Pleae check the Content Security Policy by clicking here.

This feature applies the GDPR rules to the object entries. When the admin chooses to delete User's Personal Data, the object entries related to that user will also be deleted.

This feature allows developers to add email notifications directly into the notifications queue. It is useful when the email notification templates do not support a necessary custom logic that the template requires without requiring customers to re-write the entire email engine logic.

Now, users can build forms and content pages configuring them to trigger stand-alone actions with a click from the content page UI through the Page Builder.

We have added a new type of mapping that is available for editable type Action: you can see for example in a button fragment general options. To provide this out-of-the-box, we have evolved the button fragment to contain a configuration to switch between Link and Action buttons.

Now it is faster to implement experiences that rely on forms to interact with a business process, specifically in scenarios in which our customers decide to create their own custom form fragments according to their own look & feel or behavior.  

We have added a configuration for the user to decide which form fragments will be automatically mapped to each Object field type, when a form container is mapped to an object.

As it was done with 404 feature, now this feature is enabling our customers to fully adapt their users' experience providing an OOTB 500 error page fully customizable and allowing creation of new ones from scratch.

Fragments now provide editable types to map Link to Page field types that can be found in structures.

• The page creator can map the Link to Page field in a fragment from a content page.
• The Link to Page field is still mapped through a fragment on a Content Page even after the site is imported.

Before, changing cacheable configuration of a fragment would imply a "save" action and potentially a changes propagation action (no changes indeed if only the cache configuration was changed). This caused problems in performance and other aspects (such as wrong modification date).

From now on, and to avoid that, Fragments Cacheable property is managed in the Fragment options ellipsis menu: Fragment Sub-Elements Reference

This prevents fragment save + propagation when this configuration is modified, making it more efficient and resistant to issues.

In addition to that, we have added a cached label to better indicate which fragments have active cache.

IMPORTANT: BREAKING CHANGE as customers might expect the Cacheable configuration to be inside Fragments Editor, and now it’s placed in a different position.

Now users can create richer web content with the new Date-Time field available in Web Content Structures. To make it add more value, it is also enabled the possibility to map this new field to the editable of type Date-Time from any fragment, allowing users to customize the date & time values in content pages.

• New Date and Time field.
• Date-time values can be added to Web Content.
• Custom format in Fragment config.
• Custom date time display.

In order to improve the information we display at the Content Dashboard, we have added a new column with the Review Date value. With this new column, users have an easy way to view all contents where the review is needed. In addition, we have developed a new Filter to give the capability to show only the contents to be reviewed.

Note: This change will require a full reindex to work, so the new field can be propagated.

Filter by Review Date:

• All 
• To be reviewed

Traditionally, it has been complex and tedious to configure the necessary permissions that would make the Control Menu not visible for logged-in users. As soon as one permission was not configured properly, the Control Menu would be visible for these users.

This was previously managed by a specific logic inside the Theme, but now, we have made it easier to control and configure with a new setting.

Now, customers can easily control visibility of the Control Menu per role, within Site Settings >> Site Configuration >> Menu Access.

We have refactored the Page Configuration and Page Design Options to make them homogeneous and consistent. Now, users can access Page Design Options as a section of the Page Configuration (they were two separate views before).

In addition to that, we have made the UX homogeneous and more consistent with new Clay component styles. We have also regrouped items according to what users intend to do, making it more logical and user friendly to configure.

This feature adds a HTML template that provides more context for the email notifications users get when Message Added Email and Message Updated Email are triggered on Message Boards.
For this, three new terms were added:

• Message siblings: message thread of messages at the same level.
• Message parents: the message body of the parent message.
• Root message body: the message body of the original message.

Ability to filter the user agent (all, human, bot) for each redirection pattern, in Configuration.

Users can set different permissions for download and for viewing documents.

Option of rating added to Folders and the endpoints for Documents rated by me, Folders rated by me have been created.

Provide users with a simple and effective way to view, access, and manage the Knowledge Base folder hierarchy. It is included:

• Drag and drop experience for moving content.
• Search for content in the Knowledge Base management.
• Using the action menu to manage folder.

Ability to set expiration and review dates for articles, and to view which articles are pending expiration.

Now Content Editors can easily find the documents they are looking for thanks to the new filters added to Documents & Media.

Three (3) new filters have been added: categories, tags and extensions.

Page listing the version history of a document to help managing different version.

Priority icons to MB CSS are added to avoid to force enabling font awesome in the whole portal.

We have made the organization’s addresses, phone numbers and email addresses changes tracked. These can be added to a Publication from now on.

The list of working in progress for Publishing features can be found at Publications update 2023/06/13. We have improved performance, while also making the wiki pages change tracked. It has also been implemented a mechanism to remove publications that are more than 6 months old.

This new feature allows content editors to view the only publications that included modifications to a particular asset.

With this new feature an admin should be able to help preconfigure a publication to help facilitate their unique workflows.

Publication templates can be leveraged to provide naming patterns to any created publication. Tokens are provided to allow each publication to have unique names.

Admins can also assign roles to users immediately during publication creation.

Users can now create, edit, or delete knowledge base articles within a publication.

Support for Object displays pages in the search results, aggregating (via Custom Facet widget), filtering (Custom Filter widget) and sorting (Sort widget) using Object fields that are indexed as Nested Fields in Elasticsearch, similar to Web Content Structure (DDM) fields.

Automatically register a collection provider for each search blueprint. By displaying the blueprint's results in a collection display fragment, you can leverage search to return your assets dynamically, and reap the benefits of the fragments toolbox to lay out the page.

Search the company index for matching content through a single endpoint and build custom search experiences. Supports facets with translated display terms and also custom searching, filtering, aggregation and sorting through Search Blueprints (DXP ONLY)

Liferay Portal 7.4 CE GA88, Liferay DXP 7.4 Update 88 bundled with the latest available version of Elasticsearch 7.x for Sidecar (7.17.12, as of Aug 7, 2023).

With this new front-end client extension users will be able to add an entry to the global import map.

This can be used to share code between decoupled client extensions that are freed from the need to know the deployment URL of the code at build time. For example, this will allow you to share your library or framework of choice among all your front-end client extensions:

For a script to consume the JavaScript module referred to by the import map entry, it needs to be of type=module.

In order to help developers to understand how to use this client extension, a sample has been provided: https://github.com/liferay/liferay-portal/tree/master/workspaces/liferay-sample-workspace/client-extensions/liferay-sample-etc-frontend-2

It has extended the support for External Reference Code to other Liferay entities in version 7.4. With this new parameter, users will be able to access, create, update and delete various entities by simply specifying the scopeKey and the external reference code.

This External Reference Code is a custom identifier, which means that at the creation time it can be set, helping to migrate entities from one environment to another while keeping this External Reference Code the same across environments. You can check the available endpoints to be accessed by External Reference Code in the API explorer.

The batch engine API allows developers to export/import data, but it requires developers to provide a configuration with multiple parameters. With the new auto-generated endpoints, it is easier to perform export operations in the portal. The export endpoints are asynchronous, so it will provide a taskId in order to retrieve/download the records requested.

The endpoints follow this format:

With this feature it is possible to differentiate the login failures in the audit messages, which one is caused by incorrect password and which one is caused by incorrect login.

Before this change, audit messages were only returned for cases when the authentication failed with FAILURE status, which happens when the user provides an incorrect password. The event type is LOGIN_FAILURE in this case.

With the new changes, it is provided audit information for cases when the authentication fails with DNE status by adding a LOGIN_DNE event type. DNE stands for user "does not exist", it always means that the login (email / screenName / userID) is incorrect.

So with the newly added LOGIN_DNE event type we cover authentication DNE scenarios when the login fails due to incorrect login (email / screenName / userID) .

When the users are authenticated through SSO and IdP, it is possible to remove the ability of the end users to add or edit their passwords.

As an Instance Administrator, you are able to configure if the users have the option to give their password at registration and you can remove the whole password block from editing user data, if the password is not changeable by the password policy of the user.

From now on, users can view the summary of failed staging processes, which can help them to solve the issue(s) which caused the staging process to fail.

Using LAR files for export/import in the portal are stored in DM. These LAR files can increase the size of the DM significantly. We have changed this, so the LARs are not kept in the DM after the export/import process.

On LPS-136108: URLs using a virtual host are always reformatted on export and import, even in cases where they don't need to be the validation of the Web Content was added for Liferay layout URLs. Before this, there was no validation, so users could create their customizations where they could add different URLs to the Web Content's content. After the validation was added, some custom URLs became unable to be added to the Web Content. From user perspective this was a feature loss, so we decided to deliver a feature to make customers able to add their custom URLs to Web Content's content field. This feature is about adding a configuration for storing the user’s relative URL patterns. So custom URLs containing this pattern would bypass validation.

Before the Import process starts, users are now asked via a confirmation dialog if the user is sure about deleting application data . Also, we have improved the error message for Staging related references.

As a Site Template Administrator: template propagations are run completely in the background and background tasks are executed in a sequence. The LAR from the Site Template export is cached, so different Sites can reuse it.

• LayoutSetPrototypeMergeBackgroundTaskExecutor always uses the latest Template version for the propagation.
• If there is already a queued background task for the Site, we don’t create a new one.
• If there is a background task in progress, we only create a new background task if the Template was modified.

• Deletion of property upgrade.log.context.name. Now all upgrade related log lines are automatically tagged with the key upgrade.component, which provides more meaningful information.
• Upgrade Report is now compatible also with upgrade on startup, and it can be printed as Log Thread Context information.
• Upgrades log the result and the type of upgrade that has taken place after all the upgrade processes finish.
• New mBean available with upgrade on startup to obtain real time information about the status and the result of the upgrade.

Creation of a new property called upgrade.report.dl.storage.size.timeout that specifies the number of seconds that the upgrade report generation will wait for calculating the DL size before timing out. This property is set to 10 by default but it can be modified in the portal-ext.properties file.

Kaleo Forms was already in maintenance mode. It is now being moved to deprecated, so it can be removed at the same time as DDL in about a year. This solution is being replaced by Objects, Workflow, and Form Container Fragments.

The portlets that are in the Contacts module will be deprecated.

These are:

1. Contacts Center
2. Members
3. My Contacts
4. Profile

In the first step, the modules were pushed to the maintenance mode.

These modules are obsolete ones and are no longer being used. They have been moved to deprecate and later it will be removed.

Now you can create more detailed customer segments based on their specific actions. We have expanded our segmentation capabilities to allow you to segment your audience beyond standard website activities to include custom events. You can create highly targeted customer groups for more personalized experiences. Additionally, Liferay DXP now provides alerts when custom event criteria change, ensuring segment accuracy and relevance. Gain greater control over your customer analysis and the ability to deliver more relevant content.

A new out-of-the-box (OOTB) email notification template based on Objects. This template will be automatically sent to the order creator when an order status changes to 'pending'.

The notification includes:

• Order number

• Order date

• Account name

• Shipping address

• Order item summary

• Order total

We will move away from Commerce notifications and deprecate them and we will use Objects for the new ones.

Enhance your checkout experience by offering customers accurate UPS shipping costs based on their order details. Easily integrate this feature into your online store with our client extension available for purchase on the Marketplace.

Enhance Your Online Store with Adyen Payment Connector.

Liferay DXP now offers seamless integration with Adyen, a leading global payment platform. This powerful combination empowers businesses to accept a wide range of payment methods, reduce fraud, and optimize checkout processes. By simplifying payment management, Liferay DXP with Adyen helps you focus on growing your business.

This enhancement introduces configurable default permissions for newly created pages. Admins can set these permissions at both the instance and site levels. Instance-level settings are managed in a new Instance Settings panel, while site-specific overrides can be configured in the Site Configuration area.

The main change in this initiative is the new capability to control Analytics Cloud (AC) tracking through the cookie manager. We have updated the description of the Explicit Cookie Consent Mode to clarify that enabling this configuration via Preference Handling will disable Analytics Cloud tracking and other features. Now, if the Explicit Cookie Consent Mode is enabled, no cookies are set until the user agrees to their usage; otherwise, all cookies are set until the user opts out of them.

We have also introduced a new Utility Page, named Cookies List, which serves as a central hub for all cookies supported by Liferay. This page lists all four categories of cookies (strictly necessary, functional, performance, and personalization) and provides detailed information on each specific cookie, including its purpose and expiration date. For that, we have created new system objects to facilitate the management of cookies. If customers use additional third-party cookies, they can easily add new entries for these cookies, and they will automatically be displayed on the Utility Page.

Additionally, once a user is suppressed, their data is completely anonymized, making it impossible to trace any data back to a specific individual.

This initiative focused on enhancing user interface (UI) of both Downloading Reports and Path Analysis tool, establishing a cohesive design pattern across them. In particular, we committed to standardizing the presentation of Download Reports, encompassing various formats such as PDF and CSV, within the Downloading Reports Feature. This strategic investment underscores our dedication to delivering high-quality solutions that effectively address the evolving needs of our stakeholders.

Users can now efficiently locate images or videos by specific size categories (small, medium, or large) using the new filter feature on the Content Dashboard. Additionally, they can easily filter content or documents based on a range of dates for various lifecycle events, including creation, display, expiration, modification, publication, or review. This enhancement streamlines content management and improves user accessibility to relevant documents.

Users can readily spot documents & media that is not visible to Guest users through an icon, whether it's in list, card or table view or within the document editor. Additionally, this feature is accessible in the item selector, empowering users to discern which documents are not viewable by Guest users.

Users can easily identify and filter fields that are already translated and those that still need translation within the content editor. Additionally, they can choose to mark a language as translated even if some fields are not yet translated. Users also have the option to reset a translation to its default values with ease. These features will streamline the translation process and enhance efficiency.

Since Publications provides a final end point for users to review changes, it would benefit content editors tremendously if they could also review their workflow changes.

There is an unacceptable decrease in performance observed within large Publications. With publications housing a large number of individual changes, the current system struggles to maintain acceptable performance levels, especially during conflict checking and publishing publications. These two phases leverage handwritten SQL queries to perform those tasks that allow Publications a shortcut through our persistence layer to maximize performance in small publications. In large publications though, further considerations must be taken to ensure consistent performance.

Allow users to map Repeatable fields of a Web Content Structure already defined in Fragments and Collection Displays.

The /search and /suggestions APIs comes with the following enhancements:

• New, optional scope parameter supporting Site (Group) IDs and External Reference Codes (ERCs) in /search. The scope parameter of /suggestions has also been updated to have the same semantics.

• /search now is in RELEASE status.

• The APIs now are available under the /o/search/v1.0/ endpoint with backward compatibility for current /o/portal-search-rest/v1.0 calls through server-side forward.

Refer to the documentation for more details.

Clause Contributors configuration is now stored within the blueprint’s JSON with a smaller footprint, reducing the size of a blueprint by more than 90% when using the default setting (all contributors enabled → Enable All) or the new Disable All option.

The behavior of the different options is as follows:

• with Enable All, all current and future query clause contributors introduced to the platform will be enabled automatically. Disable All behaves the opposite way,

• with Customize, the configuration is locked to the specified contributor list.