Issues Fixed in Corticon 7.0.0.4

Item Details
COR-15532 Tomcat version has been updated to 9.0.91 in Corticon 7.0 version to remediate any vulnerability concerns.
COR-15432 Fixed an issue where different associations from a Parent entity with multiple filters was not filtering a rule that uses an association with the same parent entity. Now this rule configuration is working correctly.
COR-15270 Fixed an issue with inconsistent uses of <Internal Name> id# and <External Name> id# in the returned JSON response. Now, newly created entities are using the .new operator and will be assigned <External Name> id#
COR-14873 Updated multiple bundled Progress DataDirect Connect drivers. The updated driver versions are now:
  • SQLServer JDBC Driver Version: 6.0.0.001525
  • Oracle JDBC Driver Version: 6.0.0.001235
  • PostgreSQL JDBC Driver Version: 6.0.0.001395
  • MySQL JDBC Driver Version: 5.1.4.000266
  • DB2 JDBC Driver Version: 5.1.4.000413
Consult the DataDirect Connect documentation for more information.
COR-14191 Fixed the default LDAP configuration shipped for Corticon WebConsole. Added the missing "memberOf " attribute in attributesToReturn to allow users to login with LDAP as Active Directory user.
COR-14143 Fixed a decision service compilation error that could occur in rulesheets using limited filters with unrelated entities in the conditions and actions of a rule.

Issues Fixed in Corticon 7.0.0.3

Item Details
COR-13766 Fixed an issue where if a user was part of both admin and user groups for IBM Open LDAP the user was not granted admin access for Web Console. Now, if a user is part of admin and user groups in IBM Open LDAP, the user will be logged in as an admin in Web Console.
COR-13778 Fixed a problem where a specific sequence of edits to a rulesheet could result in the rulesheet displaying incorrectly in Corticon Studio. In a rulesheet, assignment expressions in an action can be either partial or complete assignment expressions. A partial assignment expression identifies an attribute to update but does not provide the value, the value is specified in individual rules. By contrast, a complete assignment expression identifies both an attribute to update and the value to assign. The assignment occurs for any rule in the rulesheet where the action is selected.

Adding a partial assignment expression to a rulesheet and later switching it to be a complete assignment expression could result in one or more corresponding rule cells for the action being corrupted. The Corticon Studio rulesheet editor would appear to show the correct value for the cells even though the underlying definition for the cells are incorrect. This could result in rule execution not matching what is shown in the rulesheet.

Example: A rulesheet contains a partial assignment action to set Order.approved. For rule 1 (the column) the value is set to T: 
| Action         | 1 | 
---------------------- 
| Order.approved  | T |
Edit the action to set make it a full assignment and set Order.approved to F:
| Action             | 1 | 
--------------------------
| Order.approved = F |   |
This would result in a corrupt definition for the action in rule 1. This corrupt state can be seen in the Corticon Studio Rule Canonical Model view as: 
Order.approved = F = T
The double assignment is invalid.

Corticon Studio now prevents this sequence of actions from causing the corruption of action rule cells.

This problem dates back to Corticon 5.6 or earlier. Running the Corticon upgrade wizard will check for this condition and correct any corrupted cells.
COR-13728

Restored ADC supported execution of UPDATE/DELETE that do not include a WHERE clause. This behavior was modified where it only supported UPDATE/DELETE for entities with non-null primary keys. Due to this restriction SQL without WHERE clause were not executed. This fix restores earlier behavior of allowing UPDATE/DELETE SQL statements that do not include WHERE clause.

Issues Fixed in Corticon 7.0.0.2

Item Details
COR-13707

Corticon Server now enforces version check on EDS deployment. When an EDS is deployed, Corticon Server will inspect the EDS to determine which version of Corticon it was generated with. If this version is not the same major.minor version of Corticon Server, the EDS will not be deployed.

Examples:

- 7.0.0.0 EDS deployed to 7.0.0.1 Corticon Server: Allowed

- 6.3.4.0 EDS deployed to 7.0.0.1 Corticon Server: Disallowed

Enforcing this version check ensures compatibility between the EDS and Corticon Server. The generated EDS code is dependent on internal Corticon Server APIs which may change across major.minor releases. This could result in an EDS failing to execute despite initially reporting successful deployment.

When deploying an incompatible EDS file with:

- Corticon Web Console, the user will be presented an error

- Corticon Studio, the user will be presented an error

- CDD file, the error will be logged

- REST API, an error will be returned

- Java API, an error will be returned

In all cases, Corticon Server is performing the validation check and will log the deployment error.
COR-13704

Removed snakeyaml-1.33.jar from the default Server packaging. It is now part of the optional Swagger jar. Snakeyaml library is only used by swagger.
COR-13533

Updated the bundled logback libraries (logback-classic and logback-core) from version 1.2.9 to 1.4.14 to address the potential vulnerability identified in CVE-2023-6378

Issues Fixed in Corticon 7.0.0.1

Item Details
COR-13481

MAX_REACTORS was removed from our Corticon Licensing in 7.0. Fixed the incorrect references to LICENSE_MAX_REACTORS in ServerState.xml and CcServer.log files since Corticon Server should not be reporting LICENSE_MAX_REACTORS in the logs.

COR-13477

CcSwagger.jar is now added to the PROGRESS_CORTICON_xx_SERVER.zip ------PROGRESS_CORTICON_xx_WAR_CONTAINER.zip>Swagger------CcSwagger.jar
COR-13475

Fixed an issue where EDC vocabulary did not display 'Extend to Database' in Scope section and/or 'Database Filter' in the filter section.

COR-13471

Fixed a regression issue where an extra rule was firing in Corticon Studio 6.3 versus 5.6 when a collection operator is used with a filter that references a collection operator with an unrelated entity when the rule does not also reference the unrelated entity.
COR-13457

Fixed an issue where different rule message results were returned in Studio version 5.6.1.40 compared to 6.3.1.9 if rulesheet had combination of filters, collection operators and remove operator on the same rulesheet.
COR-13434

In Corticon Studio, when editing a rulesheet, Corticon is not marking as errors invalid assignments to Date, Time and Datetime attributes.

For example, a rule action which assigns an integer value to a Date attribute should be marked as an error. This data type mismatch can result in errors during decision service execution.

Issues Fixed in Corticon 7.0.0.0

Item Details
COR-11600 Modified the corticonManagement utility to work with either a Corticon Studio or Corticon Server license.
COR-12947 Fixed a regression in rulesheet filter behavior introduced in Corticon 6.3. If a rulesheet contained filters on an entity and within a rule, the entity is used in an assignment action but not the rule conditions, the filter would yield an incorrect set of matching entities
COR-12855 Fixed a problem in the Corticon Web Console when displaying Corticon Server log files. Some log entries could be duplicated multiple times in the log file viewer.
COR-12858 Fixed an issue where Corticon Server was not honoring the passed in Entity id value which contained a zero at the end (Child_id_0). This confused the algorithm that assigned new ids to newly created instances through a .new call in Rules.
COR-12841 Modified the default logging configurations of the Webconsole database to have trace logging disabled. This is a change from the previous configuration, in which trace logging was enabled by default.
COR-12592 Fixed an issue when user overrides loglevel through WebConsole. Updated value was not properly being interpreted by CcServer during CcServer startup.
COR-12567 Fixed a problem where using the remove operator to remove an entity and it's children could result in broken associations. This would occur when passing an input JSON payload that contained one or more references to a child entity and the entities parent is removed. Example: A JSON payload with entities A, B, and C may all have an association to entity X. A fully denormalized JSON payload would have a full definition of X under each of A, B, and C. To reduce duplication, it's possible for the JSON to have a single definition of X under one of A, B, or C and for the others to have references to this instance of X. The problem was that using the remove operator with the option to remove children set could delete a referenced child entity. In our example, if the input JSON had the full definition of X under A and references to X under B and C, a remove of A and it's child X would break the references from B and C to X. The new behavior is that X will not be removed but moved to either B or C. Which entity contains the full definition of a child entity and which contain the references is irrelevant to rule processing. The new behavior maintains reference integrity.
COR-12542 Fixed the issue where integer literals enclosed by parenthesis were not universally supported in rule expressions. Previously deeply nested parenthesis containing integer literals could result in erroneous code generation.
COR-12434 Fixed the behavior where collection filter was creating duplicate tuples. This would occur if using a collection operator in a filter with child entities in the parameters
COR-12402 Updated the bundled cxf library from version 3.4.5 to 3.4.10 to address the potential vulnerability identified in CVE-2022-46363 and CVE-2022-46364.
COR-12270 Fixed a problem where Corticon EDC would incorrectly store the string "null" for String attributes mapped to CHAR database fields when the attribute was null. The null value is now stored in the database.
COR-12416 Fixed a problem when using Corticon EDC with rule projects where the vocabulary has nested domains. When an EDC mapped vocabulary contained the domains D1 and below it the domain D2, rule sheet filters on entities in D2 would fail with the error "Filter expression cannot be processed by the database".
COR-12242 Fixed a problem where in some situations the Corticon rule test editor would not allow the test subject to be set on a test sheet when there were multiple test sheets in a rule test.
COR-12239 Improved decimal precision comparison in rule test. Previously for Decimal data types, the output and expected values may not be flagged as different when they are. As an example the value 111.100002 would not be flagged as different from 111.100001. These values will now be flagged as differences in rule tests.
COR-11961 Improved runtime performance of rulesheets containing filters that uses entities not also used in a rule condition or action.
COR-12178 Modified Corticon Studio and Server logging to archive any prior day log data on restart. Previously, when Studio or Server are restarted the prior day log data would not be archived even if logDailyRollover were true. Log data was only archived if Studio or Server were running at end-of-day.
COR-12141 Fixed a problem where the Corticon Server MultipleCompilation utility would recompile a Decision Service if an EDS file existed for the Decision Service and the property OverrideIfExists=false was set. The OverideIfExists property is set in the multipleCompilation.xml used to configure the utility. If OverrideIfExists is set to false, the utility should not recompile the Decision Service. If false, the existing EDS file should be retained. The utility was ignoring this property and always recompiling the Decision Service.
COR-11966 Fixed a problem where rulesheet filters were not executing correctly. If a rulesheet contained: 1. Three or more filters on root entities (entities without associations between them) 2. A filter that uses an association traversal to another entity 3. A rule that uses two or more entities in filter #1 and does not use the associated entity from #2 When such a combination occurs the rule from #3 when executed will not include results from the filter of #2.
COR-11827 Updated the Corticon Web Console's LDAP authentication to support OpenLDAP. The Web Console supports both Microsoft Active Directory and OpenLDAP.
COR-11523 Fixed an error in the upgrade of disabled filters in a Corticon 5.3 rulesheet to Corticon 6.x and later. The disabled filter would incorrectly be enabled in the upgraded rulesheet.
COR-11108 Fixed a problem when using ADC to write a Date value to a database. When the database Date value was read into ADC memory and stored into a Vocabulary Attribute with datatype Date Only, ADC time shifted the Date value to local timezone, which is expected behavior. But when ADC wrote that value back to the database, the Date value was not time shifted back to UTC, which would cause the storing of an incorrect Date value. This was not an issue with a Vocabulary Attribute with a DateTime datatype because no time shifting is needed.
COR-11827 Updated the Corticon Web Console's LDAP authentication to support OpenLDAP. The Web Console supports both Microsoft Active Directory and OpenLDAP.
COR-11240 Modified Corticon Server to correctly reject the deployment of an .eds file produced with a version of Corticon prior to 5.6, while also logging an error message stating that the .eds needs to be regenerated. An .eds file produced with Corticon 5.6 or earlier must be regenerated for use with Corticon 6.1 and later. It is best practice to regenerate all .eds files whenever moving to a new Corticon major.minor version.
COR-11294 Fixed a problem in Corticon Server execution where the execution thread would not terminate after execution timeout. Execution would cease but the thread would not terminate. This would eliminate the thread from availability to Corticon Server, reducing the number of threads available for execution.
COR-11792 When using Corticon Server in-process, the ICcServer.execute methods now optionally throw as exceptions any runtime exception which occurs. Previously any exception which occurred once rule execution began would be returned as a rule message with severity violation in the response payload. This is still the default behavior. Setting the property: com.corticon.server.execution.processing.throw.exceptions=true will cause the exceptions to be thrown and not returned in the response payload. For in-process usage, this makes it easier to catch and handle runtime exceptions.
COR-11779 Improved the performance of rule sheet operators on Integer attributes. Previously Corticon used the Java BigInteger type for these operators, it now uses Long. Long is a 64 bit integer with a range of values from -2^63^ to 2^63^-1. The Long type provides substantially better performance than BigInteger. This change is internal to Corticon and will have no visible effect, other than improved performance.
COR-11615 Fixed a problem where Corticon Server would fail to process JSON input payloads if the following conditions were met: 1) an Entity or Association in the JSON payload had a defined #id value in the __metadata object, 2) the #id value contained "_id_", and 3) the value to the right of the "_id_" was not a number (Entity_id_1a). Previously a "NumberFormatException" would be generated.
COR-11596 Fixed a problem where Corticon Server would not accept JSON payloads with "null" entity definitions when executing a decision service. Passing a "null" entity definition would result in a JSONArray[n] is not a JSONObject exception. Any "null" entities are discarded when parsing the input payload and will be excluded from response payload.
COR-11516 Fixed the issue where files names generated for reports created from Corticon Studio have '%20' in the generated file names in place of any spaces in the asset name. Now the generated file names contain spaces correctly.
COR-11292 Fixed a problem where rulesheet filters could produce incorrect results. If a rulesheet contains a collection operator and a filter that references the collection operator alias as well as an entity outside the collection alias scope, the filter would fail to correctly filter the collection content.
COR-11291 Improved Corticon Studio performance when validating ruleflows. Previously redundant validations could occur when using nested ruleflows. The performance improvement can have significant benefits when working on large rule projects in Corticon Studio.
COR-10986 Fixed a problem where the Web Console would fail to delete and undeploy a decision service when authentication was enabled. This would occur both in the Web Console browser UI and the corticonWebConsole command line utility.
COR-7927 Fixed a problem where using the Corticon Foundation API would generate errors if Corticon Studio was installed with a work directory selected that contained spaces in the directory path.