1. Evergreen 3.3.4

This release is a security release that fixes cross-site scripting (XSS) vulnerabilities in the Evergreen public catalog. This release also includes several other bugfixes improving on Evergreen 3.3.3.

1.1. Security Issue: XSS Vulnerability in Public Catalog

This release fixes several cross-site scripting (XSS) vulnerabilities in the public catalog. When upgrading, Evergreen administrators should review whether any of the following templates have been customized or overridden. If so, either the template should be replaced with the stock version or the XSS fix (which entails adding the | html filter in several places) applied to the customized version.

  • Open-ILS/src/templates/opac/browse.tt2

  • Open-ILS/src/templates/opac/parts/ebook_api/base_js.tt2

  • Open-ILS/src/templates/opac/parts/header.tt2

  • Open-ILS/src/templates/opac/parts/place_hold.tt2

  • Open-ILS/src/templates/opac/parts/place_hold_result.tt2

  • Open-ILS/src/templates/opac/parts/result/adv_filter.tt2

They should also review the following templates. If these templates have been customized or overridden, either the template should be replaced with the stock version or the XSS fix (which entails adding rel="nofollow to external links) applied to the customized version.

  • Open-ILS/src/templates/opac/parts/record/summary.tt2

  • Open-ILS/src/templates/opac/parts/result/table.tt2

1.2. Other Bugfixes

Evergreen 3.3.4 also includes the following changes:

1.2.1. General

  • Users can now save sort priorities for grids throughout the client (Bug 1790169)

1.2.2. Cataloging

  • The experimental staff catalog now includes a flat-text MARC editor (Bug 1834665)

1.2.3. Circulation

  • Default hold transit slips no longer include patron’s personal information (Bug 1735847)

  • Fixes an issue with the reshelving process (Bug 1018011)

1.2.4. Reports

  • Fixes issues related to cloning templates made in the XUL client (Bug 1796945)

1.3. Acknowledgements

We would like to thank the following individuals who contributed code, tests and documentation patches to the 3.3.4 security release of Evergreen:

  • Thomas Berezansky

  • Jason Boyer

  • Galen Charlton

  • Jeff Davis

  • April Durrence

  • Bill Erickson

  • Jason Etheridge

  • Blake Graham-Henderson

  • Andrea Buntz Neiman

  • Debbie Luchenbill

  • Dan Pearl

  • Jane Sandberg

  • Dan Scott

  • Chris Sharp

  • Remington Steed

  • Jason Stephenson

  • Dan Wells

  • Derek C. Zoladz

2. Evergreen 3.3.3

This release contains bug fixes improving on Evergreen 3.3.2.

2.1. Bug fixes

2.1.1. General

2.1.2. Acquisitions

  • Adds fund year to Distribution Formula fund dropdown menu (Bug 1329920)

2.1.3. Administration

2.1.4. Cataloging

  • Extra whitespace in 856$9 subfields no longer prevents located URIs from being displayed in electronic resource records. (Bug #1722827)

  • Fixes issue in Item Status import where spaces or empty lines in barcode files caused an import failure (Bug #1798187)

  • The Item Status list and detail views now have the same actions available. (Bug #1775920)

  • Adds record summary display to merge records (Bug #1739292)

  • Fixes issue in Bucket grids where grid configurations were not saving correctly (Bug# 1805895)

  • Fixes an issue with the Edit buttons in the Merge Records interface. (Bug #1836229)

  • "Local catalog" is now at the top of the list of Z39.50 sources. (Bug #1787676)

  • Fixes issue with authority_control_field.pl script (Bug #1650409)

  • Fixes an issue with the Clear button in the holdings template editor. (Bug #1803584)

2.1.5. Circulation

  • Fixes the Mark Item Damaged action (Bug #1759864)

  • Fixes slowness issues with checkin and checkout grids (Bug #1777207)

  • Fixes an issue that allowed staff to renew items to dates in the past. (Bug #1034058)

  • Fixes an error that occured when checking in lost items when a certain setting was enabled. (Bug #1511765)

  • Fixes an issue that caused the money summary to be missing from the patron record Bills tab. (Bug #1800484)

  • Improves translations in Mark Damaged Popup. (Bug #1742523)

2.1.6. Reports

  • Users can now hard code a list of filter values in a report template (Bug #1785061)

  • Fixes an issue that caused column labels to re-sort when deleting fields in a template. (Bug #1751800)

  • Fixes column type for Billing Totals and Billing Paid columns (Bug #1681930)

2.1.7. Public Catalog

2.1.8. Angular Staff Catalog

  • Fixes replace barcode function in Angular staff catalog (Bug #1837067)

  • Fixes retrieve last bib record in Angular staff catalog (Bug #1830424)

  • Makes patron barcode clickable in Angular holds grid (Bug #1839548)

2.2. Acknowledgments

We would like to thank the following individuals who contributed code, testing and documentation patches to the 3.3.3 point release of Evergreen:

  • Kristy Bauman

  • A. Bellenir

  • Jason Boyer

  • Dan Briem

  • Andrea Buntz Neiman

  • Galen Charlton

  • Garry Collum

  • Jeff Davis

  • Bill Erickson

  • James Fournie

  • Rogan Hamby

  • Kyle Huckins

  • Cheyenne Jones

  • Tiffany Little

  • Jeanette Lundgren

  • Michele Morgan

  • Mike Risher

  • Geoff Sams

  • Jane Sandberg

  • Chris Sharp

  • Remington Steed

  • Jason Stephenson

  • Josh Stompro

  • Meg Stroup

  • Dan Wells

  • Beth Willis

3. Evergreen 3.3.2

This release contains bug fixes improving on Evergreen 3.3.1. All bug fixes refer to the web staff client unless otherwise specified.

3.1. Bug fixes

3.1.1. Circulation

  • Corrects a rounding error that caused fines to exceed the max fines amount (Bug #1704819)

  • Corrects an issue with printing Items Out receipts (Bug #1790896)

  • SIP Visa payments are now recorded as credit card, rather than cash payments (Bug #1796942)

  • Converting change to patron credit no longer requires staff members to refresh the screen to see the new credit (Bug #1775639)

  • The patron summary now includes tooltips that were available in the XUL client (Bug #1772206)

  • The patron holds grid now includes a SMS Carrier column (Bug #1748265)

  • When registering a new patron from Pending Patrons, the address type dropdown now supports a default value (Bug #1816180)

  • The Items Out grid now includes a Monograph Parts column (Bug #1789257)

  • The annotate checkbox on the bill payment screen is now sticky (Bug #1759343)

  • Group member details grid settings can now be saved (Bug #1774707)

  • The patron registration date of birth field can now display a format example (Bug #1819181)

3.1.2. Cataloging

  • The MARC editor displays a warning when a cataloger attempts to close the tab without saving (Bug #1538678)

  • The MARC editor displays a warning when permissions issues prevent a record from saving (Bug #1693580)

  • The holdings editor saves default values more consistently (Bug #1812900)

  • The flat-text editor now uses a monospace font (Bug #1817601)

  • Statistical categories and their entries are now alphabetized in the holdings editor (Bugs Bug #1744386 and Bug #1777184)

  • The holdings editor now lists monograph parts in reverse alphabetical order (Bug #1760893)

  • Buckets created from the MARC Batch Import process are now available in the MARC Batch Edit interface (Bug #1440890)

  • The record bucket interface only displays the Merge action when multiple records are selected (Bug #1760599)

  • Fixes an issue with the displayed number of items out (Bug #1770217)

3.1.3. Client

  • Fixes conflicting dependency information caused be the release of Angular 8 (Bug #1830972)

  • Angular grids include several new accessibility features and keyboard shortcuts (Bug #1816480)

  • The menu in the top right corner is now named "Logout and more…" (Bug #1796914)

  • Several dropdown menus now require less scrolling (Bug #1669120)

  • Improve Angular dialog boxes (Bug #1823041)

  • Fix display of boolean values in Angular interfaces (Bug #1833080)

3.1.4. Public Catalog

  • Avoids Internal Server Errors on search result page (Bug #1155706)

  • Double clicking the Place Hold button can no longer result in multiple holds (Bug #1029601)

3.1.5. Reports

  • Adds a more user-friendly interface for boolean filters (Bug #1642337)

3.1.6. System administration

  • Improves consistency in terminology in the Local Administration screen (Bug #1776913)

  • The Library Settings Editor now displays some example timezones for the lib.timezone setting (Bug #1817332)

3.1.7. Automated tests

  • Fixes an automated test related to translations and internationalization (Bug #1768987)

3.1.8. Database

  • Adds some foreign key functions that may be missing from your database (Bug #1772028)

3.2. Acknowledgments

We would like to thank the following individuals who contributed code, testing and documentation patches to the 3.3.2 point release of Evergreen:

  • John Amundson

  • a. bellenir

  • Jason Boyer

  • Galen Charlton

  • Garry Collum

  • Dawn Dale

  • Jeff Davis

  • Bill Erickson

  • Jason Etheridge

  • Lynn Floyd

  • Jeff Godin

  • Rogan Hamby

  • Kyle Huckins

  • Sam Link

  • Terran McCanna

  • Michele Morgan

  • Bill Ott

  • Suzanne Paterno

  • Dan Pearl

  • Mike Risher

  • Geoff Sams

  • Jane Sandberg

  • Janet Schrader

  • Remington Steed

  • Jason Stephenson

  • Josh Stompro

  • Cesar Velez

  • Dan Wells

4. Evergreen 3.3.1

This release contains bug fixes improving on Evergreen 3.3.0.

4.1. Bug fixes

4.1.1. General

  • Fixes a compatibility problem with the Item Status screen related to JavaScript arrow functions (Bug #1821196)

4.1.2. Booking

  • Fixes a bug in the Booking URL path that failed with newer Apache (Bug #1823387)

4.1.3. Circulation

  • Fixes a display bug with the patron record Group Members list (Bug #1642036)

  • Fixes title sort on the patron Items Out Screen (Bug #1782014)

  • Fixes a refresh bug on the catalog record Holds View tab when moving between records (Bug #1792188)

  • Fixes the ability to place holds from item buckets (Bug #1806394)

4.1.4. Cataloging

  • Fixes a bug where copy templates would not apply properly (Bug #1788680)

  • Fixes the default cursor focus on the holdings editor (Bug #1752968)

  • Fixes a bug with Postgres 10 support related to MARC Batch Import/Export (Bug #1820339)

  • Fixes a bug in the new MARC Import/Export related to Record Match Set expressions (Bug #1823982)

  • Fixes a bug that failed to honor the "Retain empty bib records" (cat.bib.keep_on_empty) setting when transferring items (Bug #1333893)

  • Fixes a bug that failed to include deleted bib records in TCN search (Bug #1813633)

4.1.5. System administration

  • Added database indexes to speed up purging of Action Trigger event output fields (Bug #1778940)

  • Fixes the help text in action_trigger_aggregator.pl related to the remote-acct argument (Bug #1803729)

  • Adds a missing page title for the Closed Dates Editor (Bug #1814943)

  • Adds a missing page title for the Statistical Popularity Badges admin page (Bug #1826890)

  • Changes the direction of column sort indicators in the new Angular grids (Bug #1825578)

  • Adds Hatch printing support to the new Angular screens (Bug #1793005)

4.2. Acknowledgments

We would like to thank the following individuals who contributed code, testing and documentation patches to the 3.3.1 point release of Evergreen:

  • John Amundson

  • Jason Boyer

  • Galen Charlton

  • Garry Collum

  • Jeff Davis

  • Bill Erickson

  • Jason Etheridge

  • Blake Graham-Henderson

  • Rogan Hamby

  • Millissa Macomber

  • Katie G. Martin

  • Terran McCanna

  • Mike Rylander

  • Jane Sandberg

  • Janet Schrader

  • Dan Scott

  • Ben Shum

  • Remington Steed

  • Jason Stephenson

  • Josh Stompro

  • Dan Wells

  • Beth Willis

  • John Yorio

5. 3.3.0 Upgrade notes

5.1. Migrating Parent/guardian information

Sites who traditionally store parent/guardian information in the patron Secondary Identification field can migrate values from this field to the new guardian field with the following SQL:

BEGIN;

-- 1. Find the local ID of the parent/guardian identification type

SELECT * FROM config.identification_type;

-- 2. On my test system, the id is "101".  It will vary!.
-- Migrate the value from the ident2 field to the guardian field.

UPDATE actor.usr
    SET guardian = ident_value2
WHERE
    ident_type2 = 101 -- !! CHANGE TO SUIT
    AND ident_value2 IS NOT NULL
    AND ident_value2 <> '';

-- 3. delete the original secondary identification data

UPDATE actor.usr
    SET ident_value2 = NULL, ident_type2 = NULL
WHERE
    ident_type2 = 101; -- !! CHANGE TO SUIT

COMMIT;

5.2. Upgrading PostgreSQL

Evergreen now supports PostgreSQL 9.6 and 10. If you upgrade your database from a PostgreSQL version of 9.5, or lower, to PostgreSQL versions 9.6 or 10, you will need to recreate 3 indexes in additon to the normal database upgrade steps. The index recreation is necessary because of changes to the PostgreSQL unaccent extension module.

The following snippet of SQL code will do the necessary steps:

DROP INDEX actor_usr_first_given_name_unaccent_idx;
DROP INDEX actor_usr_second_given_name_unaccent_idx;
DROP INDEX actor_usr_family_name_unaccent_idx;
CREATE INDEX actor_usr_first_given_name_unaccent_idx ON actor.usr
      (evergreen.unaccent_and_squash(first_given_name));
CREATE INDEX actor_usr_second_given_name_unaccent_idx ON actor.usr
      (evergreen.unaccent_and_squash(second_given_name));
CREATE INDEX actor_usr_family_name_unaccent_idx ON actor.usr
      (evergreen.unaccent_and_squash(family_name));

6. 3.3.0 New Features

6.1. Administration

6.1.1. Include Item Status in marc_export Items Export

The marc_export script now includes the item status in the 852 subfield s when exporting items.

6.1.2. Ability to Reingest Certain Record Attributes In pingest.pl

An option, --attr, has been added to the pingest.pl support script that allows the user to specify which record attributes to reingest. It can be used one or more times to specify one or more attributes to ingest. It can be omitted to reingest all record attributes. This option is ignored if the --skip-attrs option is used.

The --attr option is most useful after doing something specific that requires only a partial ingest of records. For instance, if you add a new language to the config.coded_value_map table, you will want to reingest the item_lang attribute on all of your records. The following command line will do that, and only that, ingest:

$ /openils/bin/pingest.pl --skip-browse --skip-search --skip-facets \
    --skip-display --attr=item_lang

6.2. Architecture

6.2.1. Database Support for PostgreSQL 10

The Evergreen database can now be built with PostgreSQL version 10.

This update has implications for developers who write PgTap tests. In versions of PostgreSQL prior to 10, one could write \set ECHO to disable the echoing of commands as they were run. In PostgreSQL version 10, using \set without a value is an error. One should now write \set ECHO none in order to disable the echoing of commands. This latter form works in all versions of PostgreSQL currently supported by Evergreen.

6.2.2. Ubuntu 18.04 Bionic Beaver

Evergreen can now be installed on Ubuntu 18.04 Bionic Beaver. To install the prerequisites, use ubuntu-bionic as the Makefile.install target.

This update also fixes a Perl warning in the HoldNotify module that is an error in the version of Perl (5.26) that is installed on Ubuntu 18.04.

6.3. Cataloging

6.3.1. MARC Import/Export Interface Update (Angular Port)

This MARC Import/Export (AKA Vandelay) interface is now built on Angular(7) instead of Dojo. The functionality is consistent with the previous version of the interface, with minor UI adjustments to match the Angular style, plus one new interface called Recent Imports.

Import Templates

Users may now save sets of import attributes from the MARC import form as named templates. Users may select a default template, applied on page load by default, and users may delete existing templates.

Recent Imports Tab

This is a new interface which allows users to see active and recent Vandelay sesssions originating from the same workstation or logged in user account. Active sessions include real-time progress information so the user may track the progress without refreshing the page.

This interface makes it possible to exit the main import tab or the Vandelay interface altogether and return at a later time to check on import progress. It also allows users to start multiple imports at the same time and follow the status of each in one interace.

Spine Label Sheet Printing

Catalogers can now print spine labels onto 8 1/2 x 11 inch label sheets.

6.4. Circulation

6.4.1. Patron Parent/Guardian Field

Patrons now have a new dedicated parent/guardian field. This field is editable in the patron edit interface, displays in the patron summary side bar on the browser client, and is search-able from the patron search interface in the browser client.

Patron Editor

In addition to the standard "show" and "suggest" visibility settings, the new guardian field comes with a library setting ui.patron.edit.guardian_required_for_juv ("GUI: Juvenile account requires parent/guardian"). When this setting is applied, a value will be required in the patron editor when the juvenile flag is active.

6.4.2. Allow Others to Use My Account (Privacy Waiver)

Patrons who wish to authorize other people to use their account may now do so via My Account. In the Search and History Preferences tab under Account Preferences, a new section labeled "Allow others to use my account" allows patrons to enter a name and indicate that the specified person is allowed to place holds, pickup holds, view borrowing history, or check out items on their account. This information is displayed to circulation staff in the patron account summary in the web client. (Staff may also add, edit, and remove entries via the patron editor.)

A new library setting, "Allow others to use patron account (privacy waiver)," is used to enable or disable this feature.

6.5. Client

6.5.1. Server and Booking Administration Moved To Angular

The Administration ⇒ Server Administration and Administration ⇒ Booking Administration pages have been ported to Angular using the new Angular grids. Entry points from both AngularJS and Angular web clients point to the new interfaces.

6.5.2. Option to Enable Experimental Angular Staff Catalog

A new org unit setting labeled GUI: Enable Experimental Angular Staff Catalog (ui.staff.angular_catalog.enabled) has been added, allowing sites to enable a menu option in the browser client for accessing the experimental Angular staff catalog.

When set to true, a new entry in the navigation bar appears in the Cataloging menu labled "Staff Catalog (Experimental)".

New Features (Since 3.2)
  • Pub date filter

  • Copy location filter

  • Group formats and editions

  • Identifier search

  • MARC search

  • Browse search

  • Place holds

  • Record baskets and actions

  • Record detail tabs/actions point to AngularJS versions where needed.

  • Record detail View In Catalog button

6.6. OPAC

6.6.1. View upcoming booking reservations in the OPAC

A new tab in the My Account section of the OPAC shows patrons information about reservations on their account. Here, patrons can check on upcoming reservations, as well as reservations they currently have checked out.

Note: this interface pulls its timezone from the Library Settings Editor. Make sure that you have a timezone listed for your library in the Library Settings Editor before using this feature.

The Numeric Search tab of the public catalog Advanced Search now includes an option to search by UPC (Universal Product Code).

7. 3.3.0 Acknowledgments

The Evergreen project would like to acknowledge the following organizations that commissioned developments in this release of Evergreen:

  • King County Library System (KCLS)

  • MassLNC Evergreen Development Initiative

  • Pennsylvania Integrated Library System (PaILS)

We would also like to thank the following individuals who contributed code, translations, documentations patches and tests to this release of Evergreen:

  • Adam Bowling

  • Steve Callender

  • Eva Cerninakova

  • Jeff Davis

  • Jason Etheridge

  • Bill Erickson

  • Rogan Hamby

  • Kathy Lussier

  • Terran McCanna

  • Andrea Buntz Neiman

  • Jennifer Pringle

  • Jane Sandberg

  • Chris Sharp

  • Ben Shum

  • Remington Steed

  • Jason Stephenson

  • Anahi Valdez

  • Dan Wells

  • Stephen Woidowski

  • John Yorio

We also thank the following organizations whose employees contributed patches:

  • BC Libraries Cooperative

  • Catalyte

  • CW MARS

  • Emerald Data Networks

  • Equinox Open Library Initiative

  • Georgia PINES

  • King County Library System

  • Linn-Benton Community College

  • MassLNC

We regret any omissions. If a contributor has been inadvertently missed, please open a bug at http://bugs.launchpad.net/evergreen/ with a correction.