Skip to content

Releases: opencrvs/opencrvs-core

OpenCRVS - v1.5.1

17 Sep 06:56
Compare
Choose a tag to compare

Introduction

Read the release notes!

OpenCRVS v1.5.1 is a patch release which includes a hotfix to the previous OpenCRVS v1.5.0 release.
It is to be used in conjunction with a forked country configuration release v1.5.1

Improvements

  • When viewing a record, child national id or any other identifiers are fetched from backend if available. This enables any external identifiers (e.g. national id) added during the registration of a record to be shown when viewing it
  • Home screen application’s name and icons are to be configured from country configuration package as manifest.json and app icon files are moved from core to country config (check opencrvs-countryconfig/src/client-static folder)

Bug fixes

  • On slow connections or in rare corner cases, it was possible that the same record got saved to the database twice. This was caused by a bug in how the unique technical identifier we generate were stored as FHIR. The backend now ensures every record is submitted only once. #7477
  • Fixed an issue where address line fields (e.g., address line 1, address line 2, etc.) were not being updated correctly when a user attempted to update a record's event location, such as place of birth or place of death. #7531
  • Handle label params used in form inputs when rendering in review section view
  • Fix probable migration issues for countries migrating from 1.2 #7464
  • When a declaration(birth/death) is created the event location information was not being parsed to ElasticSearch which caused the Advanced search feature to not work when searching for records by event location.7494
  • When any user's role was updated, incorrect role was shown for that user's actions in the history section of a declaration's record audit page. #7495
  • Registration agent was unable to download declarations that were previously corrected by registrar. #7582
  • When a user updates a marriage declaration editing the signature of the bride, groom, witness one or witness two, handle the changed value of the signature properly. #7462
  • The internal function we used to check if all the location references listed in the encounter are included in the bundle had incorrect logic which resulted in location details missing in ElasticSearch which broke Advanced search. 7494

What's Changed

  • fix: bring back certificate & notification config by @Zangetsu101 in #7380
  • 🍒 fix: handling dynamic message labelparams in review section by @tahmidrahman-dsi in #7403
  • 🍒 fix(vulnerability): resolve fast-xml-parser to 4.4.1 by @tahmidrahman-dsi in #7428
  • 🍒 fix: handle label params of field label to some similar other places like review section by @tahmidrahman-dsi in #7426
  • 🍒 Merge changes from PR #7469 to release-v1.5.1 by @github-actions in #7484
  • Fix/missing security dependencies by @makelicious in #7519
  • 🍒 Merge changes from PR #7491 to release-v1.5.1 by @ocrvs-bot in #7524
  • fix(v1.5.1): fix:preventthesamerecordwiththesamedraft-idfrombeingsubmittedtwice[OCRVS-7477] by @ocrvs-bot in #7550
  • (For 1.5.1) Fix migration issues for countries migrating from 1.2 by @Nil20 in #7535
  • 🍒 Merge changes from PR #7513 to release-v1.5.1 by @ocrvs-bot in #7556
  • Get client manifest and icons from country-config by @tareq89 in #7578
  • fix(v1.5.1): add the missing location details to a newly created declaration which was causing advanced search to break by @ocrvs-bot in #7566
  • fix(v1.5.1): correct user role not showing if role is updated by @ocrvs-bot in #7573
  • fix(v1.5.1): update address builder for event location #7555 by @Nil20 in #7576
  • fix(v1.5.1): create separate task when correcting record by @ocrvs-bot in #7595
  • fix(v1.5.1): amend updating signatures in client and workflow by @ocrvs-bot in #7597
  • fix: track updating signature from users by @Nil20 in #7605
  • fix(v1.5.1): Refactor bundleIncludesLocationResources() function logic to properly check if location resources are included in a bundle by @Zangetsu101 in #7613

Full Changelog: v1.5.0...v1.5.1

OpenCRVS - v1.5.0

14 Jul 10:49
c756e1c
Compare
Choose a tag to compare

OpenCRVS v1.5.0 is a stable release of OpenCRVS.

Read the release notes!
v1.4.* to v1.5.* migration notes

OpenCRVS v1.5.0 is to be used in conjunction with a forked country configuration release v1.5.0 ...

This release will be maintained until the release of v1.7.0 by the core development team.

In OpenCRVS v1.5.0 we have refactored the "workflow" micro-service and deprecated the backend dependency on OpenHIM. This has vastly improved the performance of the platform.

Breaking changes

  • Removed dependency on OpenHIM.

    The performance of OpenHIM added an unexpected burden of 200 m/s to every interaction. Cumulatively, this was negatively affecting user experience and therefore we decided to deprecate it.

    Interested implementers are free to re-introduce OpenHIM should they wish to use it as an interoperability layer without affecting the performance of OpenCRVS now that our architecture no longer depends on it.

    The OpenHIM database is kept for backwards compatibility reasons and will be removed in v1.6. OpenHIM is an Open Source middleware component designed for managing FHIR interoperability between disparate systems as part of the OpenHIE architectural specification. We had been using this component in a much more fundamental way to monitor microservice comms in a similar fashion to Amazon SQS.

  • Upgrade node version to 18

    This version enforces environment to have Node 18 installed (supported until April 2025) and removes support for Node 16

    • Use nvm to upgrade your local development environment to use node version 18.19.x.
    • Specified operating systems in js modules as darwin, linux
    • Dev scripts and Vite run with an environment variable NODE_OPTIONS=--dns-result-order=ipv4first to resolve ipv4 addresses for localhost to support systems that resolves ipv6 addresses by default in Node versions >=17
  • Update the certificate preview mechanism In effort of minimizing JavaScript-bundle size, we have streamlined the way how review certificate -page renders certificates. In case the images in your certificates are previewing blurry, you need to update your SVG-certificates to print QR-codes and other images directly with <image width="36" height="36" xlink:href="{{qrCode}}" x="500" y="770"></image> instead of the more complicated <rect fill="url(#pattern)"></rect> -paradigm. This doesn't affect printed certificates as they are still created as previously.

  • Generate default address according to logged-in user's location We have dropped support for the 'agentDefault' prop which was used as initial value for SELECT_WITH_DYNAMIC_OPTIONS fields. If you have not made any changes to address generation, then this should not affect you. If you have, you can refer to this PR to see how agentDefault has been deprecated in an example country: opencrvs/opencrvs-farajaland#978

  • Remove system admin UI items: Application, Certificates, User roles, Informant notifications We have now moved to configuring these items away from the UI in favour of directly editing these from country configuration repository in code - specifically in application-config-default.ts.

  • Set Metabase default credentials. These must be configured via countryconfig repository environment variables and secrets otherwise the dashboard service won't start

  • Check your Metabase map file. For Metabase configuration, we renamed farajaland-map.geojson to map.geojson to not tie implementations into example country naming conventions.

  • Feature flags In order to make application config settings more readable, we re-organised src/api/application/application-config-default.ts with a clear feature flag block like so. These are then used across the front and back end of the application to control configurable functionality. New feature flags DEATH_REGISTRATION allow you to optionally run off death registration if your country doesnt want to run its first pilot including death and PRINT_DECLARATION (see New Features) have been added.
    FEATURES: { DEATH_REGISTRATION: true, MARRIAGE_REGISTRATION: false, ... }

  • Improve rendering of addresses in review page where addresses match When entering father's address details, some countries make use of a checkbox which says "Address is the same as the mothers. " which, when selected, makes the mother's address and fathers address the same. The checkbox has a programatic value of "Yes" or "No". As a result on the review page, the value "Yes" was displayed which didn't make grammatical sense as a response. We decided to use a custom label: "Same as mother's", which is what was asked on the form. This requires some code changes in the src/form/addresses/index.ts file to pull in the hideInPreview prop which will hide the value "Yes" on the review page and replace with a content managed label. Associated bug #5086

Infrastructure breaking changes

More improvements have been made to the infrastructure provisioning and Github environment creation scripts and documentation. The complexity is somewhat reduced.

  • We removed the example Wireguard VPN set up as it was confusing. Our intention was to ensure that all implementers were aware that OpenCRVS should be installed behind a VPN and used Wireguard as an example. But the configuration requirements for Wireguard confused implementers who are not using it. Therefore we decided to remove Wireguard as an example.
  • We now have a "backup" Github environment and the backup server is automatically provisioned. We moved the inventory file location to an explicit directory and removed parameters to scripts that can be automated. To migrate, move all inventory files (qa.yml, production.yml, staging.yml from infrastructure/server-setup to infrastructure/server-setup/inventory and configure infrastructure/server-setup/inventory/backup.yml. Run environment creator for your backup server yarn environment:init --environment=backup
  • You can configure the file path on the backup server where backups are stored. We can also allow using staging to both periodically restore a production backup and also give it the capability if required to backup it's own data to a different location using backup_server_remote_target_directory and backup_server_remote_source_directory Ansible variables. This use case is mostly meant for OpenCRVS team internal use.
  • We now automate SSH key exchange between application and backup server. For staging servers, automatically fetch production backup encryption key if periodic restore is enabled using ansible_ssh_private_key_file Ansible variables. Therefore documentation is simplified for a new server set-up.
  • In infrastructure Github workflows: SSH_PORT is new and required allowing you the ability to use a non-standard SSH port. This Github Action environment variable must be added.
  • In infrastructure Github workflows: SSH_HOST should be moved from being a Github Action environment secret to a Github Action environment variable before it is deprecated in 1.7.0
  • No longer an assumption made that production server Docker replicas and Mongo replica-sets are necessary. In our Docker Compose files, we had originally assumed that a production deployment would always be deployed on a cluster to enable load balancing. We applied a Mongo replica set by default on production and set replicas: 2 on each microservice. However after experience in multiple countries running small scale pilots, a production deployment usually starts off as 1 server node and then scales into a cluster over time in order to save costs and resources. Therefore these replicas are a waste of resources. So you will notice that this has been deleted. You can always manually add your desired replicas back into you Docker Compose configuration if you want. In Docker Compose files, search for REPLICAS and update accordingly as well as attending to the linked examples.

Follow the descriptions in the migration notes to re-provision all servers safely.

New features

  • Introduced rate limiting to routes that could potentially be bruteforced or extracted PII from.
  • The login and client application loading experience has improved. A loading bar appears before the javaScript bundle has loaded and this transitions when fetching records.
  • Development time logs are now much tidier and errors easier to point out. Production logging will still remain as is.
  • Masked emails and phone numbers from notification logs.
  • Support for landscape certificate templates.
  • Allow defining maxLength attribute for number type fields.
  • A new certificate handlebar for registration fees has been added registrationFees
  • A new certificate handlebar for logged-in user details has been added loggedInUser
  • Add support for image compression configuration. Two new properties to this form field are available: DOCUMENT_UPLOADER_WITH_OPTION
    • compressImagesToSizeMB : An optional prop of number type to define a compressed size. Compression is ignored when the input file is already smaller o...
Read more

OpenCRVS - v1.3.5

02 May 07:44
29436e1
Compare
Choose a tag to compare

Introduction

Read the release notes!
Read the v1.3.* to v1.3.* migration notes!

OpenCRVS v1.3.5 is a patch release which includes a hotfix to the previous OpenCRVS v1.3.4 release.
It is to be used in conjunction with a forked country configuration release v1.3.5

Bug fixes

  • Fix download failure for incomplete (without date of death) death declarations #6807

Full Changelog: v1.3.4...v1.3.5

OpenCRVS - v1.3.4

17 Apr 09:40
Compare
Choose a tag to compare

Introduction

Read the release notes!
Read the v1.3.* to v1.3.* migration notes!

OpenCRVS v1.3.4 is a patch release which includes a hotfix to the previous OpenCRVS v1.3.0 release.
It is to be used in conjunction with a forked country configuration release v1.3.4

Bug fixes

  • Fix date display for countries with a negative timezone offset #6719

  • Include middlename when generating fullnames

    • Refactored out the scattered logic for generating fullnames and converged them into a single function
    • Make lastname optional for a registered declaration
  • Fix download failure when arrayToFieldTransormer is used in template mapping

  • Fix multiple records not being downloaded simultaneously #6492

  • Fix showing unassigned toast for reinstated declarations #6492

  • Fix system crash when opening the started action modal #6551

Other changes

  • Recognize occupation as an optional field in informant section

Full Changelog: v1.3.3...v1.3.4

OpenCRVS - v1.4.1

22 Mar 15:26
1577398
Compare
Choose a tag to compare

Introduction

Read the release notes!
Read the v1.4.0 to v1.4.* migration notes!

OpenCRVS v1.4.1 is a patch release which includes a hotfix to the previous OpenCRVS v1.4.0 release.
It is to be used in conjunction with a forked country configuration release v1.4.1

What's changed?

  • Fix Metabase versions in Dashboards service. Previously the version used for local development wasn't the one built into the docker image, which caused the locally generated initialisation file to fail in deployed environments.
  • Fix a seeding script bug, where it failed when done too quickly #6553
  • Update minimum password length validation #6559
  • Include middlename when generating fullnames
    • Refactored out the scattered logic for generating fullnames and converged them into a single function
    • Make lastname optional for a registered declaration
  • Recognize occupation as an optional field in informant section
  • Fix download failure when arrayToFieldTransormer is used in template mapping
  • Fix multiple records not being downloaded simultaneously #6492
  • Fix showing unassigned toast for reinstated declarations #6492
  • Fix system crash when opening the started action modal #6551
  • Make language names used in language select dropdowns configurable in country resource package copy
  • Fix login to field agent when an incomplete record is previously retrieved by them #6584

Full Changelog: v1.3.3...v1.4.1

OpenCRVS - v1.3.3

23 Feb 19:15
7d3124e
Compare
Choose a tag to compare

Introduction

Read the release notes!
Read the v1.3.0 to v1.3.* migration notes!

OpenCRVS v1.3.3 is a patch release which includes a hotfix to the previous OpenCRVS v1.3.2 release.
It is to be used in conjunction with a forked country configuration release v1.3.3

Breaking Changes

Manually migrating the certificates to explicitly use the "location" handlebar helper would be required when upgrading

New features

Location certificate handlebars have been update so that they now use ids with a helper to access other properties of the FHIR Location object such as "alias", allowing locations in different languages to be possible on a certificate:

{{location districtPlaceofbirthId 'name'}}

Bug-fixes

A bug has been fixed in seeding of locations which occurred when 10000s+ of locations were seeded.
Metabase has been upgraded to resolve this zero-day security problem: https://www.assetnote.io/resources/research/advisory-metabase-pre-auth-rce-cve-2023-38646

What's Changed

Full Changelog: v1.3.2...v1.3.3

OpenCRVS - v1.4.0

09 Feb 12:18
Compare
Choose a tag to compare

In this release, we made no changes to OpenCRVS Core. All changes in this release apply only to the OpenCRVS country configuration repository.

Please note for 1.5.0 release

In the next OpenCRVS release v1.5.0, there will be two significant changes both in the country resource package and the infrastructure configuration inside of it:

  • The infrastructure directory and related pipelines will be moved to a new repository.
  • Both the new infrastructure repository and the OpenCRVS country resource package repositories will start following their own release cycles, mostly independent from the core's release cycle. From this release forward, both packages are released as "OpenCRVS minor compatible" releases, meaning that the OpenCRVS countryconfig 1.3.0- is compatible with OpenCRVS 1.3.0, 1.3.1, 1.3.2, etc. This allows for the release of new hotfix versions of the core without having to publish a new version of the infrastructure or countryconfig.

See Releases for release notes of older releases.

OpenCRVS - v1.3.2

19 Jan 13:50
Compare
Choose a tag to compare

Introduction

Read the release notes!
Read the v1.3.0 to v1.3.* migration notes!

OpenCRVS v1.3.2 is a patch release which includes a hotfix to the previous OpenCRVS v1.3.1 release.
It is to be used in conjunction with a forked country configuration release v1.3.2

Breaking Changes

New features

  • Country config can now expose an endpoint for custom tracking ids POST /tracking-id. The endpoint receives a FHIR Bundle as a payload and returns a tracking id string. #6093

Bug fixes

  • In large countries, background fetching of statistical data caused the client's initial load to slow down considerably. Preloading now only fetches data for Performance views index page #6210
  • Deceased's birth year now calculated from their birthday and not the current year #6196
  • Users cannot submit a record for review if one of the inputted fields has an invalid date format. Incomplete declarations can still be submitted. This is to prevent invalid values from being sent to the backend.
  • Prevent users from going back to "Print certificate" views after they have unassigned themselves from the record.
  • Validate user's language string after they login. Use default language if it's an unsupported language.

What's Changed

Full Changelog: v1.3.1...v1.3.2

OpenCRVS - v1.3.1

09 Nov 16:10
0e8cfcc
Compare
Choose a tag to compare

Introduction

Read the release notes!
Read the v1.3.0 to v1.3.* migration notes!

OpenCRVS v1.3.1 is a minor release which includes a hot-fix to the previous OpenCRVS v1.3.0 release.
It is to be used in conjunction with a forked country configuration release v1.3.1

Non breaking hotfixes

  1. In some countries, informant phone numbers are not captured in the form as the chosen method of beneficiary comms is Email. Therefore the search component in the UI should not offer the option to search by phone number. Now the search UI will dynamically check if either informant email or informant phone number is included in the forms and show "Email" as a searchable parameter in search in place of "Phone" where necessary

  2. The FHIR Location API now contains query validation. This is an important security improvement.

  3. It is now possible to add signatures for Registration Agents which can appear on the certificates.

  4. A collection of bugfixes and minor improvements have also been introduced as outlined in the changelog below

  5. Certificate handlebars now enable custom formatting via offering the possibility to create custom helper functions. An endpoint exists in the country config repository to load in handlebar helper functions. These must be common JS functions with no library dependencies. A basic example is given. Thanks to this discussion: #5927

  6. Dashboard configuration is now possible in Metabase without the requirement to fork Core. A new endpoint exists in the country config repository to load in a customisable query to populate the performance database and additionally, the Metabase .sql file can be customised to allow any UI change required.

  7. Crude birth rates were mistakenly halved in order to calculate male/female gender disaggregation in performance metrics. Crude birth rate is a ratio that is the same for both sexes. A database migration automatically recalculates and updates all crude birth rates to the correct value.

Breaking hotfixes

  1. A new environment variable must be added to Github Actions during deployment: CONTENT_SECURITY_POLICY_WILDCARD. This is supplied to the clients and nginx config like this: *. and ensures that the format of your domain can be configurable. Previously it was hardcoded in nginx to assume that hostname is the domain name concatenating beyond a dot separated subdomain. Resolved in: #6123. In addition, these environment secrets in Github Actions are now environment variables: DOMAIN, REPLICAS

What's Changed

Full Changelog: v1.3.0...v1.3.1

OpenCRVS - v1.3.0

02 Oct 22:39
590f656
Compare
Choose a tag to compare

OpenCRVS v1.3.0 is a stable release of OpenCRVS.

Read the release notes!
v1.2.0 to v1.3.* migration notes

OpenCRVS v1.3.0 is to be used in conjunction with a forked country configuration release v1.3.0 ...

... or with our demonstration country configuration "Farajaland" release v1.3.0

Upgrading from v1.2.0 to v1.3.0 requires the upgrade Migration Notes to be followed precisely.

This release will be maintained for 6 months by the core development team.

Major Features

v1.3.0 represents a major release of new functional features and technical improvements. The following explains in more detail each major feature that has been included in this release.

Marriage registration - BETA

A new vital event can now be registered. Marriages!

Customise you marriage form to start registered marriages (Farajaland default captures bride and grooms details, place of event details, informant details, witness details and signatures for up two witnesses aswell as the bride and grooms).

As with birth and death. We offer an API search for marriage events and the ability to create a custom marriage certificate.

BETA release
Outstanding marriage related functionality to be built includes:
- Searching for marriage events in the UI
- Marriage performance analytics
- Configurable marriage fees
- Marriage corrections
- Notification of intent to marry form.

Due to this, we are releasing marriage registration in "beta", therefore not for production use.

Track issuance

Printing certificates off in advance of issuance? Now you can track when they have been issued to the informant.

It is important to track when a legal document such as a brith certificate has been issued to the informant. So if registration offices are bulk printing certificates in advance of collection by the informant. The issuance of these certificates can be tracked and audited. Providing a proof that paper certificates get into the hands of beneficiaries.

A new workqueue. Ready to issue logs all records with a certificate printed off in advance. This feature can bee configured on/off.

Verify a certificate via QR code

Unsure of a paper certificate authenticity? Now you can compare against civil event record, recorded in your Civil Registration database

A unique QR code on the certificate when scanned by an authorised user can view partial record data. This allows them to compare the data recorded on the certificate against the data in the system to validate it's authenticity.

The QR code contains a unique identifier, the "recordId", which via the Record Search API can also be programatically validated by trusted external systems, returning vital event records associated.

Informant signature

Capture a digital signature of the informant to get their consent to submit an event declaration

After a declaration has been completed an informant can review the declaration an then an added their signature. As a digital signature directly into the application or an image of a wet signature can be uploaded.

You can configure the informant signature capture on and off for birth and death events. By default marriage events require the participant and witness signatures.

Email notifications

Choose between SMS or email to send registration status updates to the informant and users

Informants can now receive email notifications when their declaration has been reviewed, sent for approval and registered.

Users can now receive system notification such as two factor authentication codes via email.

The email template is completely customisable so you can choose the messaging and the look and feel.

Data visualisation dashboards

View performance data with interactive data visualisations!

In addition to our performance reports that give you the headline indicator of registration rates, completeness rates etc. You can now choose to view and analyse performance with data visualisations. Powered by the OpenSource Business Intelligence engine Metabase.

De-duplication improved

Easily compare side by side a potential duplicate against existing flagged records

The entire de-duplication user experience has been improved, to be able the user to quickly review potential duplicate records side by side along with supporting documentation.

In real-time a declaration sent for review can be flagged as a potential duplicate (powered by Elastics). So that it can easily assessed as a duplicate or not.

MOSIP Integration v2 - E-Signet

Validating identity by continuing our close collaboration with MOSIP

Our close collaboration with MOSIP continues in this release with integration from our vital event forms directly into the E-Signet digital identity authentication and consent mechanism.

Using MOSIP E-Signet integration, parents and informants can have their IDs validated, and consent to share demographic information to pre-populate the registration form. By combining OpenCRVS and MOSIP

Plus!

More application settings are now configurable

  • Configurable user roles - can be entirely customised even though they are based on common existing permissions.
  • Choose what informant notifications you want to send
  • Choose a background image or colour for your login splash page

Form configuration refactor

Deprecation of the form configuration UI

Responding to country requests to make form configuration more flexible we decided to revert back to a code only approach thus deprecating our form configuration UI.

To read more about why we made this decision, refer to our documentation step 3.2.7 Configure declaration forms

API validation

We have improved the API validation for all of our interoperability endpoints and provided extra parameters to improve the power and flexibility of our APIs.

Dependency upgrades

Many dependencies have been upgraded, improving performance, resilience and resolving dependabot security alerts. Our Node version has been upgraded.

Refactoring the country configuration package

Our country configuration package has been entirely refactored. Highlights include:

  • Clear directory structure
  • Configurable infrastructure and deploy scripts for use on any infrastructure without the requirement to fork opencrvs-core
  • Documentation in the code
  • More robust API endpoints
  • Flexible form configuration via TypeScript - abstraction of complex utilities
  • Rapid database seeding process
  • Removal of core team internal tools such as cypress tests and data-generator

Performance improvements

Many bugs have been resolved and these are individually listed in the Github release notes. Significant improvements have been made to download speed when assigning a record.

Breaking changes


Migration scripts will automatically upgrade your OpenCRVS v1.2 data to be supported in v1.3. Breaking changes that are not supported by automated migrations, or that require manual steps are listed below.

  • Your countryconfig repository needs to be migrated to the new directory structure.
  • Form configuration UI deprecation requires 1.2 users to export their form via JSON and convert to TypeScript using the functions that we provide.
  • We have upgraded the password hashing mechanism therefore all users will be required to change their password on first login after the ugrade completes.

Breaking changes - country configuration


The country confguration repository opencrvs-farajaland has been entirely refactored. Please contact us at [email protected] if you need any help rebasing changes in this repository.

What's Changed

Read more