5.7.7

The content of this section is only applicable for on-premises Collibra Data Governance Center environments. For the release notes of Collibra Platform, see Collibra Platform.

Generally available features

New features

Collibra Console

  • The Migration feature is no longer supported for backups of versions 5.1.x and older.
  • You can now access Collibra Console via single sign-on. The SSO protocol is limited to SAML 2.0.
  • The logging API endpoints for Collibra Console are now public.
  • A new option is added to Collibra Console to increase the security of import and export. When you export data to Excel or CSV, the new option adds an escape character to fields that start with "=", "+", "-" or "@". This avoids formulas to be executed when you open the export file in Excel. Also, when you import a file with such escape characters in Collibra Data Governance Center, the escape character is automatically removed.

Collibra Data Catalog

  • Catalog can now ingest Tableau 2020.2 and newer if you enable the Tableau metadata API in Collibra Console.
  • Sensitive data is now obfuscated after profiling if you enable the Anonymize data option in Collibra Console
  • The Collibra Data Classification model is expanding to automatically classify a number of new types of information out of the box. This release has a specific focus on privacy, offering classification of the following default classes:
    • US Adoption Taxpayer Identification Number (ATIN)
    • American Banking Association (ABA) Routing Number
    • US Drivers License Number
    • US Employer ID Number (EIN)
    • US Individual Taxpayer Identification Number (ITIN)
    • Vehicle Identification Number (VIN)
    • US License Plate Number
    • UK Drivers License Number
    • UK National Health Service (NHS) Number
    • Business vs. Personal Email Addresses
  • Data Catalog Search now contains the new Looker asset types by default.
  • The Looker metamodel is now available out-of-the-box. However, you cannot yet register a Looker data source.
  • Looker assets are now available in the "Recently viewed" and the "Reports" sections on Data Catalog Home.
  • The status of the applicable validation rules is now shown on the resource toolbar if Catalog Experience is enabled.
  • The articulation score is now shown on the resource toolbar if Catalog Experience is enabled.

Collibra Data Governance

  • You can now enable refreshed navigation in Collibra Console, with following improvements:
    • You now see a Home button in the upper left corner.
    • You now see an expandable browser pane with the Organization Browser and Asset Views.
    • Dashboards are now presented as tabs.
    • You now see an expandable product menu to switch between products.
    • Quick search is now contextual for communities and domains, but you can no longer select a search filter or category.

    Collibra will monitor the user adoption of the refreshed navigation and aims to sunset the classic navigation in 6 months.

  • When refreshed navigation is enabled, your UI customizations are no longer available.
  • The color scheme of Collibra Data Governance Center is updated.
  • You can now check whether a migration fails before running the actual migration.
  • The usability and accessibility of the Responsibilities tab pages are now improved.

Collibra Integrations

  • Collibra Data Governance Center now supports JSON Web Token (JWT)-based authentication for applications using the REST API.
  • To avoid any confusion about versions, the APIs have a now a new field "displayVersion", next to the existing "fullVersion". The displayVersion is the version that will be shown in all user interfaces. Also, the versions of Collibra Data Governance Center and Collibra Console will now be identical.
  • Collibra ERP/CRM Integrator is a next-generation integration for ERP and CRM solutions like SAP, JD Edwards, and MS Dynamics, which supports greater control and fidelity in what metadata to catalog in Collibra as it is discovered. ERP/CRM Integrator is a special connector and is not included in any bundles.

API

  • You can now enable and disable users using the Java and REST API v2.
  • You can now get the current user's global permissions using the REST API.

Enhancements

Collibra Data Catalog

  • Catalog experience is now enabled on asset pages of BI assets.
  • You can now use push down sampling for a range of SQL-based data sources.
  • Power BI Data Set assets now have a relation of the type "BI Folder contains BI Data Set" to a Power BI Workspace asset. They are no longer related to Power BI Tenant assets via this relation type.
  • The More menu in asset pages is now called 'Actions' when Catalog Experience is enabled.
  • Catalog Experience is no longer a beta feature.
  • The Cron expression tooltip in Catalog is now improved.

Collibra Console

  • The purge option "CLEANUP_ACTIVITIES" is obsolete and has been removed from Collibra Console.
  • The purge option "UPDATE_DISCOVERY_HASH" is obsolete and has been removed from Collibra Console.

Collibra Data Governance

  • If opening a diagram takes too long or causes Collibra Data Governance Center to read too much data, the diagram does not open but an error message appears. You can configure the limits in Collibra Console.
  • The buttons in the diagram editor and the filter pane have been updated to improve accessibility.
  • Newly created and copied views are now private by default.
  • If you have the "Manage shared Views, Dashboard and Search Filter" permission, you can now save a relation table view on an asset page and apply it for all users.
  • When using SAML IdP as authentication provider, you no longer have to provide a first name and last name in the token. Fields with an empty value are set to blank in Collibra.
  • When exporting scoped assignment of one or more asset types, you now also automatically export their global assignment, even when it is not selected. This avoids conflicts when the target environment does not have a global assignment for the asset types.
  • All logged user actions now mention the session ID.
  • The authentication logs now contain the full user agent information.
  • Session IDs are now hashed in the logs to increase security.
  • The logs now contain more information about authentication events.
  • The UserAuthenticationListener logs now shows the final result of a user login attempt.
  • When using Open API with basic authentication, only one session is created for the user, which improves performance and logging.
  • We have fixed some security issues by removing a flash plugin in the text editor.
  • The "Upgrade history" button now upgrades the activity history after you have upgraded to 2020.11|5.7.7, instead of migrating "activity stream" entries from Collibra DGC 4.x to Collibra DGC 5.x "history" entries.
  • You can now migrate model objects between all versions newer than 5.7.
  • We have fixed some security vulnerabilities by upgrading to the latest version of Apache Shiro (1.6.0).
  • The performance to show large hierarchies is improved due to an updated hierarchy calculation strategy. (ticket #53015, 51820, 51613)
  • The amount of available views that you can see in the view table is increased from 300 to 1,000. (ticket #51694)
  • When you import assets, the Collibra service log now contains new INFO log entries about the start date, end date and the duration of the import.
  • When you open a diagram, the Collibra service log now contains new INFO log entries about the back-end response time and the number of retrieved nodes and edges.
  • Improved search performance due to fewer postgreSQL calls when showing search results.
  • You can again add a "mailto" link in the Help menu of Collibra Data Governance Center. (ticket #52169)
  • When you hover over an asset type symbol in search results, a tooltip shows the name of the asset type.
  • You can now correctly filter the table content in the Data Profiling section when Catalog Experience is disabled. (ticket #46244)
  • On asset pages, you can no longer see the Edit or Delete buttons for characteristics if you don't have the required global permissions. (ticket #44887)

Data Privacy

  • In accordance with GDPR Article 30 requirements, we've added new business-critical attribute types to the global assignments of asset types Party and Business Process assets. This enhancement is also reflected in:
    • The Third Party Privacy Profile Import template that you can use to import and map your third-party information for GDPR and CCPA.
    • The Process Register Tableau report and the Process Register Athena view associated with Collibra Insights.

API

  • The JavaDoc of fields of class PagedResponse is now updated to include information about replacements for deprecated fields.

Performance

  • The Repository database size has reduced by approximately 30% due to several database changes.
  • The data to store hyperlinks now consumes up to 70 times less storage.
  • The performance to bulk remove data is now up to five times faster.
  • Database schema optimizations has improved the performance of export jobs by 20% to 50%.

Fixes

Collibra Data Catalog

  • Assets created by synchronizing Tableau, S3 and Data sources are now properly indexed and available in the search. (ticket #53581)
  • Jobserver ingestion and profiling logs now show information about the driver, database and schema selection.
  • Quantile calculation no longer fails for timestamp columns.
  • Jobserver no longer profiles a table if all columns have unsupported data types.
  • When an ingestion fails, the job no longer indicates that it took 50 years to complete. (ticket #48924)
  • When you stop an ingestion or profiling process in the Jobserver, the context processes are now terminated. (ticket #52388)
  • The default time pattern for profiling parameters in the Jobserver is now correctly handled.
  • The history page of an S3 File System asset type now correctly shows only activities related to the asset. (ticket #52193)
  • An ingestion job no longer fails when you register a data source with a large number of assets or foreign keys and you have defined a cron expression in the Register a data source dialog box. (ticket #48947)
  • When an ingestion job fails, the Data Profiling Results report now correctly shows the duration of the ingestion process. (ticket #48924)
  • You can now see icons of tags and comments in the titlebar of asset pages when Catalog Experience is enabled in dark theme.
  • Collibra Data Governance Center now correctly detects columns with data type Whole Number and shows the profiling and sample data on the Column's asset page.
  • On a Table asset page, sample data of a Column asset is shown as "sensitive", if you do not have the View Samples permission for the Column asset, but you do have it for at least one other Column asset from the same Table asset.
  • On a Data Set asset page, sample data of a Column asset is shown as "sensitive", if you do not have the View Samples permission for the Column asset, but you do have it for at least one other Column asset from the same Table asset that is also in the Data Set.
  • Sample data is now also shown even if there are empty columns. (ticket #50707)

Collibra Console

  • When creating a diagnostics file, the benchmark report is now correctly created. (ticket #53006)
  • The Collibra Console and Jobserver service logs are now correctly purged. (ticket #51542)
  • The SAML configuration option "14.5.1.k.Ignore endpoint scheme differences" in the DGC service configuration is no longer available.
  • Collibra Platform now uses secure default values in HTTP headers to mitigate popular attack vectors.
  • In the Data Governance Center Configuration section in Collibra Console, the Register data source, Data profiling and Beta features are now accessible for users with the ADMIN role.
  • Confidential information is no longer disclosed in a stacktrace.
  • The Group Base DN and Membership attributes are no longer mandatory to configure LDAP. (ticket #47737, 47207)
  • The version of the web server is no longer shown on error pages.
  • Upgrading an environment that has a repository cluster no longer fails. (ticket #51499)
  • When SAML_LDAP is used with SSO and the identifier is not the username, the login is now successful. (ticket #52203)
  • GraphQL schema introspection is now disabled by default. You can enable it in the Collibra service configuration in Collibra Console.
  • If SAML is enabled and signing in fails, the error message now appears correctly on the sign-in page. (ticket #48715, 53020)
  • If a user account in Collibra has an invalid email address, LDAP synchronization no longer fails, but it ignores the user. (ticket #52455)

Collibra Data Governance

  • An error message is erroneously shown when you delete an asset.
  • Improved search results for resources that include an underscore (_) in their names.
  • If SAML is enabled and sign in fails because the Search service is down, a more helpful error message is now shown on the sign in page.
  • When a job is canceled, the job status is now immediately updated in the Activities table.
  • If you open a direct link to a resource for which you do not have view permission, you now see the message 403 Forbidden.
  • After logging in using a SAML IdP, you are now redirected to the original URL instead of your default dashboard.
  • You no longer see a blank page when SSO is enabled and guest access has been disabled.
  • The system asset types "String type" and "Script type" are no longer used in 5.7.7 or newer and can thus be deleted if you migrated them from a 4.x environment.
  • When you crop a diagram, you see again nothing but the selected content.
  • On a Catalog Schema asset page, the "Refresh" button is no longer shown if you don't have the necessary permissions. (ticket #49924)
  • The suggested asset types in the Global Create dialog box now take into account the current scope. (ticket #49272)
  • If you edit an attribute directly after starting a workflow, the asset page now refreshes correctly. (ticket #51989)
  • The Activities pop-up window now correctly refreshes when you cancel a job.
  • When using the relation API to add relations, duplicate relations will be ignored. (ticket #52765)
  • Migration will no longer treat the order of view assignment rules, view sharing rules or data quality metrics as a difference as it is non-deterministic. (ticket #49528)
  • In the Responsibilities page of a resource, you can now remove a responsibility when the pop-up window with user or group information is shown. (ticket #52046)
  • After you sign out, the password field in the Sign in dialog box is now empty. (ticket #52409)
  • Group entries in history now show all dates in local time. (ticket #52194)
  • When using the REST API, concurrent logins with basic authentication no longer cause an error. (ticket #52273)
  • Data Quality score is now always up to date. (ticket #49984, 51284)
  • The history no longer shows an entry when creating a relation that failed due to maximum cardinality. (ticket #36292)
  • You can no longer create user groups via the GraphQL API if you don't have the User Administration or System Administration permission.
  • Importing a too large set of objects now fails with a clear error message. (ticket #50748, 50488)
  • When an import job fails, the import report now only contains the first 200 errors. (ticket #49361, 50057)
  • When working with search results, the “Search in fields” dialog box no longer shows fields when invalid text is entered to refine the list of fields.
  • The workflow buttons appear again without delays. (ticket #50992)
  • If a workflow is started by a built-in system user, the "Created by" user is marked as "Workflow user" and no longer "Deleted user". (ticket #42966, 51416, 51012)
  • A failed workflow that was started from a domain page now shows a human readable error message in the UI. (ticket #45211)
  • Fixed an XSS vulnerability in the Ratings text editor.
  • In a workflow start form, drop-down fields based on a user group show the group members correctly again.
  • Resetting a password now works when CSRF token validation is enabled. (ticket #49729)
  • In complex relation types, an assignment line with a boolean attribute type has now a maximum cardinality of one.
  • You can now change the avatar of another user using API v2 if you have the "System Administration" or "User Administration" global permission.
  • An asset page is now refreshed when an attribute is changed through an action on the workflow taskbar.
  • You can now safely remove the relation type 'Business Asset represent/represented by Data Asset' from the assignment of the Table asset type and its children. (ticket #49780)
  • If you use SAML authentication and the Collibra Data Governance Center sign-in page is disabled, you are now redirected to your default dashboard if you navigate to the sign-in page manually.
  • Fixed an XSS vulnerability in the Dashboard's Tasks widget. (ticket #44063)
  • In diagrams, the submenu of a node's context menu is now always completely visible.
  • You now return to the dashboard if you click your browser's Back button after following a link to a community in a dashboard's widget. (ticket #49419)

Collibra Data Privacy

  • When approved, a Compliance Self Assessment asset that was created with two parties in scope, now has the correct status Approved, instead of Obsolete.
  • An Event-based Review Rule is now triggered when an edit is first made to the approved target Business Process asset. Previously, it was only triggered if a second edit was made to the target asset.
  • If you start a manual review request for an assessment asset and select the option “Involve me in the feedback”, you are now correctly assigned the Stakeholder responsibility for the newly created assessment asset.
  • When working from an approved Compliance Self Assessment asset, the Update Asset Directly workflow now works correctly when you choose the option “Copy data from a previous Compliance Self Assessment.
  • In the Manual Review Request workflow, the Update <asset type> button now works correctly for all asset types.
  • For new installations, the following updates are applied in the Privacy framework section of the Privacy dashboard:
    • The “standards” link now points to the search page, where all Standard assets are shown.
    • The “roles and responsibilities” link has been removed.
  • For new installations, the Identifier attribute (UUID c0e00000-0000-0000-0001-000500000043) is no longer included in the CMA installation files, as it is no longer part of the Data Privacy operating model.

API

  • The REST API call to fetch all workflow tasks of a user now retrieves the correct data. Also, the performance of this call is improved.
  • When using the API to validate a single asset, the validation job is now correctly started. (ticket #50417)
  • The API and Java documentation have been updated to indicate whether method properties are deprecated or required.