Synapse Docs
Synapse Docs
Breadcrumbs

stack-578 Release Notes

Summary

This release advances four roadmap themes: Isolating Enterprises/Realms, Curator grid robustness and concurrency/snapshots, SearchV2 UX consistency and relevance, and account lifecycle governance & security hardening.

  • Realm-aware access control: ACLs, anonymous access, and token introspection are now realm-scoped for stronger tenant isolation and simpler integration.

  • Curator grid reliability: snapshot-based sync, etag refresh after updates, and fixes for concurrency and lazy-loaded rows reduce failed applies and sync errors.

  • SearchV2 experience: consistent queries from Home vs Search, correct metadata for SearchV2 pages, and relevance nudges to surface portal sites.

  • Security and governance: longer latent account grace period and remediation of a persistent XSS vector.

Why prioritized: enable first production enterprise realm (Arcus Bio), reduce curator downtime from sync conflicts, eliminate confusing SearchV2 inconsistencies, and close security/compliance gaps before broader rollout.

Expected impact: enterprise tenants get clearer boundaries and simpler token validation; curators see fewer merge failures and faster recovery; search users experience more consistent results/navigation; governance teams gain safer defaults for dormant accounts.

Completed tickets: 20https://sagebionetworks.jira.com/issues/?jql=fixVersion%20%3D%20stack-578%20AND%20project%20in%20%28PORTALS%2C%20SWC%2C%20PLFM%29%20ORDER%20BY%20project%2C%20key

Affected Users & Systems

  • Primary users: realm tenants, portal/Curator users, Synapse search users, and integrators using access tokens.

Deprecated or Breaking Changes

No breaking or backward-incompatible changes identified in this release.

New Features

  • Realm-aware auth enhancements: realm-scoped anonymous token service (PLFM-9328) and OAuth2 token introspection endpoint for integrators (PLFM-9471).

  • Enterprise onboarding enablement: production Arcus Bio identity provider and realm established (PLFM-9427) plus dedicated test IdP for validation (PLFM-9441).

  • Curator grid snapshots: snapshot-based export/ingest for faster, more reliable grid initialization and sync (PLFM-9398).

Fixes & Improvements

  • Realm-aware ACL enforcement: ACL updates require single-realm principals; internal checks refactored to support multiple realm-specific anonymous/public/authenticated groups (PLFM-9327, PLFM-9353).

  • Curator grid reliability & concurrency/snapshots: refresh etags after updates to prevent stale-write failures (PLFM-9356); fix NPE during complex sync operations (PLFM-9481); resolve client snapshot decoding error (PLFM-9490); address concurrent update issues between old/new grids (SWC-7597, SWC-7678); ensure agent can act on all rows, not just lazy-loaded ones (SWC-7691).

  • SearchV2 UX consistency & relevance: align query construction between Home and Search pages for consistent results (SWC-7698); correct SearchV2 document metadata for accurate page titles/snippets (SWC-7674); surface relevant portal sites from search terms (SWC-7614); continue “Did-You-Mean?” rollout benefits from prior work (SWC-7489).

  • Security hardening: mitigate persistent XSS that could lead to session hijacking (SWC-7660).