1.20 Release Notes

Functional Requirements

• HE-5809 Improve message for manual payment status
  • When a payment transitions to the "Manual" state, the message available to developers and thus end-users will now show the response code and message detail as received from the mPesa gateway.
• HE-5686 Implement CAPTCHA for registration and password reset pages
  • As a general security improvement and to avoid automated attacks that attempt to guess user credentials, the Helium web app now includes CAPTCHA on its password reset and signup pages. Using the latest version of the reCAPTCHA API by google no additional form elements are needed and as a result usability of the password reset and signup pages are not affected as is typically the case with traditional CAPTCHA implementations.

Although already deployed to production, please also take note of the features that were deployed outside of the normal deployment schedule as part of Helium 1.19.2:

• HE-5534 - Helium should apply schema name on all persistent interactions
  • As part of this change, functionality is introduced in Helium to automatically apply the app schema name to all relevant persistent interactions including those by DSL selectors, native SQL queries and SQL scripts packaged as app source.
• HE-5754 - Inbound and outbound SMS support in Helium for OnFon
  • Introduces inbound and outbound SMS support for a new provider in Kenya, OnFon

Maintenance & Bug Fixes

• HE-5458 MWR Helium Security Finding: Username Enumeration
• HE-5782 Better handling on the front-end when a translation CSV upload failure occurs
• HE-5933 Update mPesa driver to consider B2B in a default/natural way (Release as part of Helium 1.20.4)
• HE-5926 Web table filter not clearing (Release as part of Helium 1.20.4)
• HE-5908 Failed schema migration causes Helium to run out of connections (Release as part of Helium 1.20.5)