Release 7.4.0 #
Note on version numbering. There is no 7.3.9 release — the line went
from 7.3.8 straight to 7.4.0. The internal changes below were sometimes
developed under a “7.3.9” working label and a< 7.3.9database-version
upgrade gate, but they all ship in 7.4.0. If you see “7.3.9” referenced
anywhere, read it as 7.4.0.
The “PDF engine + period self-heal” release. Two large internal changes,
mostly invisible to end users, plus a batch of security and admin improvements.
Highlights #
1. PDF engine: TCPDF → tFPDF #
TCPDF is gone; the sole PDF engine is now setasign/tfpdf (the canonical
UTF-8 fork of FPDF, same maintainer as FPDI). Barcodes are generated by
picqer/php-barcode-generator. Net result: a substantially smaller install
and consistent UTF-8 handling. A small in-tree HTML shim (bizHTMLCell) renders
simple <b>/<i>/<u>/<br>/<font color> markup in PhreeForm table cells.
If a form or report misbehaves after upgrade, see
PDF rendering issues.
2. journal_main.period self-heal #
A one-time repair re-stamps each transaction’s fiscal period from its
post_date against journal_periods, fixing years of accumulated drift —
especially on quality tickets, work orders, and future-dated recurring entries
that had been stamped period = 0. Going forward:
calculatePeriod()auto-extends the fiscal calendar (ensureFiscalYearCovers)
so future-dated recurs always resolve to a real period instead of 0.- Fiscal-year close ends with a JOIN-based re-stamp pass, so drift can’t
re-accumulate.
Background: Period drift and recurring entries
and Fiscal periods vs. calendar dates.
Added #
- Clear Business Cache button — Settings → Bizuno → Tools (
bizCacheExpClear),
for forcing a registry rebuild without SQL. See Cache mechanics. bizScrubSensitive()— redactspass/pwd/token/card/cvv-style
values out of debug/trace output before it’s written.- CSRF synchronizer-token layer — default-on, via the
X-Bizuno-Csrfheader;
setBIZUNO_CSRF_ENFORCE = trueto reject (vs. warn on) invalid tokens. See
REST API surface. - EDI N9/MSG capture — inbound 850 reference text is recorded as a
$0
description line on the Sales Order (MSGis a no-op so it no longer traps).
Changed #
- Role security: parent-from-child menu access — a parent menu’s level is
derived from the max of its children (removeOrphanMenus), so a container like
inventory/build/manageris reachable by granting its children. See
Roles and security. - Option lists moved to
common_meta—options_*lists are read via
getMetaCommon('options_*')and re-seeded/mirrored on cache rebuild (the
common_metarepair itself landed in 7.3.8). - Cross-module
lang()fallback — module-owned keys translate without the
caller naming the module.
Fixed #
- Quality tickets manager — period default restored to all periods (it had
silently filtered to the current period), status/closed filter wiring repaired,
and acreation_datecolumn added.
Dependency / Composer changes #
- Removed:
tecnickcom/tcpdf - Added:
setasign/tfpdf ^1.33,picqer/php-barcode-generator ^3.0 - Moved to
suggest:setasign/fpdi_pdf-parser(the commercial modern-PDF
import parser) — see the core README.
Action required on upgrade #
- Back up the database and
BIZUNO_DATAfirst. composer install/composer updateafter pulling, sotfpdfand the
barcode generator are present (a missing library shows as\tFPDFnot found).- The period self-heal runs automatically on upgrade — no manual step.
- If you hold a Setasign license and need modern-PDF (FPDI) import, re-add
setasign/fpdi_pdf-parserper the README.
Sites on the 7.4.x line after this: 7.4.3 cast PDF image width/height to
numeric (PHP 8), 7.4.4 completed that for x/y and added strict-MySQL
(GoDaddy) compatibility fixes. See the repoCHANGELOG.mdfor the point
releases.
