The version of a few dependencies have been bumped to the latest versions (dependent HAPI modules listed in brackets):

• MSSQL JDBC (JPA): 9.4.1.jre8 -> 12.2.0.jre11
• Flexmark (All): 0.50.40 -> 0.64.8
• Logback (All): 1.4.4 -> 1.4.7
• H2 Database (JPA): 2.1.214 -> 2.2.220
• Thymeleaf (Testpage Overlay): 3.0.14.RELEASE -> 3.1.2.RELEASE
• xpp3 (All): 1.1.4c.0 -> 1.1.6
• HtmlUnit (All): 2.67.0 -> 2.70.0
• org.hl7.fhir.core (All): 6.0.22.2 -> 6.1.2

Updating storage-cr module to latest CQL 3.0.0, latest cql engine improvements, and Clinical Reasoning operations to leverage repository api pattern. This will remove several dependencies from within hapi-fhir to make future maintenance simpler and performance more robust.

Adding pointcuts for the following MDM Operations: MDM_CREATE_LINK, MDM_UPDATE_LINK, MDM_MERGE_GOLDEN_RESOURCES, MDM_LINK_HISTORY, MDM_NOT_DUPLICATE, MDM_CLEAR, MDM_SUBMIT.

Added a field that shows the total number of POSSIBLE_DUPLICATE links has been added to the $mdm-duplicate-golden-resources operation response.

Previously, updating an existing resource (resource A) to match a resource that it didn't match to before (resource B) would update only the already existing links on resource A. This behaviour has been changed. Now such an update will also add additional links, if necessary, from resource A to resource B, including adding a POSSIBLE_DUPLICATE between golden resource A and golden resource B.

Changes have been made to allow searching on multiple patient _ids when in a patient_id partitioned environment.

Previously, when updating an MDM link to NO_MATCH, the golden resource involved would maintain its previous values, as defined by survivorship service. This would result in out-of-date golden resources with data that might not be accurate anymore. Now, when a link is changed to NO_MATCH, golden resources will be rebuilt from the ground up using the MDM survivorship service, and the set of links/source resources available at the time of update.

Added an implementation of Clinical Reasoning CDS on FHIR to the CDS Hooks module that allows PlanDefinition worfklows to be processed as CDS Services using the $apply operation.

Combined the ExpandResources step and WriteBinary step in the new WriteBinary step v2 for bulk exports.

The error messages returned in an OperationOutcome when validating terminology codes as a part of resource profile validation have been improved. Machine processable location (line/col) information is now available through a pair of dedicated extensions, and error messages such as UCUM parsing issues are now returned to the client (previously they were swallowed and a generic error message was returned).

Added a service for generating metrics on mdm links and resources. This includes JPA queries and updated indices.

Added an API that allows to configure permission rules for operations with access to all resources. This permission is needed to allow a search across the entire patient's record in the scope of the $everything operation to access all resources that references input Patient, including resources outside of the patient's compartment.

Added storage property to prevent conditional updates from invalidating match criteria.

A new configuration option has been added to StorageSettings which enables support in the JPA server for the _language SearchParameter.

A new option has been added to the JPA server JpaStorageOptions which prevents the server from maintaining a version history. In this mode, when a new version of a resource is added, the previous version is automatically expunged.

It is now possible to configure the strictness of concept display name validation using a new flag on the InMemoryTerminologyServerValidationSupport (for non-JPA validation) and JpaStorageSettings (for JPA validation). In addition, the error messages emitted by the validator when a concept display doesn't match have been improved to be much more useful.

When executing an HFQL search with a FHIRPath filter on the id element, this will now be automatically converted into an _id search parameter match for better performance.

Several enhancements were made to the IPS generator:

• Generated IPS documents will no longer include sections that contain no contents.
• NarrativeLink extensions now use the correct datatype (url instead of uri)
• Section profile URLs have been updated to no longer use an unknown URL
• Some resources added to the generated IPS did not have their FHIR server IDs replaced with a placeholder UUID.
• Immunization manufacturer was not fetched from the server

Previously, when using INLINE tag storage mode, a superfluous version of a resource would be created as a result of an update request which didn't have a real logical change to the resource but only changed the order of existing items in tag, security label or profile collections. This change prevents this behaviour. Also on resource retrieval, these meta collections are sorted alphabetically, based on (security, code) pair for tags and security labels.

Previously, when both resourceId and goldenResourceId are provided to the mdm link history operation, they will be treated as an OR. This is now changed to AND in order to comply with REST conventions.

Previously, when executing an update on a resource that had to undergo MDM, a nullpointer could occur. This has been fixed.

Fixed a bug where search Bundles with include entries from an _include query parameter might trigger a 'next' link to blank pages. Specifically, if _include'd resources + requested resources were greater than (or equal to) requested page size, a 'next' link would be generated, even though no additional resources are available.

Previously, type-level expunge was allowed even if expunge operation was turned off. This is now fixed.

Resolved an issue with type-everything search operations (eg, /Patient/$everything), where not all page results were being returned if _count was specified to be the same value as the maximum page size to fetch.

Previously, when a CDS hook was registered and called with a empty context, the server returned a 500. This behaviour has been fixed.

Reindex batch job threw an exception when no results matched the reindex request. This has been corrected.

Fixed a race condition in RestfulClientFactory that could cause validateInitialized() to deadlock. Fixed a race condition in FhirContext initialization that could produce a 'this.myNameToResourceType is null' NPE. Fixed a shutdown hook memory leak in BaseApp that happened when the command threw an exception; this memory leak only affects code that calls App.main repeatedly which is probably only in test code.

batch2 jobs on MS SQL Server were failing to transition to FAILED state after max retrials for the job are exhausted. This is now fixed.

Previously, the $mdm-link-history operation would result in a 404 response when it was executed after a $mdm-clear. This has now been fixed by removing link history on $mdm-clear.

Previously, $mdm-clear failed to expunge REDIRECTED golden resources which left them as orphans. This is now fixed.

Previously, when bulk export is enabled the resource list would be generated and would not be able to add a custom resource to that list. Now once a custom resource is added the list is rebuilt.

Added RequestDetails as part of the parameters when cleaning up possible matches to enable interceptors to access it.

Previously, executing a Group Bulk Export without defining the _type parameter would accidentally omit Patient and Organization types. This has been corrected.

Previously, the response status code set in a MethodOutcome of a Resource provider was not respected. This has been fixed.

Previously, when calling $everything operation on a Patient instance, it was possible to retrieve data related to another patient via a List or Group resources. This has been fixed.

Previously, GraphQL queries will error when using base resource search parameters such as '_id' after search parameter rebuild. This has been fixed.

A regression in the HAPI FHIR 6.6.0 JPA server meant that absolute resource references which also contained an identifier were rejected even if the server was configured to allow absolute references. This has been corrected.

Several fixes have been made to the IPS generator:

• The display names associated with several sections have been corrected to exactly match the LOINC definitions for their codes
• Immunizations will now be ordered from most recent to least recent
• IPS documents containing Consent resources for Advanced Directives could result in a crash
• IPS documents containing Procedure resources for History of Procedures with a performed date could result in a crash
• IPS documents containing AllergyIntolerance resources containing an occurrence but not a reaction date could result in a crash
• IPS documents containing AllergyIntolerance resources containing an onset value in string format could result in a crash
• IPS documents containing MedicationRequest resources with no associated Medication could result in a crash

Under some circumstances, a large $everything operation could enter an infinite loop and eventually timeout with a failure. This has been corrected.

A bug in DefaultProfileValidationSupport in R5 mode caused it to return duplicates in the lists returned by fetchAllStructureDefinitions(), fetchAllSearchParameters(), etc. This has been corrected.

Some search parameters include parenthetical expressions (e.g. (MedicationRequest.medication as Reference)). The leading ( was causing searches using parenthetical expressions to fail where the reference target was a contained resource. This has been corrected.

Update DSTU2 tags and security labels with support for userSelected and version elements. Also fix them on security labels in JPA storage.

Previously, issuing a reindex operation for resources on a specific partition would fail. This problem has been fixed.

Previously, performing a FHIR transaction containing both a conditional delete and a conditional update on the same resource would fail. This has been fixed.

Update DSTU3 validation resources to FHIR 3.0.2 instead of 3.0.1

Previously, the capability statement returned by the server would not declare conformance to IG when a bulk data export provider is registered with the server. This issue has been fixed.

Previously, the score field returned by $mdm-query-links operation would contain imprecise decimal values. This is now fixed and rounded to 4 decimal places.

A regression was introduced in 2023.08.R01 which caused binary storage prefixes to not be applied to exported binary blobs. This has been fixed.

Previously, on PostgreSQL, the $mdm-link-history operation would fail if all ids provided to a parameter are unknown, and the error will persist for all subsequent requests. This is now fixed.

Previously, Bulk Export will error when processing a resource if the patient compartment SearchParameter of that resource is not present. This has been fixed, the new behaviour is to ignore such resources.

The version of a few dependencies have been bumped to the latest versions (dependent HAPI modules listed in brackets):

• Hibernate ORM (JPA): 5.6.12.Final -> 5.6.15.Final

The @Interceptor annotation can now be placed at the method level. This is used only as a marker, and does not change the behaviour or interceptors in any way. Thanks to Dominique Villard for the pull request!

The batch2 framework now supports warning messages.

A new interceptor called BalpAuditCaptureInterceptor has been added. This interceptor automatically generates AuditEvent resources in a HAPI FHIR server that are conformant with the IHE BasicAudit Log Patterns IG.

When invoking the instance level $reindex and $reindex-dryrun operations, the resulting status message and any warnings are now included in the response Parameters object as well as in the generated response HTML narrative.

When performing a resource reindex on a deleted resource, any search index rows will now be deleted. Deleting a resource should generally not leave any such rows behind, but they can be left if the resource is manually deleted using SQL directly against the database and in this case the reindex job will now clean up these unwanted rows.

Added a new SubscriptionTopicDispatcher service for use by java extensions that need to dispatch their own subscription topic notifications

Added support for Subscriptions R5 Backport to R4 as documented in http://build.fhir.org/ig/HL7/fhir-subscription-backport-ig/components.html.

Added support for Topic Subscription Filters. In R4B and R5, SubscriptionTopic notifications will interpret subscription filters as FHIR Search Parameters and perform an in-memory match of the focus resource against the search parameters. For R4 or user-generated event notifications, the caller can specify a custom implementation of ISubscriptionTopicFilterMatcher on the call to SubscriptionTopicDispatcher.dispatch() to provide custom filter matching logic.

The $delete-expunge operation has a new parameter cascade that can be used to request that resources with indexed references to other resources being deleted should also be deleted.

The SQL schema migrator now returns a status flag indicating whether the schema was initialized or not.

The IParser interface now has an additional pair of methods called encodeToString(IBase) and encodeToWriter(IBase, Writer) that can be used to encode fragments of resources, such as datatypes or infrastructure elements.

Previously, all revincludes would always be evaluated before all includes. Now the system checks if any revincludes are recursive (i.e. are modified :iterate) and if so, it evaluates all the includes first.

There was a bug with automatic partition ID selection where it was not bound to positive integers and could return a value that was out of range. This has been fixed.

It is no longer mandatory to provide a partition ID when executing the $partition-management-create-partition operation. If you omit the partition ID, one will be randomly selected from the available pool of values. Note that this may incur a small performance cost when creating partitions.

A new configuration option, JpaStorageSettings#setOnlyAllowInMemorySubscriptions(boolean) can now prevent the creation of Subscriptions that would need to be matched in the database. If enabled, only Subscriptions which can be evaluated IN-MEMORY are permitted to be created.

A new interceptor called BinarySecurityInterceptor has been added. This interceptor can be used to enforce access to Binary resources by using values in the Binary.securityContext element.

Added infrastructure to allow consumers to define MDM block rules based on fhir path and specific values. To utilize this feature, an IBlockListRuleProvider must be wired up with the required rules json.

Added a utility method to the TerserUtil class to facilitate the creation of new instances of BackboneElement classes.

Previously, calls to the Fulltext Search service (Lucene/Elasticsearch) did not invoker the JPA_PERFTRACE_INFO. Now, they invoke this pointcut with information of which query went out to the fulltext system.

Extended the existing MDM similarity algorithms to numeric values such that the input is normalized by removing all non-numeric characters from the string before the similarity algorithm is applied. This can be useful when wanting to measure similarity between identifying numbers or phone numbers where dashes or other special separating characters may be used.

The IFhirPath evaluator interface now has an additional overload of the evaluate method which takes in a parsed expression returned by the parse method. This can be used to improve performance in cases where the same expression is being used repeatedly.

A new SQL-like evaluator called the HAPI FHIR Query Language (HFQL) has been added.

Added support for :above, :below, :contains and :missing _source search parameter modifiers.

OpenAPI definitions were not working for R5 JPA servers. This has been corrected.

A new experimental SQL-like query syntax called HFQL (HAPI FHIR Query Language) has been added.

The Generic/Fluent client can now handle arbitrary (ie. non-FHIR) responses from $operation invocation by specifying a response resource type of Binary.

Added support for Subscription matching of ':above', ':below', ':contains' and ':missing' '_source' search parameter modifiers.

Conditional deletes that delete multiple resources at once have been optimized to perform fewer SQL select statements, which should improve performance on large deletes.

Introduce IBaseResource.isDeleted() method and convert code to use it. Add subscription_topic_troubleshooting log. No longer rely on ResourceGoneException to detect deleted subscription. Instead use the new isDeleted() method. Demote unexpected exceptions in HapiTransactionService from error to debug since these exceptions are expected e.g. when checking if a resource has been deleted by catching a ResourceGoneException

Searching for token parameters has been extended to systems and values of any length. Sorting by tokens is still limited to the first 200 characters each of the system and value. valid request.

A new interceptor pointcut called STORAGE_BULK_EXPORT_RESOURCE_INCLUSION has been added. This pointcut is called for every resource that will be included in a bulk export data file. Hook methods may modify the resources or signal that they should be filtered out.

The class BulkDataExportOptions has been removed and replaced with an equivalent class called BulkExportJobParameters. This change is a breaking change unfortunately, but should be easily remedied as the replacement class has a very similar signature. This change reduces a large amount of duplication in the bulk export codebase and should make for more maintainable code in the future.

Bulk export fetch operations now properly account for the partition being searched, which should improve performance in some cases on partitioned systems.

Previously, when running with mdm, the server automatically changed storage settings to enable message subscriptions. This has been changed to require the user to explicitly enable message subscriptions when running with mdm. If mdm is enabled and message subscriptions are not enabled, the server will now throw an exception on startup.

When performing a search using a plain server without a cache, pagination links could contain invalid offsets in the prev link. Thanks to Aleksej Parovysnik for the pull request!

When parsing a FHIR resource which has multiple value[x] choice fields, the parser does not call the IParserErrorHandler#unexpectedRepeatingElement method on the configured parser error handler. Thanks to Max Bureck for the pull request!

FHIR Patch operations on choice types in nested expressions did not work correctly. Thanks to Zach Smith for the pull request!

HashMapResourceProvider invoked the STORAGE_PRESTORAGE_xxx and STORAGE_PRECOMMIT_xxx pointcuts after storing the resource into memory. This means that if any interceptors threw an exception in an attempt to abort the transaction, this did not actually result in the resource storage being aborted. This has been corrected.

There is an issue where searching on paramName '_profile' with modifier 'missing' will not provide the correct search result. This has been fixed.

Under heavy concurrency, a bug resulted in identical tag definitions being rejected with a NonUniqueResultException some of the time. This has been corrected.

When performing a FHIR transaction containing both a conditional delete as well as a conditional create/update for the same resource, the resource was left in an inconsistent state. This has been corrected. Thanks to Laxman Singh for raising this issue.

When serializing resources in JSON, if resource came from an XML-parsed resource that contained comments, the JSON serializer incorrectly created an empty object. This has been corrected.

Two failures in the $delete-expunge operation were fixed:

• Jobs could fail if hibernate search was loaded but not enabled.
• Jobs could fail if the criteria included a _lastUpdated=lt[date] clause

When reindexing resources, deleted resources could incorrectly fail validation rules and cause the reindex job to not complete correctly. This has been corrected.

The BALP AsyncMemoryQueueBackedFhirClientBalpSink incorrectly used a non-blocking method to add events to the blocking queue, resulting in race conditions on a heavily loaded server.

There was a bug with the TerserUtil, where it would not overwrite non-empty values with empty values from a source resource. This has been corrected. Thanks to @nigtrifork for the fix!

Batch jobs occasionaly reported zero (0) record processed counts. This has been corrected.

When Index Contained References is enabled in the JPA server, Bundle resources could not be stored or indexed due to an incompatibility with the default Bundle search parameters. This has been corrected.

Previously, it was possible to create composite SP with any types of SP as components. This has been fixed by limiting the component SP types to String, Token, Date, or Quantity.

The _lastUpdated query parameter is no longer applied to _include or _revinclude search results.

Matching algorithms have been refactored to allow greater flexibility in setting and defining nicknames as well as allowing bean injection into matcher classes.

R5 Subscription.filterBy.resourceType failed to deserialize because the deserializer skipped all elements named 'resourceType'. This has been changed so that only toplevel resourceType elements are skipped in the deserialization process.

Previously, installing or uninstalling an implementation guide does not refresh the validation cache. This problem has been fixed.

Previously, logging level on specific services was set too high. This has been modified.

Previously, the resource server Id strategy was not honoured when doing a create with a conditional update operation on a resource where the ID was not assigned. This is now fixed.

Previously, performing a $validate-code operation with a remote terminology service on an invalid CodeSystem or ValueSet returned 500. This problem has been fixed.

Previously, set synchronous search size to a low value will make MDM startup validation fail. This is now fixed.

Running a $delete-expunge MSSQL or Oracle with over 10,000 resources results in a error and a stack trace, even though the job ends in status COMPLETE. This has been fixed.

Previously, when performing a $mdm-clear followed by an update to an existing resource without doing the required $mdm-submit first, a non-descriptive NullPointerException was thrown. To fix this, an exception that includes a more descriptive/suggestive message will be thrown when this condition is detected.

Previously, expanding a valueSet including a codeSystem that is unknown to the server would return an internal error(500) to the caller. This problem has been fixed.

Added a test to verify that all Foreign Key constraints are explicitly indexed as well. Added indexes to a number of tables that declared foreign keys that weren't explicitly indexed. This should not only make many of these queries (including $mdm-clear operations) much faster, it will prevent deadlocks in Oracle and other databases that require foreign keys to be indexed.

$mdm-clear has been fixed to respect batch-size parameter (unless it exceeds 500). It has also been made slightly more efficient.

Search bundle entry parts were being created as INCLUDE unless explicitly indicated as MATCH. This has been fixed. Now they are created as MATCH unless explicitly indicated as INCLUDE.

Bulk export with patient ID specific user rules/permissions will fail with Parameters that include that patient ID in a _typeFilter. This has been fixed.

Previously, the JPA_PERFTRACE_RAW_SQL was not firing for raw sql that occurred during a revinclude or include. This has been corrected.

Previously when requesting previous or prev link using BundleUtil.getLinkUrlOfType, only the literal requested link was returned. Now when requesting either previous or prev previous or prev link is returned. If both exist, equality is validated and exception is thrown on failure.

Nickname Service Config has been moved out of search parameters as an optional config to add. Nickname service now has an interface to allow flexibility in implementation.

Previously, the GenericClient would only support the HTTP GET method for paging requests. This has been corrected by adding the possibility for paging with an HTTP POST.

Previously, if a partition was created with an ID that was already in use, it would overwrite the partition that was using that ID. Now attempting to overwrite will return a 400

Previously, running batch jobs with postgresql as the db will result in SQL error. This has now been fixed.

Jpa migration task used awssdk StringUtils rather than apache commons string utils. Thanks to @Thopap for the contribution

Fixed a condition by which a NPE was sometimes thrown when performing gateway pagination with targets with property useHttpPostForAllSearches configured to true.

Updated the query that is supposed to help detect foreign key constraints that also do not have indexes to be a) simpler (smaller) and b) find more results. Added an additional entry to the whitelist as a result.

Previously, when the last source resource with a MATCH link was deleted, the golden resource remained in the database, leaving it orphaned. This has now been fixed such that when there are no more MATCH links left associated with a golden resource, the golden resource will automatically be deleted.

Fixed an issue where reindex batch jobs failed to start and were stuck in QUEUED status after a SearchParameter update.

Delete expunge (and possibly other batch 2 jobs) will fail when given more than 2100 resources with identical timestamps when using an mssql database. This has been fixed.

Fixed recently introduced regression that when following bundle next links through to the end, in certain circumstances a next link would appear in the final bundle when in fact it was the last page.

The system was failing to recognize custom resources during transaction processing. This has been fixed.

Fixed FindCandidateByExampleSvc.findMatchGoldenResourceCandidates to not return duplicate golden resource candidates.

Fixed a bug in FindCandidateByExampleSvc that resulted in class cast exceptions for IResourcePersistentIds that are not based on Long value ids.

Consider user-assigned IDs, instead of system assigned IDs, when sorting MDM links history.

Remove + from the list of characters that are escaped automatically since + is already an escaped character (representing a space) in the query part of URLs.

Returns better diagnostics message to expunge requests that failed due to unfinished batch deletion

Previously, all MDM field scores, including NO_MATCHes, were included in the final total MDM score. This has now been fixed so that only MATCHed fields are included in the total MDM score.

Previously, when the consent service would remove all resources to be returned, the response bundle would not provide the previous/next link(s). This has been corrected.

Previously, updating from Hapi-fhir 6.6.0 to 6.8.0 would cause migration error, it is now fixed.

When running a $delete-expunge with over 10,000 resources, only the first 10,000 resources were deleted. This is now fixed.

Previously, requesting an $expunge operation on CodeSystem resources while CS batch deletion is underway would return HTTP 500. This has been fixed to return HTTP 412 (precondition failed).

Previously, the reuse functionality did not operate correctly when dealing with POST and GET requests. This fix ensures that similar POST and GET export requests will be reused.

Fixed a dependency in the HSQL JDBC driver referencing a non-bundled class (javax.ServletOutputStream)

Fix gateway $everything operation to respect server configured default and maximum page sizes.

Added evaluation setting for hapi-fhir storage-cr module operations from outside. Updated provider loading from hapi-fhir instead of external server for caregaps and submitdata providers. Updated testing suite to depend on restful server for new provider loader

Previously, removing tags in a resource update with proper headers and versioning flag would not trigger a new subscription. This has been fixed.

The latest US Core IG includes two ValueSets with different contents, but the same FHIR Id and OID via two different included IGs (i.e. 2.16.840.1.113762.1.4.1010.9 via us.cdc.phinvads and us.nlm.vsac). Ingesting these duplicates in US Core failed with a 500 error. This has been resolved by logging the error and allowing the rest of the ingestion to proceed.

Previously, uploading a large vocabulary file (like Loinc) through the upload-external-code-system command would return an error. The issue has been fixed.

Jpa migration task used awssdk StringUtils rather than apache commons string utils. Thanks to @Thopap for the contribution

The HapiTransactionService (HAPI FHIR JPA Transaction Manager) has been improved and used in a number of new places (replacing the @Transactional annotation). This means that stack traces have much less transaction logic noise, and give a clear indication of transaction boundaries.

A new API has been added to the JPA server for storing resources which are actually placeholders for externally stored payloads. This API is not yet used for any published use cases but will be rolled out for future uses.

Added support for the $care-gaps operation defined by the DaVinci DEQM IG

When creating or modifying a SearchParameter in the JPA server, the local SearchParameter cache is now immediately flushed. This should help with situations such as tests where a SearchParameter is created and then used before the scheduled cache refresh typically occurs.

The IPackageInstallerSvc interface for managing NPM packages now exposes an uninstall method. Thanks to Jens Kristian Villadsen for the pull request!

Preliminary support for R5 and R4B SubscriptionTopic matching has been added. This is not yet complete, but the simplest use cases now work. Comments in the code with prefix 'WIP STR5' indicate areas that need to be extended.

Add support for MdmLink history in the data model. MdmLink history will be stored in the new mdm_link_aud table.

JPS server _sort expressions can now include a single chained search expression, such as a search for Encounter?_sort=patient.name.

A new JPA feature called Uplifed Refchains has been added. This feature allows chained search expressions to be precalculated for much better performance when executing chained searches.

Introduce configuration to enable the feature that stores the history of MdmLinks. Introduce the $mdm-link-history operation.

When performing a search using the Location:near search parameter, it is now possible to include this parameter in a _sort expression as well. This will result in locations being sorted by their proximity to the coordinates in the parameter value. Thanks to Jens Kristian Villadsen for the suggestion and algorithm design!

Add scaffolding for automated migration tests that use different database vendors.

Adds an Oracle embedded database to the automated migration test scaffolding. Also adds an initialization schema (version 5.1.0) with test data to the automated migration tests.

When executing FHIR transactions in the JPA server where the transaction contained large numbers of inline match URLs, the transaction processor will now prefetch the match URL targets in a single optimized batch. This avoids a potentially significant number of database round trips. In addition, the SQL query used for pre-resolving resource update targets in the transaction processor has been reworked to fully leverage available database indexes. This should result in significant performance improvements for certain large FHIR transactions.

Add an implementation of the Clinical Reasoning FHIR Repository to allow calling the available CR operations in hapi-fhir.

Added DSTU3 and R4 support for the DaVinci Documentation Templates and Rules (DTR) Questionnaire/$questionnaire-package operation. This operation allows a Questionnaire to be packaged as a Bundle with all the supporting resources that may be required for its use such as ValueSets and Libraries. This operation is used in context of prior authorization.

Added R4 support for Questionnaire/$prepopulate, Questionnaire/$package and PlanDefinition/$package operations. These are operations are intended to support extended DaVinci DTR and SDC uses cases.

Added DSTU3 and R4 support for the DaVinci Structured Data Capture (SDC) operations Questionnaire/$populate operation and QuestionnaireResponse/$extract. These operations are used in data capture and exchange use cases, and are used by downstream specifications such as DaVinci Documentation Templates and Rules (DTR) for prior authorization.

Added DSTU3 and R4 support for the FHIR Clinical Reasoning module operations ActivityDefinition/$apply and PlanDefinition/$apply. $apply allows for general workflow processing and is used in clinical decision support, prior authorization, quality reporting, and disease surveillance use cases.

Two new operations have been added to the JPA server: * Instance level $reindex performs a synchronous reindex of a single resource and returns a Parameters object containing all previous and new indexes * Instance level $reindex-dryrun simulates a reindex and shows the previous and new indexes generated

The ResponseHighlightingInterceptor (which renders a stylized HTML view of resources) will now include the resource narrative in the rendered view if one is present.

The FHIR R5 definitions have been upgraded to the final FHIR R5 release version.

It is now possible to perform a conditional create and a conditional patch on the same resource (i.e. the same conditional URL) within a FHIR Transaction bundle.

The JPA server in-memory resource matcher, which is used to improve the efficiency of subscription processing on eligible criteria, now has support for the _tag, _tag:not, _security, _security:not and _profile parameters.

The in-memory matcher used by the JPA server subscription processor has been optimized to reduce the number of FHIRPath expressions executed while processing in-memory matching.

The JPA server REST-HOOK subscription delivery client had a hardcoded connection pool limit of 20 outgoing connections. This has been increased to 1000, since subscriptions themselves and their delivery channels already act as a rate-limiting step.

The $reindex operation now supports several new optional parameters. 'optimizeStorage' can be used to migrate data to/from inline storage mode, and optimisticLock can be used to control whether to guard against concurrent data modification during reindexing. reindexSearchParameters can be used to contron whether search parameters are reindexed.

An unexpected failure to reindex a single resource during a reindex job will no longer cause the entire job to fail.

A new optional parameter called _typePostFetchFilterUrl has been added to the Bulk Export $export operation parameters. This parameter allows filters to be specified that will be applied in-memory to the resources after they have been initially fetched by the database. This can be used to allow complex filters which only remove small numbers of resources to be efficiently applied against large datasets.

Added mdm setting allowing for resources to be matched regardless of partition, also added mdm setting for the storage of all golden resources in a single designated partition

Bulk Export now supports a new _exportId parameter. If provided, any Binary resources generated by this export will have an extension in their binary.meta field which identifies this export. This can be used to correlate exported resources with the export job that generated them. In addition, the binary.meta field of Bulk Export-generated binaries will also contain the job ID of the export job that generated them, as well as the resource type of the data contained within the binary.

A new Pointcut called STORAGE_BINARY_ASSIGN_BLOB_ID_PREFIX has been added. This pointcut is called when a binary blob is about to be stored, and allows implementers to attach a prefix to the blob ID before it is stored.

Update the clinical reasoning module version to the latest release of 3.0.0-PRE2

Add documentation for $care-gaps operation

The InterceptorService now maintains an EnumSet of all registered interceptor Pointcuts, which should improve performance when testing for the existence of specific pointcuts.

An inefficient query in the JPA Bulk Export module was optimized. This query caused exports for resources containing tags/security labels/profiles to perform a number of redundant database lookups, so this type of export should be much faster now.

A race condition in the Bulk Export module sometimes resulted in bulk export jobs producing completion reports that did not contain all generated output files. This has been corrected.

String and URI indexing has been improved in some multi-clause queries.

Postgres indexing settings have changed. Autovacuum will run more frequently, and hashed columns will track more most-frequent items.

The SQL query used to fetch pages of search results resulted in an inefficient use of the database in cases where resources have many different versions stored. Thanks to Primož Delopst for the pull request!

The SQL generated for the JPA server $trigger-subscription operation has been optimized in order to drastically reduce the number of database round trips for large triggering jobs. In addition, a bug prevented the subscription retriggering from fully executing in a multithreaded way. This has been corrected.

When performing FHIR resource searches, the resource ID fetch size has been reduced. This should improve the memory impact of performing searches which return very large numbers of resources.

The SQL column type used for inline resource storage mode in the JPA server has been changed in order to avoid abitrary database size limits. We now use text on PostgreSQL, long on Oracle, and varchar(MAX) on MSSQL. Previously varchar(4000) was used in all cases, requiring manual resizing in order to support longer values.

Chained and reverse-chained searches will be faster in some scenarios. All required columns are now included in the IDX_RL_TGT_v2 index.

Includes by canonical url now use an indexed query, and are much faster.

The $expunge operation has been slightly optimized and should issue fewer SQL statements to the database.

The settings beans for the JPA server have been renamed to better reflect their purpose. Specifically the ModelConfig bean has been renamed to StorageSettings and the DaoConfig bean has been renamed to JpaStorageSettings.

Transaction retry will now also apply to ObjectOptimisticLockingFailureException. This enables retry of $reindex work chunks when they collide with a DELETE operation.

Bulk export operations have been enhanced to be fully partition aware.

A new interface has been created for SearchParamWithInlineReferencesExtractor with a base implementation. This allows us to encapsulate logic for resolving and replacing inline resources to the same place is also cuts down on code duplication and allow for easier sharing of the same logic

Batch2 work-chunk processing now aligns transaction boundaries with event transitions.

The Resource $validate operation no longer returns Precondition Failed 412 when a resource fails validation. It now returns 200 irrespective of the validation outcome as required by the FHIR Spec for the Resource $validate operation.

When calling $everything on a Patient instance, the jpa server no longer traverses into other patients. Previously it was possible to pull in data from another patient for example, via a Provenance resource.

When calling $everything on a Patient instance, the jpa server no longer traverses into other patients. Previously it was possible to pull in data from another patient for example, via Provenance and Composition resources.

Bulk import operations have been enhanced to be fully partition aware.

Removed maven configuration hack for IntelliJ now that Jetbrains supports different java versions in test and main (IDEA-85478).

Previously, HAPI-FHIR converted R5 Subscriptions into R4 Subscriptions and triggered those subscriptions by resource changes in the same way R4 subscriptions are triggered. Now R5 Subscriptions are triggered based on the topic they subscribe to and the resource matching happens via the SubscriptionTopic resource. This also means that R5 Subscription endpoints are now delivered a subscription-notification Bundle as opposed to the resource as is the case with R4 Subscriptions.

Previously, conditional updates always followed the STU3 specifications. Now, conditional updates in an R4 server follow the R4 specifications.

When enabling both auto_create_placeholder_reference_targets and allow_inline_match_url_references, POSTing a bundle with a conditional create URL will fail with HAPI-0507. This has now been fixed.

The OverridePathBasedReferentialIntegrityForDeletesInterceptor now works on partitioned servers. Thanks to GitHub user @JorisHeadease for the pull request!

References to the patient/subject in IPS documents generated using the $summary operation were not replaced with the bundle-local UUID assigned to the patient. Also, some dangling references were left in the generated bundle. This has been corrected.

The HapifhirDal search method required use of TypedBundleProvider.getallresources to avoid null pointer issue on searches that are greater than the default querycount

The JPA server Patient:address SearchParameter did not index values in the element Address.district. This has been corrected.

Previously, the full set of meta tags is not present in the payload of the subscription message when UPDATE the resource. Now, this issue has been fixed.

Fix the BaseTransactionProcessor.UNQUALIFIED_MATCH_URL_START REGEX so that it correctly matches patterns that contain dashes in them.

Update IBaseCoding, Tag, and tinder Child to support new userSelected and version fields for resource tags.

Upgrade dependency on core to 5.6.97 including hapi-fhir code enhancements and unit test fixes.

Simultaneous DELETE and $reindex operations could corrupt the search index. This has been fixed.

Simultaneous conditional create or create-on-update operations no longer create duplicate matching resources.

The InteractionBlockingInterceptor did not have support for the interactions 'search' and 'history' despite them being declared in the code system. This has been fixed.

Previously, SPECIAL search parameters that were not nearness parameters, such as simple string Search Parameters, could not be used in chained queries. This has been resolved, and now queries like OrganizationAffiliation?location.some-special-param=abc will work as intended.

Previously, Quartz jobs were scheduled after the scheduler was started which resulted in a race condition where duplicate TRIGGER_ACCESS entries were being added to the QRTZ_LOCKS table. This has been fixed.

When executing FHIR transactions in the JPA server with automatic retry enabled, if automatic placeholder-reference creation is enabled the system could sometimes fail to automatically retry. This has been corrected.

There was a transaction boundary issue in the Batch2 storage layer which resulted in the framework needing more open database connections than necessary. This has been corrected.

The %now value for date search parameters did not properly set the time zone of the time being compared to. This has been corrected.

Batch job state transitions are are now transitionally safe.

When processing the Location:near Search Parameter, if a distance unit was supplied in the parameter value it was ignored and the distance was always assumed to be km. This has been corrected.

Fixing inconsistency between the method behavior and naming.

Removing previous bundle provider to allow for iterableBundle provider, which will allow for paging resources instead of full consumption of patient resources at once

Previously, the $export response Content-Location header would not use a fixed base URL. Now, the URLs that are returned will respect the Fixed Value for Endpoint Base URL.

Previously, searching with the '_source' parameter would return matching source for all resource types. This has been corrected.

Previously, when a _has query was performed with a non-existent reference field, the query succeed with empty results in H2 and failed with a 500 Server Error in Postgres. Now all database vendors will throw an InvalidRequestException if a non-existent reference field is provided for a _has query.

Previously, invoking $mdm-link-history on only the golden resource ID or source ID would fail due to faulty validation. This has been corrected.

When updating resource fields targeted by a Combo Non-Unique SearchParameter, previous indexes were not deleted meaning that old search values could still find the resource. This has been corrected.

The BundleBuilder utility class did not work with DSTU2 bundles. This has been corrected.

When querying $mdm-link-history with no inputs, the error message is mislaeading. Also, $mdm-link-history cannot handle comma-delimited inputs. Both issues are now fixed.

Previously, clicking the '$diff' button on FHIRweb module would direct the user to an empty page. Now it displays the correct page.

Make small changes to stabilize the clinical reasoning code base.

When there is an EID MDM MATCH, the MATCH link has no score. This issue has been fixed.

Fixed a regression introduced by 4624 that prevented subscriptions from loading into the in-memory subscription cache on system startup.

Processing multiple transaction bundles with similar entries on different threads would lead to Constraint Violations if the entries contained similar unique values. This is an error that can be fixed with Retry Handlers now.

Fixed an issue where a golden resource could not be chosen as no-match when another golden resource was already chosen as a match.

Previously, the Lenient error handler will accept invalid extension containing value and nested extensions by default. This will lead to errors when client further attempt to read, update or delete the resources. Now, this has been fixed and a DataFormatException will be thrown instead.

Previously, an mdm-submit operation with Prefer: response-async header resulted in a NullPointerException in the error logs and a batch job status of FAILED. This has been fixed.

Previously, if a binary resource was read via GET, and the binary content had been externalized and not reinflated, a NullPointerException would be thrown. This has been fixed.

Previously, performing $mdm-clear would soft delete Golden Record resources and keep them in the database. Now, $mdm-clear will expunge the resources from the database.

Previously, a FHIRPath patch delete operation where the path resolved to an element in a collection, the element was not always being removed from the collection. This has been fixed.

With default configuration, Resource meta.tag properties: userSelected and version, were not stored in the database. This is now fixed.

Previously, there was the possibility for a race condition to happen in the initialization of the email subscription processing component that would result in email not being sent out. This issue has been fixed.

Improved performance of mdm-clear operation by adding index and avoiding redundant deletion.

A recent regression prevented the SQL Migrator from running on Oracle. This has been corrected.

The tag being added on golden resources does not have a version, might as well add one.

Tags no longer provide a default false value for userSelected.

/Patient/{patientid}/$everything?_type={resource types} would omit resources that were not directly related to the Patient resource (even if those resources were specified in the _type list). This was in conflict with /Patient/{patientid}/$everything operation, which did return said resources. This has been fixed so both return all related resources, even if those resources are not directly related to the Patient resource.

Job maintenance service would throw an exception if a job definition is unknown, this would run maintenance on every job instance after it. Now the maintenance will skip over unknown job definitions and display a warning log message indication a job definition is missing.

Previously, when validating resources that contain a display in a Coding/CodeableConcept different from the display defined in the CodeSystem that is used, no errors are returned in the outcome. This is now fixed.

Running an $export that completes successfully results in a progress percentage of less than 100%. This has now been fixed.

Previously the SearchParameterCanonicalizer did not correctly convert DSTU2 and DSTU3 custom resources SearchParameters into RuntimeSearchParam. This is now fixed.

POSTing a Bundle with over 100 references to the same resource will fail with HAPI-2207 'Multiple resources match'. This has been fixed.

Previously, if the fhirId in ResourceTable happened to be set to an empty string, the resourceId would be missing when trying to generate the full ID string. This has now been fixed.

Previously, $binary-access-write operation didn't trigger STORAGE_BINARY_ASSIGN_BLOB_ID_PREFIX Pointcut. This has been fixed.

Requests to start an $export of Patient or Group will now fail with 404 ResourceNotFound when the target resources do not exist. Before, the system would start a bulk export background job which would then fail.

Initiating a bulk export with a _type filter would sometimes return resource types not specified in the filter. This has been fixed.

Update the IRuleBuilder to support Patient Export rules via the new patientExportOnPatient method on the IRuleBuilder. Previously, it was accidentally using Group Export rules.

Remove some references to all_constraints table in oracle database migration tasks which were causing errors for version 19c.

The InterceptorService no longer supports ThreadLocal interceptor registrations. This feature was deprecated in 6.2.0 due to lack of use and has never been enabled by default. Please let us know on the mailing list if this affects you.

The HAPI FHIR CLI run-server command has been removed. This command was used to launch a HAPI FHIR JPA Server instance. The hapi-fhir-jpaserver-starter project has long since duplicated and improved on the CLI version of the launcher, and maintaining both was been a maintenance burden. Users of the CLI command are recommended to migrate to the starter project.

An inefficient query in the JPA Bulk Export module was optimized. This query caused exports for resources containing tags/security labels/profiles to perform a number of redundant database lookups, so this type of export should be much faster now.

A race condition in the Bulk Export module sometimes resulted in bulk export jobs producing completion reports that did not contain all generated output files. This has been corrected.

The HapifhirDal search method required use of TypedBundleProvider.getallresources to avoid null pointer issue on searches that are greater than the default querycount

Update IBaseCoding, Tag, and tinder Child to support new userSelected and version fields for resource tags.

Upgrade dependency on core to 5.6.97 including hapi-fhir code enhancements and unit test fixes.

A new DaoConfig configuration setting has been added called JobFastTrackingEnabled, default false. If this setting is enabled, then gated batch jobs that produce only one chunk will immediately trigger a batch maintenance job. This may be useful for testing, but is not recommended for production use. Prior to this change, fasttracking was always enabled which meant if the server was not busy, small batch jobs would be processed quickly. However this lead do instability on high-volume servers, so this feature is now disabled by default.

When Batch2 work notifications are received twice (e.g. because the notification engine double delivered) an unrecoverable failure could occur. This has been corrected.

Fixed a bug with batch2 which could cause previously completed chunks to be set back to in-progress. This could cause a batch job to never complete. Now, a safeguard to ensure a job can never return to in-progress once it has completed or failed.

When a Bulk Export job runs with a large amount of data, there is a chance the reduction step can be kicked off multiple times, resulting in data loss in the final report. Jobs will now be set to in-progress before processing to prevent multiple reduction steps from being started.

Fixed an edge case during a Read operation where hooks could be invoked with a null resource. This could cause a NullPointerException in some cases.

The $mdm-clear operation sometimes failed with a constraint error when running in a heavily multithreaded environment. This has been fixed.

The version of a few dependencies have been bumped to the latest versions (dependent HAPI modules listed in brackets):

• Spring (JPA): 5.3.6 -> 5.3.7
• Spring Boot (JPA Starter): 2.4.4 -> 2.5.0
• Jetty (CLI): 9.4.39.v20210325 -> 9.4.42.v20210604

Pagination returned incorrect offset and count in the previous link of the last page when total element count was one more than multiple of page size. Problem is now fixed

Settings have been added to the JPA Server DaoConfig to enable/disable various individual kinds of scheduled tasks.

When performing a conditional create operation on a JPA server, the system will now verify that the conditional URL actually matches the data supplied in the resource body, and aborts the conditional create if it does not.

Support has been added to the JPA server for _include and _revinclude where the value is a qualified star, e.g. _include=Observation:*.

A new interceptor ValidationMessageSuppressingInterceptor has been added. This interceptor can be used to selectively suppress specific vaLidation messages.

A new config option has been added to the DaoConfig that causes generated SQL statements to account for potential null values in HAPI FHIR JPA date index rows. Nulls are no longer ever used in this table after HAPI FHIR 5.3.0, but legacy data may still have nulls.

When performing non-query cache JPA searches (i.e. searches with Cache-Control: no-store) the loading of _include and _revinclude will now factor the maximum include count.

A new setting has been added to the DaoConfig that allows the maximum number of _include and _revinclude resources to be added to a single search page result. In addition, the include/revinclue processor have been redesigned to avoid accidentally overloading the server if an include/revinclude would return unexpected massive amounts of data.

A new DaoConfig setting called Mass Ingestion Mode has been added. This mode enables rapid data ingestion by skipping a number of unnecessary checks during backloading.

A new Pointcut has been added that is invoked when a new Bulk Export is initiated.

The JPA server terminology uploader now supports uploading ICD-10-CM (US Edition) using the native format for that vocabulary.

AuthorizationInterceptor can now be used to authorize bulk export requests

Support for LOINC 2.70 has been added.

PatientIdPartitionInterceptor now supports conditional creates of resources where the resource is in the patient compartment but the conditional URL does not contain a patietn reference.

The $evaluate-measure now works on a partitioned server.

A new interceptor has been added for JPA servers that uses semaphores to avoid multiple concurrent FHIR transactions from trying to create/update the same resource at the same time. This can improve overall performance when writing many concurrent transactions since it avoids the need for retries.

A new tag storage mode called Inline Tag Mode tas been added. In this mode, all tags are stored directly in the serialized resource body in the database, instead of using dedicated tables. This has significant performance advantages when storing resources with many distinct tags (i.e. many tags that are unique to each resource, as opposed to being reused across multiple resources).

A new interceptor has been addeed to the JPA server called ForceOffsetSearchModeInterceptor. This interceptor forces all searches to be offset searches, instead of relying on the query cache. This means that FHIR search operations will never result in any database write, which can be good for highly concurrent servers.

A new JPA partitioning interceptor PatientIdPartitionInterceptor has been added. This interceptor uses the ID of the patient associated with any resources in the patient compartment to generate a consistent partition ID.

$mdm-query-links and $mdm-duplicate-golden-resources now enforce paging via parameters _offset and _count. More details can be found in the MDM Operations documentation.

Support for multiple header-passthrough option using -hp or --header-passthrough parameter has been added to hapi-fhir-cli commands: example-data-uploader, export-conceptmap-to-csv, import-csv-to-conceptmap and upload-terminology

A new Validation Support Module has been added that can use NPM Packages to supply validation conformance artifacts programatcally to the validator.

Add 'loinc.codesystem.make.current' property to upload-terminology command to allow loading LOINC version without becoming current.

Allowed the optional inclusion of the LOINC Consumer Names archive in addition to the main LOINC distribution. If it is supplied, the consumer names CSV file will be scanned, and all consumer names will be added to uploaded Concepts as additional designations

Allowed the optional inclusion of the LOINC Linguistic Variants archive in addition to the main LOINC distribution. If it is supplied, all linguistic variants files will be scanned, and all translations will be added to uploaded Concepts as additional designations

Upgrade net.java.dev.jna to run docker tests on Mac arm64 M1 machines

The :text Search Parameter modifier now searches by word boundary of the text content as opposed to only searching at the start of the text when using Lucene/Elasticsearch indexing. Add * to match word prefixes (e.g. weig* will match weight).

Added new $reindex operation with similar syntax to $delete-expunge that creates a spring-batch job to reindex selected resources. $mark-all-resources-for-reindexing and $perform-reindexing-pass are now deprecated, and will likely be removed in a future release.

Replace existing email implementation code with SimpleJavaMail library.

Modified the behaviour of the :mdm param qualifier. Previously, it used to only resolve IDs if the resource ID was a source resource. Now, MDM expansion will work if you pass it the ID of a golden resource instead.

Conditional URL lookups in the JPA server will now explicitly specify a maximum fetch size of 2, avoiding fetching more data that won't be used inadvertently in some situations.

FHIR Transaction duplicate record checks are now performed without any database interactions or SQL statements, reducing the processing load associated with FHIR transactions by at least a small amount.

A new setting has been added to the DaoConfig called Tag Versioning Mode. This setting controls whether a single collection of tags/profiles/security labels is maintained across all versions of a single resource, or whether each version of the resource maintains its own independent collection. Previously each version always maintained an independent collection, which is useful sometimes, but is often not useful and can affect performance.

FHIR transactions in the JPA server that perform writes will now aggressively pre-fetch as many entities as possible at the very start of transaction processing. This can drastically reduce the number of round-trips, especially as the number of resources in a transaction gets bigger.

When performing a conditional create/update/delete on a JPA server, if the match URL contained a plus character, this character was interpreted as a space (per legacy URL encoding rules) even though this has proven to not be the intended behaviour in real life applications. Plus characters will now be treated literally as a plus character in these URLs.

Bulk import batch jobs are now activated in a local scheduled task, making bulk import jobs better able to take advantage of large clusters.

DELETE _expunge=true has been converted to use Spring Batch. It now simply returns the jobId of the Spring Batch job while the job continues to run in the background. A new operation called $expunge-delete has been added to provide more fine-grained control of the delete expunge operation. This operation accepts an ordered list of URLs to be delete expunged and an optional batch-size parameter that will be used to perform the delete expunge. If no batch size is specified in the operation, then the value of DaoConfig.getExpungeBatchSize() is used.

The ConceptMap.group.element.display storage size limit has been increased to 500 characters.

The bulk export request length limit has been increased to 1024 characters.

If two authorization compartments apply to the same targets and share the same compartment name, then instead of creating a new compartment, the rule builder now adds the new owner to the list of owners in the existing compartment.

When operating in partitioned mode, the interceptor pointcut STORAGE_PARTITION_IDENTIFY_CREATE will now be invoked to determine the partition to use for create with client-assigned IDs. Previously the STORAGE_PARTITION_IDENTIFY_READ pointcut was invoked, which was confusing and potentially unexpected.

Flyway migration used to enforce order by default. This has been changed so now the default behaviour is out of order migrations are permitted. Strict order can be enforced via the new strict-order flag if required.

Identifier maximum length increased from 200 to 500. This specifically applies to table HFJ_IDX_CMP_STRING_UNIQ.

When the contents of a package are corrupt, the error messages now identify the corrupt element

When performing a FHIR transaction containing a conditional create, references to that resource were inadvertently replaced with contained references."

A concurrency error was fixed when using client assigned IDs on a highly concurrent server with resource deletion disabled.

A null-pointer exception was fixed when a ResponseTerminologyDisplayInterceptor is registered and a search or read response returns a resource with code value that in turn returns a null code lookup.

Subscription notifications will no longer be triggered by default in response to changes that do not increment the resource version (e.g. $meta-add and $meta-delete). A new DaoConfig setting has been added to make this configurable.

When myDaoConfig.setDefaultTotalMode(SearchTotalModeEnum.ACCURATE) and there are zero search results on an _id search, An Index Out of Bounds error was thrown. This has been corrected.

Fixes the problem that FHIR package IDs were incorrectly treated as case sensitive when being loaded, causing loads to fail when dependencies were declared with a different case than in the package itself.

Constraint errors were not always auto-retried even when configured to do so on certain platforms (particularly Postgresql) where constraint names are auto converted to lower case. Thanks to Bruno Hedman for the pull request!

When searching by source, if deleted resources are matched, the search returned an incorrect size. This has been corrected.

The _filter search parameter was incorrectly included in the server capability statement if it was disabled on the server. This has been corrected.

ValueSet expansion did not correctly preserve the order if multiple codes were included in a single inclusion block.

Too many MDM candidates matching could result in an OutOfMemoryError. Candidate matching is now limited to the value of IMdmSettings.getCandidateSearchLimit(), default 10000.

A regression caused the JPA Server History operation to not return paging links in responses. This has been corrected.

Added null checks to MDM resource interceptor in order to avoid NPEs.

The SQL generated for the _profile search parameter did not use all of the columns on the tag index table, resulting on poor performance on MySQL. This has been corrected.

The internal cache for tags, concepts, and others had longer or shorter expiry times than was intended. This has been corrected.

When searching for ExplanationOfBenefit?patient=123,456, the compartment authorization interceptor was treating '123,456' as a single id rather than as a list of ids. This has been corrected.

A regression was introduced in 2760 where a READ compartment could get collapsed into a WRITE compartment. This has been corrected.

Searches for mdm-expanded references such as Observation?subject:mdm=123 were getting denied by access rules that did not recognize the :mdm suffix. This has been corrected.

$mdm-submit operation was only submitting 100 resources and then stopping. It now correctly submits all requested resources.

When providing links for placeholder creation, DaoResourceLinkResolver expects just a single 'identifier=value' param, but it can be additional data, s.a. tags, extra identifiers, etc.

When initiating a FHIR bulk export, if more than one _typeFilter parameter was supplied only the first one was respected. This has been corrected.

Loading packages would fail when partitioning was enabled with unnamed partitions. This has been fixed.

An issue in the FHIRPath evaluator prevented Encounters from being stored when using the new PatientIdPartitionInterceptor. This has been corrected.

Mdm failed to load if any mdm subscription had been deleted, e.g. if $expunge expungeEverything had been run on the server. This has been corrected.

When Client Id Strategy is set to NOT_ALLOWED, permit system requests to create resources, e.g. SearchParameter and Subscription resources required by the system.

Add DSTU3 Support To UploadTerminologyCommand.

Fixed a bug in transaction bundle processing, specifically for bundles which contained both a conditional create, and a resource which relied on this conditional create as a reference. This would cause the referring resource to generate a contained resource instead of appropriately referencing the existing patient.

Fixed a bug wherein an NPE could be thrown by the MDM module interceptor if an incoming resource had a tag with no system.

Fixed a bug where the search results cache was ignoring the value of _contained parameter when assigning a cache key. This was causing queries run in a short period of time to return wrong cached results if one query used _contained=true and the other did not.

Addressed the following CVE report by bumping the minor version for Jetty in the root POM:

• CVE-2021-34429