Dear all,
I am pleased to announce the release of djehuty v25.3.
The March release of 2025 consists of 57 commits made by 2 authors.
This release contains various bugfixes, minor UI revisions, minor feature updates, and contains the foundation for an extra security layer to prevent cross-site scripting vulnerabilities.
The release date slipped a couple of days because yours truly wanted to give last-minute changes a little bit of time to make sure no regressions occurred before formalizing the release.
New features
- Implement API endpoints for reviewers (1de7f6808, 038e931b9, 2f5963553).
- Report number of search results in the /v2/articles/search endpoint. (a8917a837).
- Add 'SoftwareSourceCode' to RO-Crate output (79cf0b32a).
UI revisions
- Revise the “Cite” and “Collect” buttons on landing pages (b0b9dbd1f).
- Remove the need for a “save URL” button in the dataset metadata form (a853085c9).
- Revise the versions drop-down menu on landing pages (e5b89ce23).
- Fix tile scaling on the main page for different zoom levels (7a30bfa47).
Security
- Addressed a Cross-Site-Scripting vulnerability in the search functionality (40b12a559).
- Only display e-mail address of authors to the creators of such records. (05a56fa18).
Bugfixes
- Fix author ordering for collections. (244017a01).
- Fix bug in cached responses in the IIIF Image API implementation (88d68c787).
- Fix bug with proportional scaling in the IIIF Image API implementation (05d5c7a85).
- Fix various bugs with rendering HTML entities and tags. (d3667ed8b, 3b19d7de8, 08e4fc77a, 3a1f3dde5).
- Avoid a divide-by-zero situation with quota usage calculation (cefde15dd).
- Fix creating datasets with repeated fields using the v2 API (74fe025db, 87127c1f8).
- Fix setting default fields when creating a dataset using the API (7f183389d).
- Fix returning Git statistics for empty Git repositories (be3630a63, 2cffe955a, c3227a768).
Technical debt
- Work towards a stricter Content-Security-Policy by avoiding inline use of style attributes, script elements, and event handlers (b862fdf3d, 18b3bbe3e, f08542ecb, 1c248a1e2, 99cf348f8, 7524bbbd2, 4d6696335).
- Avoid hard-coded versions in the documentation for the RPM download links (21be87dc0).
- Avoid repetitive text in the documentation by using macros (088f8a13c, f3dc9c8cd).
- Build Docker images with C development libraries to work around “xmlsec” build issues. (2c03cb3cb).
Kind regards,
Roel Janssen
Senior Software Engineer at 4TU.ResearchData.
