE Servlet API will be affected. Please see the migration guide for more information.

The FHIR Gateway module caching mechanism now defaults to NONE (disabled) and must be manually enabled through configuration.

Transaction Log broker messages and JSON representation will now show the transaction's GUID as a property.

Previously when transaction logs were sent to Kafka, the Key of the message would be randomly generated, or set to the PID of the parent transaction log if available. Now, all implementations will use the transaction GUID as the key

Internal Smile CDR metrics have been disabled and deprecated. It is recommended to use Externalized metrics instead.

Changed the wording of roles and permissions header within the OpenID Connect Clients section on the Web Console

Previously, if the cluster manager was configured to store Audit Events asynchronously, there was a bug where very high load could cause java.lang.IllegalStateException: Queue full. This fix causes the calling thread to perform audit log storage if the queue happens to be full. The result of this that extremely high throughput will be limited by the speed of the audit log storage, but the system will not crash. This is a temporary fix until a more permanent solution is implemented in 2024.02.R01.

Previously, the HL7 v2.x inbound processor would continue transformations for RDE_O11 message structures where no ORDER groups were present. This has been fixed.

Previously for mongoDB with version lower than 6, when sorted queries consumed more than 10Mb of memory, they were throwing an exception. This has been fixed for versions 4 and up.

Smile CDR documentation for the HL7 v2.x SIU_S12 structure definition incorrectly identified support for the SERVICE and GENERAL_RESOURCE groups, and the AIS and AIG segments. This has been corrected.

Edited WebAdminUI so that archived module does not appear in drop down menu. Also disabled the ability to add a user to an archived module.

Previously in the experimental CDA Exchange+ when a call to $import-cda failed the server would return a 200 OK status code. This has been fixed.

Previously, when multiple custom @Configuration classes with the same name but different package were added to the Camel module, only beans from one @Configuration class were added to the application context. This has been fixed.

Previously, a bulk export operation initiated with a '_type' parameters provided with the request URL would ignore the provided parameters. This issue has been fixed.

As per FHIR Spec Patient and Encounter resource types should not be present in the fhirContext array unless they contain a role other than 'launch', where the absence of a role property is semantically equivalent to a role of 'launch'. This fix ensures that these elements are not present in the fhirContext array and also changes the json serialization for the fields in the elements of the array so that the properties are printed correctly.

Previously, the list of PKCE code challenge methods supported by the Smile CDR built-in authorization server was not returned by the OpenID Connect metadata endpoint (/.well-known/smart-configuration). This issue has been fixed.

Previously, restarting module DQM would throw an exception. This issue has been resolved.

Previously LIKE queries against resources would perform poorly on PostgreSQL if the database locale/collation was not 'C'. This has been resolved by checking hfj_spidx_string.sp_value_normalized and hfj_spidx_uri.sp_uri column collations during migration and if either or both are non C, create a new btree varchar_pattern_ops on the hash values. If both column collations are 'C', do not create any new indexes.

When attempting to 'Download Grafana JSON' from the Runtime > Monitors and Health Checks > Cluster Overview page an error was thrown. Now, the grafana JSON downloads successfully.

In the experimental CDA Exchange v2 module, some of the default vocabulary mappings have been updated.

Previously bulk export operation was returning an empty response when no resources matched the request, which didn't comply with HL7 HAPI IG. This has been corrected.

MegaScale now supports loading Subscriptions from tenant shards, in addition to the default shard.

Webadmin Cache was set to 365 days, this meant that users would not see updates unless they cleared their cache. This has been fixed by reducing the cache period to 1 hour.

Previously, the HL7v2 Inbound module would not boot if realtime export through POINTCUT was enabled. This issue is fixed.

Previously, the FHIR Gateway module diagnostic would cause FHIR Conformance request failure on the target FHIR server. This has been fixed.

PROPERTIES_UNLOCKED propertysource resulted in an error when adding a new module and a loss of edits to a module. Both issues have been fixed.

Previously, the experimental CDA Exchange v2 module was generating duplicate copies of certain elements in the Goals section on CDA export. The extra elements have been removed.

Previously, the experimental CDA Exchange v2 module would throw an exception while formatting a Provenance resource if the recorded field is not populated. This has been fixed.

Previously, the web admin console was displaying resolved token values instead of the tokens themselves. This has now been fixed but booleans and dropdown selects will still resolve and display properly.

Previously, when restoring to a restore point it was possible to encounter an error when retrieving a config key from a module config key. This would occur as we were attempting to substring the key element out of the module config key, without fully validating that the provided key conformed to the expected format. This fix adds an additional check to ensure that the key starts with 'module.' before attempting the substring which prevents occurrence of StringIndexOutOfBoundsException.

In the experimental CDA Exchange v2 module, the core mappings for AllergyIntolerance.type and AllergyIntolerance.category have been changed to align better with implementer consensus.

When processing incoming HL7 v2.x messages, fields that are being converted to markdown have all punctuation characters escaped. This change fixes a problem with incorrect escaping of the comma character.

In the experimental CDA Exchange v2 module, the mappings for the Result Organizer entry have been updated so that when exporting a document, the value of the status field will be derived from the statuses of the contained Observations rather than being directly mapped from the DiagnosticReport resource.

Previously the experimental CDA Exchange v2 module did not set dataAbsentReason information on Observations when importing values with a nullFlavor. This has been fixed.

Previously, if client used the HTTP Basic authentication scheme to get an access token from Smile CDR built-in authorization server, it would receive an access denied error. This issue has been fixed.

Previously, the experimental CDA Exchange v2 module was not thread safe, and was encountering errors when trying to process multiple documents in parallel. This has been fixed.

Swapped dependencies from javax to jakarta in accordance with the migration to Jakarta EE. This is a breaking change. If you have any interceptors or beans which rely on javax imports, you will need to update them to use jakarta imports instead.

MDM expansion of search and $everything queries in a multi-tenant server may include results from other tenants if mdm matches cross tenant boundaries. Also, POST $everything queries didn't allow MDM expansion. MDM expansion will now only include matches within the current tenant. The $everything operation now supports the _mdm expansion flag on POST.

Previously, the Support Consent Filtering configuration item had no effect on the $member-match operation. This is now fixed.

Previously module environment variables of type: JavaScript, integers, and JSON would not be resolved. This is now fixed.

Previously, when removing a resource from the generated Bundle in the experimental CDA Exchange v2 module, a reference to that resource might be left behind in the Provenance resources. We now clean up these dangling references correctly.

Previously, an exception was thrown during the FHIR Gateway module shutdown process. This issue is fixed.

Previously, when encountering an entryRelationship element without a nested templateId, the CDA Exchange+ module would abort parsing and throw an exception. This has been fixed. The parser will now skip the invalid element and continue parsing with the next element.

MongoDB previously threw an exception when a canonical reference was used in a resource. MongoDB does not support canonical references. This fix adds a simple check to check if the reference is canonical and if so, does not attempt to resolve the reference.

The documentation now makes it clear that $trigger-subscription is not supported under MongoDB.

Previously the new experimental CDA module parsing of note document was skipping some required fields. This has been fixed

Previously trying to parse resources with attachment field with no content type in the new CDA plus module would throw an exception. This issue has been fixed.

Previously, the Javascript documentation would indicate that any Javascript method which returned a Set-String or List-String as returning a List-String. This change fixes the auto-generated Javascript documentation to correctly identify API methods as returning a Set-String instead of List-String where appropriate.

Previously the experimental CDA Exchange+ module set Provenance references on resources that might not exist in the bundle. This has been fixed.

Previously in the experimental CDA Exchange+ module when importing CDA documents with mandatory elements omitted, the parsing would not set the data absent reason extension on those fields. This has now been fixed.

Return an error response card if the CRD module is unable to process the resulting Request Group resource from the $apply operation

When updating permissionEnum value from previous value of 'FHIR_OP_CQL_EVALUATE_MEASURE' to 'FHIR_OP_EVALUATE_MEASURE' there were unintended outages in webadmin console and errors generated for any users associated to the deprecated value. This fix updates deprecated value to correct value

Previously, processing an ORU^R01 message in the HL7 v2.x Listening Module with a missing PV1-2 segment would cause a processing failure with an invalid request error. This has been fixed.

Previously, the AppSphere application had 'document.write' script in the 'index.html'. This code is considered as vulnerable to cross-site scripting (XSS) attacks. The 'document.write' script code is removed from 'index.html'.

Previously, obtaining an OAuth token would fail with a valid client secret if the OAuth client contained more than one secret. This has been fixed.

Added the previously-deleted smart-apps-host ModuleTypeEnum back in.

The FHIR Gateway module failed to perform search operations when authenticated using an OAuth2 Client Credentials grant type. This has been corrected.

Previously, the CDA Exchange+ module was not de-duplicating Encounter resources correctly. This has been fixed.

Previously, the CDA Exchange+ module might enter in infinite loop trying to parse a CD field with a comment embedded inside it. This has been fixed.

Previously, the MDM UI application had 'document.write' script in the 'index.html'. This code is considered as vulnerable to cross-site scripting (XSS) attacks. The 'document.write' script code is removed from 'index.html'.

Previously the default cache provider for the FHIR Gateway was set to CAFFEINE, instead of being disabled as per the documentation. This change sets the default value to NONE.

A bug was introduced where all enum dropdowns in admin web panel were incorrectly displaying !MESSAGE! rather than the intended message, this has been fixed

Related to 5592. Fix cross-site scripting vulnerability for any appSphere context.

Previously if a module was added in DATABASE mode and Smile CDR was restarted in PROPERTIES mode, the added module would be present in the admin console(stopped) and starting this module would throw an error. This fix ensures that in node.propertysource=PROPERTIES mode, only modules configured in the specified properties file are shown in the admin console.

Previously, a module that failed to perform environment substitution on a property value (#{env['username']}) during the module booting process would corrupt the module's properties. This issue has been fixed.

Previously the experimental CDA Exchange+ module would not populate ServiceRequest requester and authoredOn fields when importing a planned act. This has been fixed.

Previously, the CDA Exchange+ module was representing the issuer of the device identifier on a Device resource using an OID. This has been changed to use the equivalent URI.

Previously, the experimental CDA Exchange+ module had an incorrect mapping for the Social History Observation status code. This has been fixed.

Previously, PA CRD module used to query PractitionerRole via a TokenParam which caused issues retrieving the resource. This has been fixed.

Fix issue where the edit module page in the web admin page does not display localized text for enums

Fix issue where the authorship date was not being parsed when parsing fhir resources into CDA documents in the new CDA + module

Moved the payer resources for the CQL context to its own parameter within the cql request and added validation for provider prefetch resources in the prior auth module.

Previously, performing a search operation from a JavaScript environment with MDM search expansion enabled would raise an exception. This issue has been fixed.

Previously, the experimental CDA Exchange+ module was creating an incorrect reference when a CDA Procedure Activity Procedure entry had an explicit relationship to an encounter defined elsewhere in the document. This has been fixed.

Previously, the experimental CDA Exchange+ module was not correctly handling the scenario where an entry was accidentally or deliberately duplicated within a CDA document. The de-duplication algorithm has been enhanced to block by default the insertion of a resource into the generated bundle if it duplicates a resource that is already present.

Previously some configurations including option to load scripts or routes from text or file definitions were considering text definition first, which made using file definition hard when default text existed. This has been fixed and now file definitions take precedence to text definitions.

Previously, exceptions resulting from target invocation were not made available for processing by custom operation providers. This issue has been fixed.

The Inline Storage Mode Below setting has been removed from the FHIR Storage (RDBMS) module, as it is no longer used.

1.4.4Smile CDR 2023.11.R01 (TBD)

 

1.4.4.1Release Information

Released 2023-11-18
Codename TBD
HAPI FHIR Smile CDR 2023.11.R01 is based on HAPI FHIR 6.10.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

1.4.4.2Upgrade Instructions

Major Database Change - Zero Downtime

This release makes performance changes to the database definition in a way that is incompatible with releases before 2023.02. Attempting to run version 2022.11 or older simultaneously with 2023.11 may cause errors when saving new resources. If you wish to upgrade with zero-downtime, you must first upgrade to 2023.02, 2023.05, or 2023.08 before upgrading to 2023.11 using the procedure described in the upgrade documentation. If you are running an offline upgrade, you can upgrade directly from any prior version. On large systems, the database migration may take substantial time.

JavaScript Callback Function Names

The JavaScript callback functions 'hash' and 'handle' were deprecated in 2019. These callback function names are now no longer supported. The new JavaScript callback function names should be used instead.

1.4.4.3Changes

The docker image pushed to https://docker.smilecdr.com now includes arm64 support, meaning M1 and M2 macs can now natively run the docker images.

Added Server Restore points, which take snapshots of the configs when modules are changed or on successful server startup. Also added an endpoint that will return all known restore points. The automatic restore point creation is currently disabled!

Add additional FHIR Gateway diagnostics validations for troubleshooting connectivity issues with target FHIR endpoint(s). Capability statement URL or an alternate target FHIR URL could be used to validate endpoint accessibility with anonymous access.

Added findIndex support while parsing the FHIR structure with repeatable elements.

A new configuration option has been added to the FHIR Storage (RDBMS) module which enables indexing and supporting the _language special SearchParameter.

A new configuration option has been added to the FHIR Storage (RDBMS) module which disables storing resource version history, causing the server to only maintain the current version in the database.

MDM audit logs will now include additional information. $mdm-create-link, $mdm-update-link, $mdm-not-duplicate, $mdm-duplicate-golden-resources will contain affected target resources.

Implementations of the experimental custom HL7 v2 outbound mapper functionality can now return 0..* messages instead of the previous required 1 message to be sent as a result of an individual subscription trigger.

When FHIR Endpoint Watermarking is enabled, the watermark string now includes the fully-qualified resource ID and URL, as well as the data access timestamp.

SMART outbound: Add the OIDC client_id to theUserSession and audience (aud claim) to theAuthorizationRequestDetails.

A new permission called FHIR_OP_PATIENT_EVERYTHING_ACCESS_ALL has been added. This permission allows the user to invoke the $everything operation that returns all resources that references the input Patient (including those outside of the patient's compartment), even if the user doesn't have other explicit permissions to see those resources.

Added getClaims API to AuthenticationContext for use in onAuthenticateSuccess script. This API can be used to fetch all claims from the ID token as a single object (key/value Map).

Added Basic Authentication support to HL7 v2.x Listening Endpoint module configured in HL7_OVER_HTTP Transport Protocol mode. HL7 v2.x Listening Endpoint now uses Smile CDR BaseJettyServer instead of SimpleServer from HAPI - Java HL7 API - Base Module library if HL7_OVER_HTTP Transport Protocol is enabled. Existing HL7 v2.x Listening Endpoint (Deprecated) module with type=ENDPOINT_HL7V2_IN has been deprecated. HL7 v2.x Listening Endpoint with type=ENDPOINT_HL7V2_IN_V2 should be used instead.

A camel route endpoint service was made available to hybrid endpoints, allowing them to send messages to a camel module route.

Previously, when the payload of a subscription message exceeds the broker maximum message size, exception would be thrown and retry will be performed indefinitely until the maximum message size is adjusted. Now, the message will be successfully delivered for rest-hook and email subscriptions, while message subscriptions remains the same behavior as before.

A new operation has been added to the JSON Admin API which can be used to revoke all active access and ID tokens with a given scope approved.

Camel dependencies were added to cover common use cases out of the box.

Created new Pointcuts: CDA_PRE_IMPORT, CDA_POST_IMPORT, and CDA_POST_EXPORT. These pointcuts allow you to inspect and modify documents as they are imported and/or exported.

Adds Camel processors for each message transformation step of the HL7 v2.x listening endpoint module (i.e. Javascript pre-convert, custom mapper bean pre-convert, Java pre-convert, Smile generic mapper, Javascript post-convert and Java post-convert).

Updating dqm persistence module to latest CQL 3.0.0, latest cql engine improvements, and Clinical Reasoning operations to leverage repository api pattern. This removed configuration and property setting in hapi-fhir for CDR to manage and improved performance to clinical-reasoning operations

The CapabilityStatement returned by the FHIR endpoint will now include partition descriptions and partition names if Include Partition Name property is enabled. See related documentation here.

A new mode for Outbound HL7 v2.x generation using a flexible Java-based message conversion API has been introduced. This allows for significantly more flexibility in terms of which kinds of messages are generated and what content goes into them, as well as which workflows trigger them.

Adding the capability for clients to provide additional properties to transactionLogEventJson through server pointcuts.

Added an endpoint to Admin Json module, /mdm/{mdm_module_id}/mdm-algorithms that will return the list of Similarity and Match algorithms known by the MDM system.

Added an implementation of Clinical Reasoning CDS on FHIR to the CDS Hooks module that allows PlanDefinition worfklows to be processed as CDS Services using the $apply operation.

Add configurations required for encounter-start hook for Prior Auth CRD module.

Added an endpoint in admin-json to return mdm metrics. This is supported in both JPA and Mongo persistence modules.

Audit logs in the Admin Console will now be preserved on page refresh. Additionally, url parameters will be utilized to allow sending links to other admins or saving for future use.

Created new Pointcuts: AG_APPLICATION_STATUS_UPDATING & AG_APPLICATION_STATUS_UPDATED. These pointcuts allow you to inspect appSphere application details as they are being updated by an admin.

A new parameter of type Hl7v2ToFhirConversionResultJson has been added to the HL7V2IN_PRE_HL7V2_TO_FHIR_MAPPING_PROCESSING and HL7V2IN_POST_HL7V2_TO_FHIR_MAPPING_PROCESSING pointcuts. In addition, a new example project has been added that demonstrates how this new parameter should be used.

Added new Cluster Manager configuration parameter reload_scripts_on_save (default false). When enabled, saving module configuration via the Web Admin Console or the Admin JSON endpoint, will trigger script reload. All scripts in that configuration will be reloaded, but only within the server process where the save occurred. This allows javascript developers to quickly test changes to scripts on a standalone development server without having to restart the module.

Documentation change to show all the modules that require the message broker in one location in the documentation

Previously, provenance resource was not being injected when enabling it in the FHIR Gateway module properties. The provenance injection feature has been enabled to reflect the configuration.

A new CDR Pointcut called SMART_FEDERATED_OIDC_PRE_PROVIDER_SELECTION has been created. This pointcut allows interceptors registered against a SMART Outbound Security in federated mode to programmatically select which federated provider to use for a given authorization request instead of requiring the user to manually select.

A new setting has been added to all modules which permit custom Interceptors or Contexts. This allows the user to ensure that all user-supplied beans operate in a secure context, by providing only a subset of all beans normally available in the context. This setting is currently disabled by default, but will be enabled by default in a future release.

A new configuration option called Code Display Mismatch Policy has been introduced to the FHIR Storage (RDBMS) module. This setting controls the validator behavior when the display name on a coded element does not agree with the expected display name from the CodeSystem the code is drawn from. Documentation on this can be found here

HL7's encoding requires as the line ending, but many systems do not conform to this, and use . Previously, the Smile CDR HL7V2 Listening endpoint would fail with cryptic errors due to bad line endings. Now, those line-endings are automatically converted to before processing.

Enforce persistence module dependency on CDS hooks if PriorAuth CRD module is in use.

When a SMART Outbound Security module has an Allowed Audience List specified, and a client requests an invalid audience, the error message returned was not descriptive to the user as to the nature of the problem. This has been improved with a better error screen.

Updating an MDM link from MATCH -> NO_MATCH will now rebuild the formerly linked Golden Resource using the current set of survivorship rules and the current set of linked (MATCH'd) source resources.

Add settings to enable CDS on FHIR for CDS Hooks and for CDS Services using CDS on FHIR.

The Camel module is no longer feature flagged and is available for selection from the Web Admin Console.

The Subscription and MDM modules are now plugins, and will start before any other modules that depend on their persistence module.

The $submit-attachment operation has been changed to not associate the submitted attachments with an existing claim. The operation now saves the submitted attachment in the task output without modifying any existing claim or checking the existence of a claim or patient. It will now be the responsibility of the payer’s application to associate submitted documentation to a claim or prior authorization by evaluating the Task resource. The operation now also supports unsolicited attachments. That is, if a Task whose Identifier matches the TrackingId parameter exists in the system, then that Task is updated. If such a Task does not exist, then it is created by the submit-attachment operation. The operation has also been changed to support the new requirements of CDEX STU2.0:

  • TrackingId input parameter type was a string, but now is an Identifier.
  • At least one of the OrganizationId or ProviderId fields must now be present. Previously they were both required.
  • Final parameter is now supported. The Task status is updated to Completed when Final is true, or absent. If Final exists and false, the Task status remains in In Progress.
  • ServiceDate is required when AttachTo value is claim.

By default, Smile CDR will now preserve versioned references in the following fields: AuditEvent.entity.what, MessageHeader.focus, and Provenance.target. Previously the default was not to preserve versioned references in any fields. As always, this default can be changed through configuration.

Previously, when using MongoDB, a superfluous version of a resource would be created as a result of an update request which didn't have a real logical change to the resource but only changed the order of existing items in tag, security label or profile collections. This change prevents this behaviour. Also on resource retrieval, these meta collections are sorted alphabetically, based on (security, code) pair for tags and security labels. Thus the order is now consistent with the other JPA based storages as a similar change has been applied to JPA based storages as well.

Enhanced MDM survivorship rules documentation.

The Camel module configuration now can use multiple @Configuration classes to inject custom route processors.

Previously, disabling an LDAP user in JSON Admin module did not prevent them from logging in. Now, when the user disabled flag is set, it is checked as part of all username/password based logins. Thus, the next login attempt will fail for a disabled users (e.g. via session expiry or re-login).

The JavaScript callback functions 'hash' and 'handle' were deprecated in 2019. These callback function names are no longer supported and the new names should be used.

Custom Camel processor beans are now able to @Autowire in beans that are in the Camel module Spring context, e.g. IMessageBrokerSvc, IMailSvc, IKeystoreManager, ITransactionLogStoringSvc, IAuditLogStoringSvc.

Redundant classes in the HL7V2 Inbound Module that were used to track an HL7V2 to FHIR conversion have been removed and replaced with the new Hl7v2ToFhirConversionResultJson class.

Previously, MDM_UI module used to seed SearchParameter resources. This behaviour has now been changed and no more SearchParameter resources are seeded.

Previously, the Hl7v2ToFhirConversionResultJson#clone(Message) method always returned an instance of ca.uhn.hl7v2.model.GenericMessage instead of the class of the original Message (i.e. ca.uhn.hl7v2.model.v25.message.ADT_A01). This has been fixed.

Previously, the HL7v2 Inbound listener created contained resources with invalid FHIR IDs with VXU_V04 type messages on DSTU3, this has now been fixed.

The transaction log did not have documentation stating what information it actually captures. This has been remedied. To see the new docs, see here

Previously, navigating away from the transaction log page or refreshing the page with filters applied would cause the filters to be lost. This has been fixed.

Previously, conditional updates complied only with STU3 specifications on MongoDB FHIR Storage module. Now, conditional updates on R4 server are aligned with R4 specification.

Previously, type-level expunge was allowed for ROLE_FHIR_CLIENT_SUPERUSER even if expunge operation was turned off. This is now fixed.

Previously, a FHIR endpoint would return an incorrect health check code after reconnection with its backing persistence module. This issue has been fixed.

When calling $everything operation on a Patient instance with MongoDB persistence configured, it was possible to retrieve data related to another patient via a List or Group resources. This has been fixed.

Previously, FHIR REST Endpoint (All FHIR Versions) did not support the $member-match operation. This has been fixed.

SMART Scopes with lengths longer than 100 characters generated an error if a refresh token was created. This has been corrected.

When configured with MongoDB, responses to updates to resources were missing the resource ID in the diagnostic text. This has been fixed.

Previously it was not possible to deselect module dependency in the web admin console. This has been fixed.

Previously, we did not warn the user regarding adding multiple server configurations using text and file input. Now we include a warning message that displays on the web admin UI.

An inbound Hl7 module was not able to restart using R5, this fix enables that module to use R5 as validation support

Previously, the FHIRGW_UPDATE_POST_SELECT_ROUTE hook was not invoked during an update operation. This has been fixed.

Previously, when using a JSON patch (application/json-patch+json) or XML patch (application/xml-patch+xml) as the Content-Type for a Patch request, the request body was not being set in the transaction log. This has been fixed.

In previous version, HL7V2 inbound mapping would escape markdown for Appointment comment (FHIR R4) of type string and Appointment note (FHIR R5) of type annotation. Fix the implementation such that markdown is escaped only for FHIR R5.

Previously, restarting MDM was resulting in transaction errors for the underlying MDMUI module. This behaviour has now been fixed.

On admin web UI, filtering transaction logs by endpoint was not returning any results. This has now been fixed.

Previously, the transaction log would not save the filters that were used for the search, now with these changes it does.

Previously, the $mdm-link-history operation would result in a 404 response when it was executed after a $mdm-clear. This has now been fixed by removing link history on $mdm-clear.

Previously, SmileCDR would fail to delete a resource when it is the only MATCH source resource and its golden resource has POSSIBLE_MATCH links to other resources. This is now fixed.

Previously, the client secret for an Open ID Connect Client can be printed in the logs using the SMART callback script. This has now been fixed.

Previously, method addContained() and adding contained resources were not supported in R5. This has been fixed.

Previously, the application would fail to restart when adding a new persistence module in the main configuration. This issue has been fixed.

A typo in the default route of the Camel module has been fixed.

Previously, when a configuration property had a default value, it couldn't be set to blank. This has been fixed.

On MongoDB, updating a resource was causing existing security labels on the resource to lose their version attribute and changing the value of the userSelected attribute to false. This has been fixed.

Removed warning messages for bulk export permissions that were added without an argument and do not require it to work correctly.

The standalone Transaction Log Module now permits you to search by username.

Fixed a bug that disallowed /oauth/token/introspect endpoint from working with "Basic clientid:clientsecret" authentication header.

Previously, HL7v2 messages failing ingestion through Channel Import were not added to channel configured to receive messages that could not be processed. This issue has been fixed.

The SMART_FEDERATED_OIDC_PRE_PROVIDER_SELECTION pointcut incorrectly documented that it returned a server Name and not a server Registration ID. This has been corrected.

Previously, the MatchedRoutesJson object that was sent to interceptors was not a clone of the original object. This meant that interceptors could modify the object, causing subsequent FHIR Gateway calls to operate on a subset of routes/targets. The interceptors now operate strictly on clones of the original routes.

Previously, additional headers provided through a FHIR gateway pre-submit interceptor would not be forwarded to a target endpoint. This problem has been fixed.

Fixed issues with some thymeleaf templates that resulted in errors in the logs. This also resolves the issue where no 404 page is returned for routes that do not exist.

Fix for an issue where the default scopes are appended to the app repeatedly, once for every registration/re-registration

Previously, the smile log will not show the correct errors that occurs during the conversion of HL7v2 message on a HL7v2 listening endpoint with a pre-convert script. This has been fixed.

Previously, ingesting resources through ETL import would fail for a specific case of conditional update. This has been fixed.

Update upgrade instructions for 2023-05-R01 mentioning the cleanup of SMART Apps Host module config.

Previously (with release 2023.08.) restricting supported resource types in the persistence module blocks creation of core search parameter resources. This has been fixed.

Previously, submitting a HL7v2 message containing an invalid account status in the PV1-41 segment did not display the correct error in the return message. This has been fixed.

Stale search results are now cleaned faster. Busy servers should no longer accumulate dead stale search results.

Previously, messages resulting from validation would be different after upgrading an R4 FHIR endpoint to a version independent endpoint . This has been fixed.

Fixed a bug where saving blank passwords on the admin console (the default behaviour if no password has been changed) resulted in the password being erased.

Previously, editing OIDC clients created by AppSphere using the web admin console would lead to the client's secret removal. This has been fixed.

Ingesting an HL7v2 msg with AL1 segment could cause all AllergyIntolerance previously created for a Patient to be deleted. This issue has been fixed.

Clinical reasoning bug that did not invalidate resources in repository api global caches for terminology and libraries when updates/deletes were made. This also bumps Clinical Reasoning version with upstream performance improvements to valueSet code lookups and migration of MeasureService class from hapi to Clinical Reasoning repository

Make updates to $qpp-build operation in Dqm module to enable APM entity type scenarios, registry submission method transformations, measureReport.reporter population from batch2 job, and practitioner Group parameter

Previously, invoking the encode() functionality of the HL7 v2.x Mapping API could raise an exception. This is now fixed

Previously, sending HTTP request to Hl7 v2 Listening Endpoint with incorrect Content-Type header would result in 500 HTTP response code instead of 400. This issue has been fixed.

Previously, if running in federated mode, and a server authentication script returned an AuthenticationException after the IDP had already authenticated the user, the server would return a 500 error code. This is now fixed, and the server will return a 401 error code instead.

Previously, the pre-convert (script), custom mapper bean, and pre-convert (interceptor) transformation steps in the Hl7 v2 Listening Endpoint module were modifying the original message that was stored when the store_original_message property was enabled. This has been fixed.

Expired search results are now deleted as intended.

Previously, when multiple interceptors were defined for a pointcut, and one of them returned Boolean, it was interrupting the invocation sequence, even when it returned true. This is now fixed

The Reload Scripts functionality failed to work on modules which were previously not started correctly, causing boot failures in some modules.

1.4.5Smile CDR 2023.08.R03 (Yucatán)

 

1.4.5.1Release Information

Released 2023-09-05
Codename Yucatán
HAPI FHIR Smile CDR 2023.08.R03 is based on HAPI FHIR 6.8.2, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

1.4.5.2Upgrade Instructions

This version fixes a memory leak caused by using local_reference_policy=VALIDATE_EXISTS in conjunction with a continuous load.

1.4.5.3Changes

Previously, resource validation with local_reference_policy=VALIDATE_EXISTS would cause a slow memory leak during continuous load. This has been fixed.

1.4.6Smile CDR 2023.08.R02 (Yucatán)

 

1.4.6.1Release Information

Released 2023-08-31
Codename Yucatán
HAPI FHIR Smile CDR 2023.08.R02 is based on HAPI FHIR 6.8.1, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

1.4.6.2Upgrade Instructions

This release has been decommissioned and should not be used.

1.4.6.3Changes

1.4.7Smile CDR 2023.08.R01 (Yucatán)

 

1.4.7.1Release Information

Released 2023-08-18
Codename Yucatán
HAPI FHIR Smile CDR 2023.08.R01 is based on HAPI FHIR 6.8.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

1.4.7.2Upgrade Instructions

1.4.7.3Changes

Added a red asterisk beside fields that are required for create/edit actions on web admin console

The endpoint dropdown menu in transaction log is now sorted alphanumerically.

Added ability to configure nickname matching, by allowing consumers to provide their own comma separated list of nicknames. This is a persistence setting that can be configured along with other search parameter settings.

Previously, CDR did not support HL7v2 patient merge messages (ADT_A39 and ADT_A40). The functionality was provided by setting each patient's 'patient.link' to the other.

Two new pointcuts have been added to the Smile CDR interceptor framework that allow callbacks to be called when a SMART (OIDC) client has been created or updated.

JavaScript can now be broken up using import statements. See ECMA Modules.

A number of new camel processors and translators were added to the Camel module. See the Camel module documentation for details.

Previously, clients were not able to search for specific segments in an HL7v2 message. This functionality was added.

The Mongo batch now supports warning message. Saved warning messages will now be display in the batch job section of the web admin console.

Users can now filter batch jobs by job status on the web admin console Batch Jobs page.

Added a configuration item for setting normalized unit searching in SmileCDR.

When creating or modifying a SearchParameter using MongoDB, the local SearchParameter cache is now immediately flushed.

Previously, the new design for CDA Exchange lived in the CDA Exchange module behind a feature flag, this change will bring the new design into it's own module

Adds a new module called Camel which provides support for Apache Camel integration.

Added the ability to specify a set of block-list rules to omit specific resources from mdm matching.

MegaScale-enabled FHIR Storage (RDBMS) modules can now support multiple credentials to access the same connection URL. This allows Postgresql Row-Level Security to be used. In addition, extra SQL statements can now be supplied by the MegaScale interceptor that will be used to further initialize the database.

The Javascript environment now supports searches of type URI, for example /Observation?_profile=http://my-system.

Created new Pointcut HL7V2IN_POST_HL7V2_TO_FHIR_MAPPING_PROCESSING which is roughly similar to the javascriptonPostConvertHl7V2ToFhir() which contains the converted set of Transaction Bundles generated by the HL7V2 Mapping. This pointcut allows you to see the original HL7V2 message and allows you to modify the converted FHIR Bundles.

Added different build options for smile for different customers.

Some modules under Monitors and Health Checks page on web admin console now have a Download Grafana JSON button. Button downloads a JSON file that can be imported into Grafana to display the module's charts.

A new module named Prior Auth CRD has been added. This new experimental licensed module can enable Coverage Requirement Discovery (CRD) on the CDS hooks module.

Adding the capability to specify that partition names be included in the capalityStatement provided by a fhir endpoint. See related documentation here.

MDMUI module now seeds SearchParameter resources on startup to support required searches for front-end application.

Camel module now supports both yaml and xml format for routes

Adds a new Development Forecast section to the docs page.

The MegaScaleCredentialRequestJson now also contains the partition name, in addition to the partition ID.

The SMART Inbound Security module now supports a getUserName callback. This allows customization of the username instead of using the issuer and subject claims.

MegaScale-enabled storage modules will now cache the response from the megascale interceptor in order to reduce the number of calls to this interceptor.

The frequency of the stale search cleanup process is now configurable. Previously it was hardcoded to every 60 seconds.

A new setting has been added to persistence modules which allow you to force all Subscriptions to rely on IN_MEMORY matching strategy and reject subscriptions which cannot be evaluated in memory.

New pointcuts have been added to the FHIR Gateway Module, to allow for dynamic routing of requests to different FHIR servers based on the request URL. These are titled FHIRGW_[OPERATION_NAME]_POST_SELECT_ROUTE for each of READ, CREATE, DELETE, UPDATE, SEARCH, OPERATION. This pointcut permits you to change the selected routes once they are chosen by the Gateway.

Expand capability of dqm-module's $qpp-build operation to allow for partial submission report generation from MeasureReports. This is required in order to build qpp report objects for submission edits.

Added support for :above, :below, :contains and :missing _source search parameter modifiers.

Prior Auth CRD module now register encounter-start hook to CDS hooks module for supporting Prior Authorization workflow.

Binary resources created as a part of Bulk Export jobs are now only readable by the specific user who initiated the bulk export job. This makes it much easier to set up Bulk Export security for most systems.

MDMUI module now seeds SearchParameter resources on startup for enforcing uniqueness on Task resources created by MDMUI.

Added support for hl7v2 input to Camel script functions.

A new column has been added to the Batch Jobs page on web admin console displaying the job type.

In interceptor starter project, the DSTU3 resources used were replaced with R4 resources. The dependency on DSTU3 structures was also replaced with R4 structures.

Previously, DTR module did not require a license. This behaviour has been changed and starting Smile CDR v2023.08 DTR module will require a valid license.

The embedded Camel libraries have been upgraded to 3.21.0 LTS.

Previously a configuration with clustermgr transaction log disabled and no transaction module would cause the WAC TX Log page to fail. This has been fixed.

Externalized metrics using Prometheus and Grafana

Posting an HL7v2 ADT message with an AL1 will not replace and re-create the corresponding AllergyIntolerance due to a bad DELETE URL added to the transaction Bundle. This has been fixed.

Smile CDR inadvertently introduced two separate scheduled jobs for purging expired searches from the query cache, resulting in unnecessary database traffic. This has been corrected.

Camel xml route files could be incorrectly interpreted as yaml files. This has been corrected.

The PersistenceModuleDiagnostics class should only issue a WARN on Oracle DBs when the Username is the same for identical JDBC URLs.

Previously, if a HL7v2 message contained an AIL-3 segment, the Location resources created were not referenced in the Appointment.participant section of the corresponding Appointment resource as per the HL7v2 specification. This has now been fixed.

Previously, an Implementation Guide added after the initial boot-up sequence would not be used during inbound resource validation. This issue has been fixed.

Previously, after processing ADT A03 and ADT A11 HL7v2 messages using the 'HL7 endpoint listening module', Location resources weren't created. This has now been fixed.

Previously, the MongoDb persistence provider would fail to process DELETE by url requests. This issue has been fixed

Previously, the client secret used for token introspection on OIDC server page was exposed. The client secret is no longer exposed.

Previously, when the last source resource with a MATCH link was deleted, the golden resource remained in the database, leaving it orphaned. This has now been fixed such that when there are no more MATCH links left associated with a golden resource, the golden resource will automatically be deleted.

Updated $everything command documentation to contain list of resources that the command can return

Any attempt to access a contained resource type through JavaScript resulted in an undefined result. This has been fixed.

Previously, set internal synchronous search size to a small value will limit the result set from synchronous searches thereby affecting certain modules such as MDM startup validation.

Previously, in a clustered environment, having two instances with one stopped, Web Admin node status shows restart required when modules that are changed and restarted, this has been fixed.

It is not currently possible to set tls_debug_disable_sni_check (disable SNI checking for TLS connections) outside of PROPERTIES mode. This has been fixed by adding tls_debug_disable_sni_check as a proper configuration key and adding diagnostics for every module that uses TLS to warn this configuration should not be used in production.

When using MongoDb as persistence provider, the response resulting from creating or updating a resources is missing sub properties of meta.tag. This issue has been resolved.

Updated HL7v2 documentation to include storage related interceptor examples and fixing links.

Start date and time no longer appears for QUEUED jobs in web admin console batch jobs page.

The smileutil map-and-upload-csv-bulk-import-file command can complete prematurely before processing all of the input. This has been corrected.

Previously, when performing conditional update on a resource, where the conditional url in use is enforcing uniqueness via unique search parameter, the conditional update fails with error. This is now fixed.

Previously, an error message of the form Failed to retrieve moduleDiagnosticsSvc for this module type:... would be outputted to the log during the startup of certain modules. This has been fixed by adding config diagnostics to all modules.

Due to a rework which changed the way module diagnostics were calculated, rebooting MSSQL persistence modules would result in query timeouts. This has been corrected.

Added support for mdm-clear operation to use batch-size and delete expunge service for more efficient clearing of golden resources.

The mdm module fails to properly restart on MSSQL. This has been corrected.

The SMART discovery document was not available from the FHIR Endpoint module when the Request Tenant Mode was set to URL_BASED. This has been corrected.

In Mongo, a PUT request with a new meta tag would change the values of userSelected and version for all meta tags for that resource,. This has been fixed.

Previously, paging requests issued by the FHIR Gateway would use HTTP GET even if the server was configured to use POST with flag useHttpPostForAllSearches. This issue has been fixed.

Updated troubleshooting log documentation to include custom logback mechanism.

The bulk export documentation is not clear about the interaction between the _type and _typeFilter parameters. This has been fixed.

The ConfigDiagnosticsSvcImpl class will now issue a WARN instead of an ERROR when it cannot find an existing ConfigDiagnosticJson for a Module.

Previously even if Smile was booted up with R5, the UI would display R4 this change fixes that issue.

Fixed bug in MDM match rules using nickname matching.

The FhirWeb Module would Fail to startup if the fhir_endpoint base_url.fixed value was set to an empty string. This fix now allows the FhirWeb Module to startup even in this situation.

The system was failing to recognize custom resources during transaction processing. This has been fixed.

Fixing deadlocks in oracle when purging data from Livebundle.

Updated documentation to discourage users form allowing crawlers on Smile CDR.

The admin web and admin JSON pages are unable to view batch jobs on a persistence mode running on another node. Now there is documentation with procedures on how to configure the admin node to view those jobs.

Previously, channel import module would fail to start when using MongoDB. This is now fixed.

Change the way gateway pagination recovers sent request parameters to support useHttpPostForAllSearches configuration.

Fix a bug where the database configuration check for the db.driver value was expecting a String instead of a DriverTypeEnum.

Previously, MDMUI module would throw error on module startup when seeding SearchParameters. This has now been fixed.

The FhirWeb Module would Fail to startup if the fhir_endpoint base_url.fixed value was set to an empty string and the fhir_endpoint contains a context_path value. This fix now allows the FhirWeb Module to startup even in this situation.

Fix exception thrown by gateway $everything operation when resource id was not present

MongoDB $everything operation bundle could include a next link when there was no next page

Adding a new storage module did not store any SearchParameter resources in the new module when the module was first started. This has been corrected.

Previously, TransactionBuilder object provided to the JavaScript environment would not support R5. This has been fixed.

Fix exception thrown by gateway $everything operation when resource id was not present

Previously gateway operation orchestrator was not sharing routes with pagination services. This is now fixed.

Changing a module's configuration and restarting it would allow the wrong status icon to be displayed in the sidebar. The affected modules where those that depended on the edited module. This has been corrected.

The Web Admin Console Persistence Module config showed the wrong diagnostic and config key when a shell environment variable is used in a config properties file. This has been fixed.

Changed multiple smilecdr.com to smiledigitalhealth.com, and updated document links.

Previously, some MDM interceptors were not unregistered upon stopping, causing duplication of interceptors when MDM is restarted. This has now been fixed.

Resolve the issue of aggregation of measure report. Addressed the following, 1. Migrated Aggregation code from Clinical Reasoning in CDR. 2. Fixed Aggregation Bug that was leading to invalid MeasureScores, Invalid SDE references, and duplicate SDE counts. Also fixed merging bug on stratifiers. 3. Migrated Threading code from Clinical Reasoning to CDR. 4. Added Threading configuration to Web Admin Console.

Fixed problem with gateway pagination caching which was preventing searches by offset to work properly.

Previously, Prior Auth CRD module registered order-sign and encounter-start hooks resulted into 404 service not found. This has now been corrected.

The HL7 v2.x Listening Endpoint can capture received HL7 v2.x messages in FHIR MessageHeader resources as they arrive prior to any transformation. This was actually happening after some parsing had taken place, but that has been corrected.

Previously, the persistence module would fail to restart on MongoDB. This is now fixed.

Previously, using an environment variable placeholder as a module reference resulted in a boot cycle error at startup. This has been fixed.

Fixed gateway not paginating by adding default and maximum page size values.

Fix module diagnostics checker throwing exceptions when configuration values are null.

Added a configuration diagnostic to the Transaction Log and Audit Log modules which indicates you cannot run them on the same database as the cluster manager. If you want to do that, simply use the Cluster Manager's builtin logs.

Previously, when restarting a module in the admin console, the page becomes blank until a refresh gets requested, this has now been fixed.

Added evaluation setting for hapi-fhir storage-cr module operations from cql module. Updated provider loading from hapi-fhir instead of cdr for caregaps and submitdata providers

Add gateway route matcher which matches routes not only by resource but also by request type and operation.

A bug was introduced in 2023.05.R01, which would cause the transaction log to not be activated if a user had enabled both module.clustermgr.config.transactionlog.enabled=true and also module.clustermgr.config.transactionlog.broker.enabled=true. This has been corrected and the Transaction Log will now load correctly.

cdr startup failed on Oracle with an error that it cannot drop a non-existent sequence. This has been fixed.

When running with mongo, delete expunge will only delete the first 10,000 resources if there are more than 10,000 resources. This is now fixed.

The property 'Enable Terminology Indexing' and its corresponding configuration item is no longer needed because Terminology indexing is turned on when Lucene is enabled

Removed deprecated class FhirSearchParameterEntity and dropped it's corresponding tables in migration.

1.4.8Smile CDR 2023.05.R02 (Xenon)

 

1.4.8.1Release Information

Released 2023-05-28
Codename Xenon
HAPI FHIR Smile CDR 2023.05.R02 is based on HAPI FHIR 6.6.1, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

1.4.8.2Upgrade Instructions

This release fixes persistence module boot problems when backed by MSSQL database. It also resolves various CVEs.

1.4.8.3Changes

Backported from: 2023.08.R01

The mdm module fails to properly restart on MSSQL. This has been corrected.

1.4.9Smile CDR 2023.05.R01 (Xenon)

 

1.4.9.1Release Information

Released 2023-05-18
Codename Xenon
HAPI FHIR Smile CDR 2023.05.R01 is based on HAPI FHIR 6.6.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

1.4.9.2Upgrade Instructions

Partitioned Server Upgrade Notes

A migration note applies to Smile CDR users who:

  • Using the FHIR Storage (RDBMS) module with partitioning enabled, AND
  • A custom Java interceptor is used to supply the partition details

In this case, please note that the STORAGE_PARTITION_IDENTIFY_READ will now be called when a search paging request (i.e. a search is performed, and then a next link is followed in order to fetch a subsequent page of search results). Please be sure to test this scenario with your interceptor in place prior to upgrading any critical environments.

This release changes database indexing for string and uri SearchParameters. The database migration may take several minutes. These changes will be applied automatically on first startup. To avoid this delay on first startup, run the database migration manually before the upgrade.

The module SMART App Host has been deprecated. Prior to performing this upgrade, please go to your SMILE configuration file (default as cdr-config-Master.properties) and remove all the lines starting 'module.smart_app_demo_host' if any.

1.4.9.3Changes

Adding support for the HL7v2 BAR message ingestion which is used to communicate updates to Diagnoses and/or Procedures.

Add support for archival of OAuth2 Server and Client definitions

Cross-partition references are now supported within MegaScale enabled repositories.

The $expunge operation is now supported on MegaScale repositories.

Previously, the Gateway Patient $everything operation only supported R4 Patient resources. Now, gateway $everything supports both FHIR R4 and DSTU3 resources.

Add support for extensions to CDS hooks.

Added functionality for mdm to match against resources from all partitions, also added option for all golden resources to be stored on a specific partition

Javascript callbacks that take longer than 30s will generate warnings in the system logs.

Add support for applying different strategies to different prefetch queries in CDS hooks.

Added the information about synchronization of Subscriptions when they are updated in clustered Smile

FHIR Storage modules now support adding custom (user-defined) resource types outside of the collection provided by FHIR itself.

A new error message is added to catch when a user is attempting to change the module type of an existing database module.

A new customer-only log configuration file has been provided in customerlib/logback-smile-custom.xml to simplify customization.

A new log file smile-dlq-failures.log has been added to record undeliverable messages that could not be delivered to the dead letter queue (DLQ).

A new log file smile-phi-redacted.log has been added to contain log messages diverted for potentially containing sensitive information.

Navigating between sections on menu bar for Web Admin Console has been changed from hover to click.

Added a config to CDA export module that allows users to specify javascript function hooks.

Added pre-CDA import javascript hook that can be used to pre-proess the input xml.

Updated the JavaScript XML parser to add a number of functions. Most of which are useful for parsing and modifying XML in a JavaScript hook.

Added functionality to allow users to register, and utilize, the onPostExportCDA JavaScript hook. Documentation on how to use this function has also been added.

Updated the xml parser in JavaScript execution environments to add additional functionality (re: adding namespaces to an existing document). Documentation has been updated as well.

The HL7 v2.x inbound message mapper can now use NamingSystem resources in the repository to populate the FHIR identifier system field with appropriate values based on naming systems found with HL7 v2.x identifiers. See NamingSystem Mapping for information.

Previously, HL7 v2 Inbound Endpoint allows malformed resources to be created. Now, the fix for this issue has been implemented in hapi-fhir, this branch is used to add more test coverages.

During CDA Import, if a resource of type AllergyIntolerance, Condition or MedicationRequest is encountered that has the same identifier as a resource already in the repository, the fields AllergyIntolerance.clinicalStatus, Condition.clinicalStatus and MedicationRequest.status, respectively, will be updated to reflect the contents of the new CDA document.

During CDA import, if the record target patient's name or address has changed, those fields will be updated in the repository.

During CDA import, if the record target patient's race has changed, that extension will be updated in the repository.

Previously, an mdm-submit operation with Prefer: response-async header resulted in a NullPointerException in the error logs and a batch job status of FAILED. This has been fixed in hapi-fhir.

New "Premium" tag added to certain docs site pages denoting modules that require additional licensing to use. Currently found on DQM and Payer to Payer module pages, and pages under Amazon HealthLake Outbound REST Connector section.

Adds the ability to create cds hooks on runtime by passing a function. CDS hooks created this way can also be deleted dynamically

Two new operations on the FHIR Storage (RDBMS) module allow for reindexing of a single resource, and simulated reindexing. These operations return a complete description of the existing and new indexes, which can be useful when testing new search parameters.

A new permission called FHIR_EXTENDED_OPERATION_ON_ANY_INSTANCE_OF_TYPE has been added. This permission can be used to authorize FHIR extended operations that can operate at the resource instance level on any instance of any type.

The Smile CDR Consent Service can now be configured using Java-based consent service implementations, as an alternative to using the existing JavaScript-based mechanism.

Updated RTE generation tool in smile-cli to take a file specifying child tables to create. The generation tool has also been updated to use fhir path, not SP types, to determine what columns to create.

Added a new JavaScript boolean function on resources hasContained() that indicates whether the resource has any contained resources.

Introduce configuration to enable the feature that stores the history of MdmLinks. Introduce the $mdm-link-history operation.

Add support for MdmLink history in the data model. MdmLink history will be stored in the new mdm_link_aud table.

Added new pointCut 'CdrPointcut.CHANNEL_IMPORT_MESSAGE_PRE_PROCESSED' allowing customers to modify or reject messages a part of the Channel Import message processing.

Adding pointcut capabilities to HL7v2 inbound endpoint allowing message alteration/routing/dropping before the HL7v2 to FHIR mapping. See pointcut HL7V2IN_PRE_HL7V2_TO_FHIR_MAPPING_PROCESSING for further details.

Hl7 v2.x messages are now supported through channel import.

The metrics endpoint now records min, max, and mean latency times for modules with ports.

The FHIRWeb module will now include buttons to invoke several operations from search result pages. These operations include $everything, $summary, and $diff. Operation buttons will only appear if the individual operations are actually active in the backing FHIR server.

A new module named MDM UI has been added. This new experimental module provides a web based UI for administering links within the MDM module.

Add Provenance references to Task resources for tracking P2P exchanges.

Added support for accessing environment variables from Javascript via a new method called Environment.getEnv().

Users can now click on any Premium badge on a docs page which brings them to a newly added page 'Smile CDR Premium Solutions' for further information. Additionally, pages under Amazon HealthLake section in docs site were tagged Experimental. This has been changed to Trial.

appSphere will now attempt to use the Fixed Value for Endpoint Base URL from the fhir_endpoint module, if a dependency was not found it will default to the original fhirUrl configuration.

Add the DTR module which implements the $populate operation in support of the DaVinci Burden Reduction Documentation Templates and Rules (DTR) IG.

Added AWS as a trial feature on the maturity list section for CDR documentation.

Introduce the ability for DQM users to transform $evaluate-measure-produced MeasureReports into CMS qpp accepted format. This can be done via the $qpp-build operation. Documentation of specifications be found here

Add CQL module to add components used for clinical reasoning features & capabilities into Smile CDR, which includes distributable $evaluate-measure operation as well as measure tests.

A new Pointcut called STORAGE_BINARY_ASSIGN_BLOB_ID_PREFIX has been added. If you wish to customize the prefix used for externalized binary blob IDs, you can do so by implementing this Pointcut, and returning a prefix.

A new parameter called _exportId has been added to the $export operation. If set, any Binary resources created by this Bulk Export will be annotated with that ID in their binary.meta.extension field.

Adds $care-gaps functionality to the Smile CDR The DaVinci DEQM IG specifies an operation called $care-gaps that extends Measure $evaluate-measure to produce reports that show any gaps in the care plan for a given subject relative to the clinical best practices encoded in the Measure. Also adds $submit-data functionality which is used to submit measure report and resources to be saved to the local instance repository and transaction bundle is returned.

Added documentation for $care-gaps operation

Added a Config Check which ensures that the broker is not enabled on the Transaction Log Module, as that is not currently supported.

Using the onTokenGenerating callback method in the SMART Outbound Security module, it is now possible to add complex JSON claims to the generated access token (previously only simple string claims were possible).

A new permission has been added to the Smile CDR permission system that authorizes the use of the International Patient Summary (IPS) $summary operation. A new audit event type has also been added for secure auditing of this operation.

Added validation capability, including package validation, to fhir-gateway.

Two new parameters have been added to the server-level $reindex operation for migrating to/from Inline Storage Mode and disabling the optimistic locking for better performance.

The default value for the Inline Resource Storage Below Size has been changed to 10000 from the current default of 0. This new default setting provides a better balance between performance and database size. See Resource Body Storage for more information.

Locking during authentication has changed to reduce the chance of stalls under heavy load.

Database connections now automatically disable autocommit, which allows for a minor performance improvement by not needing to check autocommit status later.

P2P ingestion mechanism is now been updated to use server assigned ids instead of client assigned ids to avoid hitting 64 character limits for resource.id

The CDA Import mapping for the Health Concern section has been changed so that the free text description of the concern from the narrative block of the section is being captured in the corresponding Condition resource. The category of this resource has also been changed to health-concern to conform to the US Core profile.

When importing an AllergyIntolerance resource from a CDA document, if the clinicalStatus can not be determined based on an Allergy Status Observation entry, the transformation will fall back to mapping the statusCode field of the Allergy Concern Act, rather than hard-coding the clinicalStatus to 'active'.

Previously, the Quartz database connection used the default database connector with auto-commit enabled. This has been changed to use the JobStoreTX transactional connector which is recommended by Quartz when running in clustered mode.

The application logging stack frame filter was changed to include more detail.

Batch2 work-chunk processing now aligns transaction boundaries with event transitions in Mongo.

The deprecated SMART App Host module has been removed

The Task interceptor for MDM UI now handles both creating and updating Task resources

Due to a recent change in hapi-fhir where transactions are no longer flushed prior to the STORAGE_PRECOMMIT_RESOURCE_CREATED being fired, the LiveBundle interceptor now flushes the entity manager explicity on the path where a database search is required.

Update setup documentation for MDM UI, include a single bundle instead of multiple SearchParameters

When a P2P batch job completes or fails we now add a status specific note to the Task resource associated with the transfer. A default note is now also added to the Task regardless of batch job status

There are enum and JSON classes in cdr-api that should be moved to cdr-api-public as a first step to migrate HSSC off of cdr code. These classes have now been moved over.

Mongo batch jobs are now transitionally safe.

Previously, in the HL7 v2.x Mapping API, extra components could not be accessed individually using the rawMessage for fields that were of type Primitive. This has been fixed.

There was an issue in smileutil with command synchronize-fhir-servers. When invoked with a thread-count argument that was less than 10, the provided value would be ignored. This issue was corrected.

NTE segments corresponding to observation notes have a markdown datatype but the punctuation in these notes was not escaped. This has been corrected, and users can now opt-in via the Escape Markdown Punctuation: NTE-3 property.

Previously, clients could configure a property called use_dstu3_mapping_mode within the HL7 v2.x Listening Endpoint module to use mappings from the DSTU3 version cycle. This property has been removed and now if an HL7 v2.x Listening Endpoint module declares a DSTU3 FHIR Storage module dependency, the mappings from the DSTU3 version cycle will be used automatically.

Add missing placeholder attributes for text fields on the Web Admin Console

Previously, in a clustered environment, Web Admin node status shows problems for processes that are stopped on nodes that are not running, this has been fixed.

Some members of the CodeSystemEnum were changed as a result of their stated URLs being incorrect.

Previously, an error will occur when posting a resource with inline reference to Mongo. This is now fixed.

Previously, if a javascript callback called getExtension(url) on a base that had no extensions, then it would create an empty extension. This is no longer the case. If a base has no extensions, then getExtension(url) will now return null.

Previously, when extracting text from a CDA document section narrative block, the CDA import would only capture the contents of text nodes that were immediate children of the identified element in the text block. Now, we will also capture text nodes that are nested deeper in the document structure.

Previously, invoking a bulk export job multiple times while using Mongo DB would result in multiple individual jobs being created. This has been fixed to behave like the JPA implementation, where invoking a bulk export job twice will not result in a dupliacted job.

Previously, prefetch queries with search parameters in CDS Hooks were not working. This is now resolved.

On FHIR Storage (MongoDB) modules, if inline match URLs are disabled and a client attempts to submit one, the URL was previously ignored resulting in an invalid resource being saved. These will now be rejected.

Previously, when using addEntry() on a Bundle built using the ResourceBuilder in the JavaScript Execution Environment, an error will occur. This is now fixed.

IG support is only supported for R4, so IG settings should not show up in the FHIR Storage (R3 Relational) module. This has been corrected and documentation of applicable modules for properties of the Sessions configuration category also has been updated.

When importing a CDA document that indicates the patient has no health problems, a FHIR Condition with a 'No current problems or disability' code will be created.

Previously, parsing HL7v2 messages with IN1 segments resulted in the corresponding coverage resources being stored in a non-deterministic order. This has been changed, so that the order of the coverage resources matches the order of the IN1 segments in the original HL7v2 message.

Previously, it was not possible to clear a migration lock applied to the audit table with cdr-cli. This has been fixed.

Previously, an error during a subscription delivery to consumers would cause any subsequent messages scheduled for delivery in the same set to be ignored. This has been fixed.

A fix for a previous issue (see #3200) caused all multiline system config property values to lose their trailing backslashes. This implementation restores the previous method of handling all multiline property values and ensures that we will not lose this behaviour for specific properties via new unit tests.

The application startup log smile-startup.log no longer includes log-setup warnings.

Previously adding an OIDC server to a P2P module would not show P2P specific fields on the new web admin console. This has been fixed.

In 2023.02.R01, the Audit Log Persistence Module would fail to boot up on subsequent restarts. This has been corrected.

Previously, migration tasks were failing when they were run with a Quartz Transactional connector using Postgres or MS SQL. This has been fixed.

Documentation for the JavaScript Execution Environment's FHIR Model API has been updated to include steps for adding contained resources when not using the TransactionBuilder API.

Previously, when multiple different modules shared the same value for persistence_clustered_scheduler_name, the modules would not properly shut down. To help, new module diagnostics have been introduced to detect a duplicate Mongo clustered scheduler name. Also, the documentation has been modified to mention the consequences of having duplicate scheduler names.

Previously, upgrading from smile version earlier than 2023.05.PRE-09 to a version later than 2023.05.PRE-10 would result in the entries in the OIDC server and the client list to no longer be visible. This has been fixed.

Previously cds hook exceptions were thrown as ConfigurationException, even if they were of type BaseServerResponseException. This has been fixed and now exceptions of type BaseServerResponseException are thrown as originally created.

Clinical Reasoning subject chunking was getting memory exceptions when running at scale, reworked this step of batch2 to leverage paging and iterables to avoid memory bottlenecks

During CDA Import, when an encounter has an associated diagnosis in the CDA document, the generated Condition resource will have its category set to encounter-diagnosis.

When MegaScale was enabled with request tenant partitioning, the subscription module would fail to start. This has been fixed.

Fixed an issue in CDS Hooks where POSTing an empty context would result in a 500 error instead of a 400 (bad request) error.

Previously, errors caused during realtime export could contain PHI. These messages are now filtered out.

Previously, invoking $mdm-link-history on only the golden resource ID or source ID would fail due to faulty validation. This has been fixed.

The Admin JSON console is missing $mdm-link-history. This has now been fixed.

Previously, the top nav status indicator would state Restart Required even if the only Module requiring a restart was Archived. With this change, only non-Archived Modules will be checked when evaluating the overall Health Status of the Node.

When querying $mdm-link-history with no inputs, the error message is mislaeading. Also, $mdm-link-history cannot handle comma-delimited inputs. Both issues are now fixed.

When running a batch job in 2022-11 or earlier and upgrading to a new release, the batch job no longer shows up in admin web Runtime > Batch Jobs. This is now now fixed.

When querying $everything on mongodb, the results contain a patient unrelated to the queried patient if there is an encounter linked to first patient and observation linked to the second patient and to that encounter. This has been fixed.

Previously, CDA Import would fail if certain fields in the document contained special characters which are reserved in FHIR queries. The generated conditional create queries are now properly escaped to prevent this problem.

Previously, rollback of CRUD operations not managed by the HapiTransactionService would be silently ignored. This issue has been fixed.

Previously, a configuration property name with punctuation would cause the module config help link to fail to navigate to the property's anchor link. This has been corrected.

When performing large searches (returning 1000s of results) against a MegaScale-enabled database, the paging links did not always work. This has been corrected.

The suppress scheduled jobs setting on the FHIR Storage (RDBMS) module did not suppress all clustered scheduler activity, meaning that although most jobs were not scheudled, the scheduler would still attempt to connect with the scheduler database. This has been corrected.

The $import-cda operation has a dependency on a library that is not thread-safe. Guard code has been added to prevent multiple threads from accessing the library at once until a permanent fix can be found.

Previously uploading multiple (similar) documents via $cda-import would cause ConstraintViolation exceptions. This has now been fixed via use of a retry mechanism for failed imports.

Previously, P2P subscription for adding a payer was triggered regardless of the property changed on P2P task. This is now fixed to trigger only on status changes.

Previously, users were allowed to opt-in via the Escape Markdown Punctuation: NTE-3 property to escape punctuation characters in observation notes. However, special characters in HL7 including backslashes and the pipe character were not escaped. This has been fixed.

When changing configs for a persistence module and restarting, if auto_create_placeholder_reference_targets is enabled, the module would sometimes fail to start. This has been fixed.

Updated the Smile CDR documentation to deprecate the CDA exchange module.

Registering 3rd party Java Mdm Interceptors would cause an overwrite of Smile's ApplicationContext in DaoRegistry (resulting in a failure to create system dao beans). This has been resolved.

Extended audit log table column storing username to 200 characters to avoid exception when trying to login with a user name longer than 100 characters.

In the Smile CDR documentation for the HL7v2 SIU^S12 message structure, the segments of SERVICE and GENERAL RESOURCE are not included. This has been added now.

In a multi-node cdr configuration, the node with admin web is unable to detect a diagnostics error with another node's configuration, only its own. This has been fixed by storing diagnostics errors for all nodes and modules at boot up, and changing admin web diagnostics to retrieve those errors when inspecting a module.

Previously, processing of a message by email delivery channel would throw an exception after the subscription module was restarted. This issue has been corrected.

Previously, permissions were incorrectly calculated for Patient Bulk Export. This was causing permission denied errors when it should not have been. This has been fixed. Group and System level export are unaffected by this change.

This fix allows exported system config files to be used on a Smile CDR installation when some of the system config properties contain values that span multiple lines.

Previously, when using basic authentication, a client was able to get an access token even if client_assertion and client_assertion_type were missing. This has been corrected.

Previously, if a CDA Exchange or Channel Import module was present in the master config, an AuthenticationCredentialsNotFoundException would be thrown in the logs upon starting SmileCDR. This has been fixed.

Previously, P2P ingestion will fail for Resource references not supporting identifier. This behaviour has been corrected.

Previously Smile CDR would fail to start when provided with a custom resource and enable auto-create placeholder reference Targets. This is now fixed.

Previously when a message with null NTE-3 segment was ingested, a NullPointerException was thrown. This is now fixed.

A regression was introduced which caused Audit and Transaction modules to fail to boot against completely empty PostgreSQL databases. This has been corrected.

When running smileutil generate-rte-schema, the generated SQL does not escape columns with SQL keywords (ex 'START' vs. '_START'). This has been fixed.

Paging with offsets when using mongo database was not working. This has been fixed.

Previously, the Transaction Log Module would appear to be editable in the web UI, but the changes could not be saved. This has now been fixed so that the Transaction Log Module is no longer editable in the Web UI. You must configure it via the properties file.

Previously, Modules on the same JVM that each had a Scheduler running could hang on shutdown due to order of operations and a name collision on the data source. The data source name is now unique for each Scheduler.

Previously, a process connecting to Smile CDR's control port and then exiting the session without inputting a command could cause the process to consume a significant amount of CPU time. This has been corrected.

Previously, rebooting a MongoDB module would fail, with a MongoCommandException failure. This has been fixed.

Backported from: 2023.08.R01

Due to a rework which changed the way module diagnostics were calculated, rebooting MSSQL persistence modules would result in query timeouts. This has been corrected.

Changed default application configuration to use generic (ALL Versions) FHIR REST endpoint.

1.4.10Smile CDR 2023.02.R01 (Wizard)

 

1.4.10.1Release Information

Released 2023-02-18
Codename Wizard
HAPI FHIR Smile CDR 2023.02.R01 is based on HAPI FHIR 6.3.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

1.4.10.2Upgrade Instructions

Bulk Export

There is a known problem with Bulk Export over large amounts of resources. The behaviour is that the Bulk Export result is missing data, or has duplicated data. This will be patched in a shortly-upcoming 2023.02.R02.

Licenses

This is the first release in which certain modules are gated by additional licensing. Please reach out to your Customer Success Advocate with any inquiries. Currently, the DQM, Healthlake, and P2P modules require additional licensing.

Docker container

  • The docker container no longer runs as root.
  • The docker container is now alpine-based.

This change to the docker container requires potential action during an upgrade. If you are:

  1. Using EMBEDDED_ACTIVEMQ as a broker and have a docker volume mount for the activemq-data directory.
  2. Using H2 as a database and have a docker volume mount for the database directory

Then you will need to manually change ownership or permissions of those volume-mounted directories on your host system. As those filesystem directories were originally created and owned by the root user, the new docker container user will be unable to write to them by default unless you change the permissions. This can be done many ways, but recursively changing the owner of the mounted directory a non-root user should do the trick:

sudo chown -R $USER /path/to/mount/

Note that EMBEDDED_ACTIVEMQ and H2 are not supported in production environments, this should only affect test/demo environments which happen to mount these directories.

Transaction Logs

Enabled/Disabled

For performance optimization, reasons, we strongly encourage customers to leave transaction logs disabled.

If you had previously set Transaction Logging to true (Enabled), or it had not been explicitly set in your configuration, then the default value will apply.

Prior to the 2023.02 release, the default value was true (Enabled) and as of the 2023.02 release, the default value is explicitly set in the configuration file to false (Disabled).

If this setting is not found anywhere at all in your configuration file, the code will automatically set this to true (Enabled). You can always override this by defining this setting in your configuration file.

In order to ensure transaction logs are disabled, please verify that the following line is in your configuration:

transactionlog.enabled =false

Retention Period

Please note, for those clients that choose to enable the feature, that we have updated the default transaction log retention period from 90 days to 7 days.

If you rely on the 90-day behaviour, or a relatively long transaction period in excess of 7 days, please explicitly add this to your configuration:

retain_transaction_log_days ={period in days}

example:

retain_transaction_log_days =90

Javascript Execution Environment

If you use resource.id in your Javascript Execution Environment, the behaviour of this has been changed.

Previously, resource.id returned the id containing the resource and the history version ex. Patient/123/_history/1, which violates the fhir specification. This has now been changed, and resource.id will only return the id ex. 123.

To preserve previous workflows, the resource type can be accessed via resource.resourceType, and the version number via resource.meta.versionId.

1.4.10.3Changes

Added generate-rte-schema cli command to generate configuration and database schema for Smile CDR Realtime Export based on an Implementation Guide.

Previously, when Kafka was used as a message broker, hyphen characters (-) were replaced with periods (.) for all Smile generated channel names. A new property called Kafka Replace Hyphens with Periods has been added to disable this functionality.

Added support for FHIR UPDATE and CREATE operations to FHIR Gateway. This includes support for creates with client supplied ids, which are handled in the same way as an UPDATE.

A new module type called Audit has been added to Smile CDR. This permits users to separate audit logs from the main Cluster Manager database. Read more about it here.

Providing capabilities for self registered users to reset their password through the user interface.

A new utility will periodically log statistics about available RAM and CPU utilization to the system log for troubleshooting purposes.

The $delete-expunge operation and the _expunge query parameter are now supported for MongoDB.

Added _total request parameter handling to FHIR Gateway.

Configuration was added to allow defining javascript function (text or file) to be invoked to generate kafka partition key for each processed resource.

In admin web, a user has the ability to configure an persistence module to use that same module as validation support. smilecdr will not boot and will be difficult to shut dowh. Admin web has been fixed to remove this module from the dropdown. If a user had previously set up this configuration, smilecdr as a whole will start and only the module itself will not start with a clear error.

Previously the function btoa() was not working in the JavaScript Execution Environment. This function has now been added with the name Converter.base64Encode(). The decoder has also been added with the name Converter.base64Decode().

The Bulk Export operation now respects SMART session scopes that use SMART v2.0 resource constraint filters.

appSphere: Allow the Application Developer to choose sandbox authentication settings.

Add DQM module with clinical reasoning features & capabilities into Smile CDR, which includes distributable $evaluate-measure operation as well as measure tests. You can read more about this in the DQM documentation

SMART Outbound now provides optional processing to lookup the relevant Consent during the PDEX member-directed flow. When active, token generation will use the optional member_id to lookup the matching Consent. When present, it will be available to the onTokenGenerating() callback on the OAuth2AuthorizationRequestDetailsJson parameter.

The metrics endpoint now records authentication success/failure for SMART Inbound Security module and HTTP response metrics for Package Registry module.

Automatic reindexing of resources impacted by SearchParameter changes is now supported in MongoDB. Previously this feature was only available in RDBMS storage modules.

Smile CDR documentation pages for module configuration parameters now contain a link to the documentation for the module(s) that the parameter applies to.

Previously, client-confidential-asymmetric was not a part of the Capability Sets. This caused an error when trying to add it in the smile config. This has now been fixed, client-confidential-asymmetric has been added to the SmartCapability enum.

When a user initiates an $export operation, if they do not specify which resource types to include as an input parameter, the result will automatically be restricted to the resource types they have authorization to access.

Added CdrEndpointRequestDetailsJson supplier in FHIR REST Endpoint Spring context, to allow interceptors to modify request details headers used to build Audit Log entries. Using ICdrEndpointRequestDetailsJson from public API to prevent interceptor projects from having a direct mandatory dependency on jars from Smile CDR module, which can be problematic as they are non-public. Added sample AuditLogHeaderUpdateInterceptor in interceptor starter project to demonstrate how to use it.

Added support for FHIR DELETE operation to FHIR Gateway.

Update request new app fields in appSphere gallery

appSphere: Expired application emails will now be sent every 7 days

Previously, when viewing a transaction log of an update/create request of a patient, the information of the patient was visible. This is now configurable through a setting in cluster manager, to show and hide that information in the logs to prevent the showing of PHI or PII.

appSphere: Attestation warning will now be sent after updating developer profile

When parsing a CDA file, if there are multiple references to a single service delivery location, these will be deduplicated into a single Location resource in the output Bundle.

Previously, if the HealthLake connector module received an error response from Amazon Healthlake, it would retry the request indefinitely, unless the error is “Unsupported resource”. A retry limit with a default value of 20 has now been added, any amount of retries above the set amount will now be moved to Dead Letter Queues (DLQs)

Support has been added for Combo Unique and Combo Non-Unique SearchParameter resources in MongoDB.

Added new section to the platform requirements doc page, that details the supported versions of java in previous releases of smile.

Added resourceType parameter to $mdm-query-links

appSphere: Return permissions with application summaries & allow filtering via permissions in the admin console

Split out the licensing service from the clustermgr, adding in a separate license module that will handle licensing itself.

License module will display warnings or errors in startup logs. These logs will also be displayed on a daily timer to alert users when licenses are about to expire.

Web admin console now displays success/failure messages to users trying to enable TFA

Support was added for Reference and Uri combo search parameters in MongoDB.

The transaction log was previously enabled by default with a retention period of 90 days. It is now disabled by default in cdr-config-Master.properties and there is a default retention period of 7 days. The production_checklist.md documentation has been moved to installation notes production checklist

Added resourceType as a parameter to $mdm-duplicate-golden-resources operation.

Added sorting capability to $mdm-query-links operation. See: MDM Operations for more information.

Previously when navigating to a chapter in the docs page that does not exist, it displays a page with the exception message. Now it displays the Smile 404 page.

Added audit and transaction logs for P2P batch job.

Operation of search total counts will be unavailable when 'automatically_narrow_search_scope' is enabled to avoid accidental disclosure of non-narrowed resource counts. The property description has been updated according to this intended behaviour.

A new experimental feature for automatically generating International Patient Summary (IPS) documents has been added.

The metrics endpoint now records min, max, and mean latency times for persistence module.

Licensing is now enabled on all Smile CDR installations. View our license documentation for more details. Reach out to your Customer Success Advocate to discuss licensing. Currently, the AWS Healthlake Module, Payer-to-Payer Module, and the new DQM Module require a license.

List resource type has been added to the default Mongo DB Persistence resource types, as it is required for bulk export.

The filter of PHI and other sensitive data in the log has been extended to stack trace messages.

The MongoDB persistence module will cache instances of resource DAOs for reuse rather than creating a fresh instance every time they are needed.

Replace usages of ResourcePersistentId with an interface IResourcePersistentId and parameterize specific implementations of it in classes that rely on a specific implementation.

The default (out of the box) Smile CDR configuration will now configure a maximum of 4 GB of RAM instead of the previous maximum of 2 GB.

Previously, jobs were scheduled via a @PostConstruct annotated method. This has been changed to an implementation of IJobScheduler interface so the job scheduler can schedule all the jobs after it has been started.

The HL7 v2.x Listening Endpoint module has been changed to use FHIR ConceptMap resources in place of hard-coded lookup tables. This allows for the customization of such mappings, and affects most HL7 v2 processing; for complete details, see FHIR-based Terminology Translation.

Fhir resources in JSON or XML format will be scrubbed from log messages at level INFO or higher as they may contain PHI.

Previously, it was possible to have multiple clustered persistence scheduler names because the scheduler name was created using node id and module id. This has been changed, and now all clustered persistence schedulers are named cdr-persistence.

Logos in Web Admin Console changed from old Smile CDR logo to the new Smile Digital Health logo.

A new Persistence Module configuration setting has been added called dao_config.job_fasttracking_enabled, default false. If this setting is enabled, then gated batch jobs that produce only one chunk will immediately trigger a batch maintenance job. This may be useful for testing, but is not recommended for production use. Prior to this change, fasttracking was always enabled which meant if the server was not busy, small batch jobs would be processed quickly. However this lead do instability on high-volume servers, so this feature is now disabled by default.

Implements the streaming functionality for MongoDB that is used for batch jobs. This functionality fixes bulk export jobs with low max file size that were getting stuck in the FINALIZE state.

Updated the Payload Search Result Mode section in the document indicating that this feature also applies to Message channel type now.

The HL7 v2.x Listening and Sending Endpoints are compatible with partitioning, but still currently log a warning when partitioning is enabled. This has been corrected.

Attempting to use Channel Import with partitioning enabled would result in an error in most cases. This has now been fixed by allowing the client to pass a partitionId in the message payload. See the documentation for an example.

Resolved NullPointerException issue in the PartitionSecurityInterceptor that could occur when a user configured a named partition but then requested access to the default partition.

Creating an HL7 outbound module config with MLLP_OVER_TCP starting, then updating to HL7_OVER_HTTP and restarting causes a ClassCastException. This has now been fixed.

Previously, if a child element's length of a resource was called in the function of HL7 v2.x Listener Script several times and the child element was empty initially, then the length will appear to be different in each call. This was because of automatically generated placeholder. The issue has been fixed by adding a check condition to drop the empty placeholder from the existing value list.

Previously, subscription producers and consumers on separate nodes were not able to see one another's channels since the node name was added to the channel name. This has been changed by allowing the name of the subscription matching channel to be unqualified.

Previously, an HL7 v2.x VXU message did not correctly process an immunization manufacturer. Now, this issue has been fixed.

Added the function addContained() to the FHIR storage callback script execution environment to allow the user to create contained resources.

Previously, sending an HL7 v2.x SIU message that included multiple NTE segments was processing incorrectly. Now, this issue has been fixed.

Fixed a display issue with HL7 messages in the Web Admin Console transaction log

Updating the HL7V2 Structure Definition documentation to match the HL7v2 Generic Mapper.

Supplying ActiveMq with an error handler to prevent logging payload when encountering issues while processing received JMS messages.

Editing the 'Applies to Modules' column in the documentation for property 'Mark Resources for Reindexing after SearchParameter change' to not include mongoDB.

Previously, sending an HL7 v2.x inbound message that includes a numeric datatype variable in OBX segment with a positive leading sign was getting a processing issue. Now, this issue has been fixed.

Previously, a bulk import with DSTU3 would fail due to the valueUrl data type not existing. Now, documentation has been changed to use the valueUri type.

Realtime Export currently does not support a number of data types, including DATE_ONLY and DATE_TIMESTAMP. DATE_ONLY and DATE_TIMESTAMP are now supported.

Previously, instead of narrowing the search results, specifying resource-specific scopes in a SMART token would result in an Access Denied error. This is now fixed.

Mongo database users would always have search references replaced with resource ids inline during create/update. This is now configurable in mongo, and is defaulted to true for all dbs.

Previously, JavaScript version of translate operation only returned one result even when there were multiple matches. Now, this issue has been fixed by adding two new api method chains called 'andReturnMultipleCodings()' and 'andReturnMultipleCodesAsString()' which will return all the matched results as a list.

Previously, when \n, \r, or \t was used as a delimiter in the HL7 v2.x inbound mapper (i.e. Observation NTE, Observation OBX or Order Observation NTE), the mapped FHIR resource escaped the delimiter resulting in text that contained \\n, \\r, or \\t respectively. Now, this has been fixed.

There is inconsistent validation in the case of an incorrect communications language coding due to validation that looks for the first correct Coding. In the case of a single incorrect code there is one validation result. In the case of one correct code and one incorrect code, there is an entirely different result. This has been fixed by introducing a new optional configuration, turned off by default, that allows clients to toggle the behaviour.

Cross-partition subscription PUT with a custom interceptor will fail on validation because the read partition ID is validated. This has been fixed by making use of a hapi-fhir fix that skips validation if the validator invoked during an update operation

Previously, an exception would be thrown while parsing a CDA document if a social history observation had a nullFlavor on the root element. This has been fixed.

Realtime Export currently does not support the DOUBLE data type. This is now fixed.

Support for the CLOB datatype was added to Realtime Export.

Support for the BLOB datatype was added to Realtime Export.

Existing response watermark constant has a typo. Introduce a correctly spelled constant, deprecate the old one, and continue to support it.

Previously the example in documentation for Converter.base64Encode was incorrect. This has been fixed.

Realtime Export currently fails with a DATE_TIMESTAMP field on Postgres and potentially other DBs. This is now fixed.

Before, MDM operations invoked from Admin JSON were not generating audit log. This has been fixed.

Previously, in the JSE, resource.id returned the id containing the resource and the history version ex. Patient/123/_history/1, which violates the fhir specification. This has been fixed, and resource.id will only return the bare id (ex. 123). To preserve previous workflows, the resource type can be accessed via resource.resourceType, and the version number via resource.meta.versionId.

Previously, deleted resources were not being expunged properly with MongoDB. This was resulting in a ResourceNotFoundException whenever a resource level /history query was performed after using expunge. This has been corrected.

When an invalid JWT auth token is used during bulk export, a 401 Unauthorized failure response is given. This has been changed to return 400 Bad Request to match client test cases.

Restores the ability to invoke the $export operation using an HTTP GET request.

Previously, the description of Forward Persisted Messages property in HL7 V2 Outbound Module documentation was not displaying as a link. This has been fixed.

Before, the input for each field when creating a new module would be blank. The default values are now given for each field.

The results of the GET Patient/$everything command when using Mongo DB differ from the results when using JPA/RDMS. The Mongo implementation has been improved to be much closer to the JPA implementation.

Previously, when the Realtime Export module was started with the dao_config.auto_create_placeholder_reference_targets.enabled set to true a PreconditionFailedException was thrown resulting in a start up failure. This has been fixed.

Before MDM Partition Key Generator type had to be configured through system properties. A Web Administration option has been added to allow configuring it.

Kafka message processing could log PHI during after delivery failures to both the target, and the dead-letter queue. This message body is now redacted.

Before Web Admin configuration properties help target was not specific when property name contained parenthesis. This has been fixed.

Previously, the Kafka SASL JAAS Config and Kafka SSL Key Password properties would be visible in the Web Admin Console. These properties are now hidden.

Trying to delete a resource through FHIR gateway configured in DSTU3 no longer returns a 500. Now delete is processed in the same way as a gateway configured in R4.

A recent change to automatic resource type selection for Bulk Export accidentally caused DSTU3 Bulk Exports to fail. This has been corrected.

When cleaning up expired OAuth2 authentication codes from the database, if a record was present in the database from an older version of Smile CDR the cleanup loop could occasionally fail. This has been corrected.

An occasional processing error caused an exception to be thrown when submitting data to a MongoDB Storage module with MDM enabled.

A race condition caused Batch2 job processing to stall occasionally on MongoDB storage modules if an unexpected error occurred. This has been corrected.

Improved fhir-gateway troubleshooting logging by providing extra debug entries.

Previously, when combo search parameters were created in MongoDB, the SearchParameter.name value was used for the name of the MongoDB document key that held the combo index value. This has been corrected and now the SearchParameter.code value is used.

Previously, combo unique search parameters were not properly enforcing uniqueness after being updated in MongoDB. Now, when a combo SearchParameter is changed from unique to non-unique, duplicate values are accepted. Similarly, when a combo SearchParameter is changed from non-unique to unique, duplicate values are rejected.

MongoDB Storage module sorting on the _lastUpdated parameter produced incorrect results.

Previously, the MongoDB FHIR Storage module would always use the Internal Synchronous Search Size configuration property as the number of documents to fetch, regardless of the details of the request. Now, the property will be used as an upper limit, but callers can request a smaller result set.

Fixed a bug with batch jobs in Mongo, where occasionally in a concurrent environment, messages could be double-delivered, causing batch jobs to hang due to the unknown state.

Fixed bug where the context path of the FHIR endpoint was being omitted in the generation of GraphQL URIs.

During CDA Import, some resources of types CarePlan, CareTeam, Condition and Device were not populating their identifier field. This could result in duplicate resources being created under some circumstances. This has been fixed.

Previously, queries in Mongo DB that used _include parameters could accidentally include multiple versions of a resource. This has been corrected.

A MongoDB patient $everything request was returning duplicate organizations after POSTing a Bundle with a Patient, Organization and Consent. This has now been fixed by filtering out the duplicate organizations from the response.

A bug existed where importing a CDA document that contained Blood Oximetry (code 59408-5) and OxygenConcentration (code 3150-0) observations but was missing FlowRate (code 3151-8) would result in an error. This has now been fixed.

Fixed bug when users are seeded with default launch contexts.

When using smileutil generate-rte-schema, REFERENCE resource fields were being converted to BLOB in JSON and oid in postgres SQL. This has been fixed by ensuring they are now converted to STRING/varchar(255), respectively.

Previously, the CDA Import feature was not populating 'No Known Allergies' codes correctly in AllergyIntolerance resources. This has been fixed.

The HL7 v2.x Listening Endpoint module used to handle OBR-4 fairly strictly. Sparser values are now accepted.

Previously, the default logging would log all Kafka config properties. This has been downgraded to DEBUG log level. To view these config properties in log, you can modify logback.xml and create a logger named ca.cdr.broker.kafka.config set to DEBUG level

Proper experimental tag added to documents to indicate correct level of maturity model for feature.

Previously, a CDS endpoint would return HTTP 500 when encountering issues parsing user submitted payload . This has been corrected.

When performing a P2P data transfer as the receiving system, MDM metadata in receieved data is now discarded, in order to avoid collisions with the MDM system on the receiving system.

Added a migration for older versions of smile which were storing the enforce_referential_integrity_on_write configuration item as a string instead of a boolean.

A new command in smileutil called clear-migration-lock has been added. This command can be used to clear a stale database migration lock row.

Bulk export jobs that are COMPLETED in Mongo DB were missing reports. This has been fixed by resolving a race condition where the report was overwritten with a null report.

Previously, it was not possible to clear a migration lock applied to the audit table with cdr-cli. This has been fixed.

$mdm-submit would throw a class-cast exception when running on mongo. This has been corrected.

The official Smile CDR Docker image now runs as a non-root user, and is based on an alpine image (amazoncorretto:17-alpine3.17).

1.4.11Smile CDR 2022.11.R05 (Vishwa)

 

1.4.11.1Release Information

Released 2023-02-02
Codename Vishwa
HAPI FHIR Smile CDR 2022.11.R05 is based on HAPI FHIR 6.2.5, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

1.4.11.2Upgrade Instructions

This release fixes various issues with duplicate data being returned by the Mongo $everything operation.

1.4.11.3Changes

Backported from: 2023.02.R01

Previously, queries in Mongo DB that used _include parameters could accidentally include multiple versions of a resource. This has been corrected.

Backported from: 2023.02.R01

When performing a P2P data transfer as the receiving system, MDM metadata in receieved data is now discarded, in order to avoid collisions with the MDM system on the receiving system.

1.4.12Smile CDR 2022.11.R04 (Vishwa)

 

1.4.12.1Release Information

Released 2023-01-09
Codename Vishwa
HAPI FHIR Smile CDR 2022.11.R04 is based on HAPI FHIR 6.2.5, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

1.4.12.2Upgrade Instructions

This release fixes a problem with the batch framework which could cause jobs to hang indefinitely if multiple processes attempted to run a maintenance pass simultaneously.

1.4.12.3Changes

Backported from: 2023.02.R01

A new Persistence Module configuration setting has been added called dao_config.job_fasttracking_enabled, default false. If this setting is enabled, then gated batch jobs that produce only one chunk will immediately trigger a batch maintenance job. This may be useful for testing, but is not recommended for production use. Prior to this change, fasttracking was always enabled which meant if the server was not busy, small batch jobs would be processed quickly. However this lead do instability on high-volume servers, so this feature is now disabled by default.

Backported from: 2023.02.R01

The results of the GET Patient/$everything command when using Mongo DB differ from the results when using JPA/RDMS. The Mongo implementation has been improved to be much closer to the JPA implementation.

Backported from: 2023.02.R01

Fixed a bug with batch jobs in Mongo, where occasionally in a concurrent environment, messages could be double-delivered, causing batch jobs to hang due to the unknown state.

Backported from: 2023.02.R01

A MongoDB patient $everything request was returning duplicate organizations after POSTing a Bundle with a Patient, Organization and Consent. This has now been fixed by filtering out the duplicate organizations from the response.

1.4.13Smile CDR 2022.11.R03 (Vishwa)

 

1.4.13.1Release Information

Released 2023-01-04
Codename Vishwa
HAPI FHIR Smile CDR 2022.11.R03 is based on HAPI FHIR 6.2.4, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

1.4.13.2Upgrade Instructions

1.4.13.3Changes

Backported from: 2023.02.R01

Added support for FHIR UPDATE and CREATE operations to FHIR Gateway. This includes support for creates with client supplied ids, which are handled in the same way as an UPDATE.

Backported from: 2023.02.R01

Resolved NullPointerException issue in the PartitionSecurityInterceptor that could occur when a user configured a named partition but then requested access to the default partition.

Backported from: 2023.02.R01

An occasional processing error caused an exception to be thrown when submitting data to a MongoDB Storage module with MDM enabled.

Backported from: 2023.02.R01

A race condition caused Batch2 job processing to stall occasionally on MongoDB storage modules if an unexpected error occurred. This has been corrected.

Backported from: 2023.02.R01

MongoDB Storage module sorting on the _lastUpdated parameter produced incorrect results.

Backported from: 2023.02.R01

$mdm-submit would throw a class-cast exception when running on mongo. This has been corrected.