Maintenance Sprint 5 (6/14/2022 - 6/27/2022) Recap
Here, at a summary level, is the work that was completed, along with a list of work that is in progress further below.
Completed Work
- In keeping with HUIT's elevated security posture, upgrades were made to components in several applications to address potential security vulnerabilities. These include:
- DASH, a central catalog and open-access repository of research by members of the Harvard community
- FITS, a technical metadata validator and extractor utility used to process digital objects by the Digital Repository Service (DRS)
- MDS-ActiveMQ, a queuing service also used to process objects by the DRS
- IDS, the DRS delivery service dedicated to static image files
- PDS, the DRS delivery service dedicated to page-turned objects
- Olivia, a servlet that looks up and sets image information in the DRS for use by JSTOR's Shared Shelf
- Feedback, an application for generating configurable web forms for internal support systems
- LibraryCloud, a metadata hub that provides granular, open access to a large aggregation of Harvard library bibliographic metadata
- NRS, our name resolution service for mapping persistent links
- Wordshack, the authority control and vocabulary manager for DRS
- Webadmin, the graphical interface for managing digital repository content
- ArchivesSpace, the application powering HOLLIS for Archival Discovery, now has a proper "sandbox" environment to stage and assess loading of documents before they appear on the public version of the site.
- Shared Shelf Harvester, a utility that interacts with JSTOR, has been updated to replace outdated and vulnerable code libraries.
- In addition to security updates, FITS has been updated to address logging dependency issues and has been installed in a number of internal applications.
- Library.Harvard.edu has been updated with current versions of core system code and modules, and PatternLab, the library's digital design pattern repository, has been updated with current versions of internal libraries and utilities. In addition, an issue affecting library staff users' ability to select language proficiencies in their personal profiles has been resolved.
- All instances of Solr, our internal indexing and search platform, and Zookeeper, Solr's internal configuration manager, have all been updated to address a reported security vulnerability.
In-Progress Work
Most of the remaining work lies with deploying into production the updates done during the maintenance sprint. These are scheduled to occur after the holiday break.
- Deployments of security updates for the following applications include:
- FIG, an application used to identify the right Google Books link to use for a HOLLIS item
- ACORN, an application for documenting preservation treatments
- An ArchivesSpace update will be released next week with the following fixes:
- Non-Latin characters such as Chinese, Japanese, Korean, Cyrillic, Arabic, and Greek now render correctly when PDFs are generated.
- An issue impacting the availability of previously generated PDFs due to the way they were cached has been resolved.
- Additionally, analysis continues into an issue affecting the OAI harvesting of EAD-formatted documents from ArchivesSpace.
- In the DRS, a solution affecting multithreaded multipart uploader DRS deposits has been developed and is currently being tested.
- Analysis continues into an issue in LibraryCloud where metadata and content links are absent from Forum Group components.