jsreport

• fix cannot propagate req.data object changes from sandbox when trustUserCode is true

highlights of updates

general updates

• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases
• add caching to system wide helpers (from docx, pptx, xlsx, etc)
• add new trustUserCode option and deprecate allowLocalFilesAccess, more details here
• exposed new methods waitForAsyncHelper, waitForAsyncHelpers to jsreport-proxy, handy when working with async helpers

core

• improve handling of worker exit
• add a way to disable the safe execution and prevent the performance penalty
• cache system helpers function
• profiler.maxDiffSize applies to both req and res
• improved the support for running jsreport as serverless function
• added new apis in jsreport-proxy for better working with async helpers

studio

• fix Maximum call stack error when rendering a report that produces a lot of logs
• improvements to handle reports that produce big profiles

express

• filter out nested properties with visible false from odata outputs
• fix extensions not being able to modify meta.headers in afterRender

reports

• fix return of proper filename for the report

fs-store

• fix external entities changes sync reload

authorization

• don't authorize modifying calls without users

xlsx

• fix xlsx block helpers not working with asset call in helper body

cli

• change the configure command questions to fit better with new trustUserCode option

sample-template

• update samples to mention new trustUserCode option

import-export

• fix import-export cli authorization errors when running

highlights of updates

general updates

• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases
• pdf utils new features and improvements
• add support for generating xlsx based on handlebars tags present directly in a xlsx template file

core

• fix parsing issue of code with comment in the sandbox (helpers, scripts)
• improve profiling when there is big data
• make transactions support in store configurable
• improve timeout for the whole request
• optimization regarding profile persistence

studio

• improve the Profiler page
• improve the display of profile with big data
• improve the Startup page

handlebars

• engine expose new .unescape method

express

• add option extensions.express.cors.enabled to enable/disable cors handling in jsreport
• fix applying req.options.timeout when enableRequestReportTimeout is true

assets

• fix asset link click from xlsx template preview
• update to improve the display of templates with xlsx in studio

authentication

• disable studio login page when studio extension is disabled

fs-store

• properly support absolute path in blobStorage.dataDirectory
• various optimizations regarding profiler persistence

html-to-xlsx

• fix not considering reportTimeout for the recipe execution

chrome-pdf

• fix not applying the root chrome config

pdf-utils

• add support for checkboxes in pdf
• add support for attachments in pdf
• remove only the white default chrome background when merging

version-control

• add missing changes column to fix migration

docx

• make TOC logic to work with documents created with other languages
• add backgroundColor support for docxStyle
• update to support new api for office asset display

pptx

• update to support new api for office asset display

xlsx

• add support for generating xlsx based on handlebars tags present directly in a xlsx template file
• the old way of generating xlsx (transforming/assembling xml using templating engines and helpers) is still supported and it is now executed taking the generated xlsx as input

• fix security vulnerability in sandbox

highlights of updates

general updates

• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases

core

• fix and improve async reports execution
• fix for render profiling
• fix for blob storage remove and appends

studio

• fix exe compilation
• remove socket.io, it is now only part of where it is actually used (fs-store)

licensing

• fix schema definition

express

• use req.socket to listen on canceled request because req.connection was deprecated

assets

• fix studio usage of old property scope, new one: sharedHelpersScope

npm

• add package.json to path when checking module existence

localization

• accept object for localize function and propagate req.template.localization to the child templates

reports

• fix issue with sample data and input data in async reports

fs-store

• add fs-store ignore option to ignore directories/files during the load
• add socket.io as explicit dep
• optimization: don't delete nested folders when updating folder
• fix losing entities in fs store data directory when updating folder in transaction

cli

• internal refactor (use latest version of yargs)

pdf-utils

• improve merge of document with annotations

docx

• update table of contents in docx
• add support for defining merged cells in dynamic table

import-export

• compatibility updates for new version of jsreport-cli (import, export commands)

highlights of updates

general updates

• improve the general "Report timeout" handling and error message across extensions
• fix not resolving relative path correctly in sandbox
• fix for async reports execution
• improve title of New entities modals

core

• fix logger initialization when running as cli command
• improve the general "Report timeout" handling and error message
• fix req.options.reportTimeout regression
• fix execution of async reports

studio

• add route to open profile from report timeout error message

express

• wait for profile to be ready at /api/profile/:id/events endpoint

assets

• allow await in module required by asset.require in sandbox
• add folder based shared asset helpers
• fix not resolving relative path correctly when calling asset code from another asset

scripts

• add folder based scripts
• script without beforeRender does not add profile operation

components

• make components preview stoppable

reports

• fix reports with async true loosing data with more workers

authentication

• improve SSO studio login error description

pdf-utils

• support for form fields when merging documents
• support for form fields when removing pdf page using script

highlights of updates

general updates

• add users groups and support permissions based on it
• fix shared helpers not being callable from other helpers
• add components preview in studio
• change sandbox module caching to be based on the whole request lifecycle
• improve the way we register helpers from extensions

advanced-workers

• jsreport.close from worker should call process.exit in next tick to avoid crash
• use timeoutErrorMessage for better error description in worker execute errors

core

• support for running template evaluation standalone
• fix default root dir path
• fix req.template.name being set as full path when request is done with full path
• change sandbox module caching to the whole request lifecycle
• top level functions in sandbox code (helpers, scripts) are being put explicitly in global scope

studio

• fix key event listener removal for some shortcuts

data

• add support for data references in components

browser-client

• update browser-client sdk to 3.1.0

express

• better timeout for express http request

assets

• fix shared asset helpers not being callable by other helpers

scripts

• remove scripts.allowedModules config, sandbox config is now used

components

• add components preview
• fix component engine validation

authentication

• add support for users group based login with SSO

authorization

• add users group and support permissions based on the groups

chrome-pdf

• add viewportWidth, viewportHeight options to chrome pdf and chrome image

pdf-utils

• avoid base64 serializing of pdf buffers

docx

• remove beta warning

pptx

• remove beta warning

import-export

• fix issue with import/export cli commands

• regression fixing office recipes

highlights of updates

general updates

• fix relative paths when executing from scripts
• improve error stack traces (code that is executed through listeners collections now has support for async stack traces)
• improve linter and profiler logs styles in studio

core

• fix blob storage append to not existing blob (mongo)
• use relative path to the currently evaluated entity
• fix performance issue in sandbox with long buffer (don't use restore() of sandbox through a method attached to the sandbox)
• update migration xlsxTemplatesToAssets, resourcesToAssets to inherit permissions and change name for resource script to ${template.name}_resources
• refactor ListenerCollection for better stack traces
• fix startup extensions logs not recognized as npm source
• fix extensions cache entry root path
• don't crash process when monitoring persist fails
• fix compilation (updates to vm2)

assets

• use relative path to the currently evaluated entity (for example relative asset inside script should be relative to the script)

authorization

• refactor ListenerCollection usage for better stack traces

express

• add /api/schema/:entitySet route to fetch json schema for entitySet
• don't crash when host header missing

html-to-xlsx

• fix error line numbers in html to xlsx

import-export

• refactor ListenerCollection usage for better stack traces

localization

• use relative path to the currently evaluated entity (when localization is used from script the current path is equal to the running script)

pdf-utils

• fix pdf utils merge operation never ending in profile

pptx

• fix errorLine in stack trace when propagating from pptx

sample-template

• update samples

scheduling

• refactor ListenerCollection usage for better stack traces

scripts

• use relative path to the currently evaluated entity (use script path as the current entity path)
• fix performance issue in sandbox when using long buffers (don't use restore() of sandbox through a method attached to the sandbox)
• refactor ListenerCollection usage for better stack traces

studio

• add entity definition button in entity tree item context menu
• fix loading of monaco editor icons
• improve styles for profiler logs
• fix studio editor linter error for top level await in script/helpers (add babel-eslint to our linter in studio)
• fix jsreport-studio-start when running with —runOnly in extension starter kit
• fix layout issue with profiler when a large base64 image is logged

version-control

• improve revert changes warning in studio

xlsx

• fix error line numbers in xlsx recipe

The stable version of v3 is here
https://jsreport.net/blog/jsreport-300-released

🎉🎉🎉 jsreport v3 major release beta

https://jsreport.net/blog/jsreport-v3-beta-released

highlights of updates

general updates

• chrome was not updated this time because some compatibility issues, we are still using Chrome 79
• pdf utils improvements for form elements, sign and password and general optimizations
• version control diff calculation optimization
• docx recipe improvements for charts and content in loop (data labels, axis options)
• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases

core

• fix warning for node 14

authentication

• fix bug about can not insert duplicated user when doing full import-export

chrome-pdf

• use allowLocalFilesAccess to enable/disable local files access

docx

• fix office warning about not legible content present in docx when adding an image that was not part of default mime types of document
• add support for chart options, starting with a few option to customize the axis
• add initial support for combo charts and fix generating chart with more data series than the one defined in the docx template
• add basic support for data labels, starting with just scatterChart
• add docxRaw helper
• fix generation of bookmarks in loop

express

• fix export of the public ping route

fs-store

• ignore .DS_Store from sync monitoring

html-to-xlsx

• fix sheet id generation when using a base template
• fix jsreport global reportTimeout config not working
• fix column widths calculation when table data contains colspans

import-export

• fixed local import to authenticated server

pdf-utils

• parse just zipped streams
• fix PDF form element when using non ascii symbols
• fix position calculation of PDF form element
• fix setting pdf permissions/password
• fix PDF form elements in multiple pages
• optimize and skip images during processing text
• fix outlines and meta in encrypted documents
• fix producing empty pdf when pdfSign and pdfPassword are used together

reports

• store report after script afterRender

sample-template

• removed some spacing in css classes

version-control

• use google dif match to speed up calculating diffs

highlights of updates

general updates

• chrome was not updated this time because some compatibility issues, we are still using Chrome 79
• docx recipe improvements for charts, table and white space handling
• extensions were updated to be compatible with new version of jsreport-studio
• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases

core

• fix issue when parsing/serializing empty buffers in scripts/template execution

cli

• update the jsreport client to make infinite body size the default for remote requests

docx

• don't break execution when chart has no xml style, color files defined
• charts should preserve colors and number format defined in the series
• add support for chartEx charts (waterfall, treemap, sunburst, funnel, stockChart, clusteredColumn, scatterChart, bubbleChart)
• add support for vertical table
• add support for dynamic table creation (both rows and columns can be created based on data)
• fix support for xml:space="preserve" when concatenating tags
• remove lines that just contain handlebars block tags

express

• use 50mb as default limit for the input request

fs-store

• ignore .git folder and expose reload
• use state from files (instead from memory) during compaction

import-export

• fix issue when importing zip with a lot of nested levels

licensing

• fix validation when server is down
• mask license key written to the startup log

pdf-utils

• expose api to remove page from pdf
• improve the groups and items values serialization
• add option "removeHiddenMarks" to prevent the remove of the marks that we create during group/item serialization
• add basic support for the digital signature form field

reports

• add option "options.reports.public" to support exposing the report content in unauthenticated/public url

scheduling

• add options "cleanScheduleHistoryInterval", "maxHistoryPerSchedule" for scheduling history clean up

studio

• update React to v16 and remove usage of deprecated apis

highlights of updates

general updates

• chrome was not updated this time because some compatibility issues, we are still using Chrome 79
• extensions were updated to annotate entity type properties that references other entities
• better support for operations that are related to references between entities
• folder copy and clone support
• import merge now uses a better strategy to resolve conflicts, pairing entities by path and regenerating and fixing references of duplicated _id, shortid fields when needed
• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases

assets

• use core function for resolving paths of entities

authorization

• fixed user permission inheritance for custom users

child-templates

• use core function for resolving paths of entities

cli

• fix jsreport --help output on windows

docx

• fixed docxImage for remote images without "image/" prefix in content type
• fixed links to bookmarks
• fixed support for nested lists

express

• marked get odata calls to allow permissions asserts for admin users in scheduling/version-control

import-export

• import logic now pairs entities by path
• resolving conflicts on shortid- > regeneration of shortids and fix references

pdf-utils

• fix exe compilation support

reports

• fix async report not getting sample data populated

scheduling

• fixed permission handling for none admin users

scripts

• marking jsreport-proxy find calls to allow strict access permissions to admins in scheduling/version control

studio

• folders copy support
• folders clone support

tags

• display tags on folders

templates

• use core function for resolving paths of entities

version-control

• fixed strict access for admins only
• don't use script callback for resolving entity paths

highlights of updates

general updates

• chrome was not updated this time because some compatibility issues, we are still using Chrome 79
• async helpers are now supported in template engines
• the authorization for http api (ODATA) was improved to prevent access for some entity sets that were not expected to be visible, editable for other users other than the admin user
• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases

assets

• handle entity tree drop of native files in the studio and insert it as assets
• fix asset name as path resolution when a folder in path does not exists

authorization

• fix showing permissions UI for entity sets that don't allow permissions

child-templates

• fix template name as path resolution when a folder in path does not exists

chrome-pdf

• add logs for page script errors and page http resource requests (long logs are trimmed)

cli

• update jsreport nodejs client to fix isssue with sites with https and self signed certificates

docx

• add docxChart helper
• fix page break not replacing text correctly in some case
• fix endnotes, footnotes generation and serialization, node insertion between documents handling
• improvements when generating content inside loop
• nested table support

fs-store

• better error handling during compaction

import-export

• handle entity tree drop of zip files in the studio to call the import dialog
• filter not exportable entity sets when listing entities for export and when importing

licensing

• fix error handling when doing license validation request

pdf-utils

• integrate pdf-password, pdf-meta and pdf-sign as part of pdf-utils
• remove hidden marks from pdf
• add support for generating interactive pdf forms elements (pdfFormField helper)

reports

• add report status and error information to UI
• improve logs
• don't store two blobs for single async render
• fix report open when appPath option is used
• fix blobs getting removed when user tries to delete a report he does not have permissions to delete

resources

• fix multiple language resources and defaultLanguage

scheduling

• improve schedule updates validation
• fix schedule report open when appPath option is used

scripts

• refactor how the jsreport proxy register handlers of methods

studio

• fix double save
• fix bug that produces duplicated entity error when doing save all action
• fix bug with close tab

templates

• fix template name as path resolution when a folder in path does not exists

version-control

• use document store transactions for version control operations
• execute version control operations in script
• add checks to prevent executing version control operations multiple times
• throw error when trying to insert commit with no changes
• fix the download of big files

highlights of updates

authentication

• fix a bug in the user locks for multiple failed password attemps

highlights of updates

cli

• fix config generated in init, repair commands (“renderTimeout” -> “reportTimeout”)
• no default encryption options for init, repair
• configure now does not ask for encryption.secret, now it asks for extensions.authentication.cookieSession.secret when auth is enabled

authentication

• don’t share the extensions.authentication.cookieSession.secret with encryption.secretKey

highlights of updates

general updates

• the default chrome that comes with jsreport and the chrome versions installed in docker use Chrome 79
• exe binaries are now compiled against node 12 which bring performance improvements
• the document stores now support transactions, which ensures consistence/atomicity on store operations when used
• we now support a single rendering timeout option reportTimeout, which is designed to deprecate more granular timeout options. we also support the single timeout per request configuration req.options.timeout but this need to be explicitly be enabled using enableRequestReportTimeout
• granular timeout options are deprecated and now emit a warning when used. they continue to work but will be removed in future release (templatingEngines.timeout, extensions.scripts.timeout, chrome.timeout, etc)
• a new reporter.encryption API was added, it is designed for extensions to be able to crypt/decrypt sensitive values in general way. those encrypted values (like passwords) can now be stored safely in the store
• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases

core

• rename of some API for entities serialization collection.convertBase64ToBufferInEntity -> collection.serializeProperties, collection.convertBufferToBase64InEntity -> collection.deserializeProperties
• fix internal json schema for date fields
• fix some issues with sandbox
• req.data is now initialized as per of request object creation
• fix memory leak with reaper
• fix the concat child request logs to parent request also for failed renders
• new store transactions api
• fix some security issues related to entity name, reserved name validation

authentication

• extensions.authentication.cookieSession.secret is no longer required if encryption.secretKey is set in config
• /api/extensions, /odata/settings routes are no longer public (they need http authentication now)
• add blocks when doing too much login attempts per user (includes http api Basic auth)

authorization

• fix adding admin user to permissions when creating entity
• fix issue about permissions propagation when inherit permissions from parent folders

browser-client

• use options.scriptLinkRootPath consistently, and throw error when we are not able to get the server url

chrome-pdf

• avoid logging header/footer content
• support puppeteer 2.0 in the peer dep
• don't run scripts for headers/footers content

cli

• fixed locking of parallel keepAlive starts
• fixed issues with keepAlive crashing and no meaningful error was shown
• concurrent support for kill command
• configure command now creates config with encryption.secretKey and single timeout reportTimeout

data

• allow loading sample data if parent request data was empty and without any data ref

debug

• failed render debug logs should have correct order for parent/child requests logs

docx

• performance optimizations
• forms support
• docxImage support for new properties: width, height, usePlaceholderSize
• fix parsing files that do not contain xml
• fix generating links, endnotes, footnotes recursively in lists and tables
• safe execution using scripts manager
• add docxPageBreak helper

express

• add extensions.express.responseHeaders config to allow setting general response headers

fs-store

• fix duplicate store results when sorting by a date field
• don’t store the folder.shortid in config.json (this allow to move the entities manually in the file system without editing files)

html-to-xlsx

• remove the "insertToXlsxTemplate" option, we now check for the existence of base xlsx based options if they are set we assume that you want the insertion to xlsx template
• support streaming generation
• improvements for the generation of large documents
• add helper htmlToXlsxEachRows that stores generated rows into files to allow streaming processing
• add support for new html engine cheerio-page-eval (it does not come with it installed by default)
• better calculate cell widths for chrome html engine
• add support for adding xlsx template as asset

import-export

• the import now uses store transactions to ensure consistence/atomicity by default
• add check "Continue on fail" that enables the import to continue on errors (which reproduces the same behavior than older versions)

pdf-utils

• avoid duplicating fonts when merging, dramatic decrease of the final pdf size
• always add pdf utils helpers even without utils operations set or if the recipe is not pdf
• the span element created by pdfCreatePagesGroup, pdfAddPageItem helper now also have a class name for easy styling

pptx

• pptxTable support
• safe execution in scripts manager

reports

• fix render requests called from a custom scripts doesn't apply reports extension
• fix some issues when blob was created without name

sample-template

• use merge whole document in the orders sample

scheduling

• new config option misfireTreshold to don’t run misfired schedules

scripts

• allow to cancel request from script with custom status code

studio

• handle renaming entity modal enter keypress
• fix ugly entity tree uncollapsing when loading
• fix validation for reserved names

studio-theme-dark

• don't break when studio extension is disabled

xlsx

• fix addImage to work with open xml drawing already exists as an array
• introduce asset-based ref to the template while keeping compatibility with original xlsxTemplate entity

highlights of updates

general updates

• fix require of external modules in the exe
• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases
• more improvements, fixes to the studio theming

core

• fix issue with http-server workers on recycle

authorization

• optimization: don't propagate same permissions

docx

• fix http Content-type response header when rendering

html-to-xlsx

• fix http Content-type response header when rendering

pptx

• fix http Content-type response header when rendering

xlsx

• fix http Content-type response header when rendering

pdf-utils

• fix ignore legacy parseBuffers call, it causes max memory error after executing proxy pdf utils operation that returns big buffer
• fix for rendering outlines in child templates

scheduling

• don't rethrow error from loading schedules

scripts

• remove legacy "parseBuffers" function, script-manager already handles serialization/parsing of data

studio

• create theme variables for scrollbar resizer
• theming: add styles for textarea
• preserve undock state after Studio.reset
• re-calculate editor layout on window resize
• fix long paths display in EntityRefSelect component
• add a way to disable theming in preview (we disable preview theming for html recipe)

highlights of updates

general updates

• added general rendering cycle control, to prevent renders to go into infinite loop when a template renders itself
• support for white-labeling and theming in studio - logo and colors of studio can be customized now and new themes can be created
• added a dark theme to studio
• new exe, with performance improvements and optimizations.
• extensions has been updated to support studio theming
• extensions has been updated to support new exe compilation
• extensions can now register cli commands
• all extensions dependencies were updated to ensure that we don't use vulnerable packages, so npm audit now reports 0 vulnerabilities in most cases
• the default chrome that comes with jsreport and the chrome versions installed in docker build now match (Chrome 76)
• added new recipe static-pdf
• added docx, pptx recipes but with one time warning that the extensions are in beta phase

core

• engines now can receive options
• templatingEngines.inputRequestLimit have no limits, so internal process communication is not blocked when rendering large reports and using http-server strategy. the extensions.express.inputRequestLimit is still validated normally when processing renders from http
• fix duplicate validation for stores than don’t support filtering with regexp
• fix for moment usage inside scripts

assets

• added p12 files as binary types for the assets editor
• add custom editor for office asset

browser-client

• update browser-client-dist to 1.3.0 (renderAsync exposes res.xhr to allow reaching response headers)

chrome-pdf

• add support for generating PDF from URL using template.chrome.url
• move puppeteer to peer dep

cli

• add tempDirectory as global option arg for compatibitlity with jsreport.exe
• add API to register commands from extensions
• add route to handle delegate of render with keep alive

debug

• sanitize header vals

express

• make api/ping public route
• expose headers to cors

fs-store

• don't preview studio when root data files like settings or reports are modified
• add compactionEnabled config
• support fs sync enum
• remove sync message should include just id to avoid big messages
• fix refreshing big entities in sync
• call external reload based on the lock interval

handlebars

• fix child template paremeters not working with handlebars
• move handlebars to peer dep

html-to-xlsx

• use jsreport-office for xlsx preview

import-export

• add import, export command to cli

jsrender

• remove support for older version, to not conflict with new options passed to engines
• update jsrender to latest 1.0.4

licensing

• fix applying license from license-key.txt file

pdf-utils

• fix PDF Document Information Dictionary needs to be an indirect reference
• fix helpers when it's an object
• run pdf-utils script with no limit

sample-template

• replace xlsx sample with html-to-xlsx sample

studio

• add API to customize About modal
• fix serving extensions js
• add option to customize logo extensions.studio.theme.logo.path
• add option to customize color vars extensions.studio.theme.variables
• add support for registering themes to the studio
• add option to change editor and studio theme extensions.studio.theme.name, extensions.studio.theme.editorThemeName
• add option to load custom css to the studio extensions.studio.theme.customCss.path
• fix collapsing preview not refresh editor layout
• add API to make editor component for entity configurable with resolvers
• make studio browser title configurable with string template

studio-theme-dark

• adds a dark theme to the studio

templates

• add general rendering cycle control validation

xlsx

• use jsreport-office to preview xlsx