1.4Changelog: 2018




1.4.2HAPI FHIR 5.3.0 (Odyssey)


Release Information

Released: 2021-02-18

Codename: (Odyssey)


The version of a few dependencies have been bumped to the latest versions (dependent HAPI modules listed in brackets):

  • SLF4j (All Modules): 1.7.28 -> 1.7.30
  • Jackson (All Modules): 2.11.2 -> 2.12.1
  • Woodstox (XML FHIR Parser): 4.4.1 -> 6.2.3 (Note that the Maven groupId has changed from org.codehaus.woodstox to com.fasterxml.woodstox and the Maven artifactId has changed from woodstox-core-asl to woodstox-core for this library)
  • Spring (JPA): 5.2.3.RELEASE -> 5.2.9.RELEASE
  • Datasource-Proxy (JPA): 1.5.1 -> 1.7
  • Apache Commons Collections4 (JPA): 4.3 -> 4.4
  • Jetty (JPA Starter): 9.4.30.v20200611 -> 9.4.35.v20201120
  • Guava (JP): 29.0-jre -> 30.1-jre
  • Hibernate ORM (JPA Server): 5.4.22.FINAL -> 5.4.26.FINAL
  • Spring (JPA Server): 5.2.9.RELEASE -> 5.3.3
  • Spring Data (JPA Server): 2.2.0.RELEASE -> 2.4.2
  • Hibernate Search (JPA Server): 5.11.5.FINAL -> 6.0.0.Final
  • Lucene(HAPI FHIR JPA Server): 5.5.5 -> 8.7.0
  • Spring Boot (JPA Starter): 2.2.6.RELEASE -> 2.4.1
  • JANSI (CLI): 1.18 -> 2.1.1
  • PH-Schematron (SCH Validator): 5.2.0 -> 5.6.5
  • PH-Commons (SCH Validator): 5.3.8 -> 9.5.4


Two new switches have neen added to FhirInstanceValidator to suppress optional warning messages. Thanks to Anders Havn for the pull request!


Redesigning the Enterprise Master Patient Index solution to a Master Data Management solution. The new MDM solution supports other FHIR resources where EMPI only allowed Person resource to be used. For example, if MDM is occurring on a patient, we will create a new Patient, and tag that patient as a Golden Record. This means that several things have changed:

  • Provider methods that pointed to type of Person are now server-level operations in which you specify a resource type.
  • Link updating and querying no longer rely on Person IDs, but instead on arbitrary resource ids, depending on the resource type you are referring to in MDM.
  • Change to the EMPI config to require a list of mdmTypes.

Code-level changes include the following changes:
  • hapi-fhir-server-empi and hapi-fhir-jpaserver-empi Maven projects were renamed to hapi-fhir-server-mdm and hapi-fhir-jpaserver-mdm
  • All classes were refactored to use correct terms, e.g. Golden Resource in place of Person
  • Message channel was renamed from empi to mdm
  • Subscriptions were renamed to mdm-RESOURCE_TYPE, where RESOURCE_TYPE is an MDM type configured in mdmTypes section of the configuration file
  • Configuration file was renamed from empi-rules.json to mdm-rules.json
  • Log file was changed from empi-troubleshooting.log to mdm-troubleshooting.log


When a unique index SearchParameter violation is blocked, the error message will now include the ID of the relevant SearchParameter, in order to make troubleshooting easier.


Added a new IResourceChangeListenerRegistry service and modified SearchParamRegistry and SubscriptionRegistry to use it. This service contains an in-memory list of all registered {@link IResourceChangeListener} instances along with their caches and other details needed to maintain those caches. Register an {@link IResourceChangeListener} instance with this service to be notified when resources you care about are changed. This service quickly notifies listeners of changes that happened on the local process and also eventually notifies listeners of changes that were made by remote processes.


It is now possible for read operations (read/history/search/etc) in a partitioned server to read across more than one partition if the partitioning interceptor indicates multiple partitions.


Non release (i.e. SNAPSHOT) builds of HAPI FHIR will now include the Git revision hash as well as the build date in the version string that is logged on initialization, and included in the default server X-Powered-By string. Release builds are not affected by this change.


The error message returned by the transaction processor has been improved for the case where a transaction uses an unsupported/disabled resource types.


When performing a conditional create/update containing the email search parameter, any + characters will now be interpreted as actually being a plus symbol instead of being unescaped into a space character. This is technically a deviation from how URLs should be parsed, but allows for a sensible behaviour in a spot where no spaces are allowed.


It is now possible to use a parameter of type IBaseResource or IBaseBundle as the parameter on a @Transaction method in a plain server.


Optionally supports storage and search in canonical form of the quantity value which is defined by 'http://unitsofmeasure.org'; please check ModelConfig for the configuration. No changes were made to the existing behaviour.


The interceptor framework will now recognize and invoke @Hook methods that have an access level of public, protected, or default. Previously only public methods were recognized.


A new interceptor called the Repository Validating Interceptor has been added. This new interceptor allows a HAPI FHIR JPA Server to declare rules about mandatory profiles that all resources stored to the server must declare conformance and/or correctly validate against.


When performing a ValueSet expansion where the valueset to be expanded includes a display name for concepts it is explicitly including, this display name will be propagated to the expansion if no other display is available. Thanks to Hanan Awwad for the contribution!


A new utility called FHIRPathResourceGeneratorR4 has been added. This class can be used to build and populate a resource model object using FHIRPath expressions. Thanks to Marcel P for the contribution!


The JPA server has a new setting on the ModelConfig bean called "AutoVersionReferencesAtPaths". Using this setting, the server can be configured to add the current target resource version ID to any resource references found in a resource being stored. In addition, a new setting has been added to the JPA ModelConfig bean that allows _include statements to respect versioned references, and actually include the correct version for the reference.

Added support for the $evaluate-measure Operation as part of adding CQL support.


The JPA server generated SQL for date search parameters has been streamlined to avoid the use of redundant OR expressions that slow down performance in some cases.


Updates to Hibernate Search require a full reindexing of all indexed fulltext data, which is held in Lucene or Elasticsearch. Users using elasticsearch for fulltext indexing must upgrade to Elasticsearch 7.10.0.


The resource IDs for several LOINC resources were corrected. Thanks to Steven Wagers for the pull request!


The experimental TransactionBuilder helper class has been renamed to BundleBuilder as it now has utility methods for working with other types of Bundles too.


In the JPA server. the SQL datatype used to index quantities has been changed from NUMBER(19,2) to double precision (or equivalents depending on platform). This improves the query support for ssearching on very small quantities.


The @ResourceDef annotation has been marked as inheritable, so it does not need to be explicitly added to custom structures that extend built-in structures. Thanks to Marcelo Avancini for the pull request!


ElasticsearchHibernatePropertiesBuilder will now reject any REST url which is protocol-aware. Protocol information should be set in the protocol field of the builder.


Expanding a ValueSet using a filter now evaluates the display with left-matching by string token, case-insensitive.


Loading a package without a description was causing a null pointer exception. This has been fixed.


The CodeSystem/$subsumes operation inadvertantly reversed the meanings of the CodeA and CodeB parameters, resulting in subsumes and subsumed-by responses being reversed. This has been corrected. Thanks to Rob Hausam for reporting!


ApacheRestfulClientFactory now uses system properties for proxy configuration. Thanks to Vladimir Nemergut for the pull request!


When performing a ValueSet expansion with a filter a large pre-expanded ValueSet (more than 1000 codes), the filter failed to find concepts appearing after the first thousand. This has been corrected.


The new JPA SearchBuilder failed to perform FHIR Searches on Oracle DB with an invalid SQL error. This has been corrected.


When performing a JPA server search on a partitioned server, searches with only the _id parameter and no other parameters did not include the partition selector in the generated SQL, resulting in leakage across partitions. Thanks to GitHub user @jtheory for reporting!


The recent EMPI project accidentally caused a split package in ca.uhn.fhir.rest.server. This has been corrected. Thanks to Bill Denton for the pull request!


When using the validator from within the JPA server, validating CapabilityStatement resources failed with an error when trying to load linked SearchParameter resources. This has been corrected.


When using a partitioned JPA server, auto-create placeholder targets did not work if the partition interceptor was registered against the server (e.g. for a multitenancy configuration). This has been corrected. Thanks to Rob Whelan for reporting!


Sorting of search results was not working for MySQL, MSSQL and MariaDB due to recent changes made to handle sorting of nullable columns. This has now been fixed.


The new optimized SQL Generator introduced in HAPI FHIR 5.2.0 did not correctly bind variables for SQL Server queries, making the search functionality unusable. This has been corrected.


A database index in the JPA server was added in HAPI FHIR 5.2.0 and Smile CDR 2020.11 that exceeded the maximum index length in MySQL, preventing server upgrades on that database platform. This has been corrected.


Attempts to load IG packs when partitioning was enabled, resulted in nullpointer exceptions. This has now been fixed and IG packs and conformance resources will be loaded to the DEFAULT partition.


An incorrect HTML resource path led to a utility JavaScript library failing to load in the TestPage Overlay module. Thanks to Alejandro Medina for the pull request!


When performing a FHIR create using the HAPI FHIR client, if the payload is a Bundle resource the individual resources in the Bundle had their IDs removed by the client during payload serialization. This has been corrected.


A recent change inadvertently caused an issue with DB migration utility such that it would attempt to drop indexes even when the dry-run option was specified. This has been fixed.


The BulkExportDaoSvc bean was forgotten from the BaseConfig context. It has been added.


In the JPA server, HumanName.name.text was not being indexed and therefore was not searchable. This has been corrected.


The $expand filter parameter was not matching the ValueSet display value in all cases. E.g. a ValueSet with name 'abc def ghi' would match 'abc def' and 'def' but not 'def ghi'. This has been corrected so the ValueSet will match the filter if any substring of the ValueSet display value matches the $expand filter.


Unrecognized search param prefix strings were silently discarded. This is now an error.


A bug in the InMemoryResourceMatcher caused AND clauses to be treated as OR clauses. Thanks to Jari Maijenburg for the report and pull request!


When using the Consent Interceptor, the startOperation method was not invoked for search paging requests. This has been corrected. Thanks to Tue Toft Nørgård for reporting!


As of version 2.69, the LOINC Top2000CommonLabResultsSi.csv and Top2000CommonLabResultsUs.csv became optional. The Terminology Loader Service has been updated to reflect this change.


An important security issue with the JPA Server was solved. This issue applies only to JPA servers running in partitioned mode. When performing searches on a partitioned server, search results from previously cached searches against different partitions may be returned, potentially leaking data across partitions. This issue has been resolved.


Remove support for the upload-igpack command. This command is no longer supported, as the IGPack format has been withdrawn and replaced with the FHIR NPM Package specification, which is also supported by HAPI FHIR

1.4.3HAPI FHIR 5.2.1 (Numbats)


Release Information

Released: 2021-01-20

Codename: (Numbats)



A recent change inadvertently caused an issue with DB migration utility such that it would attempt to drop indexes even when the dry-run option was specified. This has been fixed.

1.4.4HAPI FHIR 5.2.0 (Numbat)


Release Information

Released: 2020-11-19

Codename: (Numbat)


The version of a few dependencies have been bumped to the latest versions (dependent HAPI modules listed in brackets):

  • Jackson (Base): 2.10.0 -> 2.11.2
  • Flyway (JPA): 6.4.1 -> 6.5.4
  • JQuery (Testpage Overlay): 3.3.1 -> 3.5.1
  • UCUM (JPA): 1.0.2 -> 1.0.3
  • HttpClient (Client): 4.5.12 -> 4.5.13
  • Awesome Bootstrap Checkbos (Testpage Overlay): 1.0.1 -> 1.0.2
  • MomentJS (Testpage Overlay): 2.15.1 -> 2.27.0
  • Select2 (Testpage Overlay): 4.0.3 -> 4.0.13

The JPA Server SQL generator for handling FHIR search operations has been completely rewritten to no longer depend on the Hibernate QueryBuilder APIs. This rewrite produces much more efficient SQL in many cases and should dramatically increase performance in such cases. For example, a 10x speedup has been observed on Postgresql when searching a very large database where the search URL has multiple chained search params.

This new SQL builder will be disabled by default in HAPI FHIR 5.2.0 and Smile CDR 2020.11.R01, and can be enabled via a setting in the DaoConfig (HAPI FHIR) and Storage Module config (Smile CDR). Snapshot/prerelease builds will ship with this new SQL builder enabled by default, and the intention is to make this the default and ultimately remove the legacy SQL builder in the next quarterly release.

We highly encourage testing of this new feature, and welcome feedback on how it performs in your environment.


A new class called TransactionBuilder has been added. This class can be used to build FHIR Transaction Bundles easily.


The RemoteTerminologyServiceValidationSupport class used for connecting to a remote terminology service will no longer attempt to perform code validation for fields where the code system is implied, since there is no FHIR operation allowing this style of validation to be performed remotely.


The FHIR Client will now accept an HTTP 204 NO CONTENT as a response to a write operation such as a create/update/transaction/etc.


In the JPA server, when performing synchronous searches it is now possible to specify a limit and offset using a new (nonstandard) parameter called _offset. Thanks to Tuomo Ala-Vannesluoma for the pull request!


When using package support to install a package with STORE_AND_INSTALL mode, resources that are already present in the database will now be updated to the contents of the version in the package.


Operations for CodeSystem, ValueSet and ConceptMap will now support multiple CodeSystem versions.


Terminology loader for LOINC will now support specifying version and loading multiple versions of LOINC.


An implementation of CodeSystem validate-code operation has been added for R4 and R5.


The JPA search coordinator will now use worker threads sourced from a ThreadPoolTaskExecutor, in order to simplify the addition of decorators to those threads. Thanks to Tue Toft Nørgård for the pull requets!


Added new DaoConfig parameter called maximumTransactionBundleSize that if not-null will throw a PayloadTooLarge exception when the number of resources in a transaction bundle exceeds this size.


Stored SearchParameter resources with a status of DRAFT will no longer override and disable existing built-in search parameters. This is done in order to avoid issues caused by uploading NPM packages such as US Core that contain a large number of draft parameters.


EMPI enhancements. Added new IDENTIFIER matcher rule type that defines a matcher where two resources share the same value for a particular identifier system, or if no system is indicated, defines a matcher where two resources share any matching system,values identifier. Improved channel and batch troubleshooting logging. Added new controller layer to support non-fhir apis. Changed rule json format; replaced 'metric' with either matcher or simiarity that now have their own distinct subkeys.


Support for RDF Turle parsing and encoding has now been added. This support was previously partially implemented, but did not work correctly. A huge thanks to Josh Collins and Eric Prud'hommeaux of Janeiro Digital for the pull request!


A new _expunge parameter has been added to the DELETE operation when deleting multiple resources via a URL. For example DELETE http://www.example.com:8000/Observation?_expunge=true or DELETE http://www.example.com:8000/Observation?status=cancelled&_expunge=true. When the _expunge parameter is provided to DELETE then the matched resources and all of their history will be both deleted and expunged from the database. This will perform considerably faster than doing the delete and expunge separately. Note that Expunge must be enabled on the server for this to work.


The Package Installer has been enhanced to allow resources that do not have a url element to be loaded from a package. Resources without url will instead use identifier element.


A null check was added to the R4 CapabilityStatement generator, in order to improve the error message when a mandatory parameter is missed. Thanks to GitHub user @blangley28 for the contribution!


The version of Bootstrap used by the Testpage Overlay project has been upgraded from 3.4.0 to 4.5.2. Note that this is a major release upgrade, so any overlay implementations may require some modification to deal with changes to the Bootstrap framework.


In HAPI FHIR 5.1.0 JPA Server, if partitioning was enabled, but no interceptor was registered to the STORAGE_PARTITION_IDENTIFY_READ pointcut, the system would simply default to 'All Partitions'. This was not the intended behaviour, so this will now result in an error.


A performance bottleneck was fixed in the datetime datatypes that caused lock contention when parsing resources in heavily multithreaded environments. Thanks to GitHub user @abrsystematic for the pull request!


The JPA SearchParameetr validator did not reject custom Search Parameetrs with an invalid path expression consisting of only a resource type and no element name. Creating such a search parameter could cause strange indexing issues, so this has been added to the validator.


A potential NPE in the JPA server was fixed. This error could be triggered by searching for resources with unresolvable references. Thanks to Anders Havn for the pull request!


An issue was fixed where multiple JPA server updates to the same resource within the same database transaction would fail with a database constraint error.


A deadlock was fixed where the Database-backed Binary Storage service could lock the system up when running under very high contention.


A crash in the JPA server was fixed when performing a search containined two chained search parameters to date target types.


When using an NPM package spec in STORE_AND_INSTALL mode, conformance resources will only be stored if they have a status of active. This fixes a bug wgere installing the US Core IG caused searches to stop working due to draft Search Parameters.


In some circumstances when using a Plain Server, the generated CapabilityStatement could have duplciate Search Parameter definitions. This has been corrected.


EMPI bug fixes. Special characters in search param values (e.g. space) led to missed matches; these are now properly escaped so matches are accurately found. Candidates were failing to match when candidateSearchParams was empty; matches now work properly with empty candidateSearchParams. matchResultMap entries were incorrectly resolving if any named matchFields matched; they now correctly resolve only when ALL matchFields match.


When parsing XML encoded resources, if an xml:lang attribute was present in the narrative HTML, it would incorrectly have its prefix omitted. Thanks to Oliver Egger for the pull request!


When performing a _lastUpdated search in the JPA server where the parameter value(s) are supplied with date (not time) precision, a timezone bug could cause some resources to not be included. This has been corrected.


The _typeFilter parameter did not correctly work for JPA Bulk Export jobs. This has been corrected.


The In Memory search matcher (used for Subscriptions) could crash if a subscription was registered using the _source search parameter, and a resource was processed with no source value. This has been corrected.


When expanding a pre-expanded ValueSet using a filter, the filter was ignored and the pre-expansion was not used resulting in an inefficient and potentially incorrect expansion. This has been corrected.


The JPA Package loader was failing if the package had a description longer than 200 characters. This has been fixed.

1.4.5HAPI FHIR 5.1.0 (Manticore)


Release Information

Released: 2020-08-13

Codename: (Manticore)


The version of a few dependencies have been bumped to the latest versions (dependent HAPI modules listed in brackets):

  • Guava (JPA): 28.2-jre -> 29.0-jre
  • Jetty (CLI): 9.4.24.v20191120 -> 9.4.30.v20200611


An index has been added on the TRM_CONCEPT table. This index was previously missing, meaning that rebuilding large code systems took an abnormally long amount of time. Thanks to Jacob Stampe Mikkelsen for the pull request!


The email sender used by email subscriptions can now be configured with TLS parameters.


A new service has been added to the JPA server that fetches FHIR Implementation Guide NPM packages and installs the contained conformance resources into the JPA repository. Thanks to Martin Zacho Grønhøj for the pull request!


The Snapshot Generator now uses the R5 codebase for all versions of FHIR (similar to how the validator already worked). This means that the snapshot generator will be much more feature complete and hopefully have fewer bugs given the single codebase.


AuthorizationInterceptor can now fully secure GraphQL operations in the JPA server, meaning that it is possible to use compartment and type rules to restrict the specific data that is available through the GraphQL interface.


The validator will now correctly issue a warning instead of an error if a code can't be found when validating a code in a CodeSystem where the content mode (CodeSystem.content) has a value of fragment.


Initial implementation of lastn operation that uses an Elasticsearch v6 server to index observations.


In the JPA server, when indexing Date SearchParameters where the value being indexed is a FHIR Period that is missing either a lower bound or an upper bound, a default value representing an extreme 'beginning of time' or 'end of time' is now used. This allows range searches to return more accurate results.


Support for the :of-type modifier has been added to TokenParamModifier. Thanks to Alexander Lukyanchikov for the pull request!


Support has been added for GraphQL querying using an HTTP POST (with the query in the body). Thanks to Ibrohim Kholilul Islam for the pull request implementing this new feature!


Support for FHIR NPM Packages has been added to the JPA server. This new functionality allows packages to be installed to special tables within the FHIR JPA schema, and conformance resources used for validation.


The LOINC importer has been updated to support the file format used by the LOINC 2.68 release.


A new optional type parameter has been added to the $mark-all-resources-for-reindexing operation, allowing resources of a specific type to be marked.


Spring Batch has been added to HAPI FHIR in the hapi-fhir-jpaserver-batch project. hapi-fhir-jpaserver-base will make use of it for batch jobs


A new configuration bean called ValidationSettings has been added to the JPA server. This can be used to enable validation of reference target resources if necessary.


The RemoteTerminologyServiceValidationSupport validation support module, which is used to connect to external/remote terminology services, has been significantly enhanced to provide testing for supported CodeSystems and ValueSets. It will also now validate codes in fields that are not bound to a specific ValueSet.


Phonetic name search is now supported via ISearchParamRegistry.setStringEncoder().


The JPA server is now able to support _has queries where the linked search expression on the right hand side of the _has parameter is a second _has query.


REST Hook subscriptions may now specify a search expression to be used to fetch a collection of resources to deliver when a subscription matches.


The GraphQL module can now accept arrays of arguments as input to searches, and will treat them as OR'ed parameters. Thanks to Ibrohim Kholilul Isla for the pull request!


The HAPI FHIR CommonCodeSystemsTerminologyService validation support module now includes support for ISO 3166 (country codes).


A new interceptor called UserRequestRetryVersionConflictsInterceptor has been added to the JPA server. This interceptor allows clients to instruct the server to attempt to avoid returning an HTTP 409 (Version Conflict) if two concurrent client requests try to update the same resource at the same time.


The validator will now accept codes that are defined in a ValueSet where the valueset contains an enumeration of codes, and the CodeSystem URL refers to an unknown CodeSystem. This allows successful validation of ValueSets in several IGs that rely on the existence of grammar based systems.


Two new operations have been added for EMPI: $empi-clear and $empi-submit. $empi-clear will delete EMPI links, and related Person objects. $empi-submit will submit all matching resources for EMPI processing.


A few issues in the migrator when applying migrations against some versions of MSSQL were resolved


The JPA server maintains a cache of active SearchParameeter resources that can cause misleading results if a SearchParameter is changed and other resources that would be indexed by the changed SearchParameter are updated before the cache refreshes. A new interceptor has been added that should force a refresh sooner, especially on non-clustered systems.


A new interceptor has been added for the JPA server that selectively allows resource deletions to proceed even if there are valid references to the candidate for deletion from other resources that are not being deleted.


When submitting a transaction bundle containing a large number of resources being written, where the resources had tags or profile definitions, a number of redundant database calls have been optimized out. This should significantly improve performance for these scenarios.


Due to an inefficient SQL statement when performing searches with large numbers of _revincludes where the resources have tags, a large number of database roundtrips were produced when searching. This has been streamlined, greatly improving the response times for some searches.


When performing a search in the JPA server using a chained search parameter, an unnecessary resource type predicate was previously added to the generated SQL and has now been removed. This should improve performance on some queries.


When performing a JPA 'upsert' (a PUT to an ID that may or may not already exist) on a partitioned system, the partition interceptor will now be called once to determine the READ partition in order to find the candidate resource to update, and possibly a second time to determine the CREATE partition if a new row is actually being created. Previously only the CREATE partition was checked and used to perform the initial read.


HAPI FHIR has been migrated to use JUnit 5 (from JUnit 4) for unit testing. This change does not affect users of the library, but helps to make tests more maintainable.


Breaking Change: The method FhirContext#getResourceNames() has been renamed to FhirContext#getResourceTypes(). HAPI currently goes back and forth between the two, but is consolidating on Types.


The R5 structure methods for working with extensions on arbitrary fields, e.g. getExtensionByUrl(String), removeExtension(String), getExtensionsByUrl(String) hasExtension(String), and getExtensionString(String) have been enhanced so that they now return modifier extensions as well as the non-modifier extensions they previously returned.


Breaking Change: The IValidationSupport interface has had one further change after the rewrite in HAPI FHIR 5.0.0. Instead of passing an IValidationSupport object as an argument to many methods on the interface, a context object is now used instead.


When parsing a resource into a custom structure (e.g. a custom class extended a built-in FHIR resource class), inter-resouirce references could contain invaliud java refeences to other resources. Thanks to Christian Ohr for reporting and fixing!


A new operation has been added to the JPA server called $diff. This operation can generate a FHIR Patch diff showing the changes between two versions of a resource, or even two separate resources. See Diff for more information.


The FHIR Patch format is now supported for patching resources, in addition to the previously supported JSON Patch and XML Patch.


When serializing a resource, the JSON Parser will now ignore any extensions that are present on an element if they do not have a URL or any children populated.


In HAPI FHIR 5.0.0, partitioned JPA servers were introduced. The documentation claimed that an interceptor implementing the STORAGE_PARTITION_IDENTIFY_READ was optional, but the server incorrectly made this mandatory. This has been corrected.


The @Interceptor annotation was not marked as inheritable, meaning that the order attribute was lost when using Spring proxies. Thanks to Tue Toft Nørgård for the pull request!


When using a SearchParameter with uniqueness enabled, the $expunge operation sometimes failed to expunge resources with a database constraint error. This has been fixed.


The subscription delivery queue in the JPA server was erroneously keeping both a copy of the serialized and the deserialized payload in memory for each entry in the queue, doubling the memory requirements. This also caused failures when delivering XML payloads in some configurations. This has been corrected.


Cascade deletes were failing in cases where the resource being deleted had more than 600 conflicts due to a hard-coded limit on the number of conflicts that the CascadingDeleteInterceptor was allowed to process at a time. This hard-coded limit has been replaced with an optional configuration parameter.


Several duplicate classes were removed from the testpage overlay, avoiding a warning on startup. Thanks to Joel Schneider for the pull request!


HAPI FHIR 5.0.0 introduced a regression in JPA validator performance, where a number of unnecessary database lookups were introduced. This has been corrected.


BaseValidationSupportWrapper.expandValueSet(...) and ValidationSupportChain.expandValueSet(...) were incorrectly replacing expansion options (i.e. offset and count) with null, causing these parameters to be ignored when invoking the ValueSet$expand operation. This has been corrected.


When validating resources containing codes in a ValueSet that included UCUM codes, the validator would incorrectly report that the code was valid even if it was not in the ValueSet. This has been corrected.


The create-package CLI command failed with a NPE if no package dependencies were specified. This has been corrected.


ConceptMap resources were blocked from uploading into the JPA server if the ConceptMap had a source and/or target URL defined at the ConceptMap level but not at the group level. This prevented some US Core resources from being successfully uploaded. This has been corrected.


In HAPI FHIR 4.2.0 and before, due to the lenient Gson parser it was possible to store data in the JPA server that contained invalid decimal numbers with no leading digits, e.g. .123 and -.123. When we moved to Jackson as a JSON parser, these values could no longer be parsed due to Jackson's more strict (and correct) interpretation of the JSON specification. Unfortunately this led to data previously stored in the database being unusable. A fix has been implemented that automatically adds a leading zero to any decimals that were previously saved in invalid state. New data will still be blocked from being added if it contains invalid JSON numbers.


When generating a snapshot for a StructureDefinition that extends another non-base StructureDefinition, if the parent SD did not have a snapshot itself, the child snapshot would be empty. This has been corrected.


When updating a resource with links that change, to reduce database operations, hapi-fhir reuses link index records. However, all the columns were being properly updated except for the source path column which was accidentally missed and continued to hold the previous value. This resulted in mismatched source paths and values. This has been corrected.


In some cases, the Bundle total was not getting filtered from search results when using the consent interceptor. Thanks to Jens Kristian Villadsen for reporting!


When performing a resource $expunge in the JPA server, in-memory caches caused issues if a forced ID was reused quickly enough (as can be the case in some testing scenarios). Thanks to GitHub user @janvdpol for reporting!"


An XSS vulnerability was reported in the HAPI FHIR Testpage Overlay module. Thanks to Will Davison of NCC Group (Manchester UK) for disclosing this vulnerability. Users of the HAPI FHIR Testpage Overlay can use a specially crafted URL to exploit an XSS vulnerability in this module, allowing arbitrary JavaScript to be executed in the user's browser. The impact of this vulnerability is believed to be low, as this module is intended for testing and not believed to be widely used for any production purposes. Nonetheless, we recommend all users of the affected module upgrade immediately. A complete audit of the affected codebase has been completed in order to detect and resolve any similar issues.


A very old feature that is not believed to be used anywhere has been removed: The ServerProfileProvider is a special resource provider that was automatically registered to HAPI FHIR REST servers, and served up StructureDefinitions that were registered to the FhirContext. Registering custom StructureDefinitions against the FhirContext for exposure through the REST API (as what was then the /Profile endpoint) was planned to be a common feature during the DSTU1 lifecycle but did not turn out to be a useful approach. This feature was mostly forgotten about until the logic for selecting resource provider handler methods was revamped and the old mechanism suddenly became the default resource provider for StructureDefinition resources in the JPA server. We don't expect any negative impact by this change, please post in our mailing list if you disagree.

1.4.6HAPI FHIR 5.0.2 (Labrador)


Release Information

Released: 2020-06-02

Codename: (Labrador)


This release corrects a snapshot dependency on org.hl7.fhir.core that was accidentally left in HAPI FHIR 5.0.1.

The default setting for the partition mode's Include Hashes in Search Indexes setting was incorrectly set to true in HAPI FHIR 5.0.0 and has now been changed to false, as this is a more sensible default. Note that this wil affect existing systems that are trying this feature out. A manual reindex of data may be required.

1.4.7HAPI FHIR 5.0.1 (Labrador)


Release Information

Released: 2020-05-15

Codename: (Labrador)



When performing queries with multiple chained search parameters, such as 'Observation?subject.identifier=FOO&specimen.identifier=BAR', an unnecessary SQL join was introduced into the resulting query. This was inefficient, and made it particularly hard for the RDBMS optimizer to pick an efficient query plan in some cases. This is not fixing a regression (this issue has always existed in HAPI FHIR JPA) but it was deemed sufficiently important to merit a dedicated point release.


Issue #1849 added two new search columns for date SearchParameters that are used to provide searching at the day granularity in a timezone independent way. These new columns require a new database index that was missed in the original merge.

1.4.8HAPI FHIR 5.0.0 (Labrador)


Release Information

Released: 2020-05-13

Codename: (Labrador)


The version of a few dependencies have been bumped to the latest versions (dependent HAPI modules listed in brackets):

  • Hibernate ORM (JPA): 5.4.6 -> 5.4.14
  • Hibernate Search (JPA): 5.11.3 -> 5.11.5
  • Hibernate Validator (JPA): 5.4.2.Final -> 6.1.3.Final
  • Guava (JPA): 28.0 -> 28.2
  • Spring Boot (Boot): 2.2.0.RELEASE -> 2.2.6.RELEASE
  • FlywayDB (JPA) 6.1.0 -> 6.4.1
  • Apache HTTPCliient (JPA): 4.5.9 -> 4.5.12
  • Apache HTTPCore (JPA): 4.4.11 -> 4.4.14
  • Commons Compress (All): 1.19 -> 1.20


The classes BaseOrListParam and BaseParam now have public visibility in order to make it easier to create more generic APIs. Thanks to GitHub user @ibacher for the pull request!


Fields of type canonical were not previously indexed by the JPA server, meaning that some default search parameters could not be honoured (e.g. StructureDefinition:valueset). This is now corrected.


When performing large terminology concept additions via the delta addition service, concepts will now be added via the deferred storage service, meaning that they will be added in small incremental batches instead of as a part of one large transaction. This helps to avoid timeouts and memory issues when uploading large collections of concepts.


When performing a terminology delta ADD operation, if the number of codes being added is large the codes will be added in small batches via an asynchronous scheduled task in order to avoid overwhelming the database with a large operation.


A new constructor has been added to RestfulServer that accepts an InterceptorService. Thanks to gematik FuE for the pull request!


Adds support for chained parameters in a _has query. For example GET /Patient?_has:Observation:subject:device.identifier=1234-5. Adds a performance warning on any queries that use an unqualified resource in a chain which ends up resolving to 2 or more candidate target types. Thanks to Jean-Francois Briere for the patch.


A new built-in server interceptor called FhirPathFilterInterceptor has been added. This interceptor evaluates an arbitrary FHIRPath expression against the resource being returned and replaces the response with a Parameters resource containing the results of the evaluation.


The JPA server now allows chained searches on the _type parameter. For example, the following could be used to find all Encounters with a context of type Group: Encounter?subject._type=Group.


The REST Server will now raise an error if a client tries to perform a FHIR read operation while using URL paramaters that are specific to FHIR search operations. This should help clients who are mistaking the semantics between the two operations, as previously the search parameters were simply ignored leading to confusion. Thanks to Jafer Khan for implementing this!


A new server interceptor called ResponseSizeCapturingInterceptor has been added. This interceptor captures and makes available the number of characters written (pre-compression if Gzip compression is being used) to the HTTP response stream for FHIR responses.


The client interceptor pointcuts CLIENT_REQUEST and CLIENT_RESPONSE now allow a parameter of type IRestfulClient to be injected, containing a reference to the client making the request. In addition, CLIENT_REQUEST interceptors are now able to modify the URL of the request before it is performed.


In the JPA server, the ModelConfig setting 'DefaultSearchParamsCanBeOverridden' now has a default value of true (previously this was false). In addition, when creating/updating a SearchParameter resource, the system will now raise an error if the client is attempting to override a built-in SearchParameter when this setting is disabled (previously this was silently ignored).


In the JPA sevrer, if overriding built-in search parameters is not enabled, the server will now return an error if a client tries to create a SearchParameter that is trying to override one. Previously, the SearchParameter would be stored but silently ignored, which was confusing.


A new client interceptor called UrlTenantSelectionInterceptor has been added. This interceptor allows the dynamic selection of a tenant ID on servers that are using URL Base Tenant Selection.


The ApacheProxyAddressStrategy has been improved to add support for additional proxy headers inclusing X-Forwarded-Host, X-Forwarded-Proto, X-Forwarded-Port, and X-Forwarded-Prefix. Thanks to Thomas Papke for the pull request!


When parsing JSON resources, if an element contains an invalid value, the Parser Error Handler did not have access to the actual name of the element being parsed. This meant that errors lacked useful detail in order to diagnose the issue. This has been corrected. Thanks to GitHub user @jwalter for reporting!


The HAPI FHIR instance validator now includes validation for currency types (ISO 4217)


New mthods have been added to DateClientParam allowing searching at MILLIS precision. Thanks to David Gileadi for the pull request!


In a plain server, if a Resource Provider class had two methods with the same parameter names (as specified in the @OptionalParam or @RequiredParam) but different cardinalities, the server could sometimes pick the incorrect method to execute. The selection algorithm has been improved to no longer have this issue, and to be more consistent and predictable in terms of which resource provider method is selected when the choice is somewhat ambiguous.


Support for HAPI FHIR cascading deletes has been added to the Generic Client.


The JAX-RS server will now scan and serve ResourceProvider methods defined in super-classes as well. Thanks to Zhe Wang for the pull request!


Native support for UCUM has been added to the validation stack, meaning that UCUM codes can be validated at runtime without the need for any external validation.


Indexing for the :text modifier can now be globally or selectively disabled in the JPA server. This can have a measurable impact on index sizes and write speed in servers with large numbers of token indexes.


In HAPI FHIR 4.2.0, when performing a Bulk Export on a server with Binary Storage enabled, the bulk export files were not able to take advantage of the externalized binary stroage and would be stored in the relational DB. This has now been enhanced to allow bulk export files to store externally.


Date searches can be performed relative to 'now' using the %now parameter value. For example, to search for Procedures with a date later than now, you can search for /Procedure?date=ge%now. Note the '%' will need to be URL escaped so the actual URL will be /Procedure?date=ge%25now. The way this works is the server substitutes %now with the current date and time in the standard FHIR format yyyy-MM-ddTHH:mm:ss before submitting it to the FHIR Storage module. Similarly date searches can be performed relative to 'today' using the '%today' parameter value. '%today' works the same as '%now' except that it searches as a 'date' type as opposed to a 'dateTime' type.


Loading of _include and _revinclude values has been optimized to be slightly faster


When performing date range searches in the JPA server, the server was generating extra unneccessary joins in the generated SQL. This has been streamlined, which should result in faster searches when performing date ranges.


History operations in the JPA server have been significantly optimized to remove the number of SQL SELECT statements, and to completely eliminate any INSERT statements. This should have a positive effect on heavy users of history operations. In addition, history operations will no longer write an entry in the query cache (HFJ_SEARCH) table which should further improve performance of this operation.


Adjusted schema definitions for Resource and Resource History tables to eliminate circular dependencies with Forced ID table and to improve performance when expunging large numbers of resources.


Removed the SEARCH_LAST_RETURNED column of the HFJ_SEARCH table. HAPI FHIR updated the HFJ_SEARCH table with every request, but this led to unecessary database load. The purpose of this column was to ensure that search results were kept around long enough for systems that needed them for paging (default one hour). When expiring search results, we used to add one hour to SEARCH_LAST_RETURNED to determine the expiry time. However, the length of time where a search result could be updated was relatively small (default one minute). So rather than keeping track of the expiry time to expire exactly one hour after the last returned time, hapi now simply expires after the maximum possible length of time (default one hour plus one minute). This eliminates the need to update the HFJ_SEARCH table with every search.


The version converters for all versions except R4/R5 have been reworked to be split into individual classes per resource type (the R4/R5 converters were already organized this way). Thanks to Mark Iantorno for a huge effort to write a Java source parser/serializer to acomplish this task.


Breaking Change: The IFluentPath interface has been renamed to IFhirPath, and the FhirContext#newFluentPath() method has been replaced with an equivalent FhirContext.newFhirPath(). The FhirPath expression language was initially called FluentPath before being renamed, so this change brings HAPI FHIR inline with the correct naming.


Breaking Change: Several classes in the JPA server have been moved to new packages, including the DaoConfig and IDao interfaces. These classes have not changed in terms of functionality, but existing projects may need to adjust some package import statements.


Breaking Change: The Generic/Fluent delete() operation now returns a MethodOutcome object instead of an OperationOutcome. The OperationOutcomoe is still available direcly by querying the MethodOutcome object, but this change makes the delete() method more consistent with other similar methods in the API.

Breaking Change: Some R4 and R5 structure fields containing a code value with a Required (closed) binding did not use the java Enum type that was generated for the given field. These have been changed to use the Enum values where possible. This change does not remove any functionality from the model but may require a small amount of re-coding to deal with new setter/getter types on a few fields.


New Feature: A new feature has been added to the JPA server called **Partitioning. This feature allows data to be segregated using a user defined partitioning strategy. This can be leveraged to take advantags of native RDBMS partition strategies, and also to implement multitenant servers.


Breaking Change: The FHIR R5 draft definitions have been updated to the current 'Preview 2' definitions (FHIR 4.4.0).

DSTU3 searches using near-distance only worked on Location resources directly. It now works on chained searches on resources with a location. E.g. PractitionerRole?location.near-distance=1.0 now works properly.


Breaking Change: The HAPI FHIR Validation infrastructure has changed significantly under the hood. Existing users of the validator may need to change package declarations (as FhirInstanceValidator and several other related classes have been moved) and potentially add new modules to their Validation Support Chain. See Migrating to HAPI FHIR 5.x for details on how to account for this change in your code.


When performing a search with a DateParam that has DAY precision, rely on new ordinal date field for comparison instead of attempting to find oldest and newest instant that could be valid.


ValueSet expansions containing lists of terms did not correctly expand when backed by ElasticSearch due to the use of a feature not supported in ES. Thanks to Jens Villadsen for reporting!


When performing a terminology delta ADD operation, existing parent-child links were often deleted and recrreated needlessly during operations, which could result in a deadlock. This has been resolved.


In the JPA server, quickly deleting a resource and then performing a query that had recently returned that search result could cause a cached stub resource (containing no data but with an ID and metadata populated) to be returned. This has been corrected.


The Pointcut JavaDoc had an incorrect link from one pointcut to another and has been fixed. Thanks to Bert Roos for the pull request!


When performing a search in the JPA server where the only parameter was a _has parameter, the server did not respect the resource typename being searched for, causing false positive search results. This has been corrected.


When validating a resource, the validator will now report an error if the resource declares conformance to an unknown or invalid profile URL via the Resource.meta.profile declaration. Previously this was a warning and did not block successful validation.


When deleting searches from the query cache where a large number of searches with a large number of results were present, the system would repeatedly mark the same rows as deletion candidates. This put unneccessary pressure on the database and has been corrected.


A minor regression in 4.2.0 was introduced, where JPA searches using the _id search parameter often had a duplicate SQL predicate in their where clause. This issue may not have caused any bad effects on some environments, but it did look strange in SQL logs and has been corrected.


In servers, when requesting _summary=count, the response Bundle.type value was filtered, leading to an invalid response bundle. This has been corrected. Thanks to GitHub user @Legi429 for reporting!


When parsing Bundles, contained resoures from other entries in the Bundle could incorrecly be stitched into a target resource if they had the same local ID. Thanks to August Langhout for the pull request!


When encoding a resource, a crash could occur if the resource had a contained Bundle resource. This is not commonly done, but there are valid scenarios for doing so.


The GraphQL Expression parser sometimes fails and reports unhelpful error messages when using search arguments. Thanks to Ibrohim Kholilul Islam for the pull request!


A bug in the JPA server prevented Client Resource ID mode from being set to NOT_ALLOWED when Server Resource ID mode was set to UUID. Thanks to GitHub user @G-2-Z for reporting!


In previous versions of HAPI FHIR, the server incorrectly silently accepted decimal numbers in JSON with no leading numbers (e.g. .123), as well as decimal numbers with more than one leading zero (e.g. 00.123). These will now be rejected by the JSON parser. Any values with this string that have previously been stored in the JPA server database will now automatically normalize the value to 0.123.


When invoking JPA DAO methods programatically to store a resource (as opposed to using the FHIR REST API), if the resource being stored had any contained resources, these would sometimes not be visible to the search parameter indexer, leading to missing search params. This is a very fringe use case, but a workaround has been put in place to solve it.


The JPA server ElasticSearch provider failed to initialize if username/password credentials were not explicitly provided, meaning it could not run on AWS-supplied ElasticSearch. Thanks to Maciej Kucharek for the pull request!


The text styling on the Testpage Overlay homepage has been improved to use native Bootstrap warning colours. Thanks to Joel Schneider for the pull request!


In the JPA server, performing a search where the only search parameter was the _tag parameter could cause resources of the wrong type to be included in search results. This has been corrected.


The FHIR R4 validation resources (StructureDefintion, ValueSet, etc) were not updated to the R4 4.0.1 technical correction versions in HAPI FHIR 4.2.0. This has been corrected.

1.4.9HAPI FHIR 4.2.0 (Koala)


Release Information

Released: 2020-02-15

Codename: (Koala)


The version of a few dependencies have been bumped to the latest versions (dependent HAPI modules listed in brackets):

  • Jetty (CLI): 9.4.14.v20181114 -> 9.4.23.v20191118
  • Spring (JPA, Testpage): 5.2.1 -> 5.2.3 (addresses CVE-2020-5398 and CVE-2020-5397)


Support for several new operators has been added to the _filter support in the JPA server. Thanks to Anthony Sute for the Pull Request!


Support for LOINC 2.67 file format changes has been added to the JPA Server LOINC uploader. Thanks to Dan Vreeman for reporting!

In the JPA server, a new setting called setPopulateIdentifierInAutoCreatedPlaceholderReferenceTargets(boolean) has been added to the DaoConfig. If this setting is enabled, when creating placeholder resources, the Reference.identifier value is copied to the target resource if possible.


It is now possible to specify resource provider method annotations on interface methods implemented by resource provider classes, as opposed to needing to specify them directly on the concrete class. Thanks to Tue Toft Nørgård for the pull request!

Searching Location.position by latitude, longitude and distance for DSTU3, R4 and R5 is now supported using a simple 'box' search. Locations falling within a box with length and width of 2 * distance, centred on specified latitude,longitude are matched. If no distance is provided, the coordinates must match exactly.

Chained searches using the _has search parameter as the chain value are now supported by the JPA server.


Support has been added to the server (plain and JPA) for querying with _count=0 as a URL parameter.


A significant performance improvement was added to the Json and XML parsers when parsing large Bundle resources. Throughput for parsing these resources has been improved by roughly 50%. Thanks to Rok Bertoncelj and Bogdan Solga for providing analysis and insight that triggered this change.

When parsing Bundle resources containing other resources, XML/JSON parsers have an option called "override resource ID with bundle entry fullUrl". This option previously caused any value found in Bundle.entry.fullUrl to override any value found in Bundle.entry.resource.id (meaning that the parsed resource would take its ID from the fullUrl even if that ID disagreed with the ID found in the resource itself. As of HAPI FHIR 4.1.0 the value in Bundle.entry.fullUrl will only be used to set the parsed resource ID if the resource has no ID present.

Changed database migration to use flyway. This adds a new table called FLY_HFJ_MIGRATION that records all database migration tasks that have already been applied. The hapi-fhir-cli migrate tool has been changed to use flyway. Learn more about flyway here: https://flywaydb.org/.

The IRestfulClient#registerInterceptor and IRestfulClient#unregisterInterceptor methods now take Object as an argument instead of IClientInterceptor, allowing client interceptors to now be migrated to the new interceptor framework.


As of FHIR R4, some fields that were previously of type reference are now of type canonical. One example is QuestionnaireResponse.questionnaire. Technically this means that this field should no longer contain a relative reference, but as they are sometimes used that way, HAPI FHIR will now try to be permissive and will index relative link canonical fields such as (Questionnaire/123) as though it actually was a local relative link. Thanks to Dean Atchley for reporting and providing a test case!


A missing mandatory was added to the SNOMED CT CodeSystem that is uploaded when SCT is uploaded to the JPA server. Thanks to Anders Havn for the pull request!


When validating resources containing custom valuesets defined in PrePopulatedValidationSupport outside of the JPA server, sometimes code systems could not be found resulting in false negative errors.


Several misleading comments in documentation code snippets were fixed. Thanks to Jafer Khan for the pull request!


The client threw a NullPointerException in some circumstances when it received an HTTP 201 No Content response from the server. This has been corrected. Thanks to Petro Mykhailysyn for the pull request!


When performing the $expunge operation in the JPA server, the operation sometimes failed if a resource being expunged had historical versions that did not contain any tags. This has been corrected.


When validating an XML resource, the validatin failed if the resource contained an xsi:schemaLocation declaration. This has been corrected. Thanks to Brian Kaney for reporting!


An issue with the new flyway migrator hashCode generation was resolved. Thanks to Jafer Khan for the pull request!


When parsing HTML Narratives, the lang attribute was stripped from the outer DIV tag if present. Thanks to Sean McIlvenna for reporting!


When using a custom structure that changes the cardinality from 0..* to 0..1, the Parser was encoding a plain field instead of an array (as required by the FHIR specification). Thanks to Petro Mykhailysyn for the pull request!

A memory leak was resolved in the JPA terminology service delta upload operations.

ValueSet PreCalculation did not successfully expand valuesets when Lucene was not enabled in the JPA server. This has been corrected.


A correction was made to the narrative generation documentation. Thanks to GitHub user dionmcm for the pull request!


ValueSet Precalculation sometimes failed on Oracle DBs due to an invalid SQL function. This has been corrected.

A ConcurrentModificationException was sometimes thrown when performing a cascading delete. This has been corrected.


The constructor for Verdict.java was inadvertantly made private, preventing custom rules from being written. Thanks to Jafer Khan for the pull request!

1.4.10HAPI FHIR 4.1.0 (Jitterbug)


Release Information

Released: 2019-11-13

Codename: (Jitterbug)


The version of a few dependencies have been bumped to the latest versions (dependent HAPI modules listed in brackets):

  • SLF4j (All): 1.7.25 -> 1.7.28
  • Spring (JPA): 5.1.8.Final -> 5.2.0.Final
  • Hibernate Core (JPA): 5.4.2.Final -> 5.4.6.Final
  • Hibernate Search (JPA): 5.11.1.Final -> 5.11.3.Final
  • Jackson Databind (JPA): 2.9.9 -> 2.9.10 (CVE-2019-16335, CVE-2019-14540)
  • Commons-DBCP2 (JPA): 2.6.0 -> 2.7.0
  • Postgresql JDBC Driver (JPA): 42.2.6.jre7 -> 42.2.8
  • MSSQL JDBC Driver (JPA): 7.0.0.jre8 -> 7.4.1.jre8
  • Spring Boot (Boot): 2.1.1 -> 2.2.0
  • Phloc Schematron (Validator): 5.0.4 -> 5.2.0
  • Phloc Commons (Validator): 9.1.1 -> 9.3.8

New Feature: The JPA server now saves and supports searching on Resource.meta.source via the _source search parameter. The server automatically appends the Request ID as a hash value on the URI as well in order to provide request level tracking. Searches can use either the source URI, the request ID, or both.

When using the AuthorizationInterceptor with a rule to allow all reads by resource type, the server will now reject requests for other resource types earlier in the processing cycle. Thanks to Anders Havn for the suggestion!

New Feature: Support for the FHIR Bulk Data Export specification has been added to the JPA server. See the specification for information on how this works. Note that only system level export is currently supported but others will follow.

It is now possible to submit a PATCH request as a part of a FHIR transaction in DSTU3 (previously this was only supported in R4+). This is not officially part of the DSTU3 spec, but it can now be performed by leaving the Bundle.entry.request.method blank in DSTU3 transactions and setting the request payload as a Binary resource containing a valid patch.


LOINC concepts now include multiaxial hierarchical properties (e.g. parent and child , which identify parent and child concepts.


When loading LOINC terminology, a new ValueSet is automatically created with a single include element that identifies the LOINC CodeSystem in ValueSet.compose.include.system . This ValueSet includes all LOINC codes.


A note has been added to the downloads page explaning the removal of the hapi-fhir-utilities module. Thanks to Andrew Fitzgerald for the PR!

Added support for comparing resource dates to the current time via a new variable %now. E.g. Procedure?date=gt%now would match future procedures.

New Feature: Support for ElasticSearch has been added to the JPA server directly (i.e. without needing a separate module) and a new class called "ElasticsearchHibernatePropertiesBuilder" has been added to facilitate the creation of relevant properties. Instructions have been added to the hapi-fhir-jpaserver-starter project to get started with Elasticsearch. It is likely we will switch our default recommendation to Elastic in the future.

Add support for in-memory matching on date comparisons ge,gt,eq,lt,le.

The JPA server now uses the Quartz scheduling library as a lob scheduling mechanism

A new flag has been added to the JPA migrator tool that causes the migrator to not try to reduce the length of existing columns in the schema.


The ValueSet operation $expand has been optimized for large ValueSets. ValueSets are now persistence-backed by the terminology tables, which are populated by a scheduled pre-expansion process. A ValueSet previously stored in an existing FHIR repository will need to be re-created or updated to make it a candidate for pre-expansion. ValueSets that have yet to be pre-expanded will continue to be expanded in-memory.


The ValueSet operation $validate-code has been optimized for large ValueSets. Codes in ValueSets that have yet to be pre-expanded will continue to be validated in-memory.


LOINC filenames for terminology upload are now configurable using the loincupload.properties file.


Support for the LOINC EXTERNAL_COPYRIGHT_NOTICE property and copyright filter has been added.


Support for the LOINC parent and child filters has been added. Both filters can be used with either of the = or in operators.


Support for the LOINC ancestor and descendant filters has been added. The descendant filter can be used with either of the = or in operators. At present, the ancestor filter can only be used with the = operator.


Support for the LOINC ancestor filter with the in operator has been added.


Support for concept property values with a length exceeding 500 characters has been added in the terminology tables. In particular, this was added to facilitate the LOINC EXTERNAL_COPYRIGHT_NOTICE property, for which values can be quite long.

The AuthorizationInterceptor has been enhanced so that a user can be authorized to perform create operations specifically, without authorizing all write operations. Also, conditional creates can now be authorized even if they are happening inside a FHIR transaction.

A docker compose script for the hapi-fhir-jpaserver-starter project was added. Thanks to Long Nguyen for the pull request!


A number of overridden methods in the HAPI FHIR codebase did not have the @Override annotation. Thanks to Clayton Bodendein for cleaning this up!


Plain server resource providers were not correctly matching methods that had the _id search parameter if a client performed a request using a modifier such as :not or :exact. Thanks to Petro Mykhailyshyn for the pull request!

Auto generated transaction IDs will now use both upper- and lowercase letters for more uniqueness in the same amount of space.


Performance Improvement: A significant performance improvement was made to the parsers (particularly the Json Parser) when serializing resources. This work yields improvements of 20-50% in raw encode speed when encoding large resources. Thanks to David Maplesden for the pull request!


The server CapabilityStatement (/metadata) endpoint now respects the Cache-Control header. Thanks to Jens Villadsen for the pull request!

The @Metadata annotation now has an attribute that can be used to control the cache timeout


Performance Improvement: When running inside a JPA server, The DSTU3+ validator now performs code validations by directly testing ValueSet membership against a pre-calculated copy of the ValueSet, instead of first expanding the ValueSet and then examining the expanded contents. This can yield a significant improvement in validation speed in many cases.

Validation errors will now include details about the line number where the issue was found

A new built-in server interceptor called CaptureResourceSourceFromHeaderInterceptor has been added. This interceptor can be used to capture an incoming source system URI in an HTTP Request Header and automatically place it in Resource.meta.source


The email Subscription deliverer now respects the payload property of the subscription when deciding how to encode the resource being sent. Thanks to Sean McIlvenna for the pull request!


The CapabilityStatement generator will now determine supported profiles by navigating the complete hierarchy of supported resource types, instead of just using the root resource for each type. Thanks to Stig Døssing for the pull request!

Two foreign keys have been dropped from the HFJ_SEARCH_RESULT table used by the FHIR search query cache. These constraints did not add value and caused unneccessary contention when used under high load.

An inefficient regex expression in UrlUtil was replaced with a much more efficient hand-written checker. This regex was causing a noticable performance drop when feeding large numbers of transactions into the JPA server at the same time (i.e. when loading Synthea data).

The HAPI FHIR CLI server now uses H2 as its database platform instead of Derby. Note that this means that data in any existing installations will need to be re-uploaded to the new database platform.

REST servers will no longer try to guess the content type for HTTP requests where a body is provided but no Content-Type header is included. These requests are invalid, and will now result in an HTTP 400. This change corrects an error where some interceptors (notably the RequestValidatingInterceptor, but not including any HAPI FHIR security interceptors) could be bypassed if a Content Type was not included.

The Testpage Overlay has been upgraded to use FontAwesome 5.x, and now supports being deployed to a servlet path other than "/".

The hapi-fhir-jaxrs-server module now lists dependencies on structures JARs as optional dependencies, in order to avoid automatically importing all versions. This means that implementers of JAX-RS servers may now need to add an explicit dependency on one or more structures JARs to their own project.

The IValidationSupport#validateCode(...) method has been modified to add an additional parameter (String theValueSetUrl). Most users will be unaffected by this change as HAPI FHIR provides a number of built-in implementations of this interface, but any direct user implementations of this interface will need to add the new parameter.

The hapi-fhir-testpage-overlay project now uses WebJars for importing JavaScript dependency libraries. This reduces our Git repository size and should make it easier to stay up-to-date.

The JPA server in DST2 mode previously automatically validated submitted QuestionnaireResponse resource against their corresponding Questionnaires and rejected non-conformant QuestionnaireResponse resources from being stored. This was in contrast to every other version where the RequestValidatingInterceptor has to be registered in order to achieve this specific behaviour. This behaviour has been removed from the JPA server, and the same interceptor must be used for QR validation in the DSTU2 JPA server as in all other versions of FHIR.

DSTU2.1 profile validation now uses the same R5 validation as all other versions of FHIR.

When using the _filter search parameter, string comparisons using the "eq" operator were incorrectly performing a partial match. This has been corrected. Thanks to Marc Sandberg for pointing this out!

Reference search parameters did not work via the _filter parameter

Transaction entries with a resource URL starting with a leading slash (e.g. /Organization?identifier=foo instead of Organization?identifier=foo did not work. These are now supported.

SubscriptionDstu2Config incorrectly pointed to a DSTU3 configuration file. This has been corrected.

When using the VersionedApiConverterInterceptor, GraphQL responses failed with an HTTP 500 error.

Cascading deletes now correctly handle circular references. Previously this failed with an HTTP 500 error.

The informational message returned in an OperationOutcome when a delete failed due to cascades not being enabled contained an incorrect example. This has been corrected.

In some cases, deleting a CodeSystem resource would fail because the underlying codes were not correctly deleted from the terminology service tables. This is fixed.

The FHIRPath engine used to parse search parameters in the JPA R4/R5 server is now reused across requests, as it is somewhat expensive to create and is thread safe.

The GraphQL provider did not wrap the respone in a "data" element as described in the FHIR specification. This has been corrected.

When using the Consent Service and denying a resource via the "Will See Resource" method, the resource ID and version were still returned to the user. This has been corrected so that no details about the resource are leaked.

Fix a failure in FhirTerser#visit when fields in model classes being visited contain custom subclasses of the expected type.

Updating an existing CodeSystem resource with a content mode of COMPLETE did not cause the terminology service to accurately reflect the new CodeSystem URL and/or concepts. This is now corrected.


A NullPointerException when using the AuthorizationInterceptor RuleBuilder to build a conditional rule with a custom tester has been corrected. Thanks to Tue Toft Nørgård for reporting!


The R4+ client and server modules did not recognize the new _include:iterate syntax that replaces the previous _include:recurse syntax. Both are now supported on all servers in order to avoid breaking backwards compatibility, with the new syntax now being emitted in R4+ clients.


The LOINC terminology distribution includes multiple copies of the same files. Uploading LOINC terminology resulted in some ValueSets with duplicate codes. This has been corrected by specifying a path with each filename.

New Feature: A new set of operations have been added to the JPA server that allow CodeSystem deltas to be uploaded. A CodeSystem Delta consists of a set of codes and relationships that are added or removed incrementally to the live CodeSystem without requiring a downtime or a complete upload of the contents. Deltas may be specified using either a custom CSV format or a partial CodeSystem resource.
In addition, the HAPI FHIR CLI upload-terminology command has been modified to support this new functionality.

A corner case bug in the JPA server was solved: When performing a search that contained chained reference searches where the value contained slashes (e.g. Observation?derived-from:DocumentReference.contenttype=application/vnd.mfer ) the server could fail to load later pages in the search results.


Some resource IDs and URLs for LOINC ValueSets and ConceptMaps were inconsistently populated by the terminology uploader. This has been corrected.

When a resource was updated with a meta.source containing a request id, the meta.source was getting appended with the new request id, resulting in an ever growing source.meta value. E.g. after the first update, it looks like "#9f0a901387128111#5f37835ee38a89e2" when it should only be "#5f37835ee38a89e2". This has been corrected.


The Plain Server method selector was incorrectly allowing client requests with _include statements to be handled by method implementations that did not have any @IncludeParam defined. This is now corrected. Thanks to Tuomo Ala-Vannesluoma for reporting and providing a test case!

New Feature: When using Externalized Binary Storage in the JPA server, the system will now automatically externalize Binary and Attachment payloads, meaning that these will automatically not be stored in the RDBMS.

The JPA server failed to find codes defined in not-present codesystems in some cases, and reported that the CodeSystem did not exist. This has been corrected.


When encoding a Composition resource in XML, the section narrative blocks were incorrectly replaced by the main resource narrative. Thanks to Mirjam Baltus for reporting!


AN issue with date pickers not working in the hapi-fhir-testpage-overlay project has been fixed. Thanks to GitHub user @jaferkhan for the pull request!

Model Update: The DSTU3 structures have been upgraded to the new 3.0.2 (Technical Correction) release.
The R4 structures have been upgraded to the new 4.0.1 (Technical Correction) release.
The R5 structure have been upgraded to the current (October) snapshot.

The JPA server contained a restriction on the columns used to hold a resource's type name that was too short to hold the longest name from the final R4 definitions. This has been corrected to account for names up to 40 characters long.

The subscription triggering operation was not able to handle commas within search URLs being used to trigger resources for subscription checking. This has been corrected.

In some cases where resources were recently expunged, null entries could be passed to JPA interceptors registered against the STORAGE_PRESHOW_RESOURCES hook.

In issue was fixed in the JPA server where a previously failed search would be reused, immediately returning an error rather than retrying the search.

The JPA server did not correctly process _has queries where the linked search parameter was the _id parameter.


HAPI FHIR allows transactions in DSTU3 to contain a JSON/XML Patch in a Binary resource without specifying a verb in Bundle.entry.request.method, since the valueset defined in DSTU3 for that field does not include the PATCH verb. The AuthorizationInterceptor however did not understand this and would reject these requests. This is now corrected.


A potential XXE vulnerability in the validator was corrected. The XML parser used for validating XML payloads (i.e. FHIR resources) will no longer read from DTD declarations.

Paging requests that are incorrectly executed at the type level were interpreted by the plain server as search requests with no search parameters, leading to confusing search results. These will now result in an HTTP 400 error with a meaningful error message.


QuestionnaireResponse validation in the JPA server was not able to load Questionnaire resources that were referenced using a canonical URI instead of a local reference. Thanks to Vu Vuong for reporting!


When validating JSON payloads, the JSON structure was parsed by Gson instead of passing the raw JSON to the validator. This meant that the validator was unable to catch certain structural errors that are ignored by Gson. Thanks to Michael Lawley for reporting!


The JPA server exposed a number of duplicate entries in the CapabilityStatement's list of supported _include values for a given resource. Thanks to Jens Villadsen for reporting!


An unintended dependency from hapi-fhir-base on Jetty was introduced in HAPI FHIR 4.0.0. This has been removed.

The JPA migrator tool was not able to correctly drop tables containing foreign key references in some cases. This has been corrected.


An issue was fixed where the JPA server would occasionally fail to save a resource because it contained a string containing characters that change length when normalized. Thanks to Tuomo Ala-Vannesluoma for the pull request!

In the (fairly unlikely) circumstance that a JPA server was called with a parameter where the parameter name referenced a custom search parameter with an invalid chain attached, and the value was missing entirely (e.g. ProcedureRequest?someCustomParameter.BAD_NAME= , the server would ignore this parameter instead of incorrectly returning an error. This has been corrected.


Several issues with HAPI FHIR's annotation scanner that prevented use with Kotlin based resource providers have been corrected. Thanks to Jelmer ter Wal for the pull request!

Search parameters of type URI did not work in the hapi-fhir-testpage-overlay. This has been corrected.


JPA servers accidentally stripped the type attribute from the server-exported CapabilityStatement when search parameters of type "special" were found. This has been corrected.

When running the JPA server without Lucene indexing enabled and performing ValueSet expansion, the server would incorrectly ignore inclusion rules that specified a system but no codes (i.e. include the whole system). This has been corrected.


The hapi-fhir-testpage-overlay has been updated to support R5 endpoints. Thanks to Dazhi Jiao for the pull request!

A NullPointerException in the XML Parser was fixed when serializing a resource containing an extension on a primitive datatype that was missing a URL declaration.

When using the _filter search parameter in the JPA server with an untyped resource ID, the filter could bring in search results of the wrong type. Thanks to Anthony Sute for the Pull Request and Jens Villadsen for reporting!


In some cases where where a single search parameter matches the same resource many times with different distinct values (e.g. a search by Patient:name where there are hundreds of patients having hundreds of distinct names each) the Search Coordinator would end up in an infinite loop and never return all of the possible results. Thanks to @imranmoezkhan for reporting, and to Tim Shaffer for providing a reproducible test case!

The method IVersionSpecificBundleFactory#initializeBundleFromResourceList has been deprecated, as it provided duplicate functionality to other methods and had an outdated argument list based on the Bundle needs in DSTU1. We are not aware of any public use of this API, please let us know if this deprecation causes any issues.

HTTP PUT (resource update) operations will no longer allow the version to be specified in a Content-Location header. This behaviour was allowed in DSTU1 and was never removed from HAPI even though it hasn't been permitted in the spec for a very long time. Hopefully this change will not impact anyone!

The @ProvidesResources annotation has been removed from HAPI FHIR, as it was not documented and did not do anything useful. Please get in touch if this causes any issues.

1.4.11HAPI FHIR 4.0.3 (Igloo (Point Release))


Release Information

Released: 2019-09-03

Codename: (Igloo (Point Release))


This release contains no new or updated functionality, but addressed a dependency version that was left incorrectly requiring a SNAPSHOT maven build of the org.hl7.fhir.utilities module. Users who are successfully using HAPI FHIR 4.0.0 do not need to upgrade, but any users who were blocked from upgrading due to snapshot dependency issues are advised to upgrade immediately.

1.4.12HAPI FHIR 4.0.0 (Igloo)


Release Information

Released: 2019-08-14

Codename: (Igloo)


The version of a few dependencies have been bumped to the latest versions (dependent HAPI modules listed in brackets):

  • Commons Codec (Core): 1.11 -> 1.12
  • Apache HTTPClient (Client): 4.5.3 -> 4.5.9
  • Apache HTTPCore (Client>: 4.4.6 -> 4.4.11
  • Spring (JPA): 5.1.6.RELEASE -> 5.1.8.RELEASE
  • Spring-Data (JPA): 2.1.6.RELEASE -> 2.1.8.RELEASE
  • JANSI (CLI): 1.17.1 -> 1.18
  • json-patch (JPA): 1.10 -> 1.15 (see changelog entry about this change)
  • Jackson-Databind (JPA): 2.9.9 -> (due to a Jackson vulnerability CVE-2019-12384)
  • commons-collections4 (Server/JPA): 4.1 -> 4.3
  • commons-dbcp2 (JPA): 2.5.0 -> 2.6.0
  • commons-lang3 (Core): 3.8.1 -> 3.9
  • commons-text (Core): 1.6 -> 1.7
  • Guava (JPA): 27.1-jre -> 28.0-jre

New Feature: A new interceptor called CascadingDeleteInterceptor has been added to the JPA project. This interceptor allows deletes to cascade when a specific URL parameter or header is added to the request. Cascading deletes can also be controlled by a new flag in the AuthorizationIntereptor RuleBuilder, in order to ensure that cascading deletes are only available to users with sufficient permission.

Several enhancements have been made to the AuthorizationInterceptor :

  • The interceptor now registers against the STORAGE_PRESHOW_RESOURCES interceptor hook, which allows it to successfully authorize JPA operations that don't actually return resource content, such as GraphQL responses, and resources that have been filtered using the _elements parameter.
  • The rule list is now cached on a per-request basis, which should improve performance

The $expunge global everything operation has been refactored to do deletes in small batches. This change will likely reduce performance, but does allow for the operation to succeed without timing out in larger systems.

Added some experimental version-independent model classes to ca.uhn.fhir.jpa.model.any. They permit writing code that is version independent.

Added new subclass of HashMapResourceProvider called SearchableHashMapResourceProvider that uses the in-memory matcher to search the HashMap (using a full table scan). This allows rudimentary testing without a database.

Added a new interceptor hook called STORAGE_PRESTORAGE_DELETE_CONFLICTS that is invoked when a resource delete operation is about to fail due to referential integrity conflicts. Hooks have access to the list of resources that have references to the resource being deleted and can delete them. The boolean return value of the hook indicates whether the server should try checking for conflicts again (true means try again).


The HAPI FHIR unit test suite has been refactored to no longer rely on PortUtil to assign a free port. This should theoretically result in fewer failed builds resulting from port conflicts. Thanks to Stig Døssing for the pull request!


JPA server now supports conditional PATCH operation (i.e. performing a patch with a syntax such as /Patient?identifier=sys|val )


The json-patch library used in the JPA server has been changed from java-json-tools.json-patch to a more active fork of the same project: crate-metadata.json-patch. Thanks to Jens Villadsen for the suggestion and pull request!


Support has been implemented in the JPA server for the CodeSystem $subsumes operation.

A new pointcut has been added to the JPA server called JPA_PERFTRACE_RAW_SQL that can be used to capture the raw SQL statements that are sent to the underlying database.

The JPA server now rejects subscriptions being submitted with no value in Subscription.status (this field is mandatory, but the subscription was previously ignored if no value was provided)

The JSON and XML parsers will now raise a warning or error with the Parser Error Handler if an extension is being encoded that is missing a URL, or has both a value and nested extensions on the same parent extension.


Support in the JPA Terminology Service terminology uploader has been added for uploading the IMGT HLA Nomenclature distribution files as a FHIR CodeSystem. Thanks to Joel Schneider for the contribution!


A BOM POM has been added to the HAPI FHIR distribution, allowing users to import the HAPI FHIR library with all of its submodules automatically sharing the same version. Thanks to Stig Døssing for the pull request!

AuthorizationInterceptor will now try to block delete operations sooner in the processing lifecycle if there is no chance they will be permitted later (i.e. because the type is not authorized at all)

The HAPI FHIR server will now generate a random transaction ID to every request and add it to the response headers. Clients may supply the transaction header via the X-Request-ID header.

When attempting to read a resource that is deleted, a Location header is now returned that includes the resource ID and the version ID for the deleted resource.

IBundleProvider now has an isEmpty() method that can be used to check whether any results exist. A default implementation has been provided, so this is not a breaking change.

A new server interceptor hook called PROCESSING_COMPLETED has been added. This hook is called by the server at the end of processing every request (success and failure).

Added a new Pointcut STORAGE_PRESTORAGE_EXPUNGE_EVERYTHING that is called at the start of the expungeEverything operation.

The JPA server now has the ability to generate snapshot profiles from differential profiles via the $snapshot operation, and will automatically generate a snapshot when needed for validation.

Creating/updating CodeSystems now persist CodeSystem.concept.designation to the terminology tables.

Expanded ValueSets now populate ValueSet.expansion.contains.designation.language .

@Operation methods can now declare that they will manually process the request body and/or manually generate a response instead of letting the HAPI FHIR framework take care of these things. This is useful for situations where direct access to the low-level servlet streaming API is needed.

@Operation methods can now declare that they are global, meaning that they will apply to all resource types (or instances of all resource types) if they are found on a plain provider.

@Operation method parameters may now declare their type via a String name such as "code" or "Coding" in an attribute in @OperationParam. This is useful if you want to make operation methods that can operate across different versions of FHIR.

A new resource provider for JPA servers called BinaryAccessProvider has been added. This provider serves two custom operations called $binary-access-read and $binary-access-write that can be used to request binary data in Attachments as raw binary content instead of as base 64 encoded content.

New Feature: Support for the new R5 draft resources has been added. This support includes the client, server, and JPA server. Note that these definitions will change as the R5 standard is modified until it is released, so use with caution!

Support for PATCH operations performed within a transaction (using a Binary resource as the resource type in order to hold a JSONPatch or XMLPatch body) has been added to the JPA server.

A new attribute has been added to the @Operation annotation called typeName . This annotation can be used to specify a type for an operation declared on a plain provider without needing to use a specific version of the FHIR structures.

The $upload-external-code-system operation and the corresponding HAPI FHIR CLI command can now be used to upload custom vocabulary that has been converted into a standard file format defined by HAPI FHIR. This is useful for uploading large organizational code systems.


When performing a read-if-newer operation on a plain server, the resource ID in Resource.meta.versionId is now used if a version isn't found in the resource ID itself. Thanks to Stig Døssing for the pull request!

New Feature: A new interceptor called ConsentInterceptor has been added. This interceptor allows JPA based servers to make appropriate consent decisions related to resources that and operations that are being returned. See Server Security for more information.

New Feature: The JPA server now supports GraphQL for DSTU3 / R4 / R5 servers.


New Feature: The JPA server now supports the _filter search parameter when configured to do so. The filter search parameter is an extremely flexible and powerful feature, allowing for advanced grouping and order of operations on searches. It can be dangerous however, as it potentially allows users to create queries for which no database indexes exist in the default configuration so it is disabled by default. Thanks to Anthony Sute for the pull request and all of his support in what turned out to be a lengthy merge!

Breaking Change: The HL7.org DSTU2 structures (and ONLY the HL7.org DSTU2 structures) have been moved to a new package. Where they were previously found in org.hl7.fhir.instance.model they are now found in org.hl7.fhir.dstu2.model. This was done in order to complete the harmonization between the HAPI FHIR GitHub repository and the org.hl7.fhir.core GitHub repository. This is the kind of change we don't make lightly, as we do know that it will be annoying for users of the existing library. It is a change however that will allow us to apply validator fixes much more quickly, and will greatly reduce the amount of effort required to keep up with R5 changes as they come out, so we're hoping it is worth it. Note that no classes are removed, they have only been moved, so it should be fairly straightforward to migrate existing code with an IDE.

Moved in-memory matcher from Subscription module to SearchParam module and renamed the result type from SubscriptionMatchResult to InMemoryMatchResult.

Breaking Change: The IPagingProvider interface has been modified so that the retrieveResultList method now takes one additional parameter of type RequestDetails. If you have created a custom implementation of this interface, you can add this parameter and ignore it if needed. The use of the method has not changed, so this should be an easy fix to existing code.

Breaking Change: The HAPI FHIR REST client and server will now default to using JSON encoding instead of XML when the user has not explicitly configured a preference.

Breaking Change: The JPA $upload-external-code-system operation has been moved from being a server level operation (i.e. called on the root of the server) to being a type level operation (i.e. called on the CodeSystem type).

Server CapabilityStatement/Conformance repsonses from the /metadata endpoint will now be cached for 60 seconds always. This was previously a configurable setting on the ServerConformanceProvider, but it is now handled directly by the method binding so the provider now has no responsibility for caching.

The JPA server now uses the H2 database instead of the derby database to run its unit tests. We are hoping that this cuts down on the number of false test failures we get due to mysterious derby failures.

Breaking Change: The FhirValidator#validate(IResource) method has been removed. It was deprecated in HAPI FHIR 0.7 and replaced with FhirValidator#validateWithResults(IBaseResource) so it is unlikely anyone is still depending on the old method.

The Base64Binary types for DSTU3+ now use a byte array internally to represent their content, which is more efficient than storing base 64 encoded text to represent the binary as was previously done.

A few columns named 'CODE' in the JPA terminology services tables have been renamed to 'CODEVAL' to avoid any possibility of conflicting with reserved words in MySQL. The database migrator tool has been updated to handle this change.

Two new operations, $apply-codesystem-delta-add and $apply-codesystem-delta-remove have been added to the terminology server. These methods allow codes to be dynamically added and removed from external (notpresent) codesystems.

The JPA server did not correctly index Timing fields where the timing contained a period but no individual events. This has been corrected.


The HAPI FHIR CLI import-csv-to-conceptmap command was not accounting for byte order marks in CSV files (e.g. some Excel CSV files). This has been fixed.


A bug was fixed where deleting resources within a transaction did not always correctly enforce referential integrity even if referential integrity was enabled. Thanks to Tuomo Ala-Vannesluoma for reporting!

In the JPA server, the _total=accurate was not always respected if a previous search already existed in the query cache that matched the same search parameters.


Improved stability of concurrency test framework. Thanks to Stig Døssing for the pull request!

AuthorizationInterceptor sometimes failed with a 500 error when checking compartment membership on a resource that has a contained subject (Patient).

Uploading the LOINC/RSNA Radiology Playbook would occasionally fail when evaluating part type names due to case sensitivity. This has been corrected.


Invoking the transaction or batch operation on the JPA server would fail with a NullPointerException if the Bundle passed in did not contain a resource in an entry that required a resource (e.g. a POST). Thanks to GitHub user @lytvynenko-dmitriy for reporting!


HAPI FHIR Server (plain, JPA, and JAX-RS) all populated Bundle.entry.result on search result bundles, even though the FHIR specification states that this should not be populated. This has been corrected. Thanks to GitHub user @gitrust for reporting!


Creating R4 Observation resources with a value type of SampledData failed in the JPA server because of an indexing error. Thanks to Brian Reinhold for reporting!


Fix a build failure thanks to Maven pom errors. Thanks to Gary Teichrow for the pull request!


The JPA server did not correctly process searches with a _tag:not expression containing more than one comma separated value.

FHIR model classes have a method called hasPrimitiveValue() which previously returned true if the type was a primitive datatype (e.g. StringType). This method now only returns true if the type is a primitive datatype AND the type actually has a value.

A number of columns in the JPA Terminology Services ConceptMap tables were not explicitly annotated with @Column, so the DB columns that were generated had Java ugly field names as their SQL column names. These have been renamed, and entries in the JPA migrator tool have been added for anyone upgrading.

Field values with a datatype of canonical were indexed as though they were explicit resource references by the JPA server. This led to errors about external references not being supported when uploading various resources (e.g. Questionnaires with HL7-defined ValueSet references). This has been corrected. Note that at this time, we do not index canonical references at all (as we were previously doing it incorrectly). This will be improved soon.


The OkHttp client did not correctly apply the connection timeout and socket timeout settings to client requests. Thanks to Petro Mykhailyshyn for the pull request!

The _summary element was not always respected when encoding JSON resources.


Two issues in the Thymeleaf Narrative Template which caused an error when generating a narrative on an untitled DiagnosticReport were fixed. Thanks to GitHub user @navyflower for reporting!


In the JAX-RS server, the resource type history and instance vread operations had ambiguous paths that could lead to the wrong method being called. Thanks to Seth Rylan Gainey for the pull request!


The profile validator (FhirInstanceValidator) can now be used to validate a resource using an explicit profile declaration rather than simply relying on the declared URL in the resource itself.

When using the ResponseHighlighterInterceptor, some invalid requests that would normally generate an HTTP 400 response (e.g. an invalid _elements value) would cause an HTTP 500 crash.


An example datatype was corrected in the DSTU2 Identifier datatype StructureDefinition. Thanks to Nick Robison for the pull request!

1.4.13HAPI FHIR 3.8.0 (Hippo)


Release Information

Released: 2019-05-30

Codename: (Hippo)


The version of a few dependencies have been bumped to the latest versions (dependent HAPI modules listed in brackets):

  • Guava (base): 25-jre -> 27.1-jre
  • Hibernate (JPA): 5.4.1 -> 5.4.2
  • Jackson (JPA): 2.9.7 -> 2.9.8
  • Spring (JPA): 5.1.3.RELEASE -> 5.1.6.RELEASE
  • Spring-Data (JPA): 2.1.3.RELEASE -> 2.1.6.RELEASE
  • Caffeine (JPA): 2.6.2 -> 2.7.0
  • JANSI (CLI): 1.16 -> 1.17.1

ParametersUtil now has a utility method that can be used to add parameter values using the string name of the datatype (e.g. "dateTime") in order to help building Parameters resources in a version-independent way.

In the JPA server, a much more readable error message is now returned returned when two client threads collide while trying to simultaneously create a resource with the same client-assigned ID. In addition, better error messages are now returned when conflicts such as this one are hit within a FHIR transaction operation.

The JPA query builder has been optimized to take better advantage of SQL IN (..) expressions when performing token searches with multiple OR values.

The JPA server transaction processor will now automatically detect if the request Bundle contains multiple entries having identical conditional create operations, and collapse these into a single operation. This is done as a convenience, since many conversion algorithms can accidentally generate such duplicates.

A new config setting has been added to the JPA DaoConfig that disables validation of the resource type for target resources in references.

HapiLocalizer can now handle message patterns with braces that aren't a part of a message format expression. E.g. "Here is an {example}".

JPA searches using a Composite Unique Index will now use that index for faster searching even if the search has _includes and/or _sorts. Previously these two features caused the search builder to skip using the index.

In Servers that are configured to support extended mode _elements parameters, it is now possible to use the :exclude modifier to exclude entire resource types.

When performing a search in the JPA server where one of the parameters is a reference with multiple values (e.g. Patient?organization=A,B) the generated SQL was previously a set of OR clauses and this has been collapsed into a single IN clause for better performance.

RequestDetails now has methods called getAttribute and setAttribute that can be used by interceptors to pass arbitrary data between requests.

Added new configuration parameter to DaoConfig and ModelConfig to specify the websocket context path. (Before it was hardcoded to "/websocket").

Added new IRemovableChannel interface. If a SubscriptionChannel implements this, then when a subscription channel is destroyed (because its subscription is deleted) then the remove() method will be called on that channel.

When performing a JSON Patch in JPA server, the post-patched document is now validated to ensure that the patch was valid for the candidate resource. This means that invalid patches are caught and not just silently ignored.

Expunges are now done in batches in multiple threads. Both the number of expunge threads and batch size are configurable in DaoConfig.

ValidationSupportChain will now call isCodeSystemSupported() on each entry in the chain before calling fetchCodeSystem() in order to reduce the work required by chain entries. Thanks to Anders Havn for the suggestion!

The hapi-fhir-jpaserver-starter project has been updated to use a properties file for configuration, making it much easier to get started with this project. Thanks to Sean McIlvenna for the pull request!


The InstanceValidator now supports validating QuestionnairResponses with empty items for disabled questions. Thanks to Matti Uusitalo for the pull request!


A new method has been added to the client that allows arbitrary headers to be easily added to the request. Thanks to Christian Ohr for the pull request!


VersionConverter for R2-R3 has been modified to correectly handle the renamed basedOn field. Thanks to Gary Graham for the pull request!


Add a missing @Deprecated tag. Thanks to Drew Mitchell for the pull request!


The JSON parser has removed a few unneeded super keywords that prevented overriding behaviour. Thanks to Anders Havn for the pull request!


The DSTU2/3 version converter now converts Specimen resources. Thanks to Gary Graham for the pull request!

The JPA terminology service can now detect when Hibernate Search (Lucene) is not enabled, and will perform simple ValueSet expansions without relying on Hibenrate Search in such cases.

The hapi-fhir-testpage-overlay project no longer includes any library JARs in the built WAR, in order to prevent duplicates and conflicts in implementing projects.

The JSON Patch provider has been switched to use the provider from the Java JSON Tools project, as it is much more robust and fault tolerant.

Re-use subscription channel and handlers when a subscription is updated (unless the channel type changed).


A Google Analytics script fragment was leftover in the hapi-fhir-jpaserver example and starter projects. Thanks to Patrick Werner for removing these!

A potential security vulnerability in the hapi-fhir-testpage-overlay project was corrected: A URL parameter was not being correctly escaped, leading to a potential XSS vulnerability. A big thanks to Mudit Punia and Dushyant Garg for reporting this.

When performing a search using the JPA server, if a search returned between 1500 and 2000 results, a query for the final page of results would timeout due to a page calculation error. This has been corrected.


Searching the JPA server with multiple instances of the same token search parameter (e.g. "Patient?identifier=&identifier=b" returned no results even if resources should have matched. Thanks to @mingdatacom for reporting!

JPA searches using a Composite Unique Index did not return the correct results if a REFERENCE search parameter was used with arguments that consisted of unqualified resource IDs.

A non-threadsafe use of DateFormat was cleaned up in the StopWatch class.

When returning the results of a history operation from a HAPI FHIR server, any entries with a method of DELETE contained a stub resource in Bundle.entry.resource, even though the FHIR spec states that this field should be empty. This was corrected.

Two expunge bug fixes: The first bug is that the expunge operation wasn't bailing once it hit its limit. This resulted in a "Page size must not be less than one!" error. The second bug is that one case wasn't properly handled: when a resourceId with no version is provided. This executed the case where only resource type is provided.

When updating a resource in the JPA server, if the contents have not actually changed the resource version is not updated and no new version is created. In this situation, the update time was modified however. It will no longer be updated.

When running the JPA server in Resource Client ID strategy mode of "ANY", using the _id search parameter could return incorrect results. This has been corrected.

Performing a PUT or POST against a HAPI FHIR Server with no request body caused an HTTP 500 to be returned instead of a more appropriate HTTP 400. This has been corrected.


The fetchValueSet method on IValidationSupport implementation was not visible and could not be overridden. Thanks to Patrick Werner for the pull reuqest!


The JPA server failed to index R4 reources with search parameters pointing to the Money data type. Thanks to GitHub user @navyflower for reporting!

When validating DSTU3 QuestionnaireResponses that leverage the "enableWhen" functionality available in Questionnaire resources, the validation could sometimes fail incorrectly.

Ensure that database cursors are closed immediately after performing a FHIR search.

Validation errors were fixed when using a Questionnaire with enableWhen on a question that contains sub-items.

Fixed "because at least one resource has a reference to this resource" delete error message that mistakingly reported the target instead of the source with the reference.


In JPA server when updating a resource using a client assigned ID, if the resource was previously deleted (meaning that the operation is actually a create), the server will now return an HTTP 201 instead of an HTTP 200. Thanks to Mario Hyland for reporting!

The HAPI FHIR CLI was unable to start a server in R4 mode in HAPI FHIR 3.7.0. This has been corrected.


When encoding resources, profile declarations on contained resources will now be preserved. Thanks to Anders Havn for the pull request!


Two incorrect package declarations in unit tests were corrected. Thanks to github user @zaewonyx for the PR!


The JPA database migration tool has been enhanced to support migration from HAPI FHIR 2.5. Thanks to Gary Graham for the pull request!

The hapi-fhir-jpaserver-example did not have Subscription capabilities enabled after the refactoring of how Subscriptions are enabled that occurred in HAPI FHIR 3.7.0. Thanks to Volker Schmidt for the pull request!

When using the _elements parameter on searches and reads, requesting extensions to be included caused the extensions to be included but not any values contained within. This has been corrected.

1.4.14HAPI FHIR 3.7.0 (Gale)


Release Information

Released: 2019-02-06

Codename: (Gale)


HAPI FHIR is now built using OpenJDK 11. Users are recommended to upgrade to this version of Java if this is feasible. We are not yet dropping support for Java 8 (aka 1.8), but users are recommended to upgrade if possible.

The version of a few dependencies have been bumped to the latest versions (dependent HAPI modules listed in brackets):

  • Spring (JPA): 5.0.8.RELEASE -> 5.1.3.RELEASE
  • Spring-Data (JPA): 2.0.7.RELEASE -> 2.1.3.RELEASE
  • Hibernate-Core (JPA): 5.3.6.FINAL -> 5.4.1.FINAL
  • Hibernate-Search (JPA): 5.10.3.FINAL -> 5.11.1.FINAL
  • Thymeleaf (JPA): 3.0.9.RELEASE -> 3.0.11.RELEASE
  • thymeleaf-spring4 (Testpage Overlay) has been replaced with thymeleaf-spring5
  • Commons-Lang3: 3.8 -> 3.8.1
  • Commons-Text: 1.4 -> 1.4
  • Spring Boot: 1.5.6.RELEASE -> 2.1.1.RELEASE

FHIR Parser now has an additional overload of the parseResource method that accepts an InputStream instead of a Reader as the source.

FHIR Fluent/Generic Client now has a new return option called returnMethodOutcome which can be used to return a raw response. This is handy for invoking operations that might return arbitrary binary content.

Moved state and functionality out of BaseHapiFhirDao.java into new classes: LogicalReferenceHelper, ResourceIndexedSearchParams, IdHelperService, SearcchParamExtractorService, and MatchUrlService.

Replaced explicit @Bean construction in BaseConfig.java with @ComponentScan. Beans with state are annotated with @Component and stateless beans are annotated as @Service. Also changed SearchBuilder.java and the three Subscriber classes into @Scope("protoype") so their dependencies can be @Autowired injected as opposed to constructor parameters.

AuthorizationInterceptor now allows arbitrary FHIR $operations to be authorized, including support for either allowing the operation response to proceed unchallenged, or authorizing the contents of the response.

JPA Migrator tool enhancements: An invalid SQL syntax issue has been fixed when running the CLI JPA Migrator tool against Oracle or SQL Server. In addition, when using the "Dry Run" option, all generated SQL statements will be logged at the end of the run. Also, a case sensitivity issue when running against some Postgres databases has been corrected.

In the JPA server, when performing a chained reference search on a search parameter with a target type of Reference(Any) , the search failed with an incomprehensible error. This has been corrected to return an error message indicating that the chain must be qualified with a resource type for such a field. For example, QuestionnaireResponse?subject:Patient.name=smith instead of QuestionnaireResponse?subject.name=smith .

Changed subscription processing, if the subscription criteria are straightforward (i.e. no chained references, qualifiers or prefixes) then attempt to match the incoming resource against the criteria in-memory. If the subscription criteria can't be matched in-memory, then the server falls back to the original subscription matching process of querying the database. The in-memory matcher can be disabled by setting isEnableInMemorySubscriptionMatching to "false" in DaoConfig (by default it is true). If isEnableInMemorySubscriptionMatching is "false", then all subscription matching will query the database as before.

The LOINC uploader has been updated to suport the LOINC 2.65 release file format.

The resource reindexer can now detect when a resource's current version no longer exists in the database (e.g. because it was manually expunged), and can automatically adjust the most recent version to account for this.

When updating existing resources, the JPA server will now attempt to reuse/update rows in the index tables if one row is being removed and one row is being added (e.g. because a Patient's name is changing from "A" to "B"). This has the net effect of reducing the number

Plain Server ResourceProvider classes are no longer required to be public classes. This limitation has always been enforced, but did not actually serve any real purpose so it has been removed.

A new interceptor called ServeMediaResourceRawInterceptor has been added. This interceptor causes Media resources to be served as raw content if the client explicitly requests the correct content type cia the Accept header.


A new configuration item has been added to the FhirInstanceValidator that allows you to specify additional "known extension domains", meaning domains in which the validator will not complain about when it encounters new extensions. Thanks to Heinz-Dieter Conradi for the pull request!

Added 3 interfaces for services required by the standalone subscription server. The standalone subscription server doesn't have access to a database and so needs to get its resources using a FhirClient. Thus for each of these interfaces, there are two implementations: a Dao implementaiton and a FhirClient implementation. The interfaces thus introduced are ISubscriptionProvider (used to load subscriptions into the SubscriptionRegistry), the IResourceProvider (used to get the latest version of a resource if the "get latest version" flag is set on the subscription) and ISearchParamProvider used to load custom search parameters.


FHIR Servers now support the HTTP HEAD method for FHIR read operations. Thanks to GitHub user Cory00 for the pull request!

It is now possible in a plain or JPA server to specify the default return type for create/update operations when no Prefer header has been provided by the client.

It is now possible in a JPA server to specify the _total calculation behaviour if no parameter is supplied by the client. This is done using a new setting on the DaoConfig. This can be used to force a total to always be calculated for searches, including large ones.

AuthorizationInterceptor now rejects transactions with an invalid or unset request using an HTTP 422 response Bundle type instead of silently refusing to authorize them.

AuthorizationInterceptor is now able to authorize DELETE operations performed via a transaction operation. Previously these were always denied.


OperationDefinitions are now created for named queries in server module. Thanks to Stig Døssing for the pull request!

A new server interceptor has been added called "SearchNarrowingInterceptor". This interceptor can be used to automatically narrow the scope of searches performed by the user to limit them to specific resources or compartments that the user should have access to.

In a DSTU2 server, if search parameters are expressed with chains directly in the parameter name (e.g. @RequiredParam(name="subject.name.family") ) the second part of the chain was lost when the chain was described in the server CapabilityStatement. This has been corrected.

A wrapper script for Maven has been added, enabling new users to use Maven without having to install it beforehand. Thanks to Ari Ruotsalainen for the Pull Request!

AuthorizationInterceptor can now allow a user to perform a search that is scoped to a particular resource (e.g. Patient?_id=123) if the user has read access for that specific instance.

Changed behaviour of FHIR Server to reject subscriptions with invalid criteria. If a Subscription is submitted with invalid criteria, the server returns HTTP 422 "Unprocessable Entity" and the Subscription is not persisted.

HAPI FHIR will now log the Git revision when it first starts up (on the ame line as the version number that it already logs).

Added support for _id in in-memory matcher

Add a "subscription-matching-strategy" meta tag to incoming subscriptions with value of IN_MEMORY or DATABASE indicating whether the subscription can be matched against new resources in-memory or whether a call out to the database may be required. I say "may" because subscription matches fail fast so a negative match may be performed in-memory, but a positive match will require a database call.


Support for validating enableWhen in Questionnaires has been added to the Validator. Thanks to Eeva Turkka and Matti Uutsitalo for the pull request!


A badly formatted log message when handing exceptions was cleaned up. Thanks to Magnus Watn for the pull request!

AuthorizationInterceptor now allows the GraphQL operation to be authorized. Note that this is an all-or-nothing grant for now, it is not yet possible to specify individual resource security when using GraphQL.

The JPA stale search deletion service now deletes cached search results in much larger batches (20000 instead of 500) in order to reduce the amount of noise in the logs.

In example-projects/README.md and hapi-fhir-jpaserver-example/README.md, incidate that these examples projects are no longer maintained. The README.md points users to a starter project they should use for examples.

Replaced use of BeanFactory with custom factory classes that Spring @Lookup the @Scope("prototype") beans (e.g. SearchBuilderFactory).

Removed BaseSubscriptionInterceptor and all its subclasses (RestHook, EMail, WebSocket). These are replaced by two new interceptors: SubscriptionActivatingInterceptor that is responsible for activating subscriptions and SubscriptionMatchingInterceptor that is responsible for matching incoming resources against activated subscriptions. Call DaoConfig.addSupportedSubscriptionType(type) to configure which subscription types are supported in your environment. If you are processing subscriptions on a separate server and only want to activate subscriptions on this server, you should set DaoConfig.setSubscriptionMatchingEnabled to false. The helper method SubscriptionInterceptorLoader.registerInterceptors() will check if any subscription types are supported, and if so then load active subscriptions into the SubscriptionRegistry and register the subscription activating interceptor. This method also registers the subscription matching interceptor (that matches incoming resources and sends matches to subscription channels) only if DaoConfig.isSubscriptionMatchingEnabled is true. See https://github.com/hapifhir/hapi-fhir/wiki/Proposed-Subscription-Design-Change for more details.

Moved e-mail from address configuration from EmailInterceptor (which doesn't exist any more) to DaoConfig.

Separated active subscription cache from the interceptors into a new Spring component called the SubscriptionRegistry. This component maintains a cache of ActiveSubscriptions. An ActiveSubscription contains the subscription, it's delivery channel, and a list of delivery handlers.

Introduced a new Spring factory interface ISubscribableChannelFactory that is used to create delivery channels and handlers. By default, HAPI FHIR ships with a LinkedBlockingQueue implementation of the delivery channel factory. If a different type of channel factory is required (e.g. JMS or Kafka), add it to your application context and mark it as @Primary.

Added support for matching subscriptions in a separate server from the REST Server. To do this, run the SubscriptionActivatingInterceptor on the REST server and the SubscriptionMatchingInterceptor in the standalone server. Classes required to support running a standalone subscription server are in the ca.uhn.fhir.jpa.subscription.module.standalone package. These classes are excluded by default from the JPA ApplicationContext (that package is explicitly filtered out in the BaseConfig.java @ComponentScan).

The ResponseHighlighterInterceptor now declines to handle Binary responses provided as a response from extended operations. In other words if the operation $foo returns a Binary resource, the ResponseHighliterInterceptor will not provide syntax highlighting on the response. This was previously the case for the /Binary endpoint, but not for other binary responses.

A bug in the JPA resource reindexer was fixed: In many cases the reindexer would mark reindexing jobs as deleted before they had actually completed, leading to some resources not actually being reindexed.

An issue was corrected with the JPA reindexer, where String index columns do not always get reindexed if they did not have an identity hash value in the HASH_IDENTITY column.

Under some circumstances, when a custom search parameter was added to the JPA server resources could start reindexing before the new search parameter had been saved, meaning that it was not applied to all resources. This has been corrected.


When using the HL7.org DSTU2 structures, a QuestionnaireResponse with a value of type reference would fail to parse. Thanks to David Gileadi for the pull request!

When running the JPA server on Oracle, certain search queries that return a very large number of _included resources failed with an SQL exception stating that too many parameters were used. Search include logic has been reworked to avoid this.

JPA Subscription deliveries did not always include the accurate versionId if the Subscription module was configured to use an external queuing engine. This has been corrected.

In the JPA server, search/read operations being performed within a transaction bundle did not pass the client request HTTP headers to the sub-request. This meant that AuthorizationInterceptor could not authorize these requests if it was depending on headers being present.

When using a client in DSTU3/R4 mode, if the client attempted to validate the server CapabilityStatement but was not able to parse the response, the client would throw an exception with a misleading error about the Conformance resource not existing. This has been corrected. Thanks to Shayaan Munshi for reporting and providing a test case!

It is now possible to upload a ConceptMap to the JPA server containing mappings where the source or target is a StructureDefinition canonical URI. This was previously blocked, as the system could not apply these mappings. It is now permitted to be stored, although the system will still not apply these mappings.


In JPA Server REST Hook Subscriptions, any Headers defined in the Subscription resource are now applied to the outgoing HTTP request. Thanks to Volker Schmidt for the pull request!

When fetching a page of search results, if a page offset beyond the total number of available result was requested, a single result was still returned (e.g. requesting a page beginning at index 1000 when there are only 10 results would result in the 10th result being returned). This will now result in an empty response Bundle as would be expected.

The casing of the base64Binary datatype was incorrect in the DSTU3 and R4 model classes. This has been corrected.

When performing a JPA search with a chained :text modifier (e.g. MedicationStatement?medication.code:text=aspirin,tylenol) a series of unneccesary joins were introduced to the generated SQL query, harming performance. This has been fixed.

A serialization error when performing some searches in the JPA server using data parameters has been fixed. Thanks to GitHub user @PickOneFish for reporting!


An issue with outdated syntax in the Vagrant file that prevent it from being used was corrected. Thanks to Steve Lewis for the pull requst!


The HAPI FHIR tutorial server project had outdated versions of HAPI FHIR in its pom file. Thanks to Ricardo Estevez for the pull request!

The JPA server $expunge operation could sometimes fail to expunge if another resource linked to a resource that was being expunged. This has been corrected. In addition, the $expunge operation has been refactored to use smaller chunks of work within a single DB transaction. This improves performance and reduces contention when performing large expunge workloads.


A NullPointerException during validation was fixed. Thanks to GitHub user zilin375 for the pull request!


A NullPointerException has been fixed when using custom resource classes that have a @Block class as a child element. Thanks to Lars Gram Mathiasen for reporting and providing a test case!

1.4.15HAPI FHIR 3.6.0 (Food)


Release Information

Released: 2018-11-12

Codename: (Food)


The version of a few dependencies have been bumped to the latest versions (dependent HAPI modules listed in brackets):

  • Karaf (OSGi): 4.1.4 -> 4.1.6
  • Commons-Compress (JPA): 1.14 -> 1.18
  • Jackson (JPA): 2.9.2 -> 2.9.7

The JPA server SearchCoordinator has been refactored to make searches more efficient: When a search is performed, the SearchCoordinator loads multiple pages of results even if the user has only requested a small number. This is done in order to prevent needing to re-run the search for every page of results that is loaded. In previous versions of HAPI FHIR, when a search was made the SearchCoordinator would prefetch as many results as the user could possibly request across all pages (even if this meant prefetching thousands or millions of resources). As of this version, a new option has been added to DaoConfig that specifies how many resources to prefetch. This can have a significant impact on performance for servers with a large number of resources, where users often only want the first page of results. See DatConfig#setSearchPreFetchThresholds() for configuration of this feature.

When performing a JPA server using a date parameter, if a time is not specified in the query URL, the date range is expanded slightly to include all possible timezones where the date that could apply. This makes the search slightly more inclusive, which errs on the side of caution.

A new setting has been added to the JPA server DaoConfig that causes the server to keep certain searches "warm" in the cache. This means that the search will be performed periodically in the background in order to keep a reasonably fresh copy of the results in the query cache.

The JPA server now automatically supplies several appropriate hibernate performance settings as long as the JPA EntityManagerFactory was created using HAPI FHIR's built-in method for creating it.

Existing JPA projects should consider using super.entityManagerFactory() as shown in the example project if they are not already.

The FhirTerser getValues(...) methods have been overloaded. The terser can now be used to create a null-valued element where none exists. Additionally, the terser can now add a null-valued extension where one or more such extensions already exist. These changes allow better population of FHIR elements provided an arbitrary FHIR path.

The @Operation annotation used to declare operations on the Plain Server now has a wildcard constant which may be used for the operation name. This allows you to create a server that supports operations that are not known to the server when it starts up. This is generally not advisable but can be useful for some circumstances.

When using an @Operation method in the Plain Server, it is now possible to use a parameter annotated with @ResourceParam to receive the Parameters (or other) resource supplied by the client as the request body.

The JPA server version migrator tool now runs in a multithreaded way, allowing it to upgrade th database faster when migration tasks require data updates.

A new setting has been added to the JPA Server DopConfig that controls the behaviour when a client-assigned ID is encountered (i.e. the client performs an HTTP PUT to a resource ID that doesn't already exist on the server). It is now possible to disallow this action, to only allow alphanumeric IDs (the default and only option previously) or allow any IDs including alphanumeric.


It is now possible to use your own IMessageResolver instance in the narrative generator. Thanks to Ruth Alkema for the pull request!

The REST client now allows for configurable behaviour as to whether a _format parameter should be included in requests.

JPA server R4 SearchParameter custom expression validation is now done using the actual FHIRPath evaluator, meaning it is more rigorous in what it can find.

The module which deletes stale searches has been modified so that it deletes very large searches (searches with 10000+ results in the query cache) in smaller batches, in order to avoid having very long running delete operations occupying database connections for a long time or timing out.

A new operation has been added to the JPA server called $trigger-subscription . This can be used to cause a transaction to redeliver a resource that previously triggered. See this link for a description of how this feature works. Note that you must add the SubscriptionRetriggeringProvider as shown in the sample project.

When operating in R4 mode, the HAPI FHIR server will now populate Bundle.entry.response for history and search results, which is did not previously do.

The JPA database migrator tool has been enhanced so that it now supports migrations from HAPI FHIR 3.3.0 to HAPI FHIR 3.4.0 / 3.5.0+ as well.

A bug in the JPA migration tasks from 3.4.0 to 3.5.0 caused a failure if the HFJ_SEARCH_PARM table did not exist. This table existed in previous versions of HAPI FHIR but was dropped in 3.5.0, meaning that migrations would fail if the database was created using a snapshot version of 3.5.0.

A bug was fixed in the JPA server $expunge operation where a database connection could sometimes be opened and not returned to the pool immediately, leading to pool starvation if the operation was called many times in a row.

When using the testpage overlay to delete a resource, currently a crash can occur if an unqualified ID is placed in the ID text box. This has been corrected.

AuthorizationInterceptor did not allow FHIR batch operations when the transaction() permission is granted. This has been corrected so that transaction() allows both batch and transaction requests to proceed.

The FhirTerser getValues(...) methods were not properly handling modifier extensions for verions of FHIR prior to DSTU3. This has been corrected.

When updating resources in the JPA server, a bug caused index table entries to be refreshed sometimes even though the index value hadn't changed. This issue did not cause incorrect search results but had an effect on write performance. This has been corrected.

Automatic ID generation for contained resources (in cases where the user hasn't manually specified an ID) has been streamlined to generate more predictable IDs in some cases.

A bug in the JPA server was fixed: When a resource was previously deleted, a transaction could not be posted that both restored the deleted resource but also contained references to the now-restored resource.

The $expunge operation could sometimes fail to delete resources if a resource to be deleted had recently been returned in a search result. This has been corrected.


When restful reponses tried to return multiple instances of the same response header, some instances were discarded. Thanks to Volker Schmidt for the pull request!

An issue in the HAPI FHIR CLI database migrator command has been resolved, where some database drivers did not automatically register and had to be manually added to the classpath.


A NullPointerException in DateRangeParam when a client URL conrtained a malformed date was corrected. Thanks Heinz-Dieter Conradi for the Pull Request!

When invoking an operation using the fluent client on an instance, the operation would accidentally invoke against the server if the provided ID did not include a type. This has been corrected so that an IllegalArgumentException is now thrown.

When using the HAPI FHIR CLI, user-prompted passwords were not correctly encoded, meaning that the "--basic-auth PROMPT" action was not usable. This has been corrected.

1.4.16HAPI FHIR 3.5.0


Release Information

Released: 2018-09-17


HAPI FHIR now supports JDK 9 and JDK 10, both for building HAPI FHIR as well as for use. JDK 8 remains supported and is the minimum requirement in order to build or use HAPI FHIR.

A new command has been added to the HAPI FHIR CLI tool: "migrate-database". This command performs the schema modifications required when upgrading HAPI FHIR JPA to a new version (previously this was a manual process involving running scripts and reindexing everything).

See the command documentation for more information on how to use this tool. Please post in the HAPI FHIR Google Group if you run into issues, as this is a brand new framework and we still need lots of help with testing.


LOINC uploader has been updated to support the new LOINC filename scheme introduced in LOINC 2.64. Thanks to Rob Hausam for the pull request!

In the JPA server, it is now possible for a custom search parameter to use the resolve() function in its path to descend into contained resources and index fields within them.

A new IValidationSupport implementation has been added, named CachingValidationSupport. This module wraps another implementation and provides short-term caching. This can have a dramatic performance improvement on servers that are validating or executing FHIRPath repeatedly under load. This module is used by default in the JPA server.

A new method has been added to AuthorizationInterceptor that can be used to create rules allowing FHIR patch operations. See Authorizing Patch Operations for more information.


A new view has been added to the JPA server, reducing the number of database calls required when reading resources back. This causes an improvement in performance. Thanks to Frank Tao for the pull request!

The version of a few dependencies have been bumped to the latest versions (dependent HAPI modules listed in brackets):

  • Gson (JSON Parser): 2.8.1 -> 2.8.5
  • Spring Framework (JPA): 5.0.3.RELEASE -> 5.0.8.RELEASE
  • Hibernate ORM (JPA): 5.2.16.Final -> 5.3.6.Final
  • Hibernate Search (JPA): 5.7.1.Final -> 5.10.3.Final
  • Jetty (CLI): 9.4.8.v20171121 -> 9.4.12.v20180830
  • Commons-Codec (All): 1.10 -> 1.11
  • Commons-Lang (All): 3.7 -> 3.8
  • Commons-IO (All): 2.5 -> 2.6
  • Spring-Data (JPA): 1.11.6.RELEASE -> 2.0.7.RELEASE


The generic/fluent client now supports the :contains modifier on string search params. Thanks to Clayton Bodendein for the pull request!

The REST Server module now allows more than one Resource Provider (i.e. more than one implementation of IResourceProvider) to be registered to the RestfulServer for the same resource type. Previous versions of HAPI FHIR have always limited support to a single resource provider, but this limitation did not serve any purpose so it has been removed.

The HashMapResourceProvider now supports the type and instance history operations. In addition, the search method for the _id search parameter now has the search parameter marked as "required". This means that additional search methods can be added in subclasses without their intended searches being routed to the searchById method. Also, the resource map now uses a LinkedHashMap, so searches return a predictable order for unit tests.

The generic client history operations (history-instance, history-type, and history-server) now support the _at parameter.

A new mnandatory library depdendency has been added to hapi-fhir-base, meaning that all applications using HAPI FHIR must import ti: commons-text. This library has been added as a few utility methods used by HAPI FHIR that were formerly in the commons-lang3 project have been moved into commons-text. This library has been added as a non-optional dependency in the hapi-fhir-base POM, so Maven/Gradle users should not have to make any changes.

In the plain server, many resource provider method parameters may now use a generic IPrimitiveType<String> or IPrimitiveType<Date> at the parameter type. This is handy if you are trying to write code that works across versions of FHIR.

Several convenience methods have been added to the fluent/generic client interfaces. These methods allow the adding of a sort via a SortSpec object, as well as specifying search parameters via a plain Map of Strings.

A new client interceptor called ThreadLocalCapturingInterceptor has been added. This interceptor works the same way as CapturingInterceptor in that it captures requests and responses for later processing, but it uses a ThreadLocal object to store them in order to facilitate use in multithreaded environments.

A new constructor has been added to the client BasicAuthInterceptor allowing credentials to be specified in the form "username:password" as an alternate to specifying them as two discrete strings.

SimpleBundleProvider has been modified to optionally allow calling code to specify a search UUID, and a field to allow the preferred page size to be configured.

The JPA server search UUID column has been reduced in length from 40 chars to 36, in order to align with the actual length of the generated UUIDs.

Plain servers using paging may now specify an ID/name for individual pages being returned, avoiding the need to respond to arbitrary offset/index requests from the server. In this mode, page links in search result bundles simply include the ID to the next page.

JPA subscription delivery queues no longer store the resource body in the queue (only the ID), which should reduce the memory/disk footprint of the queue when it grows long.

The JPA server now has a configuration item in the DaoConfig to specify which bundle types may be stored as-is on the /Bundle endpoint. By default the following types are allowed: collection, document, message.

When performing a ConceptMap/$translate operation with reverse="true" in the arguments, the equivalency flag is now set on the response just as it is for a non-reverse lookup.

When executing a FHIR transaction in JPA server, if the request bundle contains placeholder IDs references (i.e. "urn:uuid:*" references) that can not be resolved anywhere else in the bundle, a user friendly error is now returned. Previously, a cryptic error containing only the UUID was returned. As a part of this change, transaction processing has now been consolidated into a single codebase for DSTU3 / R4 (and future) versions of FHIR. This should greatly improve maintainability and consistency for transaction processing.

ResponseHighlighterInterceptor now displays the total size of the output and an estimate of the transfer time at the bottom of the response.


The Prefer header is now honoured for HTTP PATCH requests. Thanks to Alin Leonard for the Pull Request!

The Composition operation $document has been implemented. Thanks to Patrick Werner for the Pull Request!

HAPI FHIR CLI commands that allow Basic Auth credentials or a Bearer Token may now use a value of "PROMPT" to cause the CLI to prompt the user for credentials using an interactive prompt.

The maximum length for codes in the JPA server terminology service have been increased to 500 in order to better accomodate code systems with very long codes.

CapabilityStatements generated by the server module will now include the server base URL in the CapabilityStatement.implementation.url field.

The JPA server now performs a count query instead of a more expensive data query when searches using _summary=count . This means that a total will always be returned in the Bundle (this isn't always guaranteed otherwise, since the Search Controller can result in data being returned before the total number of results is known).

The JPA server SearchCoordinator now prefetches only a smaller and configurable number of results during the initial search request, and more may be requested in subsequent page requests. This change may have a significant improvement on performance: in previous versions of HAPI FHIR, even if the user only wanted the first page of 10 results, many many more might be prefetched, consuming database resources and server time.


Spring-data (used by the JPA server) has been upgraded to version 2.0.7 (from version 1.11.6). Thanks to Roman Doboni for the pull request!

AuthorizationInterceptor now examines requests more closely in order to block requests early that are not possibly going to return allowable results when compartment rules are used. For example, if an AuthorizationInterceptor is configured to allow only read access to compartment Patient/123 , a search for Observation?subject=987 will now be blocked before the method handler is called. Previously the search was performed and the results were examined in order to determine whether they were all in the appropriate compartment, but this incurs a performance cost, and means that this search would successfully return an empty Bundle if no matches were present.

A new setting on AuthorizationInterceptor called setFlags(flags) can be used to maintain the previous behaviour.

JPA server loading logic has been improved to enhance performance when loading a large number of results in a page, or when loading multiple search results with tags. Thanks to Frank Tao for the pull request! This change was introduced as a part of a collaboration between HAPI FHIR and the US National Institiutes for Health (NIH).


Resource loading logic for the JPA server has been optimized to reduce the number of database round trips required when loading search results where many of the entries have a "forced ID" (an alphanumeric client-assigned resource ID). Thanks to Frank Tao for the pull request! This change was introduced as a part of a collaboration between HAPI FHIR and the US National Institiutes for Health (NIH).

An index in the JPA server on the HFJ_FORCED_ID table was incorrectly not marked as unique. This meant that under heavy load it was possible to create two resources with the same client-assigned ID.

The JPA server $expunge operation deleted components of an individual resource record in separate database transactions, meaning that if an operation failed unexpectedly resources could be left in a weird state. This has been corrected.


A bug was fixed in the JPA terminology uploader, where it was possible in some cases for some ValueSets and ConceptMaps to not be saved because of a premature short circuit during deferred uploading. Thanks to Joel Schneider for the pull request!


A bug in the HAPI FHIR CLI was fixed, where uploading terminology for R4 could cause an error about the incorrect FHIR version. Thanks to Rob Hausam for the pull request!

A crash was fixed when deleting a ConceptMap resource in the JPA server. This crash was a regression in HAPI FHIR 3.4.0.

A crash in the JPA server when performing a manual reindex of a deleted resource was fixed.

Using the generic/fluent client, it is now possible to invoke the $process-message method using a standard client.operation() call. Previously this caused a strange NullPointerException.

The REST Server now sanitizes URL path components and query parameter names to escape several reserved characters (e.g. " and <) in order to prevent HTML injection attacks via maliciously crafted URLs.


The HAPI FHIR Server has been updated to correctly reflect the current FHIR specification behaviour for the Prefer header. This means that the server will no longer return an OperationOutcome by default, but that one may be requested via a Prefer header, using the newly implemented "Repreentation: OperationOutcome" value. Thanks to Ana Maria Radu for the pul request!

Fixed a bug when creating a custom search parameter in the JPA server: if the SearchParameter resource contained an invalid expression, create/update operations for the given resource would fail with a cryptic error. SearchParameter expressions are now validated upon storage, and the SearchParameter will be rejected if the expression can not be processed.


An issue was fixed in BundleUtil#toListOfEntries, where sometimes a resource could be associated with the wrong entry in the response. Thanks to GitHub user @jbalbien for the pull request!


A bug was fixed in JPA server searches: When performing a search with a _lastUpdate filter, the filter was applied to any _include values, which it should not have been. Thanks to Deepak Garg for reporting!

A crash was fixed when using the ConceptMap/$translate operation to translate a mapping where the equivalence was not specified.

A bug in the DSTU3 validator was fixed where validation resources such as StructureDefinitions and Questionnaires were cached in a cache that never expired, leading to validations against stale versions of resources.

In the REST server, if an incoming request has the Content-Encoding header, the server will not try to read request parameters from the content stream. This avoids an incompatibility with new versions of Jetty.


Custom profile names when not matching standard FHIR profile names, are now handled properly by the validator. Thanks to Anthony Sute for the Pull Request!

A crash in the validator was fixed: Validating a Bundle that did not have Bundle.fullUrl populated could cause a NullPointerException.

The experimental "dynamic mode" for search parameter registration has been removed. This mode was never published or documented and was labelled as experimental, so I am hoping it was never depended on by anyone. Please post on the HAPI FHIR mailing list if this change affects you.

1.4.17HAPI FHIR 3.4.0


Release Information

Released: 2018-05-28


The version of a few dependencies have been bumped to the latest versions (dependent HAPI modules listed in brackets):

  • Commons-Lang3 (All): 3.6 -> 3.7
  • Hibernate (JPA): 5.2.12.Final -> 5.2.16.Final
  • Javassist (JPA): 3.20.0-GA -> 3.22.0-GA

Several enhancements have been made to the JPA server index tables. These enhancements consist of new colums that will be used in a future version of HAPI FHIR to significantly decrease the amount of space required for indexes on token and string index types.

These new columns are not yet used in HAPI FHIR 3.4.0 but will be enabled in HAPI FHIR 3.5.0. Anyone upgrading to HAPI FHIR 3.4.0 (or above) is recommended to invoke the following SQL statement on their database in order to reindex all data in a background job:
Note that if you do this reindex now, you will not have any downtime while you upgrade to HAPI FHIR 3.5.0. If you need to perform the reindex at the time that you upgrade to HAPI FHIR 3.5.0 some indexes may not be available.
In addition, the following schema changes should be made while upgrading:
update table TRM_CODESYSTEM_VER drop column RES_VERSION_ID;

A new operation has been added to the JPA server called "$expunge". This operation can be used to physically delete old versions of resources, logically deleted resources, or even all resources in the database.

An experimental new feature has been added to AuthorizationInterceptor which allows user-supplied checkers to add additional checking logic to determine whether a particular rule applies. This could be used for example to restrict an auth rule to particular source IPs, or to only allow operations with specific parameter values.

A new qualifier has been added to the AuthorizationInterceptor RuleBuilder that allows a rule on an operation to match atAnyLevel() , meaning that the rule applies to the operation by name whether it is at the server, type, or instance level.

Calling IdType#withVersion(String) with a null/blank parameter will now return a copy of the ID with the version removed. Previously this call would deliberately cause an IllegalArgumentException.

The JPA server CapabilityStatement generator has been tuned so that resource counts are no longer calculated synchronously as a part of building the CapabilityStatement response. With this change, counts are calculated in the background and cached which can yield significant performance improvements on hevaily loaded servers.


Fix a bug in the DSTU2 QuestionnaireResponseValidator which prevented validation on groups with only one question. Thanks David Gileadi for the pull request!


The ConceptMap operation $translate has been implemented.

R4 structures have been updated to the latest definitions (SVN 13732)


HAPI-FHIR_CLI now includes two new commands: one for importing and populating a ConceptMap resource from a CSV; and one for exporting a ConceptMap resource to a CSV.

Operation methods on a plain server may now use parameters of type String (i.e. plain Java strings), and any FHIR primitive datatype will be automatically coerced into a String.

The HAPI FHIR CLI now supports importing an IGPack file as an import to the validation process.

When two threads attempt to update the same resource at the same time, previously an unspecified error was thrown by the JPA server. An HTTP 409 (Conflict) with an informative error message is now thrown.

StructureDefinitions for the FHIR standard extensions have been added to the hapi-fhir-validation-resources-XXXX modules. Thanks to Patrick Werner for the pull request! These have also been added to the list of definitions uploaded by the CLI "upload-definitions" command.


The HAPI FHIR CLI is now available for installation on OSX using the (really excellent) Homebrew package manager thanks to an effort by John Grimes to get it added. Thanks John!


When the REST Server experiences an expected error (such as a NullPointerException) in a resource provider class, a simple message of "Failed to call access method" is returned to the user. This has been enhanced to also include the message from the underlying exception.


DateRangeParameter was enhanced to support convenient method chanining, and the parameter validation was improved to only change state after validating that parameters were valid. Thanks to Gaetano Gallo for the pull request!


An issue in the narrative generator template for the CodeableConcept datatype was corrected. Thanks to @RuthAlk for the pull request!

The JPA server automatic reindexing process has been tweaked so that it no longer runs once per minute (this was a heavy strain on large databases) but will instead run once an hour unless triggered for some reason. In addition, the number of threads allocated to reindexing may now be adjusted via a setting in the DaoConfig.


Several tests were added to ensure accurate validation of QuestionnaireResponse resources. Thanks to Heinz-Dieter Conradi for the pull request!


A NullPointerException when validating some QuestionnaireResponse reousrces was fixed in the validator. Thanks to Heinz-Dieter Conradi for the pull request!


QuestionnaireResponse answers of type "text" may now be validated by the FhirInstanceValidator. Thanks to Heinz-Dieter Conradi for the pull request!

The DSTU2 validator has been refactored to use the same codebase as the DSTU3/R4 validator (which were harmonized in HAPI FHIR 3.3.0). This means that we now have a single codebase for all validators, which improves maintainability and brings a number of improvements to the accuracy of DSTU2 resource validation.

The REST Generic Client now supports invoking an operation on a specific version of a resource instance.

When updating resources on the JPA server, tags did not always consistently follow FHIR's recommended rules for tag retention. According to FHIR's rules, if a tag is not explicitly present on an update but was present on the previous version, it should be carried forward anyhow. Due to a bug, this happened when more than one tag was present but not when only one was present. This has been corrected. In addition, a new request header called X-Meta-Snapshot-Mode has been added that can be used by the client to override this behaviour.

The JPA server's resource counts query has been optimized to give the database a bit more flexibility to optimize, which should increase performance for this query.

Fix a significant performance regression in 3.3.0 when validating DSTU3 content using the InstanceValidator. From 3.3.0 onward, StructureDefinitions are converted to FHIR R4 content on the fly in order to reduct duplication in the codebase. These conversions happened upon every validation however, instead of only happening once which adversely affected performance. A cache has been added.

A bug in the JPA server's DSTU2 transaction processing routine caused it to occasionally consume two database connections, which could lead to deadlocks under heavy load. This has been fixed.

AuthorizationInterceptor sometimes incorrectly identified an operation invocation at the type level as being at the instance level if the method indicated that the IdParam parameter was optional. This has been fixed.

A workaround for an invalid search parameter path in the R4 consent resource has been implemented. This path was preventing some Consent resources from successfully being uploaded to the JPA server. Thanks to Anthony Sute for identifying this.


A hard-to-understand validation message was fixed in the validator when validating against profiles that declare some elements as mustSupport but have others used but not declared as mustSupport. Thanks to Patrick Werner for the PR!


When calling a getter on a DSTU3/R4 structure for a choice type (e.g. Observation#getValueString()), a NullPointerException was thrown if there was no value in this field, and the NPE had no useful error message. Now this method call will simply return null. method


A bug in the plain server was fixed that prevented some includes from correctly causing their targets to be included in the response bundle. Thanks to GitHub user @RuthAlk for the pull request!


The HumanName DSTU3+ datatype had convenience methods for testing whether the name has a specific given name or not, but these methods did not work. Thanks to Jason Owen for reporting and providing a test case!


An issue was corrected in the validator where Questionnaire references that used contained resources caused an unexpected crash. Thanks to Heinz-Dieter Conradi for the pull request!

AuthorizationInterceptor did not correctly grant access to resources by compartment when the reference on the target resource that pointed to the compartment owner was defined using a resource object (ResourceReference#setResource) instead of a reference (ResourceReference#setReference).

When performing a FHIR resource update in the JPA server where the update happens within a transaction, and the resource being updated contains placeholder IDs, and the resource has not actually changed, a new version was created even though there was not actually any change. This particular combination of circumstances seems very specific and improbable, but it is quite common for some types of solutions (e.g. mapping HL7v2 data) so this fix can prevent significant wasted space in some cases.

The REST server has been modified so that the Location header is no longer returned by the server on read or update responses. This header was returned in the past, but this header is actually inappropriate for any response that is not a create operation. The Content-Location will still be returned, and will hold the same contents.

The Postgres sample JPA project was fixed to use the current version of HAPI FHIR (it was previously stuck on 2.2). Thanks to Kai Liu for the pull request!

JPA server index tables did not have a column length specified on the resource type column. This caused the default of 255 to be used, which wasted a lot of space since resource names are all less than 30 chars long and a single resource can have 10-100+ index rows depending on configuration. This has now been set to a much more sensible 30.

The LOINC uploader for the JPA Terminology Server has been significantly beefed up so that it now takes in the full set of LOINC distribution artifacts, and creates not only the LOINC CodeSystem but a complete set of concept properties, a number of LOINC ValueSets, and a number of LOINC ConceptMaps. This work was sponsored by the Regenstrief Institute. Thanks to Regenstrief for their support!

When encoding a resource that had contained resources with user-supplied local IDs (e.g. resource.setId("#1")) as well as contained resources with no IDs (meaning HAPI should automatically assign a local ID for these resources) it was possible for HAPI to generate a local ID that already existed, making the resulting serialization invalid. This has been corrected.

1.4.18HAPI FHIR 3.3.0


Release Information

Released: 2018-03-29


This release corrects an inefficiency in the JPA Server, but requires a schema change in order to update. Prior to this version of HAPI FHIR, a CLOB column containing the complete resource body was stored in two tables: HFJ_RESOURCE and HFJ_RES_VER. Because the same content was stored in two places, the database consumed more space than is needed to.

In order to reduce this duplication, the RES_TEXT and RES_ENCODING columns have been dropped from the HFJ_RESOURCE table, and the RES_TEXT and RES_ENCODING columns have been made NULLABLE on the HFJ_RES_VER table.

The following migration script may be used to apply these changes to your database. Naturally you should back your database up prior to making this change.
ALTER TABLE hfj_resource DROP COLUMN res_text;
ALTER TABLE hfj_resource DROP COLUMN res_encoding;
ALTER TABLE hfj_res_ver ALTER COLUMN res_encoding DROP NOT NULL;

An experimental interceptor called VersionedApiConverterInterceptor has been added, which automaticaly converts response payloads to a client-specified version according to transforms built into FHIR.

ResponseHighlightingInterceptor now properly parses _format parameters that include additional content (e.g. _format=html/json;fhirVersion=1.0 )

Stale search deleting routine on JPA server has been adjusted to delete one search per transaction instead of batching 1000 searches per transaction. This should make the deletion logic more tolerant of deleting very large search result sets.

Avoid refreshing the search parameter cache from an incoming client request thread, which caused unneccesary delays for clients.

The version of a few dependencies have been bumped to the latest versions (dependent HAPI modules listed in brackets):

  • Hibernate (JPA): 5.2.10.Final -> 5.2.12.Final
  • Spring (JPA): 5.0.0 -> 5.0.3
  • Thymeleaf (Web Tespage Overlay): 3.0.7.RELEASE -> 3.0.9.RELEASE


JPA server now performs temporary/placeholder ID substitution processing on elements in resources which are of type "URI" in addition to the current substitution for elements of type "Reference". Thanks to GitHub user @t4deon for supplying a testcase!

A new IResourceProvider implementation called HashMapResourceProvider has been added. This is a complete resource provider implementation that uses a HashMap as a backing store. This class is probably of limited use in real production systems, but it cam be useful for tests or for static servers with small amounts of data.


DateParam class now has equals() and hashCode() implementations. Thanks to Gaetano Gallo for the pull request!

The client LoggingInterceptor now includes the number of milliseconds spent performing each call that is logged.


A number of HAPI FHIR modules have been converted so that they now work as OSGi modules. Unlike the previous OSGi module, which was a mega-JAR with all of HAPI FHIR in it, this is simply the appropriate OSGi manifest inside the existing JARs. Thanks to John Poth for the Pull Request!

Note that this does not cover all modules in the project. Current support includes:

  • HAPI-FHIR structures DSTU2, HL7ORGDSTU2, DSTU2.1, DSTU3, R4
  • HAPI-FHIR Resource validation DSTU2, HL7ORGDSTU2, DSTU2.1, DSTU3, R4
  • Apache Karaf features for all the above
  • Integration Tests
Remaining work includes:
  • HAPI-FHIR Server support
  • HAPI-FHIR narrative support. This might be tricky as Thymeleaf doesn't support OSGi.


ReferenceParam has been enhanced to properly return the resource type to user code in a server via the ReferenceType#getResourceType() method if the client has specified a reference parameter with a resource type. Thanks to @CarthageKing for the pull request!


An entry has been added to ResourceMetadataKeyEnum which allows extensions to be placed in the resource metadata section in DSTU2 resource (this is possible already in DSTU3+ resources as Meta is a normal model type, but the older structures worked a bit differently. Thanks to GitHub user sjanic for the contribution!


An example project has een contributed which shows how to use the CQL framework in a server with HAPI FHIR JPA. Thanks to Chris Schuler for the pull request!


A new module has been contributed called hapi-fhir-jpaserver-elasticsearch which adds support for Elasticsearch instead of raw Lucene for fulltext indexing. Testing help on this would be appreciated! Thanks to Jiajing Liang for the pull request!


REST HOOK subscriptions in the JPA server now support having an empty/missing Subscription.channel.payload value, which is supported according to the FHIR specification. Thanks to Jeff Chung for the pull request!


A new example project has been added called hapi-fhir-jpaserver-dynamic, which uses application/environment properties to configure which version of FHIR the server supports and other configuration. Thanks to Anoush Mouradian for the pull request!


A new example project showing the use of JAX-RS Server Side Events has been added. Thanks to Jens Kristian Villadsen for the pull request!


Support has been added to the JPA server for the :not modifier. Thanks to Łukasz Dywicki for the pull request!


Suport for the :contains string search parameter modifier has been added to the JPA server. Thanks to Anthony Sute for the pull request!

A new method overload has been added to IServerInterceptor: outgoingResponse(RequestDetails, ResponseDetails, HttpServletRequest, HttpServletResponse) . This new method allows an interceptor to completely replace the resource being returned with a different resource instance, or to modify the HTTP Status Code being returned. All other "outgoingResponse" methods have been deprecated and are recommended to be migrated to the new method. This new method (with its RequestDetails and ResponseDetails parameters) should be flexible enough to accommodate future needs which means that this should be the last time we have to change it.

The validation module has been refactored to use the R4 (currently maintained) validator even for DSTU3 validation. This is done by using an automatic converter which converts StructureDefinition/ValueSet/CodeSystem resources which are used as inputs to the validator. This change should fix a number of known issues with the validator, as they have been fixed in R4 but not in DSTU3. This also makes our validator much more maintainable since it is now one codebase.


Searches which were embedded in a Bundle as a transaction or batch operation did not respect any chained method parameters (e.g. MedicationRequest?medication.code=123). Thanks to @manjusampath for reporting!

A few fixes went into the build which should now allow HAPI FHIR to build correctly on JDK 9.0. Currently building is supported on JDK 8.x and 9.x only.


Client requests with an Accept header value of application/json will now be served with the non-legacy content type of application/fhir+json instead of the legacy application/json+fhir . Thanks to John Grimes for reporting!

Fixed a regression in server where a count parameter in the form @Count IntegerType theCount caused an exception if the client made a request with no count parameter included. Thanks to Viviana Sanz for reporting!

A bug in the JPA server was fixed where a Subscription incorrectly created without a status or with invalid criteria would cause a crash during startup.

An occasional crash in the JPA was fixed when using unique search parameters and updating a resource to no longer match one of these search parameters.

Avoid an endless loop of reindexing in JPA if a SearchParameter is created which indexed the SearchParameter resource itself

Deleting a resource from the testpage overlay resulted in an error page after clicking "delete", even though the delete succeeded.


JPA server now correctly indexes custom search parameters which have multiple base resource types. Previously, the indexing could cause resources of the wrong type to be returned in a search if a parameter being used also matched that type. Thanks to Dave Carlson for reporting!


An issue in the JPA server was corrected where searching using URI search parameters would sometimes not include the resource type in the criteria. This meant, for example, that a search for ValueSet?url=http://foo would also match any CodeSystem resource that happened to also have that URL as the value for the "url" search parameter. Thanks to Josh Mandel for reporting and supplying a test case!


Fix a bug where under certain circumstances, duplicate contained resources could be output by the parser's encode methods. Thanks to Frank Tao for supplying a test case!


JAX-RS server now supports R4 and DSTU2_1 FHIR versions, which were previously missing. Thanks to Clayton Bodendein for the pull request!


AuthorizationInterceptor did not correctly handle authorization against against a compartment where the compartment owner was specified as a list of IDs. Thanks to Jiajing Liang for the pull request!

JPA Server Operation Interceptor create/update methods will now no longer be fired if the create/update operation being performed is a no-op (e.g. a conditional create that did not need to perform any action, or an update where the contents didn't actually change)


JPA server sometimes updated resources even though the client supplied an update with no actual changes in it, due to changes in the metadata section being considered content changes. Thanks to Kyle Meadows for the pull request!

Fix a crash in the JSON parser when parsing extensions on repeatable elements (e.g. Patient.address.line) where there is an extension on the first repetition but not on subsequent repetitions of the repeatable primitive. Thanks to Igor Sirkovich for providing a test case!

All instances of DefaultProfileValidationSupport (i.e. one for each version of FHIR) have been fixed so that they explicitly close any InputStreams they open in order to read the built-in profile resources. Leaving these open caused resource starvation in some cases under heavy load.


Fix an issue where the JPA server crashed while attempting to normalize string values containing Korean text. Thanks to GitHub user @JoonggeonLee for reporting!

An issue was solved where it was possible for server interceptors to have both processingCompletedNormally and handleException called if the stream.close() method threw an exception. Thanks to Carlos Eduardo Lara Augusto for investigating!


The HAPI-FHIR-CLI now explicitly includes JAXB dependencies in its combined JAR file. These were not neccesary prior to Java 9, but the JDK (mercifully) does not include JAXB in the default classpath as of Java 9. This means that it is possible to perform Schematron validation on Java 9. Thanks to John Grimes for reporting and suggesting a fix!

A number of info level log lines have been reduced to debug level in the JPA server, in order to reduce contention during heavy loads and reduce the amount of noise in log files overall. A typical server should now see far less logging coming from HAPI, at least at the INFO level.


An unneccesary reference to the Javassist library has been removed from the build. Thanks to Łukasz Dywicki for the pull request!


The @TagListParam annotation has been removed. This annotation had no use after DSTU1 but never got deleted and was misleading. Thanks to Angelo Kastroulis for reporting!

1.4.19HAPI FHIR 3.2.0


Release Information

Released: 2018-01-13


Support for custom search parameters has been backported in the JPA server from DSTU3 back to DSTU2. As of this release of HAPI, full support for custom search parameters exists in all supported versions of FHIR.

A new set of methods have been added to IServerOperationInterceptor called resourcePreCreate , resourcePreUpdate , and resourcePreDelete . These methods are called within the database transaction (just as the existing methods were) but are invoked prior to the contents being saved to the database. This can be useful in order to allow interceptors to change payload contents being saved.

The HAPI FHIR Server framework now has initial support for multitenancy. At this time the support is limited to the server framework (not the client, JPA, or JAX-RS frameworks). See Server Documentation for more information.

A new method has been added to RequestDetails called setRequestContents() which can be used by interceptors to modify the request body before it is parsed by the server.

A new configuration option has been added to DaoConfig which allows newly created resources to be assigned a UUID by the server instead of a sequential ID


Fix an issue in JPA server where updating a resource sometimes caused date search indexes to be incorrectly deleted. Thanks to Kyle Meadows for the pull request!


Servers did not return an ETag if the version was provided on a DSTU3/R4 structure in the getMeta() version field instead of in the getIdElement() ID. Thanks to GitHub user @Chrisjobling for reporting!

A bug was fixed in the JPA server when performing a validate operation with a mode of DELETE on a server with referential integrity disabled, the validate operation would delete resource reference indexes as though the delete was actually happening, which negatively affected searching for the resource being validated.

Fix a crash in JPA server when performing a recursive _include which doesn't actually find any matches.


When encoding URL parameter values, HAPI FHIR would incorrectly escape a space (" ") as a plus ("+") insetad of as "%20" as required by RFC 3986. This affects client calls, as well as URLs generated by the server (e.g. REST HOOK calls). Thanks to James Daily for reporting!

Searching in JPA server using a combination of _content and _id parameters failed. Thanks to Jeff Weyer for reporting!

An unneccesary column called "MYHASHCODE" was added to the HFJ_TAG_DEF table in the JPA server schema

A few log entries emitted by the JPA server suring every search have been reduced from INFO to DEBUG in order to reduce log noise

A few redundant and no longer useful methods have been marked as deprecated in IServerInterceptor . If you have implemented custom interceptors you are recommended to migrate to the recommended methods.