Release Notes

9.0 Release Notes

DSpace 9.0 is a major release of the DSpace platform.  It provides new features and improvements, along with bug fixes.  You should be aware that all major releases may provide some "breaking changes" (major changes that may impact your local customizations).

Security Fixes

• Fix possible "Zip Slip" in SWORDv2 ingest process. This potential issue was found via an automated code scan and no exploit has been confirmed. See #10725
• This release also includes many dependency updates in order to keep all DSpace sites secure. Some of these updates patch vulnerabilities that have been reported by those dependencies. But no exploits of these vulnerabilities has been confirmed in DSpace.

New User Features

• OpenAlex integration. DSpace now supports importing content (on MyDSpace) from OpenAlex.org.  The Publication Claim feature also now supports importing a Publications related to a Researcher Profiles, provided that the profile has an OpenAlex ID.  Additional screenshots & examples at #10433 (Donated by 4Science and University of Cambridge with additional funding from the Vietsch Foundation)
• Support for tracking usage statistics via Matomo (a Google Analytics alternative). DSpace can now integrate with Matomo Analytics, in order to track usage statistics, search statistics and downloads. This requires an existing Matomo account or instance.  See screenshots at #10435 (Donated by 4Science with additional funding from University of Maryland )
• ORCID Login flow is improved. Users logging in via ORCID can now merge their ORCID login with an existing DSpace login.  Users can also login via ORCID without sharing their email from their ORCID account to DSpace.  See #9849 for more details (Donated by 4Science and Lyrasis with additional funding from ORCID's Global Participation Fund)
• Support for SAML authentication. DSpace now includes a SAML Authentication Plugin, which can be configured to allow your DSpace site to use an external SAML IdP. See also #9470 and #9438 for more details (Donated by DSpaceDirect)
• Request a Copy now supports sending a secure download link for larger files.  Files under a (configurable) size threshold are still attached in requests.  But, larger files now send a secure (auto-expiring) link to allow the requester to download the file.  See also #3984 (Donated by The Library Code)
• ALTCHA captcha protection is now supported.  At this time, ALTCHA is only used by the (updated) Request a Copy feature.  It may be extended to other features in the future.  See CAPTCHA Verification. (Donated by The Library Code)
• Embargo release dates for embargoed files are now displayed on Item page. The user interface includes a new "showAccessStatuses" configuration for bitstreams on the Item page.  When enabled, any embargoed files will show a "badge" next to the file name on the Item page. This badge will display the date the embargo ends. Screenshots can be found in the comments of #3882 (Donated by Université Laval)
• Support for Geospatial maps, including browsing and searching. If any Items/Entities include geospatial data in the "dcterms.spatial" metadata field (or similar), then new "geospatialMapViewer" settings now provide ways to interact with this data via maps. This includes options to display a map of the location on the Item page, view search results on a map, or browse geospatial data via a map. See #3540 (Donated by The Library Code)
• The default tab on Community/Collection pages is now configurable. By default it will still be the "Search" tab, but it can be modified using the new "defaultBrowseTab" setting under the "community" or "collection" configurations in your config.*.yml. See also #3164 (Donated by Abel Gomez)
• The "Edit Item → Metadata" tab now supports a dropdown for "dspace.entity.type" field. In previous versions, this field was free-text, but now only valid Entity types can be selected.  Metadata field code was also refactored on this page. See #3722 (Donated by Atmire)
• Health page now includes an "SEO" validation check. A basic check of your DSpace site's Search Engine Optimization is now available on your Health page (/health) in the Admin sidebar.  This SEO report checks that your sitemap is visible, your robots.txt is visible and that you have SSR (Server Side Rendering) enabled. #10485 (Donated by Atmire)
• Accessibility Settings are customizable by users. Basic accessibility settings like Notification (popup) timeouts and ARIA Live Region timeouts can now be customized by each user of your site via the "Accessibility Settings" link in the footer.  This allows users more control over how long confirmation and error messages are displayed. (Donated by Atmire)
• CSV Export from Admin Report.  The Administrator Reports (Beta feature) now supports CSV export.  After running a report, next to the results is export button that allows you to export those results to a CSV.  See  #4071 (Donated by Université Laval)
• Bitstream Storage (assetstore) now supports Apache JClouds, supporting many cloud providers. See Configuring JCloudstore for Asset Storage documentation and #9915 (Donated by Atmire)
• Creative Commons license display now uses the backend configuration. The existing "cc.license.name" and "cc.license.url" configurations on the backend are now used by the frontend to determine which metadata field(s) to use for display of the CC license on the Item page. See #3165 (Donated by Abel Gomez)

Breaking Changes

The following major changes may negatively impact or "break" your local customizations to prior versions of DSpace.  Please be aware of them before upgrading.

• Migration from Yarn to NPM. The DSpace User Interface MUST now be built using "npm" commands instead of "yarn".  In most situations the command is the same with "npm" replacing "yarn". All DSpace documentation, including the Upgrading DSpace and Installing DSpace guides now provide the appropriate "npm" commands. Yarn can be uninstalled completely as it is no longer necessary. #3173 (Donated by Alan Orth)
• Frontend configuration "ssr > paths" has been replaced by "ssr > excludePathPatterns".  In DSpace 7.6.3 and 8.1, it was possible to only enable SSR (server-side rendering) for specific User Interface paths (configured by the "ssr > paths" configuration in your "config.*.yml" file.  This setting has been replaced by the inverse configuration, which allows you to exclude specific paths from SSR.  See "excludePathPatterns" in the "ssr" section of the User Interface Configuration and #4227 (Donated by 4Science)
  • This change was necessary to fix an SEO bug where error pages and Handle redirects would return "200 OK" responses when the prior configuration ("ssr > paths") was used.  See #4132 and #4042
• HTML Templates now require "Control Flow" syntax. The user interface now uses Angular Control Flow syntax in all HTML Templates ("*.component.html" files).  This means that all usages of "ngIf" and "ngFor" are now replaced with their equivalent "control flow" syntax (e.g. "@if" and "@for").  This may impact your site during your upgrade if you've customized the HTML of DSpace (either in the source code directly or in custom themes). During your upgrade you will need to migrate your custom HTML files to use "control flow" syntax. You may be able to perform this migration via automated migration tools provided by Angular.  See #3997 (Donated by 4Science) 
• Bootstrap 5 is now used by all themes.  As Bootstrap 4 is now end-of-life, all DSpace themes (including default) have been updated to use Bootstrap 5.  If you have done custom theming, you may need to migrate your themes to Bootstrap 5.  For example changes made to DSpace themes see #3506  (Donated by Atmire)
• Apache Solr 9.x is now required on the backend. As Apache Solr version 8.x is now end-of-life, the DSpace backend now requires using Solr 9.x. See the Upgrading DSpace guide or Installing DSpace guide for more about Solr 9 requirements. #10627
• PDF Citation Cover Page has been updated to use a Thymeleaf HTML Template. If you have this feature enabled in your DSpace, you may wish to modify the default HTML template.  This template will give you more control over the look of your cover pages. (Donated by The Library Code)
• Backend Java code no longer uses "java.util.Date" or "java.util.Calendar".  This is less likely to impact most institutions, but if you've heavily customized the backend  (Java code), you may need to update any customized code that previously used java.util.Date  or java.util.Calendar to instead use the modern java.time.*  Date classes.  See #10432
• Corrected spelling of two "reinstate" configurations in dspace.cfg.  In prior versions of DSpace, two configurations had an incorrect spelling of "reinstate": "core.authorization.community-admin.item.reinstatiate" and "core.authorization.collection-admin.item.reinstatiate".  These are now correctly spelled as "core.authorization.community-admin.item.reinstate" and "core.authorization.collection-admin.item.reinstate".  If you are using these configurations in your local.cfg, you must also correct their spelling.
• (Also included in v8.1 and v7.6.3) DSpace has a new, separate command-line log file ([dspace]/log/dspace-cli.log-[date]) for logging the output/results of any scripts that are started from the command-line.  The DSpace backend web application still logs to dspace.log-[date] in the same directory.  You may need to update any local/custom log management scripts to include this new log file.
  • This change was necessary to fix a major bug where the backend webapp would sometimes stop logging if a "logrotate" was triggered. See #9832 

Major Updates and Improvements

• General user enhancements and fixes
  • Search filters now include "Access Type" filter, which allows you to filter by open access, metadata only, etc. #10434 (Donated by Paulo Graça)
  • RSS/Atom feeds are now available for search results, allowing you to subscribe to a search via RSS. #2489 (Donated by Atmire)
  • Added ability for users to reject the "Correlation ID" cookie, tracked in the backend's logs for debugging purposes. #3889 (Donated by 4Science)
  • Fixed search bug where stale data could sometimes be returned. #3888 (Donated by Atmire)
  • Fixed bug where access restricted thumbnails were not shown to users who have proper access rights. #4165 (Donated by Atmire)
  • Fixed statistics bug where "view" events could be sent twice when using scoped themes. #4099 (Donated by Atmire)
  • Fixed bug where sorting in descending order on Browse by Author may result in an error. #10519 (Donated by Toni Prieto)
• Submission / Workflow enhancements and fixes
  • Project Entities can now be imported from DataCite #9636 (Donated by Florian Gantner)
  • Fixed caching issues that could occur on MyDspace page when switching between views. #4205 (Donated by 4Science)
  • Fixed issue where search filters could disappear from MyDSpace page. #4097 (Donated by Arvo Consultores)
  • Fixed infinite loading issue that could occur on submission forms. #4060 (Donated by Atmire)
  • Fixed bug where an admin could not upload a bitstream to an item in workflow when impersonating a user. #4288 (Donated by 4Science)
  • Fixed bug where fields of type "name" in submission forms could not be deleted properly. #4073 (Donated by Atmire)
  • Improved proxy support for all external sources/APIs. All external connections should now use the DSpace Proxy Configuration. See also #10639 (Donated by 4Science)
• Administrative enhancements and fixes
  • Edit menus on all community, collection, item pages are now dropdowns. #3994 (Donated by Atmire)
  • Fixed bug where CSV import (Batch Metadata Import) was not compatible with Controlled Vocabularies. #9749 (Donated by Atmire)
  • Fixed bug where Processes page wasn't properly supporting integer parameters. #4273 (Donated by 4Science)
  • Fixed bug where list of bitstreams on "Edit Item > Bitstreams" tab would be duplicated when using pagination. #4015 (Donated by Atmire)
  • COAR Notify was not fully adhering to the "Request Endorsement" pattern supported by PCI (https://peercommunityin.org/). #10053 (Donated by Agustina Martinez)
  • Fixed issued where Collection Admins could not add new policies to bitstreams. #10688 (Donated by 4Science)
  • Fixed issued where Collection Admins could not view metadata of withdrawn items. #10668 (Donated by 4Science)
  • Fixed pagination issue with Bulk Access Control script/page which could cause duplicate policies to be created. #10697 (Donated by 4Science)
  • Fixed issue where Handles were not stored for communities & collections when `VersionedHandleIdentifierProviderWithCanonicalHandles` provider was enabled. #10240 (Donated by Atmire)
• Performance/stability improvements:
  • Limited the number of Items that can be exported at once to 500.  This limit is configurable on backend via "metadataexport.max.items" #10030 (Donated by Atmire)
  • Fixed issue where login endpoints to REST API didn't always close their database connection after login action was completed. #10598 (Donated by Atmire)
  • OpenSearch now limits its results per page to 100, though it is configurable via "websvc.opensearch.max_num_of_items_per_request" setting. #10549 (Donated by Sascha Szott)
  • Fixed performance issue with "import-loader-suggestions" script when run on a large repository. #10719 (Donated by 4Science)
  • Indexing improvements to the "index-discovery" script when your site has a larger number of relationships (between entities). #10351 (Donated by Atmire)
  • Fix bug when DSpace could fail to startup when ORCID connections failed (if ORCID is enabled). #9876 (Donated by The Library Code)
• Accessibility improvements:
  • Truncated abstracts now use ellipsis for truncation instead of fading out. #4341 (Donated by 4Science)
  • Improved screen reader accessibility for header and recent submissions. #4335 (Donated by Atmire)
  • Enhanced keyboard navigation on several pages. #4244 (Donated by eScire)
  • Fixed small screen display issues in footer and full item page. #4218 (Donated by Jesiel Viana)
• OpenAIRE v4 compliance improvements to both the OpenAIRE submission forms and the OAI-PMH "oai_openaire" metadata format. #10128 (Built by Atmire, funded from Ireland's National Open Research Forum (NORF) under the 2022 Open Research Fund))
• Klaro cookie settings popup was replaced with Orejime.  Orejime provides better accessibility and is better maintained. #2718 (Donated by 4Science)
• OAI-PMH templating has moved from using JTwig to Thymeleaf.  This also fixes errors thrown by the root page (/server/oai) since 8.x. See #10563 (Donated by Kim Shepherd)
• Includes all bug fixes and accessibility fixes also included in the 8.1 release.
• Fixed a large number of other small bugs.  See Changes in 9.x for a list of all changes.
• Major dependency updates: Frontend updated to Angular 18 and Bootstrap 5. (Both donated by Atmire)

New/Updated Language support

• Catalan (Català) language updates donated by Toni Prieto
• French (Français) language updates donated by Pierre Lasou (pilasou) and Carolyn Sullivan (Peredwel)
• German (Deutsch) language updates donated by The Library Code
• Hindi (हिंदी) language updates donated by DSquare Technologies
• Polish (Polski) language updates donated by PCG Academia
• Portuguese (Português) language updates donated by Ricardo Saraiva (rsaraivac) and Paulo Graça (paulo-graca)

9.0 Acknowledgments

DSpace 9.0 had ____ lines of code changed and 89 unique individuals contributing to either the frontend or backend.

Frontend / User Interface Acknowledgments

The following 66 individuals have contributed directly to the new DSpace (Angular) User Interface in this release (ordered by number of GitHub commits): Alexandre Vryghem (alexandrevryghem), Andreas Awouters (AAwouters), Tim Donohue (tdonohue), Francesco Molinaro (FrancescoMolinaro), Sascha Szott (saschaszott), Andrea Barbasso (AndreaBarbasso), Kim Shepherd (kshepherd), Andrea Guevara (Andrea-Guevara), Alan Orth (alanorth), Jens Vannerum (jensvannerum), Giuseppe Digilio (atarix83), Yana De Pauw (YanaDePauw), Pierre Lasou (pilasou), Milan Majchrak (milanmajchrak), Alisa Ismailati (alisaismailati), Vincenzo Mecca (vins01-4science), Dan Gastardelli (DanGastardelli), Abel Gómez (abelgomez), Art Lowel (artlowel), Yury Bondarenko (ybnd), Adamo Fapohunda (AdamF42), Ricardo Saraiva (rsaraivac), Simone Ramundi (Simone-Ramundi), Michał Dykas (michdyk), Toni Prieto (toniprieto), Victor Hugo Duran Santiago (VictorHugoDuranS), Paulo Graça (paulo-graca), Nicolas Boulay (nibou230), Emmanuel Pastor (pastr), Jesiel Viana (jesielviana), Zahraa Chreim (ZahraaChreim-Atmire), Julia Gilmore (alphapetjg), Kristof De Langhe (Atmire-Kristof),  Igor Baptista (IgorBaptist4), Krzysztof Kubiak (pcg-kk), Koen Pauwels (KoenP), Joran De Braekeleer (gingyx), Zoltán Kanász-Nagy (kanasznagyzoltan), Mohana Sarmiento (msarmie), Yannick Paulsen (YPaulsen-TLC), Lotte Hofstede (LotteHofstede), Nicholas Woodward (nwoodward), Arta Seyedian (aseyedia), Elvi Nemiz (eulereadgbe), Miika Nurminen (minurmin), Oscar Chacón (oscar-escire), Sergio Fernández Celorio (sergius02), Vladzislav Novski (vNovski), Alfeu Tavares (autavares-dev), Gaurav Patel (GauravD2t), Agustina Martinez (amgciadev), Bridget Almas (balmas), Carolyn Sullivan (Peredwel), Florian Gantner (floriangantner), Michael Spalti (mspalti), Mohamed Ali (mohamedali654321), Nima Behfourouz (nimabehforouz), Nona Luypaert (nona-luypaert), Abhinav Sidharthan (AbhinavS96), Jean-François Morin (jeffmorin), Christian Clauss (cclauss), Drew Heles (dheles), Mattia Vianelli (Sondissimo), Nathan Buckingham (ConfusionOrb221), Ray Lee (ray-lee), Escalante Guillermo (guillermo2519).

The above contributor list was determined based on contributions to the "dspace-angular" project in GitHub between 8.0 (after June 21, 2024) and 9.0 using "git shortlog" on the main branch and excluding all merge commits: 
git shortlog -s -n -e --no-merges --since 2024-06-21

Backend / REST API Acknowledgments

The following 58 individuals have contributed directly to the DSpace backend (REST API, Java API, OAI-PMH, etc) in this release (ordered by number of commits): Tim Donohue (tdonohue), Kim Shepherd (kshepherd), Sascha Szott (saschaszott), Adamo Fapohunda (AdamF42), Vincenzo Mecca (vins01-4science), Jens Vannerum (jensvannerum), Mark Wood (mwoodiupui), Giuseppe Digilio (atarix83), Nona Luypaert (nona-luypaert), Ray Lee (ray-lee), Stefano Maffei (steph-ieffam), Agustina Martinez (amgciadev), Nathan Buckingham (ConfusionOrb221), Florian Gantner (floriangantner), Kristof De Langhe (Atmire-Kristof), Toni Prieto (toniprieto), Nicolas Boulay (nibou230), Alfeu Tavares (autavares-dev), Igor Baptista (IgorBaptist4), Andrei Alesik (AndrewAlesik), Elios Buzo, Alphonse Bendt (abendt), Paulo Graça (paulo-graca), Jukka Lipka (jlipka), Mark Diggory (mdiggory), Alexandre Vryghem (alexandrevryghem), Christian Clauss (cclauss), Marie Verdonck (MarieVerdonck), Michele Boychuk (Micheleboychuk), Jesiel Viana (jesielviana), Mikhail Schastlivtsev (schastlivcev), Pierre Lasou (pilasou), Yury Bondarenko (ybnd), Bram Luyten (bram-atmire), Brian Keese (bkeese), Eike Löhden (Leano1998), Kevin Van de Velde (KevinVdV), Koen Pauwels (KoenP), Oscar Chacón (oscar-escire), Mohamed Eskander (eskander17), Nicholas Woodward (nwoodward), Alan Orth (alanorth), Chris Wilper (cwilper), David Steelman (dsteelma-umd), Mark Cooper (mark-cooper), Pascal-Nicolas Becker (pnbecker), Yana De Pauw (YanaDePauw), James Sullivan (jameswsullivan), Abel Gómez (abelgomez), Andreas Awouters (AAwouters), Drew Heles (dheles), Martin Walk (MW3000), Mattia Vianelli (Sondissimo), Piaget Bouaka Donfack (PiagetBouaka), Zahraa Chreim (ZahraaChreim-Atmire), Abhinav Sidharthan (AbhinavS96), Jean-François Morin (jeffmorin), Max Nuding (hutattedonmyarm).

The above contributor list was determined based on contributions to the "DSpace" project in GitHub between 8.0 (after June 21, 2024) and 9.0 using "git shortlog" on the main branch and excluding all merge commits: 
git shortlog -s -n -e --no-merges --since 2024-06-21

Additional Thanks

Additional thanks to our DSpace Leadership Group and DSpace Steering Group for their ongoing DSpace support and advice.

Thanks also to the various developer & community Working Groups who have worked diligently to help make DSpace 9 a reality. These include:

• DSpace Developers Team - This volunteer-based team leads the development of new releases. Anyone is welcome to join the Developer Meetings
• DSpace Community Advisory Team (DCAT) - This team helped organize/lead the DSpace 9.0 Testathon (to bang on the system to find any last bugs), and they also provided us with advice on features, etc.

We apologize to any contributor accidentally left off this list. DSpace has such a large, active development community that we sometimes lose track of all our contributors. Acknowledgments to those left off will be made in future releases.