InterSystems IRIS for Health™ Change Notes (2022.1)

DP-403240: Cube <expression> cannot have a period character in its logical name

Category: Business Intelligence
Platforms: All
Version: 2021.2.0
Description: With this release, any cube <expression> element which uses the period (.) character in the logical name will throw a compile error. Cubes that were successfully compiled in a previous release will still function exactly as they did before until they are recompiled. You should update each <expression> element to remove any period (.) characters and recompile so that future compiles will succeed.

This change means that an intermediate expression in Architect can return an object with properties, rather than a single value.

DP-404204: Upgrading containers and file ownership changes

Category: Cloud
Platforms: Cloud
Version: 2021.2.0
Description: The volume mounted for durable %SYS must now be writeable by user 51773 (irisowner), because cloning into that directory now happens as irisowner instead of root. When it isn't writeable, startup will fail. The cloud distribution now uses a non-root install, not a traditional installation. All files are now owned by 51773:51773 (aka irisowner:irisowner). The installation directory has not changed (still /usr/irissys). 

Before upgrading, users (excluding those using ICM or IKO) MUST chown their durable %SYS directory ($ISC_DATA_DIRECTORY) so that all files are owned by irisowner, for example:

chown -R 51773:51773 $ISC_DATA_DIRECTORY

This will most likely need to be done as root. IKO and ICM perform this ownership change automatically. 

For locked down images, the installation directory ($ISC_PACKAGE_INSTALLDIR) has changed from /home/irisowner/IRIS to /usr/irissys.

Upgrades with IRIS-lockeddown and IRISHealth-lockeddown between versions pre- and post- this change are not supported and will not succeed.

DP-404238: Limit use of PasswordHash to initial configuration

Category: Cloud
Platforms: Cloud
Version: 2021.2.0
Description: PasswordHash makes it easy to change system-wide passwords during the initial system configuration. The password change is effective before the instance is initialized. In previous releases, you could also use this feature to make system-wide password changes once the system was in use and no longer had the initial passwords. With this change, PasswordHash can only be used during the initial system configuration and cannot be used later to change passwords.

Specifically, PasswordHash will only be processed if the existing hash matches a known, fixed value used to set the initial password.

DP-413775: Change a few DataMove APIs

Category: DataMove
Platforms: All
Version: 2022.1.0
Description: Several of the DataMove API's have been changed to add a new first parameter "Name" in the DataMove.API class as follows:

MapInitialize(Name as %String, Namespaces As %String)
MapGlobalsCreate(Name as %String, Namespace As %String, GblName As %String, ByRef Properties As %String)
MapGlobalsDelete(Name as %String, Namespace As %String, GblName As %String) As %Status
MapGlobalsModify(Name as %String, Namespace As %String, GblName As %String, ByRef Properties As %String)

Customer will need to update their scripts to add this new parameter.

DP-409755: Remove $system.Python.Install()

Category: Embedded Python
Platforms: All
Version: 2021.2.0
Description: This change removes $system.Python.Install().

To install Python packages for your system, you should only use

pip3 install

DP-407501: 32-bit processes and external language servers

Category: Gateways - .NET
Platforms: All
Version: 2021.2.0
Description: External language servers that do not have "Exec 32" checked will change from executing as a 32-bit process to executing as a 64-bit process when started from the Management Portal. This will only affect you if you are loading external assemblies compiled for x86 and did not check the Exec 32 box of the server definition.

DP-405689: DTL calls now respect async="true" setting

Category: Interoperability
Platforms: All
Version: 2021.2.0
Description: In previous releases, DTL calls with async="true" were run synchronously, not asynchronously. In this release, this setting is respected and the call be will run asynchronously.

DP-13515: If compact double is enabled, all clients must support it

Category: JDBC
Platforms: All
Version: 2021.2.0
Description: Users who enable the Compact Double feature will need to ensure that all clients, such as xDBC and Native, have been upgraded to a version that supports Compact Double; otherwise they will fail to connect. Users who do not enable Compact Double will not be affected. In previous releases, the Compact Double Feature was not available. If you do not enable it, you will be able to connect with all clients that you could in the previous version, but if you do enable it, you may not be able to connect with some of these clients.

DPP-367: Need new drivers for new SQL syntax features

Category: JDBC
Platforms: All
Version: 2021.2.0
Description: Although existing SQL code will continue to work with the previous JDBC and ODBC drivers, if you want to use the new SQL syntax features, such as SQL LOAD, you'll need to update your JDBC or ODBC driver to the one provided with this release. Some applications, such as DBeaver, come with an InterSystems IRIS driver included, but you can still point it to a newer version of the library if you want.

DP-10904: Journaling files may be compressed

Category: Kernel
Platforms: All
Version: 2021.2.0
Description: The system can now automatically compress journal files after they are created to reduce the amount of space consumed by older journal files. Compressed files have a 'z' appended to their name. Any code which scans for journal files by name needs to be updated to cater for this change (if compression is enabled).

The size column in the %SYS.Journal.ByTimeReverseOrder query is the size on disk. Previously the size on disk and the amount of journal data in a file were more or less the same but with compressed files this is no longer the case. $$$GetJrnDataSize(%jrnfile) in %syJrninc.inc will return the amount of journal data in a file (from the journal file header) regardless of whether a file is compressed or not.

Compression is enabled by default during an upgrade from a version which did not support it.

DP-13424: Cannot connect with ECP to older releases by default

Category: Kernel
Platforms: All
Version: 2021.2.0
Description: By default, this release may compress compiled routines to improve efficiency. These compiled routines cannot be handled by previous releases of the product. Consequently, it will not allow ECP connections to instances that don't support this feature.

You may disable this feature system-wide with $ZU(69,87,1). If you disable this feature, then this release will be able to connect through ECP with older releases.

DP-401740: (Windows) Greater precision in $ZNOW and $ZTIMESTAMP

Category: Kernel
Platforms: Windows
Version: 2021.2.0
Description: With this change, on Windows, $ZNOW and $ZTIMESTAMP have more digits of precision than in previous releases.

Also, previous releases included the special functions $ZU(136,21,0), $ZU(136,21,1), and $ZU(136,21) for use on Windows, to work around limitations in how Windows returned time values. Windows now returns more accurate time values and these functions are not needed. If you call these functions, you must update your code.

DP-401894: Improve storage efficiency by performing kills in ascending order

Category: Kernel
Platforms: All
Version: 2022.1.0
Description: This change increases the storage efficiency of the database following a KILL command — especially when purging large quantities of data from a database in ascending order. In the past programmers sometimes did KILLs in descending order when doing large purges of data. To improve storage efficiency, you should change such programs to do kills in ascending order as doing kills in ascending order will now almost always result in better efficiency and better performance. There should be less need to run the GCOMPACT utility to improve storage efficiency following large purges of data.

This change does cause a 128 byte increase in the shared memory allocation per global buffer. If you are using the 8k default buffer size, this is a 1.5% increase.

DP-404334: Quote $ZF() shell commands on Windows

Category: Kernel
Platforms: Windows
Version: 2021.2.0
Description: Windows shell commands must be enclosed in quotes if there are quoted arguments along with a quoted command path. Those quotes will now be added by $ZF(-1), $ZF(-2), and $ZF(-100,"SHELL").

DP-405025: Changes to rounding of ObjectScript decimal floating-point values

Category: Kernel
Platforms: All
Version: 2021.2.0
Description: This release contains a slight improvement in rounding of ObjectScript decimal floating-point. One specific value of the IEEE floating point significand:

-9223372036854775808

-9223372036854775810

This error does not involve IEEE ($DOUBLE) binary floating-point representation. It only involves ObjectScript decimal floating-point representation.

Certain computations using a decimal significand of -2**63 (or -9223372036854775808), especially multiplications by a power of 10, were incorrectly rounded up to -9223372036854775810 when -9223372036854775808 is the exact answer. This has been fixed. Note that the positive valued significand of +9223372036854775808 does not exist so it is always rounded up to 9223372036854775810. This means that -(9223372036854775808) does not equal -9223372036854775808 because the first expression is rounded up before the negation operator is applied.

DP-406134: Change to error signalled by dynamic objects and arrays

Category: Kernel
Platforms: All
Version: 2021.2.0
Description: ObjectScript programs that used to catch <PROPERTY DOES NOT EXIST> error when $GET/$DATA was applied to a %DynamicObject or %DynamicArray element must now instead catch the <ILLEGAL CLASS> error. Since $GET/$DATA always signals an error when applied to existent or nonexistent Dynamic Object elements, it is unlikely that there are any programs that are deliberately generating this error signal and testing for it.

DP-409851: Change to viewing private program data on AIX

Category: Kernel
Platforms: AIX
Version: 2021.2.0
Description: With this change, on AIX, you will receive a <PROTECT> error when you attempt to view private program data that is outside of the instance's partition. You can get this error from the $VIEW function or the VIEW command. You can enable viewing and avoid the error by calling $ZU(69,23,1).

InterSystems strongly discourages users from using the $ZU(69,23,1) feature. This feature leaves Open M/SQL-UNIX open to abnormal termination of M processes and hangs due to programming errors.

DP-13952: .NET compact double changes to IRISList

Category: Language Bindings - Native
Platforms: All
Version: 2021.2.0
Description: This release adds support for the Compact Double feature for .NET client technologies: ADO, XEP IRISNative, and the Object Gateway (External Language Server). If your code is connecting to a .NET server with Compact Double enabled and your code includes IRISList and you want the values stored as compact doubles, you must modify the IRISList to enable compact double. If you do not want to have IRISList store compact double values, you do not need to change your code to connect with a server that supports compact double.

Application code can check if Compact Double is enabled for the connection by checking the "IsCompactDoubleEnabled" field on the IRISADOConnection object. You can use this value to control whether a new IRISList enables compact double with the following:

IRISList list = new IRISList(connection.ServerEncoding, connection.IsCompactDoubleEnabled);

Attempting to store a compact double on a server where it is disabled will produce an error. If you embed an IRISList within another, the compact double state must be the same in both.

DP-405941: %Monitor.Process now uses same metric names as ^PERFMON and &MONLBL

Category: Monitoring
Platforms: All
Version: 2021.2.0
Description: Modified %Monitor.Process to use the same list of metric names that the ^PERFMON and ^MONLBL routines use. If your code identifies metrics by name, you should modify it to use the new set of names.

DP-20958: %Net.SMTP no longer sends email if server doesn't support authentication

Category: Object Library
Platforms: All
Version: 2021.2.0
Description: Before this release, if you used %Net.SMTP to try to authenticate to an SMTP server that did not support authentication, %Net.SMTP would send the email. Now in the same scenario, %Net.SMTP will return the following error and will not send the email:

ERROR #6166: Server does not support authentication

Users who prefer the old behavior and want to continue the exchange unauthenticated after a failed authentication attempt can set the new IgnoreFailedAuth property of %Net.SMTP to true. Users who do not use authentication with SMTP as well as users who do not want to continue with an unauthenticated exchange if authentication fails don't need to do anything.

DP-292449: In %Net.Http, GetJson() replaces getJSON()

Category: Object Library
Platforms: All
Version: 2021.2.0
Description: In %Net.Http, the new GetJson() replaces the getJSON() method. The new method has the following signature:

classmethod GetJson(requestURL As %RawString = "", request As %String(MAXLEN="")="") 
            as %DynamicAbstractObject

DP-405034: %Net.SMTP checks server identities by default

Category: Object Library
Platforms: All
Version: 2021.2.0
Description: This change fixes a bug where the SSLCheckServerIdentity property in %Net.SMTP defaulted to false, but was documented as defaulting to true. The property now defaults to true and is in alignment with documentation. This means that, when connecting to an SSL/TLS secured web server, %Net.SMTP will check that the certificate server name matches the DNS name used to connect to the server and fail if they don't match. This is the behavior specified in RFC 2818 section 3.1.

As a result, when connecting to an SSL/TLS secured web server, the default behavior of %Net.SMTP will now be to fail if the certificate server name does not match the DNS name used to connect to the server.

This change is unlikely to cause compatibility issues, but it is possible that when using %Net.SMTP to send messages you might have issues connecting to an SSL/TLS enabled server. If this happens, and you understand the security trade-offs, you can set SSLCheckServerIdentity to 0 to restore the previous behavior.

DP-402912: Fixes problem where errors within ZWRITE command are not raised to caller's error trap

Category: ObjectScript
Platforms: All
Version: 2021.2.0
Description: This change fixes a problem where errors within ZWRITE command are not raised to caller's error trap.

Now ZWRITE throws some errors that were ignored before, but they are serious show-stopper errors that should not happen in a normal environment.

DP-404892: Changes to how ZWRITE displays IEEE doubles

Category: ObjectScript
Platforms: All
Version: 2021.2.0
Description: There are minor changes in the way ZWRITE displays IEEE double-precision floating-point values. The new formatting is more readable and provides better cutting and pasting output values. This should not impact most code, but if your code is looking for specific text in ZWRITE output, you may have to modify it to handle these changes.

PLATFORMS-MACOS11: macOS 11

Category: Platforms
Platforms: macOS
Version: 2021.2.0
Description: As of this release, the product is supported on macOS 11 and higher.

DP-402686: Changes to Security.Events:ListAll query arguments

Category: Security
Platforms: All
Version: 2021.2.0
Description: The Security.Events:ListAll query is a public API though it is mostly used internally. If you are using it, you may need to update your code to handle the changes in the arguments. It has been changed to now only accept three arguments (Filter, OwnerFlag, Flags) instead of five (EventSources, EventTypes, Events, OwnerFlag, Flags). Therefore, after upgrading, you will have to make changes everywhere you call ListAll if you specify more multiple arguments.

Instead of searching EventSources, EventTypes, and Events separately, ListAll now combines the Source, Type, and Name of each event into one forward slash-delineated string and searches just that string. This means that the Filter argument essentially combines EventSources, EventTypes, and Events into one.

If you are only using one of EventSources, EventTypes, or Events, you can pass that value into the new ListAll as the Filter parameter and the query's behavior shouldn't change.

If you are using more than one of EventSources, EventTypes, and Events, you will have to make changes. The simplest thing to do is to combine the previous fields into one by putting a forward slash in between each field. For example, if you have EventSources="%System" and EventTypes="%Login" you can now use Filter="%System/%Login". Unfortunately, the new ListAll can't combine EventSources and Events without also having an EventType. So to specify EventSources="%System" and Events="Logout" you need to also have an EventType, for example: Filter="%System/%Login/Logout".

DP-404283: Changes to enabling %ZEN.Dialog classes

Category: Security
Platforms: All
Version: 2021.2.0
Description: In this release, %ZEN.Dialog.* classes cannot be run in web applications unless the web application is enabled for analytics, the namespace is enabled for interoperability productions, or it is explicitly enabled for the web application. To explicitly enable %ZEN.Dialog.* classes, enter the following:

Set ^SYS("Security","CSP","AllowPrefix",application-name,"%ZEN.Dialog.")=1

Also, with this change, any web application that is enabled for analytics or interoperability will have %ZEN.Dialog.* classes enabled by default.

DP-406389+DP-406711: Add versions to security tables

Category: Security
Platforms: All
Version: 2021.2.0
Description: In previous releases, you could only export and import security tables between instances with the same major version. Now the security tables have an embedded version number, which allows finer access over allowable imports. You can export security tables from versions 2021.1 and 2021.2 and then import them to this version, 2022.1.

DP-408241: Change in permissions needed to run Task Manager tasks

Category: Security
Platforms: All
Version: 2022.1.0
Description: Now %SYS.TaskSuper requires %Admin_Manage:Use in order to modify the ExecuteCode field of %SYS.Task.RunLegacyTask. Previously this check was only done in the Management Portal page.

The Management Portal page now checks for %Admin_Secure:Use in order to set the RunAsUser to a user other than the current user. Previously it incorrectly checked for %Admin_Manage:Use (TaskSuper checks %Admin_Secure).

DP-413405: Revert Security.Events:ListAll() to preserve backwards compatibility

Category: Security
Platforms: All
Version: 2022.1.0
Description: Previously, DP-402686 added a new query called ListByFilter() to the Security.Events class and then reconfigured the ListAll() query to call this new query. In doing so, it changed the signature of ListAll(), which broke backwards compatibility.

This change reverts Security.Events:ListAll() to what it was before DP-402686. Then, to maintain the SMP fix that DP-402686 introduced, it changes the SystemEvents and UserEvents SMP pages to call the ListByFilter() query instead of ListAll().

As a result, the backwards compatibility of Security.Events:ListAll() has been restored.

DP-402901: SQL PURGE QUERIES BY AGE and FREEZE BY ID changes

Category: SQL
Platforms: All
Version: 2021.2.0
Description: If you use any of the following PURGE or FREEZE constructs, you must ensure that you specify the value with a literal, not with an identifier:

• PURGE [CACHED] QUERIES BY AGE value
• [UN]FREEZE BY ID value

DP-405610+DP-408694: (New installs) default DDL type mapping for TIMESTAMP is %Library.PosixTime

Category: SQL
Platforms: All
Version: 2021.2.0
Description: In new installations, the default DDL Mapping for type TIMESTAMP has been changed from %Library.TimeStamp to %Library.PosixTime. This does not affect instances which were upgraded from a previous release. If you port code from a previous release to a new installation of this release, you may need to modify code to handle this change.

If a field has a datatype of %Library.DateTime, the fastinsert optimization will not be used and execution will be slower. You can resolve this issue by updating the datatype to use PosixTime, which is recommended over DateTime.

DP-406218: Runtime Plan Choice (RTPC) is now enabled by default

Category: SQL
Platforms: All
Version: 2021.2.0
Description: The default value for the RTPC parameter has changed from 0 to 1. When RTPC is enabled (=1), InterSystems SQL queries can perform optimization based on outlier information. For further details on outlier selectivity, refer to Tune Table in the InterSystems SQL Optimization Guide.

Note that for some queries, this may not be the best choice. See Adaptive SQL Optimizer for details on RTPC and review whether you wish to use this optimization.

DP-407254: Update interaction between delegated and password authentication

Category: System
Platforms: All
Version: 2021.2.0
Description: This fixes an issue with authentication ordering when delegated and password authentication are enabled. If your user authentication includes both delegated authentication and password authentication, you can choose either to call or not call ZAUTHENTICATE for password users. Typically, ZAUTHENTICATE is only used for delegated users and not for password users.

But if you want your ZAUTHENTICATE routine to also be called for password users, you should check the <b>Always try Delegated Authentication</b> in the <b>System Administration > Security > System Security > Authentication/Web Sessions Options</b> page in the Management Portal or by using the ^SECURITY utility (System Parameter Setup, Edit authentication options).

The default for <b>Always try Delegated Authentication</b> is No and ZAUTHENTICATE is not called for password users.

DP-408802: Remove experimental database compression from CreateDatabase() method

Category: System
Platforms: All
Version: 2021.2.0
Description: This release removes an experimental feature, database compression, because the minor savings in storage did not justify the increased compute load. This removal should not impact any existing code unless you called ##class(SYS.Database).CreateDatabase() and included the compression engine parameter. If you did, you must remove this parameter or you will get a <PARAMETER> error.

Please note this experimental feature is independent of the journal compression and stream compression features, which are unaffected by this change.

DP-405460: Modify IRIS to use the hash of the CPF in place of the timestamp

Category: Web Gateway
Platforms: All
Version: 2021.2.0
Description: IRIS now sends a hashcode instead of a timestamp to indicate whether the server configuration has been changed, and the Web Gateway now accommodates these hashcodes in addition to timestamps from older servers.

A newer standalone Web Gateway connecting to older IRIS instances functions as before. An old Web Gateway connecting to newer IRIS instances is not and has historically not been supported, but with this change it's particularly important for customers to keep their Web Gateway up to date. Old Gateways don't handle the hash from newer IRIS instances and thus will not update their server configurations.

DP-404679: Some tasks removed from the Task Manager

Category: Work Queue Manager
Platforms: All
Version: 2021.2.0
Description: Some of the automated maintenance tasks have been removed from the Task Manager and are now handled purely internally by the Work Queue manager. Specifically, the following tasks have been removed from the Task Manager:

• Update SQL Query Statistics
• Scan frozen plans
• Cleanup SQL Statement Index
• Resource Cleanup

DP-411063: Work Queue settings removed on upgrade to 2021.2

Category: Work Queue Manager
Platforms: All
Version: 2021.2.0
Description: When upgrading to 2021.2, the settings for "Work Queue Manager Categories" are reset to the system defaults, and any user-defined settings are deleted. The new settings in version 2021.2 are not compatible with the previous settings and cannot be converted. If you have defined settings, redefine them if necessary.