Blog

Release announcements, helpful tips, and community discussion

10.4.8

Cerb (10.4.8) is a maintenance update released on January 18, 2024. It includes 7 minor features and fixes from community feedback covering the 10.4 update. You can follow these instructions to upgrade.

Changelog

Added

  • [Interactions/Worker/Download] In interaction.worker automations, fileDownload form elements can now reference resource records. For instance, this could be used to add a ‘Download’ button to resource card popups. Thanks to @mryanb for the feature request.

Changed

  • [Platform/Database] In the database service, queries will no longer be retried if they aborted due to a read timeout. This could lead to unexpected duplicate queries (e.g. during nightly maintenance). Queries are only retried if the database server was offline and became available again during the retry window (2 second intervals for 10 seconds).

  • [Mail/Tickets] On ticket profiles, message senders now display badges to the right of their name if they are banned or defunct. Previously, there was no indication that a reply to a banned or defunct sender would be sent to the void. Thanks to watterott for the feature request.

Fixed

  • [Platform/Database/Performance] Fixed an issue in the database service where the read timeout was too short (5 seconds). This was originally lowered to counter a rare connection exhaustion issue when a database server opens new connections but doesn’t respond in a reasonable amount of time. In PHP, the connection timeout only includes the socket, and “time to first byte” is instead covered by the read timeout. When the read timeout is too short, it can abort legitimate queries with a “MySQL server went away” error. This was particularly apparent during nightly maintenance or version upgrades. These queries would eventually complete on the server, but Cerb could unexpectedly run expensive queries in parallel, or retry the same query as if it had failed.

  • [Mail/Reply/UX] Fixed an issue in mail where it was possible to click the ‘Reply’ or ‘Send’ buttons multiple times during network latency, particularly when using keyboard shortcuts. This could lead to duplicate drafts or sent messages. These buttons are now properly rate-limited to 500ms per click. Thanks to 1Password for reporting the bug.

  • [Custom Fields/Date] Fixed an issue with double binding date helper fields on record editors.

Security

  • [Mail/Tickets/Security] On ticket profiles, in the ‘Conversation’ widget, the ‘Add to participants’ button is now prominently displayed to the left of the ‘Reply’ button when a new participant joins a conversation. In recent versions this button was hidden in the ‘…’ menu. Often this occurs when a legitimate recipient uses an alternate email address to reply, but it can also be a sign of a malicious actor attempting to infiltrate a conversation with a publicly discovered ticket mask. Cerb doesn’t automatically add new participants to the conversation and this button serves as an important warning. Thanks to watterott for the feature request.