Month-based Version Names - A new month-based naming pattern has been adopted for LabKey Server. This March 2020 release is named 20.3; the next production release in July 2020 will be 20.7.
Skyline Document Version Updates - Updates to Panorama to ensure full compatibility with changes to Skyline's file format.
Sample File Scoped Chromatograms - Display and provide API access to chromatogram-style data contained within Skyline documents. (docs)
Important Security Update - LabKey Server 20.3 includes an important security update, which has been back-ported to version 19.3.7. We strongly recommend that you upgrade your servers to at least 19.3.7 to pick up this security update.
AdoptOpenJDK 13 - Starting with LabKey Server 20.3.0, we recommended AdoptOpenJDK 13 for new installations and upgrades. (docs)
Upgrade all LabKey Dependencies - We strongly recommend that, as part of your LabKey Server upgrade, you also upgrade all major LabKey dependencies to their latest point releases, these include: Java, Tomcat, and your database server. (docs)
Panorama Premium: Auto-enabling Metrics - Metrics are shown when relevant data is detected; these metrics are hidden when relevant data is not detected. (docs)
Skyline List Support - Lists defined in Skyline are imported and available in Panorama folders. (docs)
Isotopologue Metrics - Plot isotopologue metrics including LOD and LOQ when data is available from Skyline. (docs)
Total Ion Chromatogram Metric - In QC folders, track the total ion chromatogram area as a metric, scoped to the entire run. (docs)
Skyline Audit Log - Import the Skyline audit log into Panorama. (docs)
Version 19.2, released July 2019
Zip files during upload - .raw and .d directories or raw data files (from Agilent, Waters, and Bruker instruments) are automatically zipped before upload to a Panorama files repository. (docs)
Premium Features for Panorama Partners: New features available exclusively to members of the Panorama Partners Program and on PanoramaWeb.org:
Panorama Premium: Outlier Notifications - Subscribe to email notifications for new QC folder data imports, or only when the number of outliers in a series of imports is over a threshold. (docs)
Panorama Premium: Configure QC Metrics - Configure which QC metrics are used for analysis. (docs)
MS1 Module Removed - The MS1 module has reached end of life and due to lack of usage, has been removed.
Internet Explorer - End of Support - LabKey no longer supports Internet Explorer. For details, see supported browsers.
Upgrade to Java 12 - Oracle has ended public support for Java 11, and as a result, LabKey has completely removed support for Java 11 in the 19.2.0 release. For details, see supported Java versions.
Upgrade Tomcat Version - If you are using Tomcat 7 or 8, be sure to update to the latest point release. LabKey Server version 19.2.0 will be incompatible with Tomcat releases prior to 7.0.76 or 8.5.12. If you are using an incompatible version, you may see JSP compilation errors. Tomcat 9 releases (beginning with 9.0.0) are compatible and will not see these errors. For details, see supported Tomcat versions.
Source Code Migration to GitHub - Core LabKey Server modules have been migrated from SVN to GitHub, as well as the central automated test code and all of the modules from server/customModules. (docs | docs)
Performance improvements by caching virtual schema metadata - Database schema metadata has always been cached, but beginning with release 19.2.x, table and column metadata for user schemas (i.e., virtual schemas) is also cached per request. This improves performance when processing complex queries.
Version 19.1, released March 2019
Improved Replicate Views - The replicate view of a Skyline document now highlights the annotations present in that single file, as well as showing more information about the samples being used.
QC Folder Optimizations - Page load times for QC folders with substantial amounts of data should be improved.
Import Optimizations - The time required to import a Skyline document has been reduced, by 50% or more in many cases.
See User and Group Details Role - Allow non-administrators to see email addresses and contact information of other users as well as information about security groups. (docs)
Enforce CSRF Checking - All POST requests must include a CSRF token. This is no longer a configurable option. (docs)
Sample Set Updates - The sample set creation and import pages have been streamlined and standardized. Performance has been improved when importing large sample sets, as well as for query and update operations. (docs).
Configure Allowable External Redirects - Create a whitelist of allowable redirects to external sites. (docs)
Upgrade to Java 12 - We strongly recommend upgrading your server installations to Oracle OpenJDK 12 as soon as possible. 19.1.x installations will continue to run on Java 11, but site administrators will see a warning banner. Oracle has ended public support for Java 11; as a result, LabKey will completely remove support for Java 11 in the 19.2.0 release. For details see Supported Technologies.
Remove Support for Java 8 - Oracle ended public support for Java 8 in January 2019; as a result, LabKey Server no longer supports Java 8. For details, see Supported Technologies.
Potential Backwards Compatibility Issues
Remote API Date Format Change - The date format in JSON responses has been changed to include milliseconds: "yyyy-MM-dd HH:mm:ss.SSS". In previous releases the following format was used: "yyyy/MM/dd HH:mm:ss".
Legacy MS2 Views - Options in the Grouping and Comparison views previously marked as "legacy" have been removed.
User and Group Details Access Change - Access to contact information fields in the core.Users and core.SiteUsers queries, the core.Groups query, and the getGroupPerms API now require the Administrator or "See User and Group Details" role.
External Redirects Change - External redirects are now restricted to the host names configured using the new Configure Allowable External Redirects administration feature. The 18.3.x experimental feature that unconditionally allowed external redirects has been removed.
POST Method Required for Many APIs - Many LabKey APIs and actions have been migrated to require the POST method, which has security benefits over GET. The LabKey client APIs have been adjusted to call these server APIs using POST, but code that invokes LabKey actions directly using HTTP may need to switch to POST.
End of Support for IE 11 - Support for IE 11 will end in the upcoming LabKey Server 19.2.0 release, scheduled for July 2019. Please contact us for workaround options if this change strongly impacts you. (docs)
Version 18.3, released November 2018
Normalized Y-axes in QC Plots - Support for normalizing Levey-Jennings and Moving Range plots using percent of mean or standard deviation as the zero point on the Y-axis. (docs)
Improved Figures of Merit performance - Rendering performance for the Figures of Merit report has been improved. (docs)
Read Chromatograms Directly from SKYD files - An experimental feature allows you to read chromatograms directly from SKYD files instead of storing them in the database. (docs)
Subfolder Web Part - This web part shows the subfolders of the current location; included in new collaboration folders by default. Also available in the 18.2 release. (docs)
Connect to Existing Amazon S3 Directories - Connect to an existing S3 directory or create a new one for each LabKey folder. (docs)
Improved Navigation Menu - The project menu and any custom menus you define have a more consistent interface, and each contain graphical elements signaling that they are interactive elements. You can also access the project menu from the admin console. (docs)
Reporting and Visualization
Scatter and Line Plot Enhancements - Specify multiple Y axes. Show all data on a single plot or display separate plots per measure. (docs | docs)
Development and APIs
NaN and Infinity Values - LabKey SQL supports constants NaN, INF, and -INF. (docs)
Potential Backwards Compatibility Issues
Changes to CSRF Setting - At 18.3 upgrade time, the CSRF checking setting on all servers will be set to "All POST requests". Site administrators will have the ability to revert back to "Admin requests" for deployments that still need to make their external modules or custom pages compatible with this setting. For release 19.1, we plan to remove the setting entirely and check CSRF tokens on every POST (except for specially annotated actions). When servers are protecting against CSRF attacks, they will require the following minimum versions: Skyline - 4.2; Skyline-daily - 188.8.131.5251; AutoQC Loader - 184.108.40.20602 (docs)
Support for Java 11 - We recommend upgrading your server installation to Java 11. Oracle is expected to end public support for Java 8 in January 2019, and, as a result, LabKey Server will no longer support Java 8 for the 19.1 release. For details see Supported Technologies.
Support for PostgreSQL 11 - PostgreSQL 11.1 and above is supported (not the initial PostgreSQL 11.0 release). For details, see Supported Technologies.
Remove support for PostgreSQL 9.3 - PostgreSQL 9.3 reached end-of-life in November 2018. We recommend upgrading your PostgreSQL installation to version 10 or later. For details, see Supported Technologies.
Improved Pharmacokinetic Report - Pharmacokinetic (PK) calculations are provided per subgroup, replicate annotations are included, and non-IV routes of administration are supported. (docs)
LOD/LOQ Skyline Compatibility - Limit of Detection (LOD) is now shown in Panorama, and there is support for additional Limit of Quantitation (LOQ) configuration as defined in Skyline. (docs)
Spotfire Integration - Use data stored in LabKey Server to create Spotfire visualizations. (docs)
Common Table Expressions - Use a SQL "WITH" clause to simplify complex queries and create recursive queries. (docs)
Potential Backward Compatibility Issues
Changes to CSRF Default Setting In 18.2, we have switched the default CSRF checking setting (affecting only new servers) to "All POST requests". We recommend that all clients run their servers with the "All POST requests" setting, ideally on production servers but at a minimum on their tests/staging servers. In the upcoming 18.3 release, we plan to force the setting (on all existing servers at upgrade time) to "All POST requests". We will retain the ability to revert back to "Admin requests" for deployments that still need to make their external modules or custom pages compatible with this setting. For release 19.1, we plan to remove the setting entirely and check CSRF tokens on every POST (except for specially annotated actions).
Tomcat 8.0.x is no longer supported - If you are using Tomcat 8.0.x, you should upgrade to 8.5.x at your earliest convenience. No configuration changes in LabKey Server are necessary as part of this upgrade. For details see Supported Technologies.
Connection Pool Size - We recommend reviewing the connection pool size settings on your production servers. For details, see Troubleshooting.
Pharmacokinetic Calculations - See the stability, longevity, and uptake of compounds of interest. (docs)
Figures of Merit for Quantitation Data - Summary statistics show the mean, standard deviation, and %CV for the replicates, along with lower limit of detection, quantitation, etc. (docs)
Files Table - All files under @files, @pipeline, and @filesets in a container can be managed using a new exp.Files table. Developers can use exp.Files to programmatically control all files at once. (docs)
Messages Default to Markdown - Markdown is a simple markup language for formatting pages from plain text, similar to LabKey's Wiki syntax. The Messages editor window includes a Markdown syntax key and message preview tab. (docs)
New Role: See Absolute File Paths - A new site-level role allows users to see absolute file paths in the File Repository. (docs)
Impersonation Auditing - Audit records are created when a user starts or stops impersonating a role or group. docs)
API Keys - Client code can access the server using API keys. Administrators can allow users to obtain new API keys and manage when keys expire. (docs)
Captcha for Self Sign-up - Self-registration now includes a captcha step to prevent abuse by bots. (docs)
Cross-Site Request Forgery (CSRF) Protection Changes - All LabKey pages have been tested and updated to protect against CSRF. We recommend that site admins change the default CSRF protection setting to "All POST requests" to enable this increased protection. This may cause issues with custom pages that are not configured to submit CSRF tokens when doing an HTTP POST. For details see the Potential Backwards Compatibility Issues section below.
New Cross-Site Request Forgery Protection (CSRF) Recommendation - We recommend that administrators begin the process of converting their servers from the current default CSRF protection setting of "Admin requests" to "All POST requests". The more stringent security setting may cause issues for custom pages that submit HTTP POST requests. If you have no custom pages or forms, we recommend that you immediately change the CSRF setting for all test, staging, and production servers running 18.1. If you have custom pages and forms, we recommend that you begin testing on your test and staging servers. In a future release, LabKey Server will enforce that all HTTP POSTs include the CSRF token, at which point all custom pages will be required to be do so. For details on configuring custom pages with CSRF protection, see here.