Dear DSpace Community, We are pleased to announce the release of DSpace 8.2! This release provides security fixes, performance improvements, accessibility improvements and bug fixes to the 8.x platform. No new features are provided. As such, this release should be an easier upgrade for sites already running 8.x.
Download DSpace 8.2 <https://wiki.lyrasis.org/display/DSDOC8x/Release+Notes#ReleaseNotes-8.2ReleaseNotes> Security Fixes - Fix for CVE-2025-53621 <https://github.com/DSpace/DSpace/security/advisories/GHSA-jjwr-5cfh-7xwh> (moderate severity). XML External Entity (XXE) injection possible in import via Simple Archive Format (SAF) or import from external sources. See security advisory or mailing list “security notice” for details. - Fix for CVE-2025-53622 <https://github.com/DSpace/DSpace/security/advisories/GHSA-vhvx-8xgc-99wf> (moderate severity). Path traversal vulnerability in Simple Archive Format (SAF) package import via “contents” file. See security advisory or mailing list “security notice” for details. Major Bug fixes / improvements include: - Breaking Change - Frontend configuration for enabling Server Side Rendering (SSR) on specific paths has been replaced by a new inverse configuration which specifies paths to exclude from SSR. This fixes an SEO bug. (Donated by 4Science) - General user enhancements and fixes - The default tab on Community/Collection pages is now configurable. By default, as in 8.0 and 8.1, it will still be the "Search" tab. (Donated by Abel Gomez, backported by Nick Woodward) - Fixed search bug where stale data could sometimes be returned. (Donated by Atmire) - Fixed bug where access-restricted thumbnails were not shown to users who have proper access rights. (Donated by Atmire) - Fixed statistics bug where "view" events could be sent twice when using scoped themes. (Donated by Atmire) - Submission / Workflow enhancements and fixes - Fixed caching issues on MyDSpace page when switching between views (Donated by 4Science) - Fixed issue where search filters could disappear from MyDSpace page. (Donated by Arvo Consultores) - Fixed infinite loading issue that could occur on submission forms. (Donated by Atmire) - Fixed bug where an admin could not upload a bitstream to an item in workflow when impersonating a user. (Donated by 4Science) - Fixed bugs in various importers (ArXiv, CrossRef and Web of Science). (Donated by Atmire, Paulo Graça, and 4Science, respectively) - Administrative enhancements and fixes - The Health page now includes an "SEO" validation check. This SEO report checks that your sitemap is visible, your robots.txt is visible and that you have SSR (Server Side Rendering) enabled – all of which are common issues reported by Google Scholar. (Donated by Atmire) - Fixed bug where list of bitstreams on "Edit Item > Bitstreams" tab would be duplicated when using pagination. (Donated by Atmire) - COAR Notify was not fully adhering to the “Request Endorsement” pattern supported by PCI (Peer Community In) (Donated by Agustina Martinez) - Fixed issues where Collection Admins could not add new Bitstream policies or view metadata of withdrawn items (Donated by 4Science) - Fixed pagination issue with Bulk Access Control script/page which could cause duplicate policies to be created. (Donated by 4Science) - Performance/stability improvements: - Limited the number of Items that can be exported at once to 500. This value is configurable. (Donated by Atmire) - Fixed issue where login endpoints to REST API didn't always close their database connection after login action was completed. (Donated by Atmire) - OpenSearch now limits its results per page to 100. This value is configurable. (Donated by Sascha Szott) - Indexing improvements to the "index-discovery" script when your site has a larger number of relationships (between entities). (Donated by Atmire) - Fixed bug when DSpace could fail to startup when ORCID connections failed (if ORCID is enabled). (Donated by The Library Code) - Accessibility improvements: - Accessibility Settings can be customized by users. Basic accessibility settings like Notification (popup) timeouts and ARIA Live Region timeouts can now be customized by each user of your site. (Donated by Atmire) - Truncated abstracts now use ellipsis for truncation instead of fading out. (Donated by 4Science) - Improved screen reader accessibility for header and recent submissions. (Donated by Atmire) - Enhanced keyboard navigation on several pages. (Donated by eScire) - OpenAIRE v4 compliance improvements to both the OpenAIRE submission forms and the OAI-PMH "oai_openaire" metadata format. (Built by Atmire, funded from Ireland's National Open Research Forum (NORF) under the 2022 Open Research Fund) - Fixed a large number of other bugs. See Release Notes <https://wiki.lyrasis.org/display/DSDOC8x/Release+Notes#ReleaseNotes-8.2ReleaseNotes> for details. New and improved Language support - French (Français) language updates donated by Pierre Lasou and Carolyn Sullivan - German (Deutsch) language updates donated by The Library Code and Sascha Szott - Hungarian (Magyar) language updates donated by Zoltán Kanász-Nagy A total of 43 individuals contributed to 8.2. For a full list of changes and contributors in 8.2, see our Release Notes <https://wiki.lyrasis.org/display/DSDOC8x/Release+Notes#ReleaseNotes-8.2ReleaseNotes> . Would you like to contribute to a future DSpace release? DSpace is built and supported by community volunteers. We have no centralized development team. Therefore, we welcome contributions from anyone! Contributions may take the form of: - Contributing money to our DSpace Development Fund <https://wiki.lyrasis.org/display/DSPACE/Announcement%3A+DSpace+Development+Fund> - All funds go directly towards development in the next release(s), and you will be acknowledged on our DSpace Development Fund <https://wiki.lyrasis.org/display/DSPACE/Announcement%3A+DSpace+Development+Fund> page. - Contributing code - As a volunteer developer you can determine which issue ticket you’d like to work on. Join our weekly developer meetings <https://wiki.lyrasis.org/display/DSPACE/Developer+Meetings> or get in touch with Tim Donohue <https://wiki.lyrasis.org/display/~tdonohue> if you have any questions. Our next major release will be DSpace 10.0 <https://wiki.lyrasis.org/display/DSPACE/DSpace+Release+10.0+Status> (due in 2026). But, we also continue to support our last three major releases (currently 7.6.x, 8.x and 9.x). If you’d like more information on ongoing development, please consider joining our weekly developer meetings <https://wiki.lyrasis.org/display/DSPACE/Developer+Meetings>, or follow along by reading the public notes of past meetings. -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to dspace-community+unsubscr...@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/dspace-community/5b91df26-60f6-4dd9-bbb9-6455a19da686n%40googlegroups.com.
