1 29 2024 Tech Team Report

1-29-2024

Date	Task	Hours (Main)	Hours (EOLS)
22-Jan-2024	Report, meeting, update DV to find accounts via username, check Keycloak release re security, Fix Drupal list Drupal-only account method, fix other methods using removed user_load method.	2	2
23-Jan-2024	Merge License facet code, test on dev	2
24-Jan-2024	Merge develop and ~6.1.1 fixes, deploy to dev/stage, test, reindex stage, update Drupal email-reg and module_filter modules, investigate/fix debug info on prod, update github w/ machine specific services.yml	4
25-Jan-2024	Create PR for thumb logic fix	1
26-Jan-2024	Deploy DV to prod, run background reindex, update aws lib, fix security issue w.r.t. OIDC login, try fixing google a11y issues, fix nginx CORS issues w.r.t. fonts, update stage to drop google analytics, remove old previewer examples/script.	2	1

Checked to see if Keycloak updates for recent trivy alerts was available (no)
Updated nginx settings to avoid CORS issues for font files. The problem was odd in that there were intermittent failures. I discovered that this was due to caching and the fact that fonts from Drupal are used in the Dataverse and IDP pages (and failed for whichever was loaded second). I added a Vary: Origin header that stops browsers from caching the CORS information and adapted the CORS config to report whichever of data.* or idp.* should be allowed for a given call. Deployed to dev/stage/prod.
Dropped Google analytics on stage (which, strangely, removed a 404 error about an android 192 px logo)

email_reg and module_filter module updates to dev/stage
Investigated/fixed setting on prod that was adding debug info to pages. This is visible in RSS feeds. It ha been fixed previously by a change at some point brought it back. I've now created machine-specific settings files for dev/stage/prod so that prod will always have debug off for new deploys.
Also updated prod to turn caching of twig templates on - should improve performance.

Created a PR (#10269) fixing thumbnail logic causing uploaded logos to only show when a datafile with a valid preview existed. This is deployed to QDR (dev/stage/prod) and is part of the 6.1 patch for the community
Merged license facet code from INRAE, along with all other recent bug fixes from the 6.1 patch, deployed to dev/stage, and, after testing, to prod. (Updated solr schema to add license field, restarted solr, reindexed content.)
Updated to latest aws library
Upgraded OIDC login to use a more secure version of the crypto alogorithm (AES, added padding) to resolve an open issue in the dataverse-security repo, created #10275
Investigated Chrome browser alerts w.r.t. incorrect use of label elements for non-input fields, pushed changes to dev for testing.
Removed an old script and previewer examples I added for QDR (back when there were 4 previewers)

Continue working on authentication issue #43(non-email account id, MFA, etc.)
Work on metadata issue #44 (more metadata to DataCite, etc.)
Fix Stata-14 ingest by allowing file inspection during direct upload or adjusting the Stata ingester.
Fix #113 if possible
Matomo - investigate event-level tracking via tag manager, remove non-working google scripts
AnnoRep - explore round-trip, configure auto-start and log rotation
Ops
- check missing globalidcreationdates and fix via /modifyRegistration or alternative
Dataverse
- Make PR for guestbook adding datasetversion fix
- Popup info accessibility - IQSS likes the recommendations from the source I linked to, so this can be implemented along those lines.
QDAS Previewer
- Updates per request
- Investigate writing aux file/previewing lower-sensitivity version and/or other write options
TBD: FRDR Security