Core Engine (4.38)

# Core Engine Release 4.38

July 2025

We upgraded! What's new? Learn more about new features, technical changes and solved bugs in 4App Core Engine.

Note on upgrading: If you skip a version when upgrading, check all release and patch notes in between for important information. They apply cumulative.
Note on individualization: If your 4ALLPORTAL is highly customized or if you installed individual apps, please contact your implementation partner before upgrading. We recommend checking your custom contents, especially layouts and object renderers, carefully after an upgrade.

# Improvements

  • Welcome e-mail: We have increased the validity period of welcome emails for new users from 24 to 72 hours. This gives users more flexibility when activating their accounts. The expiry date is now displayed in the subject line of the welcome email.
    Also refer to this technical change.
  • Tree Filter: When searching a PID tree (e.g. in the folder tree in the Files module), you can now activate the new "Show child elements" button. When this is active, child elements (e.g. subfolders) are displayed even if the search term only applies to the parent element.

# Technical Changes & Admin Instructions

# New Welcome E-mail and Password Validity Handling

We can now handle the validity period of welcome e-mails and password change requests more flexibly. While a welcome e-mail password change token is now valid for 72 hours per default, the token for password change requests remains valid for 24 hours.
To achieve this, the metadata field pwd_chg_token_valid_until has been introduced to differentiate between validity periods, which are set automatically by the system.
What to do: If you have a custom configuration for welcome e-mail validity, please check your settings. The new default applies unless it is explicitly overridden in your configuration.
What to do: If you have any custom logic or configurations relating to password change validity, these must also be reviewed.

# New Read Only Type for Field Renderers

We have added new read_only_type "disabled" to field renderers. "Disabled" fields are grayed out and keep their frame. They thus fit better and are more consistent, especially in multi-column renderers that combine read-only and editable fields on the same line. Please note that read_only_type=disabled can display the dimension pop-up in read-only.
Also refer to the field renderer documentation.

# License Key Handling

We have implemented a JWT-based license key handling in preparation for future authorization and license management.

# Solved Bugs

  • Fix security vulnerabilities by updating dependencies
  • Fix problems with translating labels that include special characters (e.g., %, //)
  • Fix not working field renderer attribute validation for number field in read-only renderers
  • Fix the display of ValueOption values in text renderers
  • Fix field renderer default value strings being incorrectly converted to numbers if the value consists of numbers only
  • Fix missing subentry indentation in the admin sidebar
  • Fix missing label in the table header of the user's notifications settings ("EmailNotificationRenderer")

How to access the administration with a broken UI

Request missing documentation