Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.Problem/Motivation
Long period from last release and a significant number important issues to resolve.
Proposed resolution
Resolve major outstanding issues and release a new RC.
Resolve any other major issues and release a full release to get the module covered by the security policies.
Remaining tasks
Prioritize and assess issues for a RC and/or full release.
Critical
#2856491: Biblio Security Vulnerabilities
Major
#2806971: Make compatible with PHP 7
To Prioritize
#2642352: Data Import Error
#2566951: [PATCH] Deleting or retroactively adding a pubmed ID does not work
#2596757: Endnote Tagged - Unable to import multiple keywords
#2428711: Import gives Fatal error: Call to undefined function get_transtab_latex_unicode() error
#2068603: Uninstall is not done cleanly
#2423083: CiteProc is not outputting editor nor translator labels in citations
#2425941: Crossref client incorrectly flattens XML
#1468620: characters lost on doi import
#2351125: don't require initials match for possible duplicates
#2351129: suggested duplicates incorrectly highlights merge
#2309381: Missing biblio_crossref_md5 field from query and PHP notice
#1878580: Allow preventing disabling cache for anonymous users
#1760736: Passed by reference error on publication pages
#2397435: Typo of isset
#2071979: [PATCH] Bibtex import: Breaks if special character is right before the closing brace / many greek symbols not decoded
#2420623: [PATCH] Name parser throws exception if author name consists of a single word
#2168853: HTTP error: 400 when trying to contact crossref.org for XML input
#2155811: Support the Article-Number BibTex field from the Web of Science
#781934: Remove BibTex double braces to provide compatibility with ISI web of science export
#2141103: load issues
#1598824: Biblio: Authors
Other issues noted from the original report. It would be good to get these issues referenced correctly, either
- add reference to the issue
- new issue created with patch where applicable
- removed from this list if fixed in DEV and no corresponding issue;
- Fixed a warning that was generated if no keywords are present when importing an entry.
- Fixed an issue in the Human Name Parser which incorrectly split word boundries if the word started with a UTF-8 character. i.e. Nilgün Özer was split into three parts (Nilgün Ö zer) instead of two parts.
- Fixed issue with name parser which incorrecly split names if the ended with one of the suffix identifiers ('esq','esquire','jr','sr','2','ii','iii','iv'). For example, Fujii was split into Fuj ii
- updated to use new "styles-distribution" (github.com/citation-style-language/styles-distribution) repo
- fixed bug which cause crash on saving node if node->biblio_crossref_md5 was null.
- increased the maximum number of characters allowd in the keyword field
User interface changes
Issues with UI changes:
API changes
Issues with API changes:
Data model changes
Issues with schema changes:
Original report by [username]
I had to switch from 7.x-1.0-rc7 version of Biblio module to latest 7.x-1.x-dev by 2015-Nov-02 to solve import errors. I found out that 7.x-1.x-dev version is used on 1000 drupal installs. Given it seems it's kinda stable, I suggest to make a 7.x-1.0-rc8 release. I collected all the changes since 7.x-1.0-rc7:
- Issue #2566951 by cspitzlay: [PATCH] Deleting or retroactively adding a pubmed ID does not work The implementation of hook_node_update in biblio_pm only works correctly if an existing pubmed ID is changed. If it is not added with the initial insert then trying to add it will do nothing.
- Issue #2596757 by jiff: Endnote Tagged - Unable to import multiple keywords This patch places each keyword into an array element
- Issue #2428711 by ewhitmire: Import gives Fatal error: Call to undefined function get_transtab_latex_unicode() error' Added "<?php" to beginning of file
- Issue #2068603 by loopduplicate, gippy: Uninstall is not done cleanly
- Issue #2423083 by rjerome: CiteProc is not outputting editor nor translator labels in citations Added "csl_names" specific attributes to "csl_label"
- Issue #2425941: Crossref client incorrectly flattens XML Added a flag "citation_list" to ignore the entire citation_list tree as it is not relevent in this context.
- Issue #1468620 by St_B, sdrycroft, rjerome: characters lost on doi import
- Issue #2351125 by drasgardian: don'\''t require initials match for possible duplicates
- Issue #2351129 by drasgardian: suggested duplicates incorrectly highlights merge
- Issue #2309381 by justin2pin: Missing biblio_crossref_md5 field from query and PHP notice
- Issue #1878580 by amitaibu: Allow preventing disabling cache for anonymous users
- Issue #1760736 by Liam Morland: Passed by reference error on publication pages
- Issue #2397435 by jnand: Typo of isset
- Issue #2071979 by cspitzlay: [PATCH] Bibtex import: Breaks if special character is right before the closing brace / many greek symbols not decoded
- Issue #2420623 by cspitzlay: [PATCH] Name parser throws exception if author name consists of a single word
- Fixed a warning that was generated if no keywords are present when importing an entry.
- Fixed an issue in the Human Name Parser which incorrectly split word boundries if the word started with a UTF-8 character. i.e. Nilgün Özer was split into three parts (Nilgün Ö zer) instead of two parts.
- Fixed issue with name parser which incorrecly split names if the ended with one of the suffix identifiers ('esq','esquire','jr','sr','2','ii','iii','iv'). For example, Fujii was split into Fuj ii
- updated to use new "styles-distribution" (github.com/citation-style-language/styles-distribution) repo
- fixed bug which cause crash on saving node if node->biblio_crossref_md5 was null.
- FIXED: HTTP error: 400 when trying to contact crossref.org for XML input https://drupal.org/node/2168853
- Support the Article-Number BibTex field from the Web of Science https://drupal.org/node/2155811
- Remove BibTex double braces to provide compatibility with ISI web of science https://drupal.org/node/781934
- fixed query where an inner join on biblio_contributor table was being added twice resulting in a huge result set in some cases. https://drupal.org/node/2141103
- fixed Undefined property: stdClass::$biblio_tid in biblio_handler_field->set_label() https://drupal.org/node/1598824
- increased the maximum number of characters allowd in the keyword field
Comments
Comment #2
rcodina CreditAttribution: rcodina commentedComment #3
rcodina CreditAttribution: rcodina commentedComment #4
rcodina CreditAttribution: rcodina commentedComment #5
dasginganinja@rjerome Can we get an update on this?
Comment #6
candelas CreditAttribution: candelas as a volunteer commentedYes, it would be nice. Thanks for the module :)
Comment #7
Alan D. CreditAttribution: Alan D. commentedIt is kinda scary, but this module is not covered by the core security team without the full proper release! So I would go one step further and ask for a full release.
Note it has currently 7,865 installs... or # 658 most installed based on usage stats, sitting above another 18,000 other (mostly full release) projects
But it has been nearly 4 years since the last RC release.
Comment #8
Alan D. CreditAttribution: Alan D. commentedThe various security issues should be resolved first through.
#2856491: Biblio Security Vulnerabilities
Comment #9
dasginganinjaComment #10
Liam Morland7.x-1.0-rc8 should be tagged right now and then the remaining release-blockers should be addressed, leading to 7.x-1.0-rc9.
Comment #11
emerham CreditAttribution: emerham commentedI agree that rc8 should be tagged now and we need to start looking at other blocking patches as well as other issues that are tested and reviewed and ready for merging in.
Comment #12
Alan D. CreditAttribution: Alan D. commentedI tried to clean up the main summary a bit. There is so much out there, it would be nice for other users to contribute here too, though it's up to the maintainers for the final word. :)
Use the square bracket hash ID sq bracket format so the issue links with status so users can track these easier.
We're also using the following on a shared distribution for a number of clients
#161898: The teaser is not well-formed in node preview
#2851255: Abstract fields use the system default format
#2832502: Import DOI : url too long (Not sure if this is the best way or not, but it works)
#2542432: CrossRef data should be sanitized (sub-issue of the security meta issue, probably have all patches that are applicable applied)
Usability
#2882344: Indicator for mapped Drupal users on Author listing page Massively improves the usability for mapping real users to authors
#2857484: Use default menu task for default tab in admin area (found this irritating and had to fix)
#2912567: Better UI for Drupal user profile page No patch, notes on the Form Alter in the user profile area that we used on one system explaining this much better, both the actual widget and human friendly lock count-down.
Comment #13
Alan D. CreditAttribution: Alan D. commentedAnd obscure Search Index bug patch made it to the list
#3017138: Authors and keywords in missing in search index with node access enabled. Queries tagged with node_access
And a duplicate DOI error message mod to link to the duplicate if the user is allowed to view the publication with the duplicated DOI.
#2919905: Cleaner duplicate DOI error message
Comment #14
Liam MorlandI have just released biblio 7.x-1.0-rc8. This is the latest revision of the 7.x-1.x branch between April 6, 2016 and February 1, 2019. I will now commit the most important bug and security fixes leading to 7.x-1.0-rc9.
Comment #15
Liam MorlandThe RTBC patches and a few other bug fixes are committed. The next focus is security issues. Once those are fixed, I will release 7.x-1.0-rc9.
If you want to help, review and mark RTBC the security issues in #2856491: Biblio Security Vulnerabilities.
Comment #16
Liam MorlandFixes are committed for all issues that I intent to fix for 7.x-1.0-rc9 except #2077127: Potential WASC-19 SQL Injection. This is listed as a security issue. However, I don't think there is actually a security issue there. I would appreciate a second set of eyes reviewing that. If there is a fix for that issue or it is confirmed that it is not a security concern, I will tag 7.x-1.0-rc9 and, if no release blockers are identified for two weeks, I will make that a full release.
Comment #17
Liam MorlandThe final issue is now fixed.
Comment #18
Liam MorlandI have released biblio 7.x-1.0-rc9. This release fixes all known security issues and many bugs, including all issues that had RTBC status. Unless release blockers are identified in the next couple of weeks, this will be made a final release.
Comment #19
ar-jan CreditAttribution: ar-jan as a volunteer commentedExcellent news!
Comment #20
MariaY CreditAttribution: MariaY as a volunteer commentedVERY excellent news!!!! I really need this update. Thank you to everyone working on it!!!! Is a Drupal 8 version within the realm of possibility?
Comment #21
Liam MorlandA Drupal 8 version is a big project. It will be needed for things like Open Scholar. I expect it will happen. There isn't a plan at the moment about how it will be achieved.
Comment #22
TokiMany thanks for your work on this module, that is really great news.
Comment #23
Liam MorlandI have released biblio 7.x-1.0-rc10 to fix one final bug.
Comment #24
Liam MorlandI have released biblio 7.x-1.0-rc11. Should be the last.
Comment #25
Liam MorlandI have released biblio 7.x-1.0.
Comment #26
rcodina CreditAttribution: rcodina commented@Liam Morland Thanks for the effort!
Comment #27
rcodina CreditAttribution: rcodina commented@Liam Morland Maybe you can link to Biblio author node on Biblio project page? When I have time I will test it with latest Biblio release.
Comment #28
Liam Morland@#27 I have added a link to Biblio author node.
Comment #29
rcodina CreditAttribution: rcodina commented@Liam Morland Thanks!