INC-153223 · Issue 613703
DSS added to set Cassandra query page size limit
Resolved in Pega Version 8.4.4
When a site with a large number of nodes captured responses to the commit log, it was possible for nodes run out of heap space and cause system instability. This was due to the Cassandra query not having a specified page size, so the cluster-wide default setting of 5000 created an issue for large sites which could have over 150 nodes capturing responses. This has been resolved by specifying the page size on the Cassandra query that used to read responses from the commit log. This value will be set dynamically with a DSS to not read more than n responses from all shards combined in a single batch.
INC-154128 · Issue 614295
High thread contention in StrategySSAProgram resolved
Resolved in Pega Version 8.4.4
While Running inbound campaigns during peak times, high contention was observed around "threadSafeWrite" and "threadSafeRead". To resolve this and improve performance, the code around handling write locks has been updated.
INC-154889 · Issue 617191
Corrected export of zero value as '0E-9'
Resolved in Pega Version 8.4.4
File Data Set was exporting properties such as pxPriority and pyPropensity as '0E-9' if the value was 0.00000 . This has been corrected.
INC-155822 · Issue 618268
Locking added to avoid Null pointer exception for auto-populate property
Resolved in Pega Version 8.4.4
After configuring the auto populate property "OrgProduct" which referred to a data page, the system experiencing heavy load led to the property not getting properly initialized. This resulted in a WrongModeException and NullPointerException. To resolve this, the system has been updated to lock the requestor when Queue Processors execute their activity. This will prevent race conditions and concurrent modifications if other threads are accessing the same requestor.
INC-157097 · Issue 619995
REGEX In Expression Builder matches runtime values
Resolved in Pega Version 8.4.4
An expression builder statement was evaluating differently at runtime vs at testing. This was traced to a difference in escape character handling between old legacy code and the new strategy runtime engine, and has been resolved by ensuring the strategy runtime engine is supporting escape character use cases.
INC-157194 · Issue 620152
CheckRevisionDeployment requires authentication
Resolved in Pega Version 8.4.4
Authentication has been added to the CheckRevisionDeployment service package.
INC-137874 · Issue 599131
Cross-site scripting update for Dev Studio
Resolved in Pega Version 8.4.4
Cross Site Scripting (XSS) protections have been added to Developer Studio.
INC-140224 · Issue 604006
Corrected SAML SSO error
Resolved in Pega Version 8.4.4
After opening a case from the Pega-FCM portal or after logging in from SSO, closing the Pega window and opening it again resulted in the error "Unable to process the SAML WebSSO request : Violation of PRIMARY KEY constraint %27pr_data_saml_requestor_PK%27. Cannot insert duplicate key in object". This was a missed use case that happens only under the old SAML configuration, and has been resolved by removing a when condition that checks for stepstatus fail for the pySAMLwebSSOAuthentication activity.
INC-141595 · Issue 602715
CSRF and Browser fingerprint tokens added for testing custom scripts
Resolved in Pega Version 8.4.4
After upgrade, the test window appeared blank when attempting to test Decision Table rules. This was traced to there not being CSRF token and Browser fingerprint handling in the custom script used to show a prompt screen to the user. Because the CSRF token validation was missing, the request failed. To resolve this, CSRF and Browser fingerprint tokens have been added as hidden fields.
INC-141940 · Issue 601543
Revoke Access Token check removed from OAuth Client Registration
Resolved in Pega Version 8.4.4
When client credentials were implemented, the OAuth 2.0 Client Registration form was designed such that once the instance was created and a token issued, the access tokens were deleted on save. Process changes now indicate that it should be possible to save the form because it may only have History Description/Usage changes made to it and Revoke Token and Regenerate Secret buttons are already available. To address this, the Revoke Access Token check has been removed from the validate activity of Client Registration.