V5.0 is a major release with many new packages and an updated technical infrastructure that is incompatible with previous versions. Please see "Platform Changes" below and V4.0 -> V5.0 upgrade instructions for details.
]po[ V5.0 now includes the HTML5 libraries Sencha ExtJS 4.2.1 and Sencha Touch 2.4.2 as part of the core architecture. HTML5 packages can leverage a generic REST API, so developers don't have to write any back-end code:
V5.0 uses new and incompatible changes of it's three main infrastructure components:
These changes are the reason for the release of a major version, meaning that upgrades from previous versions are not automatic. Please see the V4.0 -> V5.0 upgrade instructions for details.
]po[ V5.0 contains several new packages in "classic" technology:
The following is the CHANGE.ProjectOpen log file with technical details of the version.
============================================================== ]project-open[ Change Log ============================================================== ============================================================== V5.0 Changes ============================================================== ]project-open[ V5.0 include several major new packages: - Gantt Editor: A HTML5 editor for Gantt charts, similar to MS-Project, ProjectLibre and GanttProject, but currently without critcial path scheduling. - Task Management: A HTML5 display that shows the tasks assigned to a user in green, yellow or red, depending on execution status of the tasks. - Charts and Diagrams: V5.0 includes several new HTML5 charts and diagrams for visualizing statistics and performance indicators. - Portfolio Planner: A HTML5 editor and scenario planner for project portfolios similar to the Gantt Editor, allowing to simulate the resource load of the assigned users and their departments. - Project Earned Value Diagram: Shows graphically planned work (from the Gantt diagram) vs. actual progress (% done) vs. logged hours. Currently only shows numbers based on hours. - Project Milestone "Slip" Tracker: This diagram shows graphically the slip of project milestones. Platform Changes - PostgreSQL Database: V5.0 supports PG 9.2 or higher. - Application Server: V5.0 supports NaviServer 4.99.8. - OpenACS Community System: V5.0 is now based on OpenACS 5.9 - VMware Linux Version: V5.0 is based on CentOS 7. - HTML5 Libraries: The HTML5 libraries Sencha ExtJS 4.2.1 and Sencha Touch 2.4.2 are now part of the core architecture. These changes are the reason for the release of a major version, meaning that upgrades from previous versions are not automatic. Please see the V4.0 -> V5.0 upgrade instructions for details. Performance - Update to PostgreSQL 9.x and NaviServer 4.99: The update increases performance by up to 50% in typcial application scenarios. - Optimizations for 40.000 Users: We have optimized a number of pages in order to deal with large numbers of customers and customer contacts - Filter options for large organizations: Most pages now contain filter options suitable for organizations with 5.000 active users. Security - Polito Inc., a Virginia based cyber security company has tested ]po[ V5.0 before using it internally and found "no significant vulnerabilities". - OpenACS 5.9 incorporates several important security improvements. - Improved the built-in IDS (Intrusion Detection System) of ]po[ - Fixed header injection issue in redirect code - Fixed a security issue in the 2nd tier defense in util_memoize Other - We never officially released ]po[ V4.1 (please see below), so please continue to read for additional changes. ============================================================== V4.1 Changes ============================================================== ]project-open[ V4.1 is mainly a bug fix release with gradual improvements thanks to several large customer implantation projects. New Packages - Mobile Timesheet Logging (experimental): A Sencha client for mobile devices (issues on Android?). - Rule Engine: Allows you to define actions that are executed once a value of a project, a task or any other business object (future) changes or reaches a certain value. For example, a task reaching 100% could trigger a notification email to the project manager. - CRM Opportunity Tracking: This package maintains a list of opportunities during the qualification and sales cycle (sales pipeline). - Periodic Invoicing (experimental): This new package introduces the notion of a "service contract" with certain parameters including a monthly fee, a number of free service hours and the price per additional service hour. A (semi-) automatic invoicing functionality allows to process many service contracts in "batch mode". - Events & Training Management: This new package is now running in production with one customer. It consists of a new business object "event" that handles resource allocation using a calendar view. Important Features - GUI: Added sub-menus to main tabs - still accepting comments - Absences: Automatically maintaining groups per office in order to allow for bank holidays per office. These bank holidays enter into the resource management calculation algorithm. New Experimental Functionality - Cloud Backup: A new experimental feature allows you to perform backups from your on-premise Windows or Linux installation to a ]project-open[ backup server. In case of an accident we will offer you the option to "resurrect" your machine as a SaaS hosted machine within 24 hours. This is an experimental service. Please let us know if you are interested, in exchange of two years free service. We plan to price this "Cloud Backup" service at EUR 10 per month with standard SaaS charges in case of a restore. - Project Membership based on Groups: A new feature allows you to add groups as "members" to a project, company or other business object. This allows some customers to streamline permission assignment. - Fast-Track Customer Contact Adding: We have included a new option to enter CRM customer contacts + companies including a duplicate check based of fuzzy full-text search. Bugs Fixed - Timesheet Approval Workflow - Localization: Fixed various non-translatable strings - Auto-Login: Fixed behaviour for automatic login from emails sent out by the forum and mailing functionalities. Performance - A large customer with 40.000 users served as a base for a number of performance enhancements that have become part of the product. Small Stuff - CRM Mass-Mailing functionality: You can now send thousands of personalized emails messages to customers of other groups. - Helpdesk: Priority changes now send out better notifications mails. - New reports: Which?? - Fixed Resource Management: - New report(?) - Task Management: ]po[ now allows a user to delete a task in a project, if there are no financial items related to the task. - Workflow Vacation Handling: Users can now specific their replacement when creating a new absence. The absence replacement has the right to process workflow approvals for the absent person during the vacation period. Security - A scurity testing company performed a one week testing on ]po[ and found no major issue. However, there were several minor issues that were fixed in ]po[ V4.1: - Header Injection - Redirect - SQL injection in the category administration section. This bug would have been serious. However, the affected pages are only accessible to the system adminstrator who has the right to perform arbitrary SQL statements anyway. - "util_memoize" Issues: ]po[ contains a two-layered protection against SQL injection attacks. Issues in the use of util_memoize broke the database layer in several pages. However, the second "ad_page_contract" layer prevented actual exploits. - Improved IDS (Intrusion Detection System): ]po[ now includes a series of "sensors" and an integrated reporting functionality to detect unusual activities in the system.
Calle Aprestadora 19, 12o-2a
08902 Hospitalet de Llobregat (Barcelona)
Spain
Tel Europe: +34 609 953 751
Tel US: +1 415 200 2465
Mail: info@project-open.com