The allowable size of an Account Name has been increased to 250 characters in line with industry standards.

Enables the ability to add new remote shipping calculations via client extension.

Ability to add new steps to the checkout process via client extension.

We continue to improve the API Builder by adding new endpoints: GET single element. With the GET single element new endpoint, we allow users to create a GET endpoint that only retrieves a single element using a path parameter.

One particular thing is that users can select as a path parameter any unique custom field defined in the object apart from ID and External Reference Code.

New POST endpoint inside API Builder to add the possibility not only of recovering information of the entries but also of creating them.

As in the GET methods, users can define the schema to use for the request and the response. Both can be the same or two different ones. And can even be one already used previously on another endpoint definition.

Company and Site scope is available too.

The POST method only works for creating new entries of the main object . No entries for the related objects can be created yet at the same time.

We have introduced a configuration feature within the Asset Library, enabling users to decide whether a Vocabulary created there is solely required at the Asset Library level or if it extends to the connected Sites as well.

We have introduced case-sensitive tagging for page creators, allowing tags to be saved and displayed exactly as created, whether in uppercase or lowercase. The feature ensures case sensitivity for tag creation, case-insensitive searching, and autocomplete, while maintaining backward compatibility for existing tags.

Users now have the ability to restrict channel access to certain Accounts via the eligibility tab on the channel admin pages. The ability to restrict certain Account Addresses to be used on certain channels has also been added. This is managed via an Eligibility tab on the address that allows the user set channel usage.

With this development, the publication of Knowledge Base articles will be schedulable, in particular, the feature is so designed:

• The primary Publish button will have an arrow down with the “Publish” option, that will immediately publish the article, and the “Schedule” one.

• Clicking the Schedule option, will make a modal appear so the user can set a date and time for the article to be published.

• The Scheduled article will have the SCHEDULED status that will change to APPROVED on the scheduled date

• A tooltip with the scheduled date information will appear when hovering the question-circle-full icon placed next to the SCHEDULED state.

• Editing a scheduled article will provide the user the ability, by clicking the primary button that has turned into “Scheduled”, to:

  • Cancel the operation

  • Publish Now

  • Schedule: this option will save the article, date & time changes and the user will return to the previous screen before entering edit mode

• Additional feature: A Knowledge Base article deletion action will move it to the Recycle Bin so that it can be restored.

Now user are able to:

• Configuration of document size for copying in D&M

• Bulk copying of documents and folders

• Currently the copy action for documents and folders is able to be performed in Portal without fully respecting the site-asset library relationship. The expected behavior is:

  • An asset library must be connected to a site in order to copy a document over to the site

  • A document cannot be copied from a site to an asset library (only the other way around)

  We can enforce a stricter check when performing the copy action between asset libraries and sites. Instead of the end user receiving a success message when copying a document to a disconnected site, an error message should appear telling the user to set the connection first.

• Document Types contained in a document are being copied in Documents and Media so that they can be easily reused.

• Categories and Tags in Documents and Media are being automatically copied so they can be easily reused on a new site.

Users are now able to properly search in the portal using the Search widget (in applications that have data restricted by account).

This feature allows you to leverage the functions of Liferay’s caching framework. Our current measurements indicate about 10%/30% performance increase in database writing operations, also 10 times faster reading performance!

To reduce the maintenance costs of providing a full document’s preview, the following changes are being introduced:

• “No preview available” state when the file size exceeds the preview size limit.

• Merge “File Entries” and “PDF Preview” settings under “File Preview Limits”

• Rename "File Size Limits" to "File Upload Limits" with a reviewed and more understandable Description copy

• The user is being informed that the generated preview may not correspond to the entire document

This development introduces the ability for the user to set the file size at asset library’s level. This settings will override the already existing one at System level when the latter is bigger. As a general rule, when both are set the lowest applies.

Users can add validations to verify field values that, when used in combination, are unique.

Limitation: numeric fields such as Integer, Long Integer, Decimal, Precision Decimal will be stored as null.

The user experience of the Management Toolbar present in multiple applications (Web Content, Blogs, Documents & Media) has been improved:

• Separate sections for filter and order.
• Changed “+” with “New” for clarity.
• Moved info icon to the right.

Validate relationships to prevent duplicate names in child objects.

Elasticsearch 8.17 has been tested and added to the compatibility matrix.

Liferay Self-Hosted deployments can update the Elastic stack to this version. For Liferay PaaS projects, as usual, a new Elasticsearch image will be provided under Liferay Cloud’s Docker Hub account.

As it was first highlighted in the Release Notes of 2024.Q3, per Elastic’s product lifecycle, Elasticsearch 7.17.x versions are supported and maintained until Elasticsearch version 9 is released.

While Elastic does not provide specific release dates for future releases, for Elasticsearch 9.0.0, the new release is anticipated in early calendar year 2025.

Compatibility with Elasticsearch 8 is available on Liferay DXP 7.4 U81+: Operating Liferay 7.4 GA/Update 81+ with Elasticsearch 8 - Liferay.

Note: The Elasticsearch 8.x compatibility is provided through the bundled Elasticsearch 7 connector and the REST API Compatibility of Elasticsearch 8.

We added External Reference Codes for references in widget configurations in Content Management applications. This helps promote data integrity when pages and their widgets are migrated across environments.

Highlights:

References within the following page widgets now use ERC’s instead of internal ID’s:

• Announcements
• Web Content Display
• Category Filters
• Questions

We added External Reference Codes for Categories and Tags and their associated API’s, improving their portability for data migration scenarios.

Highlights: 

• Users can now perform CRUD operations using a Tag’s ERC through its headless API (Keyword)

• Users can now perform CRUD operations using a Category’s ERC through its headless API (TaxonomyCategory)

We added several API endpoints for Documents & Media to improve programmatic management of these entities.

Highlights:

• Users can now add, delete, and retrieve document types via headless API (DocumentDataDefinitionType)

• Users can now add, delete, and retrieve document metadata sets via headless API (DocumentMetadataSet)

Implemented proactive access token management with automated email notifications. Users will now receive alerts 1 month, 10 days, and 1 day prior to token expiration, allowing for timely renewal and preventing service disruptions. Notifications are automatically cancelled if a new token is generated.

Key benefits:

• Users are notified before token expiration, allowing for timely renewal and uninterrupted access.

• Reducing administrative overhead, as automated notifications eliminate the need for manual monitoring and intervention.

• By prompting timely renewals, the risk of using expired and potentially compromised tokens is minimized.

The SSL Certificate Management view now provides expiration alerts for certificates nearing expiration (e.g., within 30 days) and those that have already expired. Certificates must now be defined exclusively through the LCP.json file, simplifying management and ensuring consistency across deployments. This update reduces manual errors and ensures secure and uninterrupted deployments.

Highlights:

• Expiration Alerts: Notifications for certificates nearing expiration and those already expired, with clear visual indicators.

• Exclusive LCP.json Configuration: Certificates can only be defined through the LCP.json file.

• Improved Visibility: Organized list view showing certificate names, types, associated domains, and expiration dates.

• Proactive Management: Tools and alerts to help users maintain secure SSL/TLS configurations.

The vendor has deprecated OpenSSO/OpenAM, so there's no reason for us to keep it. The alternative, which is PingAM can be integrated using our existing OpenID connector or SAML Authentication.

Data imports, using batch engine, now allows users to preserve content creator information (if required). Previously, imported content with batch was always assigned the user performing the import, resulting in loss of original authorship data when moving content. This update ensures accurate attribution of content ownership (if required).

Key benefits:

• Able to keep critical user information during data promotion between environments

• Can be configured separately per import process

The two separate option menus currently displayed in the Web Content Display widget have been merged into a single, consolidated dropdown menu for content creators. This new menu will improve the user experience by reducing confusion and unnecessary clicks, ensuring all relevant widget actions (e.g., Hide Widget, Duplicate, Export/Import, etc.) are easily accessible.

This set of improvements aims to simplify the manual work users must do to resolve conflicts when publishing a publication. Now, instead of raising a conflict to be resolved manually by the user, the system will try to overwrite conflicting changes in production with the modifications done in the publication, meaning that the Modification and Modification deletion conflict types won’t be presented for the user anymore.

In the case of a Deletion modification conflict, the system won’t resolve it automatically, but now it makes it easier to keep the modifications made in the publication. In the Conflicting changes screen, we added a button with the option to "Restore in Production" for conflicts in which the asset was deleted from production and is now in the Recycle bin.

Key benefits:

• Reduce the amount of manual work by automatically solving most of the conflicts.

• Improve user satisfaction and reliability on publications by ensuring that assets supported by Recycle Bin can be quickly restored, avoiding requiring the user to discard needed changes.

Provided an option to turn the “Out-of-date” feature on/off. When turned on (the default behavior before this release), ongoing publications created in previous Liferay versions were labeled as “Out-of-date” after the upgrade and could not be modified or published. This feature is now off by default, and users can publish these publications without Liferay support.

Key benefit:

Increase manageability over publications and the ability to publish any previous modification, including after Liferay upgrades.

Improved keyboard navigation and column resizing for Miller columns. Users can now navigate between columns both horizontally (deeper levels) and vertically (same level) using the keyboard. Column widths are also responsive, adapting to different screen sizes.

Added logging to indicate the completion of fragment deployments via the deploy folder. This provides better visibility into the deployment process and allows for tracking deployment duration.

There are some advantages of including a message like that, for example:

• Count the duration of a deployment
• See the fragment progress deployment until it is deployed.

Liferay Cloud now provides CI/CD support for Client Extensions on Liferay PaaS. Developers can integrate Client Extensions into their Git-based CI/CD pipelines, ensuring automatic builds and deployments alongside core Liferay services. This update enables automated validation, independent deployments, and faster release cycles for Client Extensions.

Highlights:

• Dedicated CI/CD Pipeline: Separate build pipeline for Client Extensions to prevent conflicts with core Liferay services.

• Automated Builds: Every commit triggers a new Client Extensions build, packaged as a LUFFA archive.

• Independent Deployments: Client Extensions builds deploy separately, improving release flexibility.

• Seamless Integration: Works with existing Git-based workflows on Liferay PaaS.

• Zero Downtime Deployments: Deploy client extensions without affecting the main Liferay service.

Until now, there was no way in batch engine to export and import object entries and their permissions simultaneously. This new capability allows users to do that, streamlining workflows and reducing manual effort.

Key benefits:

• Execution in only one call.

• Possibility for users to choose to take into account (or not) permissions with object entries.

Default View and Download permissions for documents have been adjusted to match the behavior prior to the changes introduced in LPD-16744, restoring the expected user experience.

Highlights: 

• The View and Download permissions will be linked by default when uploading documents through the single and multiple file uploaders

• The Permissions configuration UI is improved so users can more easily recognize that the View and Download permissions are separate permissions

• The Download permission is now automatically included when a user shares a document and assigns permissions

The updated Clay chart colour palette improves accessibility and usability by creating more contrast and adding more variations. Now users can easily distinguish charts, icons, and field sets, reducing confusion and improving clarity.
 

Key benefits:

• Now we have more design flexibility for Liferay’s current and future products.

• Accessible and distinguishable colours that will improve and unify the platform usability and UI.

This feature allows warehouse managers to define granular eligibility rules for accounts and account groups to access specific warehouses. This enables fine-grained control over which customers can see and purchase inventory from which warehouses.

Key benefits:

1. Improved Inventory Management:

• Prevent unauthorized access to inventory data.

• Strategically control product visibility based on inventory quantities and stock levels.

• Optimize inventory allocation across customer segments.

2. Enhanced Customer Experience:

• Provide a more relevant and personalized shopping experience.

• Improve customer satisfaction by prioritizing access for key customer segments.

3. Increased Revenue:

• Generate higher revenue from valuable customer segments by prioritizing their access to inventory.

4. Reduced Lost Sales:

• Minimize lost sales due to stockouts by limiting product visibility for certain customer groups.

This enhancement introduces configurable default permissions for newly created pages. Admins can set these permissions at both the instance and site levels. Instance-level settings are managed in a new Instance Settings panel, while site-specific overrides can be configured in the Site Configuration area.

We’ve introduced robust Content Security Policy (CSP) capabilities to enhance the security of your digital experience platform. This feature supports eight key directives, including script-src and style-src among others, ensuring secure handling of scripts, styles, images, and more. By leveraging these directives, developers can mitigate cross-site scripting (XSS) attacks and data injection risks. The CSP implementation aligns with modern web security standards, offering both flexibility and protection. Administrators can now enforce stricter security policies without compromising functionality.

Key benefits:

• Enhanced Security: Mitigates risks of XSS and data injection attacks by controlling resource loading and execution.

• Compliance-Friendly: Aligns with industry-standard security requirements, supporting stricter compliance protocols.

• Customizable Policies: Allows developers to tailor CSP directives to meet specific project or organizational needs.

• Improved Trust: Strengthens end-user trust by providing a more secure and reliable platform experience.

Introducing new key improvements to the B2B Guest Checkout experience, enhancing the overall user journey and providing greater flexibility for both new and returning customers.

Guests now have the option to sign in or sign up during the checkout process, directly from the mini-cart. Once logged in, users can either select an existing account or create a new one, ensuring that they can move through the purchase flow smoothly without disruptions. Upon setting the account, guests, now logged-in users, will be redirected to the checkout, making the transition to completing the purchase seamless.

Additionally, if a guest decides to sign in without necessarily checking out, the guest cart will now be merged with their account after logging in. This ensures that any items added to the cart during the guest session are retained when they sign in or select an existing account, improving the continuity and experience for returning users.

Key benefits:

1. Enhanced User Experience: By allowing guests to sign in or create an account directly from the mini-cart, we provide a more intuitive and streamlined checkout process. Guests can complete their purchase with minimal steps, reducing friction and abandonment rates.

2. Cart Persistence: The ability to merge guest carts ensures that items are not lost when guests decide to sign in or register. This improves convenience for returning users and supports a smoother transition between sessions.

Official release of Liferay Data Sets, moving from Beta to Release! Data Sets are a powerful and flexible way to retrieve, manage, visualize, and interact with structured data in Liferay DXP. Built on top of Objects and leveraging Liferay’s robust ecosystem, Data Sets exemplify the “build Liferay with Liferay” philosophy. With seamless integration with compatible Headless APIs, administrators can easily configure Data Sets and empower end-users with a rich, customizable experience for consuming and interacting with data.

Key benefits:

• Retrieve Data: Fetch information from any compatible Headless API to use as a Data Set source.

• Manage Flexibility: Administrators can customize what parts of the API response are included, along with filters, sorting options, and available actions.

• Visualize Data: Multiple visualization options make it easier than ever for end-users to consume data meaningfully.

• Enable Interaction: End-users can interact dynamically with data using the filters, actions, and tools configured by administrators.

To ensure the quality, stability, and modernity of Liferay DXP, we've updated to React 18, bringing significant benefits in security, performance, and compatibility. This update is critical to maintaining DXP's status as a robust and future-proof platform.

Key benefits:

• Security Enhancements: Older library versions can expose vulnerabilities. Upgrading to React 18 mitigates these risks by incorporating the latest security patches.

• Performance Improvements: React 18 introduces features like concurrent rendering, which enhances responsiveness and load handling for better user experiences.

• Enhanced Compatibility: Upgrading ensures DXP aligns with modern tools and frameworks, minimizing integration challenges and future-proofing our development processes.

• Continued Support: Staying current with React’s ecosystem ensures ongoing access to community updates, bug fixes, and innovations.