]po[ V5.0.Beta5 (5.0.2.4.0) Released
Dear All,
The ]po[ core team has just released ]po[ V5.0.2.4
as a VMware image and as installers for Windows
and Linux (CentOS, Ubuntu and Debian).
http://www.project-open.net/en/list-installers
This release is very close to the final release of V5.0.
We will still wait a little longer, but this is due to
marketing and PR reasons rather then due to the
product.
Since V5.0.2.3 (beta 4) we have fixed more than 100
bugs. There are still some known issues around, but
these are not critical anymore and will be fixed in the
upcoming weeks. There are about 20 customers
running ]po[ V5.0 in production already.
Updates from earlier versions of V5.0 are supported
for free and semi-automatically by updating the ]po[
product via an "upgrade installer" or CVS. Please see
below for upgrades from V4.x or earlier.
What's New? HTML5 Sencha ExtJS!
The biggest change in V5.0 is the use of the Sencha
ExtJS HTML5 library in order to create interactive
one-page applications. Apart from supporting the new
usage scenarios (Gantt Editor, Portfolio Planner)
this techology allows you to customize ]po[ without
the need to learn TCL. So any experienced front-end
developer will be able to modify and add functionality.
We have started to write up tutorials for you to
encourage customization:
http://www.project-open.com/en/tutorial-sencha-ajax-portlets
http://www.project-open.com/en/tutorial-building-sencha-touch-applications
Please contact us directly if you are interested in
learning Sencha ExtJS. We are prepare a number of
free tutorials via GoToMeeting.
Upgrades Not Free Anymore
As announced in the forum, we have changed our
policy towards semiautomatic updates of ]po[.
In the past, you could just update the source code
of ]po[ and execute a number of "upgrade scripts"
to update the data-model without loosing any data
or configuration.
From V5.0 on, these upgrade scripts require a CVS
account which is tied to a support contract or an
active partner role.
https://sourceforge.net/p/project-open/discussion/295937/thread/1bd5743a/
Please contact us if you plan to upgrade your system
or the system of your customers. We'll provide free
accounts to partners who participate actively in the
development of ]po[, report bugs, contribute patches,
translate the system, publish articles etc. However,
we will ask for a monetary contribution (a support
contract) from everybody else.
Best Regards,
Frank.
==============================================================
V5.0 Changes
==============================================================
]project-open[ V5.0 include several major new packages:
- Gantt Editor:
A HTML5 editor for Gantt charts, similar to MS-Project,
ProjectLibre and GanttProject, but currently without
critcial path scheduling.
- Task Management:
A HTML5 display that shows the tasks assigned to a user
in green, yellow or red, depending on execution status of
the tasks.
- Charts and Diagrams:
V5.0 includes several new HTML5 charts and diagrams for
visualizing statistics and performance indicators.
- Portfolio Planner:
A HTML5 editor and scenario planner for project portfolios
similar to the Gantt Editor, allowing to simulate the
resource load of the assigned users and their departments.
- Project Scoring:
This package standardizes the assignment of scores (for
example: strategic importance, customer relatednesss etc.)
based on a survey with predefined questions.
- Project Earned Value Diagram:
Shows graphically planned work (from the Gantt diagram) vs.
actual progress (% done) vs. logged hours. Currently only
shows numbers based on hours.
- Project Milestone "Slip" Tracker:
This diagram shows graphically the slip of project
milestones.
Platform Changes
- PostgreSQL Database:
V5.0 supports PG 9.2 or higher.
- Application Server:
V5.0 supports NaviServer 4.99.8.
- OpenACS Community System:
V5.0 is now based on OpenACS 5.9
- VMware Linux Version:
V5.0 is based on CentOS 7.
- HTML5 Libraries:
The HTML5 libraries Sencha ExtJS 4.2.1 and Sencha Touch 2.4.2
are now part of the core architecture.
These changes are the reason for the release of a major version,
meaning that upgrades from previous versions are not automatic.
Please see the V4.0 -> V5.0 upgrade instructions for details.
Performance
- Update to PostgreSQL 9.x and NaviServer 4.99:
The update increases performance by up to 50% in
typcial application scenarios.
- Optimizations for 40.000 Users:
We have optimized a number of pages in order to deal
with large numbers of customers and customer contacts
- Filter options for large organizations:
Most pages now contain filter options suitable for
organizations with 5.000 active users.
Security
- Polito Inc., a Virginia based cyber security company
has tested ]po[ V5.0 before using it internally and
found "no significant vulnerabilities".
- OpenACS 5.9 incorporates several important security
improvements.
- Improved the built-in IDS (Intrusion Detection System)
of ]po[
- Fixed header injection issue in redirect code
- Fixed a security issue in the 2nd tier defense in
util_memoize
Other
- We never officially released ]po[ V4.1 (please see below),
so please continue to read for additional changes.
==============================================================
V4.1 Changes
==============================================================
]project-open[ V4.1 is mainly a bug fix release with gradual
improvements thanks to several large customer implantation
projects.
New Packages
- Mobile Timesheet Logging (experimental):
A Sencha client for mobile devices (issues on Android?).
- Rule Engine:
Allows you to define actions that are executed once a value
of a project, a task or any other business object (future)
changes or reaches a certain value.
For example, a task reaching 100% could trigger a notification
email to the project manager.
- CRM Opportunity Tracking:
This package maintains a list of opportunities during the
qualification and sales cycle (sales pipeline).
- Periodic Invoicing (experimental):
This new package introduces the notion of a "service contract"
with certain parameters including a monthly fee, a number of
free service hours and the price per additional service hour.
A (semi-) automatic invoicing functionality allows to process
many service contracts in "batch mode".
- Events & Training Management:
This new package is now running in production with one
customer. It consists of a new business object "event"
that handles resource allocation using a calendar view.
Important Features
- GUI:
Added sub-menus to main tabs - still accepting comments
- Absences:
Automatically maintaining groups per office in order to allow
for bank holidays per office. These bank holidays enter into
the resource management calculation algorithm.
New Experimental Functionality
- Cloud Backup:
A new experimental feature allows you to perform backups
from your on-premise Windows or Linux installation to a
]project-open[ backup server. In case of an accident we
will offer you the option to "resurrect" your machine as
a SaaS hosted machine within 24 hours.
This is an experimental service. Please let us know if
you are interested, in exchange of two years free service.
We plan to price this "Cloud Backup" service at EUR 10
per month with standard SaaS charges in case of a restore.
- Project Membership based on Groups:
A new feature allows you to add groups as "members" to
a project, company or other business object. This allows
some customers to streamline permission assignment.
- Fast-Track Customer Contact Adding:
We have included a new option to enter CRM customer
contacts + companies including a duplicate check based
of fuzzy full-text search.
Bugs Fixed
- Timesheet Approval Workflow
- Localization:
Fixed various non-translatable strings
- Auto-Login:
Fixed behaviour for automatic login from emails sent
out by the forum and mailing functionalities.
Performance
- A large customer with 40.000 users served as a base
for a number of performance enhancements that have
become part of the product.
Small Stuff
- CRM Mass-Mailing functionality:
You can now send thousands of personalized emails
messages to customers of other groups.
- Helpdesk:
Priority changes now send out better notifications mails.
- New reports:
Which??
- Fixed Resource Management:
- New report(?)
- Task Management:
]po[ now allows a user to delete a task in a project, if
there are no financial items related to the task.
- Workflow Vacation Handling:
Users can now specific their replacement when creating a
new absence. The absence replacement has the right to
process workflow approvals for the absent person during the
vacation period.
Security
- A scurity testing company performed a one week testing on ]po[
and found no major issue. However, there were several minor
issues that were fixed in ]po[ V4.1:
- Header Injection
- Redirect
- SQL injection in the category administration section.
This bug would have been serious. However, the affected pages
are only accessible to the system adminstrator who has the
right to perform arbitrary SQL statements anyway.
- "util_memoize" Issues:
]po[ contains a two-layered protection against SQL injection
attacks. Issues in the use of util_memoize broke the database
layer in several pages. However, the second "ad_page_contract"
layer prevented actual exploits.
- Improved IDS (Intrusion Detection System):
]po[ now includes a series of "sensors" and an integrated
reporting functionality to detect unusual activities in the
system.
2017-11-02