jsreport

highlights of updates

general updates

• fix chrome-pdf hanging on Windows
• fix regression with users with "allow read all entities" option set not working
• xlsx: performance improvements when processing templates with lots of cells
• docx: table cell support for vertical-align style, fix error when having a div as sibling of two inline elements
• all extensions dependencies were updated to ensure that we do our best to not use vulnerable packages, npm audit may or may not report 0 vulnerabilities in most cases
• the default chrome that comes with jsreport and the chrome versions installed in docker were updated to use Chrome 127

core

• fix timestamp shown in logging

text

• fix typo in label content disposition

authentication

• fix regression with user with "allow read all entities" not working
• update passport to 0.7.0 and fix npm audit

xlsx

• keep existing dimension when appropriate
• fix escaping issue in formulas
• optimization for autofit cols and cell type auto detection helpers
• performance improvement for templates with lots of cells in calcChain (using lot of formulas)

docx

• docxHtml table cell support for vertical-align style
• fix docxHtml throwing error when table have a div as sibling with two inline elements
• usage of Handlebars.createFrame should inherit existing data to ensure it correctly propagates existing values

pptx

• usage of Handlebars.createFrame should inherit existing data to ensure it correctly propagates existing values

highlights of updates

general updates

• docx: docxHtml now supports generating nested tables, and table, row and cells support setting background color and color styles
• pptx: pptx now supports dynamic rows and columns generation, and hyperlinks in loop
• docx, pptx: improve compatibility with target urls from template document being stored as string that is encoded multiple times
• import-export: export performance improved
• improve queuing and responsiveness of workers for async reports requests
• fix require('..') and require('.') in sandbox
• fix component rendering in loop with async helpers
• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases
• the default chrome that comes with jsreport and the chrome versions installed in docker were updated to use Chrome 126

core

• trigger async report using header to avoid allocating worker
• fix require('..') and require('.') in sandbox
• fix component rendering in loop with async work on helpers
• update @jsreport/ses to 1.1.0

express

• trigger async report using header to avoid allocating worker

components

• fix component rendering in loop with async helpers

reports

• trigger async report using header to avoid allocating worker

docx

• use decodeURIComponentRecursive helper to handle better different cases of MS Programs storing target urls encoded multiple times
• docxHtml: add support for generating nested tables
• docxHtml: support for table, row, cell background color and color styles

pptx

• support for dynamic rows, columns generation
• add support for hyperlinks in loop
• use decodeURIComponentRecursive helper to handle better different cases of MS Programs storing encoding target urls

import-export

• make export to not commit transaction to improve performance in stores

highlights of updates

general updates

• docx: docxHtml support for padding, margin and border for table and cells, docxStyle can now be used in loops
• pdf-utils: improve support for external pdfs
• authenticated logged user can now be accessed in sandbox using req.context.user
• fixes for component recursive rendering
• fix set res.meta.fileExtension without starting . in office related extensions
• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases

core

• fix waitForAsyncHelper, waitForAsyncHelpers not working with trustUserCode: true
• expose safe properties of req.context.user in sandbox
• fix component execution when wrapped with async helper
• fix jsdom require in sandbox

studio

• fix getting studio preview as dark theme when using light theme

components

• fix recursive components async rendering when wrapped in async helper

authentication

• expose safe properties of req.context.user in sandbox

docx

• add support for using docxStyle in loop
• docxHtml: fix icon used in third level of lists and don't break when rendering list with level greater than max level (9)
• improve error message when fetching images, include url to image in the message
• docxHtml: add padding, margin support for cells
• docxHtml: add border support for table, cell
• docxHtml: fix rendering multiple paragraphs in single cell

pdf-utils

• stop using pdfjs-dist for test parsing and use our implementation
• support external pdf with missing EOL after endstream improve merging pdf outlines

highlights of updates

general updates

• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases

core

• fix recursive component rendering

reports

• fix url in the async response text

fs-store

• fix bug with transactions that takes long and locks

cli

• dont use console.error(e.stack) and just console.error(e) to avoid loosing e.cause inner error

docx

• docxHtml: fix title and list not working when having a wrapping <p> tag

express

• update express, body-parser to fix npm audit

authentication

• update express, body-parser to fix npm audit

highlights of updates

general updates

• internal architecture changes to support working with streams, that in future will allow producing and handling more bigger reports 
• extensions were updated to support the changes in the architecture
• docx: docxImage optimization for remote images and support for customizing bookmark of images, docxHtml fix ul/li order, docxStyle can now target paragraph, cell, row which allows giving background styles for table cells
• pptx: fix render when using pptxSlides with one item array
• pdf-utils: support for merging/appending pdf with outlines
• performance optimizations for xlsx, html-to-xlsx recipes
• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases
• the default chrome that comes with jsreport and the chrome versions installed in docker were updated to use Chrome 122

core

• add jsreport.templatingEngines.createStream api to allow creating content from engines (like handlebars) as a stream which allows creating big content without getting out of memory errors
• the internal architecture has been updated to support working with template content and report output as streams, this means that the render will be able to handle and produce bigger reports without getting hit by out of memory errors

licensing

• dont log failed usage check

html-to-xlsx

• performance optimizations

xlsx

• performance optimizations
• remove the xlsxColAutofit comment also if there is no more text in the comment
• fix concat tags logic in some cases
• fix xlsx with formulas stored with ' string delimiters

chrome-pdf

• save generated pdf chrome as file streams to avoid keeping whole pdf in memory

pdf-utils

• support merging/appending pdf with outlines

docx

• add support for docxStyle to target paragraph, cell, row so styles can be applied to container instead of just text
• docxHtml: fix case when nested ul/li not rendering in the correct order
• allow customizing bookmark of docxImage and general normalization of bookmarks
• fix concat tags logic
• optimization when rending a lot of remote images
• internal changes to support new response.output api

pptx

• fix concat tags logic
• fix can not render report using pptxSlides with one item array
• throw better error when pptxSlides is used as a block helper call
• internal changes to support new response.output api

highlights of updates

general updates

• fix memory usage when using large timeouts
• localization: support with nested objects
• pdf-utils: initial support of the pdf/ua
• docx: docxImage new options (fallbackSrc, failurePlaceholderAction) and support for svg, docxChild evaluates handlebars content as part of the caller document, docxRaw support to get xml from inline string
• pptx: add pptxStyle and pptxChart support
• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases

core

• fix memory being held when timeouts are large
• fix node.js 21 compatibility when sandbox is used (trustUserCode: false
• support using different cache key per template engine if it supports it

studio

• fix "was modified previously by another source" dialogs when updating an entity in studio a second time

handlebars

• use different cache key for async handlebars

localization

• support localization with nested objects

pdf-utils

• initial support of the pdf/ua

docx

• fix data access to @root data variables
• fix handling of heading titles that dont have prefix (style ids that use just numbers, like the case when docx is generated when chinese is the default language)
• docxRaw support to get xml from inline string in docx
• docxImage add support for fallbackSrc, failurePlaceholderAction options
• add support for svg images in docxImage
• allow docxChild handlebars content to be evaluated as part of the caller document

pptx

• add pptxStyle support
• add pptxChart support

highlights of updates

general updates

• optimizations to studio when working with a large number of entities
• fix store methods to avoid unexpected mutations
• office recipes (docx, pptx, xlsx) support handlebars partials and NUL, VERTICAL TAB characters are normalized (invalid xml characters)
• fixes for xlsx nested loops and normalize data when it contains characters that are xml entities
• fix import issue when exporting a folder and trying to import it back inside the same folder
• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases
• the default chrome that comes with jsreport and the chrome versions installed in docker were updated to use Chrome 117

core

• fix parameter mutations passed to store methods producing unexpected changes in store

studio

• fix deleting entity inside a folder does not refresh EntityTree
• multiple optimizations for studio when working with a large number of entities

tags

• updates to make possible the optimizations for studio

fs-store

• fix parameter mutations passed to store methods producing unexpected changes in store
• add indexes to fs store to improve big import performance
• fix too many open files open error on windows with big import

xlsx

• fix nested loops with closing tags on single line
• fix xlsxChart not working when copy/paste charts found
• fix xml/html entities encode
• make handlebars partials to work

pdf-utils

• fix hyperlinks not working when adding password to pdf

docx

• remove NUL, VERTICAL TAB characters

pptx

• make handlebars partials to work
• remove NUL, VERTICAL TAB characters

import-export

• fix issues when importing an export that contain folder (and nested entities) inside the same folder

highlights of updates

general updates

• the sandbox, the main component jsreport uses for evaluating potentially unsafe user code for secure installations (servers using trustUserCode: false or not using an explicit value for it in the configuration) is now using Secure Ecmascript in favor of vm2 (which is now insecure and deprecated). see the blog post for the full details about this change
• add support for creating multiple admin users
• add initial optimizations to studio when working with a large number of entities
• xlsx generation phase improvements to formulas and working with references to cells from different sheets
• the deprecated xlsxTemplates entitySet is now removed, also options migrateXlsxTemplatesToAssets, migrateResourcesToAssets for old migrations are also removed
• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases
• the default chrome that comes with jsreport and the chrome versions installed in docker were updated to use Chrome 116
• minimal node.js version required to run jsreport and extensions is now 18.15.0

core

• remove old migration options migrateXlsxTemplatesToAssets, migrateResourcesToAssets
• sandbox now uses SES instead of vm2 for evaluating user code

studio

• initial optimizations when working with a large number of entities
• update build dependencies (monaco-editor, babel, webpack)
• avoid http basic authentication error dialog when authorization errors happen from studio actions

express

• avoid http basic authentication error dialog when authorization errors happen from studio actions

npm

• fix text in validation error

freeze

• cache freeze option for single request to improve import performance

localization

• cache localization calls to improve performance

authentication

• avoid http basic authentication error dialog when authorization errors happen from studio actions
• add support for multi admin users

authorization

• add support for multi admin users

xlsx

• remove deprecated xlsxTemplates entity set
• xlsx generation improvements when working with formulas
• xlsx generation should not throw error when formula's cell ref point to different sheet
• fix for calcChain generation when using loops and formulas in more than one sheet

chrome-pdf

• update puppeteer to work with chrome 116

docx

• fix docxHtml should not normalize space of elements that have siblings in the content

highlights of updates

general updates

• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases
• the default chrome that comes with jsreport and the chrome versions installed in docker were updated to use Chrome 114
• node.js version was updated to 18.16 for docker images

html-to-xlsx

• fix passing chrome launchOptions to chrome-page-eval

chrome-pdf

• empty values '' for pdf width, height and other options throw errors on recent versions of puppeteer, we now normalize options and don't pass empty values
• set explicit launchOptions.headless: old to avoid warnings, for now we use the old headless mode until the new mode gets stable

highlights of updates

general updates

• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases
• improve memory usage when receiving lot of requests that require external modules
• npm require now supports scoped modules @packageName/module and sub paths module/subpath
• xlsx now supports multi-row loops and nested loops
• docx improvement to support conditional table cells and async image src

core

• render requests are now rotated across not busy workers but considering its last usage too
• require in sandbox now uses a custom require implementation that takes care of isolate module resolving and that uses our own cache (different to built in require.cache) to avoid using a lot of memory when there are a lot of requests. if module isolation is not needed (because user can trust the templates) then it can be disabled by using sandbox.isolateModules: false

studio

• remove title (the one that appears when you put mouse over it for some seconds) of log messages, to prevent them showing when trying to read the log and scrolling

browser-client

• fix url normalization. it was breaking playground serverUrl

assets

• fix resolving assets as links

components

• fix components cache

npm

• allow jsreport.npm.require to require sub paths await jsreport.npm.require('[email protected]/package.json')
• allow jsreport.npm.require to require @ scoped packages

xlsx

• add support for nested loops (row/block loops nested)
• remove VERTICAL TAB character (\u000b) and prevent bad xml to be generated
• improve performance (and prevent hang) by not using regexp for the auto detect content feature
• cells outside of loop should not access data from loop
• add support for block loop (loop that repeats cells across multiple rows)

docx

• fix table cells not being well-formed when user uses conditions (#if) across table rows and cells
• support setting docxImage src from async result

highlights of updates

general updates

• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases

core

• update deps to fix security issue
• automatically disable full profiling after some time to avoid performance degradation
• improvements to full profile serialization (prevent blocking)
• fix profiles cleaning and calculate timeout in beforeRender

studio

• show full profile duration limit on profile UI

docx

• fix docx rendering with handlebars partials

highlights of updates

general updates

• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases

core

• add options.onReqReady to be able to receive the parsed req values

express

• postpone setting http response timeout until the req.options.timeout is parsed

highlights of updates

general updates

• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases

core

• fix error when trying to read req.options on reporter main code when enableRequestReportTimeout is enabled

highlights of updates

general updates

• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases
• add support for <img>, <table> tags in docxHtml helper
• fixes and improvements to render profiles
• improve the support of external pdfs when working with pdf-utils

core

• log when worker returns bad res.content
• fix profiler leaks
• remove settings sync API and avoid loading all items to memory
• throw weak error when validating duplicated entity
• ensure we end with profiles with error state when there is server or req timeout

studio

• throw error when opening an orphan profile

express

• add support for odata ne operator

scripts

• fix issue with beforeRender/afterRender scripts not being able to merge/replace existing buffers

localization

• use old req.options.language when req.template.localization is empty

pdf-utils

• improve the support for parsing and working with external pdfs
• support new option appendAfterPageNumber in jsreport-proxy pdfUtils.append to allowing appending new pages starting at specific index

docx

• fix template.docx.templateAsset from payload not overwriting the template.docx.templateAssetShortid
• fix parsing of end of if and start of another if in same line
• add support for table tag in docxHtml helper
• add support for img tag in docxHtml helper

highlights of updates

general updates

• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases
• text search across entities content was added to the studio
• improvements to pdf utils (support copy outlines when doing merge/append, add studio UI to handle pdfMeta custom metadata)
• component helper now supports propagating hash parameters to component data
• fixes for xlsx and pptx

core

• mainReporter.executeWorkerAction now supports cancellation with AbortController.signal
• add support for specifying what are the main document properties of templates entitySet

studio

• add support for text search across entities content
• closing a main editor tab now also closes all dependant tabs (like pdf utils, chrome header/footer)
• .openTab method now supports opening dependant editor tabs (like chrome header/footer tabs) with the option docProp
• define /studio/hierarchyMove api endpoint as post route explicitly

data

• add support for specifying what are the main document properties of data entitySet

express

• update deps to fix npm audit

assets

• add support for specifying what are the main document properties of assets entitySet

scripts

• add support for specifying what are the main document properties of scripts entitySet

components

• component helper hash data is not propagated/merged to component data
• add support for specifying what are the main document properties of components entitySet

xlsx

• add support for specifying what are the main document properties of xlsxTemplates entitySet
• do not fail parsing cell found with error and no formula definition found

chrome-pdf

• use Studio.openTab with docProp option to open chrome header/footer tabs

pdf-utils

• support copy outlines when doing merge/append
• add studio UI to handle pdfMeta custom metadata
• fix typo in definition of sandbox hidden property

pptx

• fix pptxSlides issues with updates after xmldom dep update

highlights of updates

general updates

• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases
• we now provide docker images for ARM architectures, so jsreport docker images now will work fine in machines with Apple M1 based hardware. see this docs for details
• start to differentiate between template not found errors and permissions errors for better understanding
• reports cleanup logic was improved with limits to avoid memory issues
• office recipes (docx, xlsx, pptx) now default to accept buffer strings as base64 and throw better error when failed to parse office template input
• user level logs (done in script of web pages like chrome) are now logged with level debug
• xlsx: xlsxAddImage now support alt text and xlsxChart can be used along with dynamic table
• docx: docxStyle, docxImage, docxChart, docxHtml now can be used safely in document header/footer
• docx: add initial implementation of docxChild helper to allow merging text of another docx
• pptx: improvements to pptxImage (new options: (usePlaceholderSize, width, height)
• pptx: improvements to pptxTable (new support of vertical tables)
• pdf-utils: added support for specifying custom properties for PDF metadata

core

• add more store methods collection.findAdmin, collection.findOneAdmin, reporter.adminRequest to easily allow execution of store queries without taking into account permissions
• improve logging for child requests and user level logs
• differentiate between template not found errors and permissions related errors (it is now more clean what is the cause of specific error)
• normalize to error when non-errors are throw (like throw "string")
• improve errors in helpers (it now includes the helper name)
• improve error message when template was not found in child request
• improve error handling in sandbox

studio

• improve ⇧ + ↑, ⇧ + ↓ entity tree multi selection in studio
• add studio range select with ⇧ + click to start and end

child-templates

• improve logging and errors

express

• wait for jsreport initialization globally in middleware (this means that http routes will wait until jsreport is initialized before going to the route logic)

assets

• errors from asset logic should be weak
• validate that passed asset path is string

scripts

• ignore scripts attached to template which contain scope that is not compatible to run at the template level

reports

• reports cleanup now use a limit of report to clean on each interval (default 10, can be configured with extensions.reports.cleanParallelLimit option)

html-to-xlsx

• no table elements should be a weak error

xlsx

• xlsxAddImage support for alt text
• fix xlsx chart generation when it points to dynamic table generated by loop

chrome

• use url.pathToFileURL to avoid problems with space in file paths for windows
• threat timeout errors as weak errors

cli

• improve error logging

pdf-utils

• added support for specifying custom properties for PDF metadata
• dont fail when recipe null not yet validated

static-pdf

• dont fail when req.template.staticPdf is null

docx

• make docxStyle work in document header/footer
• add docxChild helper to allow merging text of another docx
• accept buffer strings as base64 and throw better error when failed to parse office template input
• make docxImage and docxChart to work in document header/footer
• make docxHtml work in document header/footer

pptx

• fix support of pptxTable and add support for vertical tables
• pptxImage now support same options as docxImage (usePlaceholderSize, width, height options)
• accept buffer strings as base64 and throw better error when failed to parse office template input

highlights of updates

general updates

• the default chrome that comes with jsreport and the chrome versions installed in docker were updated to use Chrome 105
• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases
• config.json is now a reserved name, entities can not use this name anymore
• improvements to xlsx recipe when office template contain shared formulas/strings
• improvements to cli and support to customize service name in win-install command
• new features in pdf-utils (pdf accessibility, pdf/A, cross page clickable links, support for pdf generated with phantom native headers)
• add support for embedding html in docx recipe (docxHtml helper)

core

• make "config.json" a reserved name for entities
• update vm2 to fix security issue

assets

• asset not found is marked as weak error

reports

• remove meaningless log

fs-store

• fix $in queries

xlsx

• fix xlsx generation with template using shared formulas
• fix producing corrupted shared strings

cli

• add support for tempDirectory and service name to win-install command

pdf-utils

• add option pdfAccessibility.enabled to support copying accessibility tags
• add support for generating files with pdf/A compliance
• add pdfDest helper to support cross page clickable links
• support phantom with native header in pdf utils

docx

• add initial support for embedding html in docx (docxHtml helper)
• add helper docxTOCOptions to support configuring TOC behavior (only option available there right now is updateFields which controls if the generated docx file should show a prompt when it is being open in Word to decide if the TOC should be updated)

• fix missing files for jsreport-handlebars release

highlights of updates

general updates

• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases
• docx watermark options support and improvements for auto-sync of TOC
• fix xlsx helpers execution during transformation step
• fixes for version control
• user logs (from helpers, scripts) are now formatted differently on studio (profile logs) and stdout
• add support for multi-selection of entities in studio
• bug fixing to the profiling process and improvements to profile logs display in studio

core

• add support for multiple source entities when copying and moving
• fix some issues with blobs and profiles
• format user logs differently on stdout
• fix logging of req as http.IncomingRequest
• fix profile compatibility with jsreport container based execution
• fix memory leak in profiling
• add support for logs of main reporter to show in profile

studio

• fix preview tabs showing when container collapsed
• add download profile logs action
• improve the profile operations display when there render fails
• disable profile menu actions and click on nodes when the rendering is in progress
• fix long name in nodes breaking profile canvas display
• add support for multi selection in entity tree (ctrl/cmd + click)
• add support to control the entity tree edit selection with keyboard (⇧↑ and ⇧↓)
• add support for copy, delete when multiple entities are selected
• format user logs differently on studio (profile logs)

handlebars

• add true async/await support to the engine

base

• fix typo in log

express

• update multer to fix npm audit

assets

• fix {#asset} resolving when there is leading/trailing space in asset name

tags

• fix studio devtools warning on page load about source map not found

reports

• fix bug when there was render error

fs-store

• corrupted journal should be cleaned to avoid interval errors

authorization

• fix log about user's name

html-to-xlsx

• fix run of html-to-xlsx with phantom
• fix htmlToXlsxEachRows helper not being present when rendering html-to-xlsx recipe
• mark user logs appropriately to the logger

xlsx

• fix xlsx helpers execution during transformation step

chrome-pdf

• mark user logs appropriately to the logger

version-control

• fix and improve of the version control blog storage write
• sort folders by hierarchy when committing folders
• fix the revert of entity remove when the entity is marked as bigfile
• fix for producing empty diffs

docx

• add updateFields setting on docx when there is TOC, this allows MS Word to ask the user to update the page numbers of TOC when the document is opened
• support configuring watermark options
• add support for removal of conditional TOC titles

import-export

• changes to studio ui to support multi-selection of entities

• fix cli jsreport configure command