October 2020 Dashboard Release Notes

  • Release Date Oct 30, 2020

  • pi.2020-10-29

 

Dec 13, 2021 - in response to a Java security vulnerability around Log4J2, this version of the dashboard needs to be updated to a version from our patched November 21 (inclusive) - or mitigating actions taken to provide security assurances - more information can be found HERE

Release Video


Release Highlights

Added

PANINT-8530 The data connection used and the chart ID is now displayed when hovering on a chart title in the chart library screen.

Dashboard


PANINT-8726 Export configuration from the port selector in the correct format for the new configuration tool

Configuration


CFGTOOL-2 Added beta version of new configuration command line tool (configuration-tool(.exe) in Dashboard), ultimately replacing port selector

Configuration


CFGTOOL-3 Added beta version of new configuration gui tool, (configuration-tool-GUI(.AppImage)|(.exe)) ultimately replacing the port selector

Configuration

Click here to see more information about this new feature on the release video.


Changed

PANINT-8722 - The dashboard will now update its own repository data connection if it detects a change on disk

Dashboard


PANINT-8769 - sameSite cookie security setting defaults to strict. This means new deployments that want to use embedding with auto-login functionalities or oAuth providers must change this to none or lax. (see detail)

Additionally, there are two new environment variables to configure this:

Variable

Description

Variable

Description

PI_TOMCAT_COOKIE_SECURE

This needs to be true if the dashboard is somehow being served with HTTPS. Default: false

PI_TOMCAT_COOKIE_SAMESITE

One of nonelax or strict. Default: strict

  • Automated deployments using any auto-login capabilities (while embedding) and/or oAuth must set the above variables accordingly.

  • If your dashboard is being served by HTTPS via a reverse proxy or a load balancer, you must also set PI_PROXY_IS_SECURE=true.

Deployment


Known Issues

 

Due to browser security improvements, embedding in other applications and/or using OpenID Connect authentication will from now on require HTTPS and additional cookie configuration in the new configuration tool.

Configuration


Due to browser security improvements, embedding charts in other applications using Chrome may require HTTPS and extra cookie configuration. Support can provide further assistance if required.

Configuration

Screenshot

The following screenshot shows the configuration settings:


Fixed

PANINT-8805 - Getting metadata on Postgres connections should work again.

Dashboard


PANINT-8723 - When user has debugging permissions, and using debug tools to inspect Category Filters, the SQL to generate the list of data is now present as a hidden html element for debugging

Dashboard


PANINT-8399 - Previously when using a top filter on charts or tables that contained multi dimensions there was a problem with how the filters were displayed when the top filter was one of these dimensions.

Dashboard


PANINT-8711 Fixed variable replacement for images in a pi Report. This means now you can use e.g. [[LOGO]] as an image in a report, and [[LOGO]] will be replaced by a variable set up for the user that views the report.

pi Reports


PANINT-8690 If a forgotten password email is requested for an email address which does not exist then there is no longer an error; the sent email page is displayed.

Dashboard