Purpose
The purpose of this document is to provide insight to Sugar Developers for upgrading custom Sugar code, extensions, and integrations to the Sugar Q2 2020 release. This guide focuses on changes in Sugar Q2 2020 that could cause an immediate impact on Sugar customizations and integrations built for Sugar 9.3 (Winter '20).
Sugar Instance Upgrade Path
The upgrade path for 11.0.0-preview.1 and 11.0.0-preview.2 (this "Preview") is from 10.3 (Q1 '21). There will be no upgrade path from 11.0.0-preview.1 and 11.0.0-preview.2 to the GA version of the Sugar Q2 2021 releases.
Cloud and On-Premise Sugar Release
For those looking to upgrade from Sugar 10.0, you will be catching up with additional content released last Q3 '20, Q4 '20 and Q1 '21. In addition to this guide, please review the Sugar 10.1, Sugar 10.2, and Sugar 10.3 migration guides and Sugar 10.1, Sugar 10.2, and Sugar 10.3 release notes on the Sugar Support site to get a full view of changes since Sugar 10.0. This is not an exhaustive list of everything we did for Sugar 11.0 - just the items that we thought would be important for a developer to take note of. Check this post often as I will be adding more features, fixes, and updates to the list right up until we go live with the GA release!
Expected to Affect Few Developers
This section explains items expected to have a low impact on Sugar customizations and integrations when migrated to Sugar 11.0. It is expected that these items will affect few developers. This release addressed many smaller bug fixes and UI changes. There are not many issues that require special attention from a development standpoint. You may want to take note of the following regarding your customizations before you upgrade:
-
The /Administration/license/limits GET API endpoint has been updated to additionally return the license type, the number of available seats by license type, and a license limit flag. It is still the case that only admin users may call this endpoint.
-
Application now enforces Content Security Policies that block embedding content from untrusted domains. This will mostly affect iFrames. If you have any iFrames with external content in your Sugar instance, you will need to add those domains to the Content Security Policy Settings Admin module. If you do not whitelist the domains, the iFrame will display an error message. Visit this article for more information on CSP. Note all images are trusted so you may still embed images from other sites - just not scripts, iframes, etc.
-
When you add a new CSP setting or update it, settings will take effect immediately on the admin’s machine. Other users will be prompted with an informational message to reload their page to see changes.
-
Module Loader has been updated to accept a CSP whitelist. The syntax is 'csp' => ['default-src' => '*.mashable.com']. In that example we are telling our instance of Sugar to accept all content from mashable.com.
-
Added new /Administration/settings/validateIPAddress GET endpoint that will return the "Validate IP Address" configuration parameter value.
-
Added new /Dashboards/<id>/restore-tab-metadata?dashboard={$dashboard}&tab_index={$tabIndex}&dashboard_module={$dashboardModule} PUT endpoint. The purpose of this endpoint is to restore metadata for a specific tab on a tabbed dashboard.
-
Added new /SugarLive/config POST endpoint to save the config settings for SugarLive module.
-
For Sugar 11.0, the supported DB2 version is 11.5. Previously supported version was 11.1