Vulnerability in EPiServer.Forms
A few questions and finding - may be for episerver to have a quick read. Sorry for boring looking post.
We are in the process of rolling out EPiserver projects for content collaboration based on its current set of featues (no modification or enhancement yet). However, we've noticed a strange issue where project comments were failing on our test environment .
After doing some profiling and debugging we found that it was creating the comments but failing to load. What I found that it saves comments in tblActivityLog (previously called tblChangeLog). And due to large number of data in tblActivityLog episerver '/episerver/stores/activities' call was timing out while reading comments from that table.
I've manually cleaned up tblActivityLog and it all works. That leads me to ask few questions
We were soon planning to start using projects on our live site but with the current size of tblActivityLog projects are not going to work unless we delete it . Can someone from episerver please shed some lights and thoughts on this? Happy to provide any further information but quite keen to know if above scanario contains few bugs.
EPiServer version 9.6
There has been a lot of performance optimization done to the loading of activities and comments in the latest version. Try updating both UI and Core packages to the latest.
HiThe truncation algorithm was designed with the assumption that a project is a "shortlived" entitiy that lives for a while and then when published it will be deleted (that is how projects worked in the beginning). Now projects have changed to be continuous, so we have now changed/fixed the truncation algorithm according to this. The fix is done and will be sent for QA for testing and then released.Otherwise it is not recommended to do manual deletes from tblActivityLog (at least when the bugfix is released it should not be nessecary to do manual deletes). There is a scheduled job that takes care of truncation and the recommendation is to have it enabled with a scheduled execution (e.g. once a day).
We have upgraded to the lates version 9.12.0 and Change log truncate job still does not work - it comes with the message "
Can you please confirm if this bug was actually fixed?