Skip to content
6b8d478
Compare
Choose a tag to compare

⚠️ The Inferno ONC Certification (g)(10) Standardized API tests are moving to a new repository. Please visit the new releases page for v2.0+ of these tests.

The Inferno Program Edition v1.9.0 release fixes a number of issues that may incorrectly cause systems to fail tests.
It also includes a minor fixes not directly related to test execution.
This release may result in some systems that previously passed to now fail due to Inferno Validator dependency update.

Notice: Users that run Inferno Program Edition locally SHALL update Inferno Validator Service to v2.1.0. Please see the README for instructions on how to update your local copy of Inferno Validator Service.

This version includes updates that:

  • Updates Inferno Validator dependency to v2.1.0.
  • Fixes issue where token search fails due to server implementation performing case insensitive token search.
2278be8
Compare
Choose a tag to compare

The Inferno Program Edition v1.8.2 release fixes three test issues that may incorrectly cause systems to fail tests.
It also includes one fix not directly related to test execution.

Notice: Users that run Inferno Program Edition locally SHALL update Inferno Validator Service to v1.2.1, as the US Core CareTeam profile is updated in this release. Please see the README for instructions on how to update your local copy of Inferno Validator Service.

This version includes updates that:

  • Fixes issue where CareTeam resource validation fails when provided references to FHIR resource types that are incorrectly disallowed in the US Core CareTeam profile.
  • Fixes issue where Bulk Data CapabilityStatement validation fails when provided canonical urls with a version number.
  • Fixes issue where validator returns error when the targetProfile is empty.
458f3e8
Compare
Choose a tag to compare

The Inferno Program Edition v1.8.1 release fixes one test issue that may incorrectly cause systems to fail tests.
It also includes one fix not directly related to test execution.

This version includes updates that:

  • Fixes issue where OperationOutcome resources returned in composite-or tests improperly resulted in an error.
  • Addresses XSS vulnerability that affects instances of Inferno available for use by untrusted users.
e13a0de
Compare
Choose a tag to compare

The Inferno Program Edition v1.8.0 release fixes a number of issues that may incorrectly cause systems to fail tests. It also includes a minor fixes not directly related to test execution. This release may result in some systems that previously passed to now fail due to additional MustSupport validations.

Notice: Users that run Inferno Program Edition locally SHOULD rerun terminology build process, as 2021 version of some Code Systems are included in this release. Please see the README for instructions on how to update your local copy of terminology files. Users MAY run this release without rebuilding terminology though tests may fail to validate codings from newer version of Code Systems.

This version includes updates that:

  • Adds MustSupport validation for Observation.component in FHIR Blood Pressue profile
  • Removes MustSupport validation for dataAbsentReason in Observation profiles so that systems that never provide Observation resources without a value are not required to support dataAbsentReason
  • Updates MustSupport validation on DocumentReference resources so that servers do not need to demonstrate support for both content.attachment.url and content.attachment.data
  • Updates composite-or searches focusing on server's search capabilities with multiple values
  • Allows authorization servers to grant additional scopes beyond what was requested by clients
  • Allows tester to include Person.read scopes in requested scope
  • Restricts reference resolution and validation to US Core resources so that servers can reference resources outside of what clients have been granted
  • Removes check within the Bulk Data Export tests (BDE-02) that required systems to reject export requests with content-type other than what specified in Bulk Data Access IG v1.0.0
  • Adds UI input field for Bulk Data Export timeout setting
  • Adds system/Patient.read to the default Bulk Data scopes
  • Update terminology to newer version
51acfa1
Compare
Choose a tag to compare

The Inferno Program Edition v1.7.0 release fixes a number of issues that may incorrectly cause systems to fail tests. It also includes a minor fixes not directly related to test execution. This release may result in some systems that previously passed to now fail due to additional search tests.

This version includes updates that:

  • Adds validation for FHIR id data type specified in FHIR v4.0.1.
  • Removes check within the Bulk Data Authorization test (BDA-03) that required systems to reject authorization requests with scopes other than system scopes specified in Bulk Data Access IG v1.0.0.
  • Removes check within the Bulk Data Export tests (BDE-04 and BDE-05) that required systems to reject export requests with headers other than what specified in Bulk Data Access IG v1.0.0.
  • Adds support for IE 11 in EHR Launch Test.
  • Accepts HTTP response with status 401 as valid response for Bulk Data Authorization test (BDA-06).
  • Fixes issue where headers with invalid characters in HTTP response could crash Inferno tests.
  • Fixes the race condition in reference resolution tests.
  • Fixes issue where MustSupport tests in Multi-Patient cause inadvertent effects of tests in Single-Patient setting.
  • Adds the use parameter in Inferno's public keys that are used in the Multi-Patient API tests.
6c08c64
Compare
Choose a tag to compare

The Inferno Program Edition v1.6.2 release fixes several test issues that may incorrectly cause systems to fail tests. Systems that passed tests in Inferno Program Edition v1.6.1 should continue to pass in v1.6.2.

Updates in this version include:

  • Moves tests that ensure authorization servers reject invalid content during the token exchange step within the 'Standalone Patient App - Full Patient Access' tests ('SPB-OSLS-05', 'SPB-OSLS-06') to a separate sequence 'Other > SMART App Launch Error: Invalid Authorization Code'. This has been done to ensure that servers are allowed to invalidate codes that have been used with an incorrect client ID during the authorization code exchange process. This requires testers to perform an extra SMART launch, but the tests have not been changed otherwise.
  • Removes check within the US Core Provenance tests (USCPROV-04) that required systems to state they support the search interaction within the Provenance resource in their CapabilityStatement. Search is not required to be supported for the Provenance resource for compliance to US Core v3.1.1.
  • Updates Single Patient API tests to ignore invalid patient IDs provided by tester. Previously tests failed without properly explaining the cause of failure.
  • Fixes tests that incorrectly required exact string matches when searching by strings in certain cases, instead of "starts with" matches.
  • Fixes issue where the "Refresh Token" input was not pre-filled in the "Token Revocation" test in certain situations.
e47b9b0
Compare
Choose a tag to compare

The Inferno Program Edition v1.6.1 release fixes one test issue that may incorrectly cause systems to fail tests. It also includes a number of fixes not directly related to test execution. Systems that passed tests in Inferno Program Edition v1.6.0 should continue to pass in v1.6.1.

Updates in this version include:

  • Fixes issue where BCP:13 code validation incorrectly fails systems that include optional MIME Type parameters, such as "charset=UTF-8".
  • Fixes issue introduced in v1.6.0 that prevents new installations of Inferno from generating the necessary terminology files used for terminology validation.
  • Fixes issue that prevented the command line interface from disabling TLS Peer Validation, which often isn't necessary for CI-related tests.
cec401e
Compare
Choose a tag to compare

The Inferno Program Edition v1.6.0 release contains test updates that reflect additional guidance provided in the 2015 Cures Update CCG v1.4, as well as a number of updates to tests based on bug reports and community feedback. This release may result in some systems that previously passed to now fail due to additional search tests.

Notice: This release migrates to an alternate data persistence library because the previous library is no longer maintained. This library uses a different database schema, and therefore users that upgrade Inferno in the same directory will not have access to previous test results after upgrading to v1.6.0.

Updates in this version include:

  • Include checks for POST-based searches, in addition to the existing checks for GET-based searches, because support for POST-based searches is required in the base FHIR specification. This update may cause systems that previously passed to now fail.
  • Update the "Limited Scope" tests to no longer require the system under test to demonstrate the ability to deny "offline_access" scopes, as clarified in the CCG update.
  • Update language in the "Visual Inspection and Attestation" test to clarify that the system under test needs to inform the user when "offline_access" scopes are being granted.
  • Allow systems to use "user-level" scopes for non-Patient compartment, non-USCDI resources in the "Standalone Patient App" tests, as clarified in the CCG update.
  • Fix issue where entering a Implantable Device Type Code would cause a search test to incorrectly fail systems.
  • Fix issue where the Multi-Patient tests would incorrectly fail systems that included charset or other additional information in the Content-Type header.
  • Enable the ability to use Postgres by configuration when deployed in a shared environment for increased stability. Please review the README for information on how to enable this configuration.
  • Migrate from DataMapper to ActiveRecord because DataMapper is no longer maintained and is not receiving security updates.
  • Migrate to Ruby v2.7 and update the versions of many of the libraries being used in Inferno.
ca48fac
Compare
Choose a tag to compare

The Inferno Program Edition v1.5.0 release contains a number of fixes to tests that prevented systems from passing in certain cases. It also updates the version of the HL7 FHIR Validator from v4.3.1 to v5.2.10, which improves the correctness of FHIR resource validation and allows Inferno to suppress unnecessary errors and warnings. The update to the HL7 FHIR Validator may result in some systems that previously passed tests to now fail.

Notice: Users that run Inferno Program Edition locally must update the FHIR Validator Wrapper service to v1.2.0 so that the proper version of the HL7 FHIR Validator is used during tests. Users are prominently alerted in the Inferno user interface when the version of the validator available to Inferno is incorrect. For instructions on how to update the validator, please review the Inferno README.

Updates in this version include:

  • Update FHIR Validator Wrapper service to v1.2, which provides a service interface to the HL7 FHIR Validator v5.2.10.
  • Allow flexibility for servers to return OperationOutcome resources within US Core FHIR search Bundle responses (#229).
  • Fix issue where using contained resources on certain elements marked as MUST SUPPORT caused errors (#232).
  • Update SMART on FHIR discovery tests to only check capabilities relevant to that API endpoint (#233).
  • Fix issue that occurs when patient name includes comma in certain situations (#231).
  • Allow browsers to run Inferno within within an iframe for testing support for EHR-embedded apps(#235).
  • Fix issue where a fresh clone of Inferno crashes due to missing validators directory.
  • Fix issue where searches by token that include system are improperly formed in certain cases (#248).
  • Add warning to user interface if the validator service available to Inferno is not the correct version.
22d10be
Compare
Choose a tag to compare

The Inferno Program Edition v1.4.1 release fixes three issues that may incorrectly cause systems to fail tests. Systems that passed tests in Inferno Program Edition v1.4.0 should continue to pass in v1.4.1.

Updates in this version include:

  • Fixed issue where systems that use 'contained' references incorrectly produce an error within the Single Patient API tests.
  • Fixed issue where elements with a value of 'false' were not correctly counted during MUST SUPPORT tabulation.
  • Fixed issue if bulk data server streams chunk with no body data