Summary
This release focuses on critical bug fixes and system improvements, delivering enhanced security, stability, and user experience across the ComplyFlow platform. We've resolved 14 issues including 8 bug fixes and 6 task improvements, security enhancements and form management functionality.
Key Highlights
14 total issues resolved (8 bug fixes, 6 improvements)
5 high-priority issues addressed
Enhanced security fixes
Improved form management and file handling
Better dashboard notifications and reporting accuracy
Forms
Bug Fixes
Fixed HTML display issue in Form Details History - Resolved issue where attached files showed HTML links instead of proper file links when requesting more information.
Resolved form attachment saving issue - Fixed a bug where form attachments were not being saved when Staff Users started forms and sent them to Contractors.
Fixed XSS vulnerability in form comments - Enhanced security measures now prevent malicious script execution.
Corrected form alerts display - Fixed issue where Request More Info/Feedback alerts on the Dashboard showed HTML tags and caused display errors in the Client App Form Alerts view.
Resolved console error in Contractor form creation - Fixed JavaScript console error that occurred in Step 1/Form Details view when Contractors created new forms.
Improvements
Enhanced form modification email alerts - Updated the email notification system to provide clearer information when forms are modified, improving communication between Staff Users and Contractors.
Dashboard
Improvements
Enhanced weekly dashboard reminder emails - Dashboard reminder emails now include Incident and Inspection Corrective Actions, providing a more comprehensive overview of outstanding items requiring attention.
Suppliers
Bug Fixes
Fixed document deletion issue - Resolved problem where Contractors were unable to delete their own documents in the Supplier Details Documents tab within the NCF system.
Reports and KPIs
Improvements
Improved inspection report data consistency - Addressed inconsistencies between inspection reports and the inspection list view, ensuring data accuracy across all reporting interfaces.
Site Documents
Improvements
Enhanced site document email notifications - Weekly Dashboard reminder emails now include notifications for Site Documents with "Expiring Soon" status, improving document management oversight.
Staff
Bug Fixes
Fixed Staff User permissions - Resolved issues with project-level Worker permissions, specifically addressing problems with "Assigned Sites only" permission settings.
Live Access Mobile APP
Improvements
Enhanced user data access - Updated Live Access endpoints providing more comprehensive user information for mobile applications.
Incident
Bug Fixes
Fixed mobile view display issue - Resolved problem where dropdown options for the Action Button were cut off in mobile view on the Incident Details page, improving mobile user experience.
General System Errors
Improvements
System optimisation - Refactored the getCurrentOrgStickerIdAttribute method in the Plant model to eliminate unnecessary Auth calls, improving system performance and reducing potential authentication conflicts.
Security Enhancements
This release includes important security improvements:
XSS vulnerability mitigation in form comment fields
HTML content sanitisation whilst preserving safe formatting
Enhanced input validation across form management features
Technical Notes
All changes have been thoroughly tested in development and staging environments
Security fixes have been implemented using ‘HTMLPurifier’ to maintain functionality whilst preventing XSS attacks
Performance optimisations have been applied to reduce system load and improve response times