CHANGELOG.md

CHANGELOG.md

8.0.0.3 - 2026-03-25

Fixed

Security

• [High] Authenticated Blind Boolean-Based SQL Injection in new_search_popup.php
• [High] Missing Authorization in Procedure Order AJAX Deletion Handler
• [High] Stored XSS in patient encounter Eye Exam form $CHRONIC2 and $CHRONIC3
• [High] Missing Authorization on Claim File Download Endpoint
• [High] Stored XSS in CCDA Preview via Unsanitized linkHtml Attributes
• [High] IDOR in Patient Notes Web UI allows unauthorized note access/modification
• [High] XInclude Injection in CCDA Import Allows Reading Arbitrary Server Files
• [High] SQL Injection in CAMOS Form
• [High] SQL Injection in PostCalendar Category Delete
• [Medium] Improper ACL On Import/Export Popup
• [Medium] SQL Injection via Unsanitized Variables in MedEx Recall/Reminder Processing
• [Medium] Reflected XSS via Unescaped contextName Parameter in Custom Template Editor
• [Medium] Reflected XSS in ajax_download.php via reportID parameter
• [Medium] IDOR in Portal Payment Page Allows Cross-Patient Record Access
• [Medium] IDOR in Fee Sheet Product Save
• [Medium] Missing Authorization in show-signature.php Allows Portal Patients to Read Staff Signatures
• [Medium] Missing ACL Checks on Insurance Company API Routes
• [Medium] Reflected XSS in graphs.php via title parameter
• Missing ACL check on eRx log viewer
• Parameterize all SQL in deleter.php
• Add CSRF protection and parameterize SQL in new_payment.php
• Parameterize SQL, add CSRF, fix serialization injection in portal appointment
• Parameterize SQL in pnotes.inc.php
• Prevent open redirect in portal messaging (#11223)

Bug Fixes

• Include custom LBF layout forms in patient report (#11146)
• Hide dispensed medications section when inhouse_pharmacy is disabled (#11144)
• Correct assignment typo in AuthHash SHA512 fallback (#11019)
• Align allergy begdate validation with YYYY-MM-DD docs (#10993)
• Enforce newest-first sort in encounters report (#10991)
• Correct typo in main menu logo description (#10988)
• Avoid HTML-encoded status text in demographics widgets (#10985)
• Accept #RRGGBB in status color field (#10984)
• Add missing site parameter to SDOH assessment URLs (#10949)
• Qualify column reference in CareTeamService::getCareTeamData() (#10899)
• Add state license number to eye prescription popup (#10894)
• Create certificates directory before writing key files (#10888)
• Dispense glasses Rx: manifest/dispensed refraction (#10882)
• Use theme-stable colors for receipt background contrast (#10851)

Changed

• Add missing GHSA and fix advisory URLs in 8.0.0.2 changelog (#11180)

8.0.0.2 - 2026-03-18

Fixed

Security

• [Critical] RCE in backup.php command injection

• [High] Stored XSS in Eye Exam form answers

• [High] SSRF via PDF generator

• [High] Arbitrary file read via PDF generator

• [High] zhAclCheck ignores explicit ACL denies

• [Medium] DICOM path traversal

• [Medium] Vitals IDOR (POST + PUT + legacy form)

• [Medium] DOM XSS via SearchHighlight

• [Medium] Stored XSS in portal credential print view

• [Medium] Authorization bypass in dated reminders log

• [Medium] Authorization bypass in FaxSMS AppDispatch

• PHPSessionWrapper constructor bypasses read_and_close session mode, causing lock contention (#10931)

Changed

• FHIR API documentation minor fixes (#11104)
• remove 2015 reference with schemaspy regen for rel-800 (#11101)

8.0.0.1 - 2026-03-11

Fixed

• Security fixes
  • https://github.com/openemr/openemr/security/advisories/GHSA-v8q6-h79f-736x
  • https://github.com/openemr/openemr/security/advisories/GHSA-752v-x6m4-6cf8
  • https://github.com/openemr/openemr/security/advisories/GHSA-244w-vxhp-7x99
  • https://github.com/openemr/openemr/security/advisories/GHSA-9hw7-22mr-qhfc
  • https://github.com/openemr/openemr/security/advisories/GHSA-j4mm-wg7q-v57q
  • https://github.com/openemr/openemr/security/advisories/GHSA-rwf9-px3c-3prw
  • https://github.com/openemr/openemr/security/advisories/GHSA-68fr-xm3v-p4vw
  • https://github.com/openemr/openemr/security/advisories/GHSA-4gh4-q39r-45wf
  • https://github.com/openemr/openemr/security/advisories/GHSA-55qj-x8wh-m4rm
• Backport #10408 (sms class rename) to rel-800 to fix non-deterministic PHPStan baseline (#11013)

Changed

• Unable to edit/add prescriptions after 7.0.4 upgrade (#10834)
• Update path for phpstan baseline artifacts (#10242)
• pass encounter/pid in navbar form URLs to prevent stale session (#10865)
• voice vendor ID 6 breaks UI after upgrade (#10947)
• use AccessDeniedHelper for ACL denial patterns (#10683)
• Split conflicting class name definitions (#10408)

8.0.0 - 2026-02-11

Added

• add HTI-1 pronouns to demographics (#10201)

Fixed

• Fixes #10233 cqm reporting period and deps updates (#10234)
• Add cache-buster to refactored payment JS scripts (#10156)
• Break when adding a new patient. (appears secondary to session breakage) (#10529)
• Catch all for various bug fixes. (#9995)
• Fax service new vendor add (#9866)
• FaxSMS Module Requires SMTP Username/Password Even When Not Needed (#9066)
• FaxSMS service introduction updates (#10169)
• Flow Board Colors are unset when you set them (#9401)
• Implement Symfony Sessions for Portal (#9277)
• Introduce a Module Installer (#9986)
• Portal Appointment save fails. (#10228)
• Portal audit fails with PHP error (#9963)
• Refactor API passed session requirement to access Portal CCDA actions. (#9949)
• Refactor portal custom Medical Reports (#10197)
• Relabel NewCrop to Ensora (#9890)
• Setup random fail with collate exception (#10235)
• Standardize session timeout mechanics (#10215)
• Unable to find template "portal/partial/reports/patient_report/_documents.html.twig" (#10266)
• Add FHIR Care Team to patient compartment interface (#10358)
• Broken edit button for questionnaires (#8244)
• Care team upgrade on 7.0.4 times out w/ database of 15K patients and 450K entries in uuid_registry (#10323)
• Comlink Telehealth Module throws fatal error on fresh install from Admin -> Config (#10550)
• Flow board does not change color (#8190)
• New Patient form no longer sets default options for lists where Default is checked (#10250)
• Patient Statement Email (#8321)
• Prior Authorization Module adding new authorization generates fatal error. (#10552)
• Related Person form fails to add relation for existing patient when global date format is not yyyy-mm-dd (#10251)
• fax module php fatal error allowed memory size exhausted (#10150)
• ci testing breaking in the docker build testing (#10223)
• full support for nginx/php-fpm (#1696)
• main menu - user dropdown width restricted (#10205)

Changed

• Carry over NDC info from previous encounters in Fee Sheet (#8557)
• Major Save Issues (#10095)
• Unable to add document category (#10538)
• Flaky testUserAdd test fails with TimeoutException (#10286)
• sql query error modifier can not be null (#10198)
• Exception thrown on Authentication RC service (#10248)
• one-time token for portal document notification broken (#10517)
• PHP Fatal error: Uncaught TypeError: receiptDetailLine(): Argument #4 ($quantity) must be of type int (#10291)
• undefined global var $_SESSION in patient portal (#10200)
• various session and type errors. (#10553)
• bump the selenium-updates group across 3 directories with 1 update (#10367)
• prep upgrade mechanism for docker 8.0.0 release (#10268)
• change dev version to 7.0.5 (#9513)
• change next planned version from 7.0.5 to 8.0.0 (#10029)
• some release prep for 8.0.0 (#10558)
• add pronouns and fix other layout oddities (#10202)
• add SignalWire integration (#10171)
• symfony sessions (#9340)
• Create 2026 Real World Testing report (#10284)
• add php-fpm web server instructions to Step 5 (#10478)
• Report population capture and environment flag (#10290)
• health check endpoints (healthz / livez / ready endpoints) (#6133)
• skip audit logging for health check endpoints (#10176)
• prevent sending blank statement emails (#10486)
• use correct matrix variable for isolated-tests composer cache (#10469)
• fix issue with loading Juggernaut\OpenEMR\Modules\PriorAuthModule\ (#10425)
• Fix returned value of InTransaction (#10524)
• assert $pid is defined in portal_payment.php (#10446)
• uncaught syntax error prevents CDR alert popup (#10441)
• prevent inflated totals in Financial Summary by Service Code (#10438)
• escape unescaped URL attributes in Twig templates (#10474)
• API requests with portal cookies cause session conflict error (#10416)
• increase app cookie expire time and better wrapper selection logic (#10227)
• correct collate field id attribute and add default value (#10472)
• nginx config doc path fix. (#10526)
• add title for eRx tab (#9130)
• Geo Location and population data placement (#10429)
• add translation support for BMI status display (#10406)
• #10323 care team upgrade optimization (#10347)
• #10332 uuid generation large dataset (#10346)
• #10436 redis session storage (#10437)
• #10454 webroot session fix (#10455)
• #10481 EHR launch skip login screen (#10482)
• 10456 ccda author session fix (#10470)
• FHIR DocumentReference endpoint returns clinical notes associated with the wrong patient (#10168)
• correct typos in clinical notes and track_anything forms (#10457)
• docker documentation typo (#10418)
• remove redundant syncAlertMsg wrapper (#10411)
• remove unused PredisSessionHandler class (#10528)
• consolidate email validation to use ValidationUtils (#10304)
• Consolidate IP address validation using filter_var (#10305)
• Consolidate NPI validation in ValidationUtils (#10310)

7.0.4 - 2025-12-23

Added

• New Dashboard Context Manager (#9644)
• EHI Export export with new tables and fields (#9509)
• SMART on FHIR V2.2.0 - support new scope syntax for granular permissions (#8639)
• Upgrade USPS address verification to latest API (#7815)
• change selenium chrome to chromium for arm64 support and incorporate dependabot for updates (#8737)
• migrate old care team data (#9551)
• openemr api documentation (#9827)
• pt pay invoice via onetime token (#8079)
• support for redis sentinel via predis, step 1 of 2 (#8410)
• search and add external providers with nppes npi api (#9276)

Fixed

• "Retrieve" is sometimes misspelled "retrive" (#8595)
• Add Care Team Management for ONC 2025 Compliance (#8693)
• Add Sent Fax Tracking to etherFAX Module (#9850)
• Add USCDI v5 Average Blood Pressure Observation to CCDA Vitals Organizer (#9571)
• Add reason code to our R4 FHIRCarePlan generated domain (#9262)
• Advance Directives USCDI v5 FHIR Observation (#9224)
• Argument passed to class with no constructor (#8814)
• Attempt to migrate USPS Address Verification to API v3 Tried to switc… (#9132)
• CCDA ONC 2025 Updates (#8647)
• Care plan is missing an end date and status. (#8909)
• Consistently initialize $string in toString implementations (#8449)
• Cover EventAuditLogger with tests (#8678)
• CryptoGen needs an interface (#8744)
• Current Bugs Demographic Related Person (#9414)
• Dockerfile healthchecks for openemr (#8432)
• Enable Dependabot Version Upgrades for Github Actions (#8438)
• Enhance FHIR Coverage to US Core 8.0 / USCDI v5 Compliance (#9264)
• EventAuditLogger unnecessarily instantiates CryptoGen when disabled (#8652)
• Feat openemr 9564 api documentation (#9569)
• Finish ONC USCDI v5 US Core 8.0 Service Request (#9107)
• Fix PHP 8.0+ undefined array key 'ins' warning in ins_search.php (#9518)
• Fix PHP 8.0+ warnings for undefined Smarty variables in prescription lookup (#9517)
• Fix SQL error when sorting by Allergies/Medical Problems without diagnosis filter (#9519)
• Fix sporadic test failure in HMAC validation tests (#9536)
• Fix undefined array key 'site_id' in authCloseSession() (#9522)
• Fix undefined array key warnings in CAMOS form POST handling (#9523)
• Fix undefined array key warnings in transfer_summary form (#9521)
• Fix undefined variable $odrstmt in clinical_reports.php (#9520)
• Fix undefined variables in find_code_dynamic_ajax.php when $what == 'codes' (#9524)
• Fixes #9552 remove debugger statement (#9553)
• Fixes #9617 prescription encounter display. (#9618)
• Fixes #9702 swagger bugs (#9703)
• Fixes #9756 related person endpoint (#9758)
• Fixes to CI Caching (#8672)
• Flow Board Colors are unset when you set them (#9401)
• Healthchecks for docker-compose used in ci/tests (#8399)
• Implement health checks in docker (#8368)
• Implement stand-alone SDOH (USCDI v3) history form (#8849)
• Incorporate multi-file composition with ci docker test environments (#8426)
• Introduce tests that can run without the database (#8725)
• Inventory lot add/edit JS errors (#9912)
• Missing couchdb volume causes rsync error during openemr startup in development-easy-light setup (#8593)
• Missing support for tests Specimen collection USCDI v5 (#9000)
• Multiple FHIR services missing or not passing $puuidBind parameter for patient compartment security (#9160)
• Persisted Data Not Saving Integer 0/False Values in ORDataObject (#9629)
• Portal History form Family diagnosis code session error (#9621)
• Portal Phreezable controller causing errors (#9727)
• Provide video artifacts from e2e tests for easy debugging (#8581)
• Publish coverage reports for tests (#8403)
• Related Persons (#8851)
• Rename sqlQuery in admin.php to avoid confusion (#8464)
• Result of void function is used (#8805)
• Set Rector to Level 1 and PHP 8.1 (#8600)
• Simplify CI Test Runner using Matrix (#8402)
• Status Badges report no status (#8413)
• Swagger docs normalization (#9196)
• Tidy up CryptoGen docblocks and types (#8742)
• US Core 8.0 & USCDI v5 Goal Profile Migration Guide (#9139)
• US Core 8.0 & USCDI v5 Medication Implementation Gap Analysis (#9159)
• US Core 8.0 USCDI v3-5 FHIR Observation Treatment Intervention Preference - Observation Care Experience Preference (#9295)
• USCDI v5 and US Core 8.0 Compliance Gap Analysis Procedure (#8968)
• Unable to set Compatibility mode flag OEGlobalsBag (#9681)
• Update CarePlan FHIR to U.S Core 8.0 and USCDI v5 (#9195)
• Update NewCrop/Ensora eRx Site Address (#9745)
• Update add_edit_event.php to allow repeat every 7th, 8th, 9th (#7968)
• Update and refactor CareTeam Services. Support U.S Core 8.0 and USCDI v5 (#9189)
• Update eCQM measures from 2022 to 2023 reporting period (#8749)
• Upgrade FHIR Laboratory Resources to USCDI v5 / US Core 8.0 (#9105)
• [CI][API][Docs] Added API docs freshness check (#9232)
• allow appointment repeat every 7th, 8th, 9th occurrences (#7967)
• bug openemr 9619 fix gender unk code (#9622)
• Clinical Notes Add Item for existing record clones previous author in author field instead of using current user. (#9530)
• Fix openemr:generate-access-token when no offline_access scope is present (#9620)
• Patient Gender should come from valueset https://hl7.org/fhir/R4/valueset-administrative-gender.html (#9619)
• RelatedPerson not respecting puuidBind and missing from swagger (#9756)
• Save & Continue Procedure Order with Specimen did not save specimen for new order, had to enter and save data again on existing order for save to work (#9528)
• Swagger tool v2 scopes missing, invalid $docref operation, trusted user save bug (#9702)
• add_edit_issue_medication_fragment.php has a javascript debugger statement left in the file (#9552)
• billing related causes codes missing (#9668)
• delete glasses prescription (#9614)
• encounter select list on prescription edit is showing as a non-editable number instead of a select dropdown (#9617)
• unit testing has a few deprecations (#8421)
• use custom temp directory for htmlpurify for OnsiteDocumentController.php (#9583)
• bump setup-node action from v3 to v4 (#8441)
• ccdaservice doesn't build on node 24 (#8418)
• etherFAX display renders faxes in wrong tab (#9725)
• feat openemr 9551 migrate careteam (#9563)
• isSmsEnabled is defined and not nullable (#8816)
• phpstan whitespace after ?> (#8800)
• reduce repetition in ci docker-compose files (#8416)
• remove ubuntu package scripts (#8519)
• replace tiff.js with utif2 for fax (#8210)
• unpinned, unmaintained dependency on summernote-plugins repo (#8383)

Changed

• Related Person Save (#9562)
• Product Email Registration Error, GenericProductRegistrationException (#9680)
• :parseToTokens() to use preg_split and fix PHP 8.x warnings (#9525)
• bump express from 4.22.0 to 4.22.1 in /ccdaservice (#9861)
• bump jspdf from 3.0.3 to 3.0.4 (#9582)
• bump stylelint from 16.25.0 to 16.26.0 in the build-tools group (#9581)
• Backport to rel-704: Merge commit from fork (#9722)
• Backport to rel-704: Merge commit from fork (#9697)
• Need to keep robthree/twofactorauth at 2.1.0 since higher requires php > 8.1 (#8256)
• add mariadb 11.8 LTS and mysql 9.3 to ci (#8440)
• add mariadb 12.0 to ci (#9193)
• add php 8.6-dev to pertinent ci (#9227)
• add php dependencies to composer json (#8708)
• add php extensions dom and imagick to dev-php-fpm ci dockers (#9335)
• also support mailpit in insane dev environment (#9267)
• api docs freshness test failing (#9586)
• increment crypto to version 7 and pertinent testing changes (#8820)
• migrate core ci alpine stuff to php 8.4 (openemr/openemr:flex-3.21) (#8406)
• migrated onc-certification-g10-test-kit repo to openemr org (#8607)
• php 8.5-rc for ci and 8.6-dev for ci and insane dev environment (#8935)
• prep docker for auto upgrade for future 7.0.4 release (#9577)
• update acknowledgments for planned 7.0.4 release (#9885)
• update api docs (#9670)
• update readme and ci to nodejs 22 (#8654)
• upgrade phpunit/phpunit at 10 before 2026 since higher requires php > 8.1 #8254 (#8276)
• drop php 8.1 support, update league/csv, robthree/twofactorauth, phpunit/phpunit (#8274)
• bump actions/checkout from 5 to 6 (#9579)
• fix older php-fpm dockers (update to newer debian version) (#8605)
• fix openemr/dev-php-fpm dockers (#8578)
• fix openemr/dev-php-fpm:pre-build-dev-85 docker (#8574)
• fix edge case in functional testing when adding user and fix inferno skipping logic (#8604)
• asset loading errors for header (#9492)
• couple function void fixes (#8609)
• crypto encrypt fix to maintain behavior of encryption of empty string when empty string or null (#8902)
• dependabot fix for selenium (#8765)
• ignore submodules for composer.json dependabot (#8780)
• minor escaping fix in add_edit_issue.php (#9246)
• remove requirement of opcache php extension from composer (#9343)
• unit testing for Patient Controller Security (#9731)

7.0.3.4 - 2025-05-18

Added

• Collect usage data from production installs. (#8188)
• appointments report: display patients address; select multiple providers (#8061)
• need an Eye Form Update: Addition of large format Scleral Depression Drawing/Canvas. (#8270)

Fixed

• Applying pre-payment bug in the billing system (#8156)
• Calendar Search Keywords Issue (#8239)
• Calendar Search is very confusing (#8241)
• Edit Current Patient label and buttons go to the side when on big display (#8315)
• FaxSms Module update for RingCentral (#8311)
• Log http requests and additional data. (#8337)
• Module Manager locks system (#8349)
• New feature FaxSMS module - Auto notifications (#8312)
• Registration and Usage Tracking updates (#8313)
• Registration modal fix to ensure complete decoupling (#8334)
• Reminder Workflow Usability (#8307)
• Security fixes for 7.0.3.4 (#8281)
• Telemetry disable logic and add API track events. (#8332)
• Track events API event save error (#8354)
• When updating any class that extends ORDataObject (e.g., Insurance Company), the record is deleted due to REPLACE INTO, causing the UUID to be regenerated (#8333)
• Wrong closing tag in stats_full.php (#8341)
• Cannot create encounter if "Class" field is hidden (#8259)
• FHIR observation endpoint is missing valueQuantity for standalone Inhaled oxygen flow rate vitals sign (#8136)
• Flow board does not change color (#8190)
• Importing CCDA, add XML sanitation and updates. (#8227)
• Misassignment of Clinical Notes to Encounters (#8242)
• New Encounter Facility logic ignores Set Service Facility in Encounter setting and creating user's default facility (#8262)
• Patient Portal allow_custom_report global setting is not used in portal dashboard page (#8178)
• Review and donate globals mismatched on About page (#8204)
• api missing employer.read scope for /api/patient/{puuid}/employer endpoint (#8135)
• appointments report csv file header row does not match report headers (#8010)
• ccdaservice node start failing on Windows (#8340)
• provider not included in csv from appointments report (#7977)
• reports with relative globals.php include do not render in encounter summary screen. (#8075)
• setup.php incorrectly compares and flags memory_limit (#8319)
• do not send usage report if telemetry is turned off (#8370)
• help message for config of encounter form is incorrect (#8268)
• no filename in document api response (#8304)
• password administration logging (#8280)
• setup.php display_errors and max_execution_time checks will always show fixed values (#8344)
• show patients address in appointment summary on calendar (#8228)

Changed

• Unable to set "In Office" hours for providers (#7539)
• check if registration succeeded before continuing API tests (#8320)

7.0.3.3 - 2025-04-06

Fixed

• Security fixes for 7.0.3.3 (#8235)

7.0.3.2 - 2025-04-02

Fixed

• Calendar: user created appointment is invisible due to duration of zero minutes (#8146)
• e-sign does not show amendment information (#8205)
• lose insurance data entry when switch from primary to secondary (#8116)
• patient ledger missing insurance company name in credit detail (#8180)
• rel-703 fix for missing ckeditor 5 in package.json (#8203)

7.0.3.1 - 2025-03-30

Fixed

• Encounter Date Of Service saves as empty date when server 'Date Display Format' is not YYYY-MM-DD (#8173)
• Format the billing tracker dates with js in datatables display (#7955)
• Security fixes for 7.0.3.1 (#8200)

7.0.3 - 2025-03-23

Added

• Add fax number to the patient / encounter report (#7879)
• Adding a form to the Encounter form menu list from a module (#7905)
• Appointment reminder notifications Clickatell Integration (#7822)
• Enable module writers to extend the New Encounter save operation (newpatient/save.php) (#7982)
• Filter FHIR Appointments to events with a patient. (#7142)
• Importing CCDA work - improve care plan display and import infrastructure (#7930)
• Improve CCDA import command line tool import_ccda.php (#7988)
• Improve duplicate weighting and patient merge. (#7966)
• Improve newpatient common.php file to use twig so module writers can extend it (#7952)
• Notify users for password issues (#8082)
• Relax permissions for faxsms notifications (#7876)
• SDC FHIR Pain Management Questionnaires. (#7971)
• Support SNOMED-CT US Edition file format changed (#7976)
• Twigify user profile dropdown menu to allow module customizations (#8104)
• Updating coding look and feel (#7946)
• View sent email notifications in the FaxSMS module (#7845)
• add entry date option to cash receipts (#8080)
• add entry date to cash receipts report (#8044)
• add real world testing 2025 report (#7909)
• appointments report: display patients address; select multiple providers (#8061)
• ckeditor5 upgrade (#7961)
• provide print button for dispense rx in eye form spectacle pop up (#8126)
• refines eye form Imp/Plan Builder search (#8140)
• remove non-recommended abbreviations when entering prescription (#7862)
• upgrade php spreadsheet package (#7920)

Fixed

• #7914 - Fix for contacts being empty or string (#7915)
• Multiple provider feature appointment delete issue (#7900)
• Update eye/style.css (#8046)
• Update onetime_auth table (#8097)
• API token revocation broken (#8110)
• Api Clients Trusted User List empty (#8111)
• Contrib form scanned_notes need to be fixed (#7888)
• Core Advanced Prior Auth module custom patient menu broken due to absolute urls (#7871)
• Creating Prescription is using current user instead of selected provider for prescription. (#7916)
• CustomTemplateAPI in encounter form is breaking with error (#8050)
• Dicom Viewer is not loading when OpenEMR installed in subfolder such as /openemr/ (#8054)
• Dicom view image load fails (#8065)
• Double event triggered from encounter save. (#8013)
• Encounter form does not link new issues added to patient at time of encounter form (#7984)
• Encounter form does not remove linked issues if all issues are de-selected (#7983)
• Encounter load issue (#7929)
• Expand/Collapse buttons in demographics home dashboard do not remember saved settings (#8105)
• External CDR see DSI Source Attributes link broken on windows (#8103)
• IOPDATE IOPPOSTIME handling (#8139)
• Immunization Date of VIS Statement Help Link Broken (#7844)
• Language selector not showing up on login screen (#8158)
• New Encounter Form does not change facility dropdown when provider is changed. (#7960)
• OemrUI usage of expandable_files setting breaks if user.inc.php has not been included in calling script (#7990)
• SNOMED lookup is slow in some places (#7276)
• Spelling mistake for "Subscribter Phone" (#7937)
• Unable to select message to delete Message Center due to it opening the message instead (#7867)
• Vitals Form weight / height when validating data blanks screen after confirming validation prompt (#7857)
• Vitals save new form fails after batch ccda import due to vitals save insertion order (#8051)
• When an api client is created without any contact information the edit form fails (#7914)
• api _sort always defaults to descending (#8127)
• appointments report csv file header row does not match report headers (#8010)
• billing tracker date sorting (#7954)
• calendar provider out of office php math error (#7847)
• drop down menu appears behind clinical notes, in an encounter (#7897)
• edi count off due to additional address segments with ordering provider (#7921)
• encounter load failure when clicking on encounter link from billing manager (#7874)
• eye form RETINA section was not honoring preferences, because it was mis-labelled as POSTSEG (#8151)
• eye form labels for visual acuity and intraocular pressure boxes (#8026)
• find_group_popup.php fails to load due to broken script tag (#7956)
• jquery-datetimepicker-translated is not handling localized time properly (#7953)
• multiple instances of the same form trigger duplicate function fatal error (#8007)
• newpatient/common.php throws javascript error due to encounter not serializing with binary uuid (#8005)
• out of date packages in composer.json (#7851)
• pagination _limit does not actually limit the results so results come back with +1 records (#8128)
• php8 eye form fixes (#7923)
• physicians and clinicians can't start a new questionnaire form from an encounter (#7942)
• prior auth module patient menu dashboard broken (#7848)
• provider not included in csv from appointments report (#7977)
• reports with relative globals.php include do not render in encounter summary screen. (#8075)
• sales by item report qty (#7964)
• slow loading of edit form inside an encounter if referring provider is empty (#8090)
• statement count interferes with insurance pending in get_patient_balance() (#7958)
• various eye form issues noted by author (#8003)
• webroot missing for new encounter save (#8027)
• updated US CDC website link to current immunization VIS page (#7855)

Changed

• Tracker for broken dependency upgrades (#7778)
• fixes for php 8.4 (#7892)

OpenEMR Developer Changes

Added

• Ability to send emails for practice via module, address book & finder, portal documents & secure messaging (#7865)

Fixed

• oauth2 keys generation fix (#8069)

Changed

• Refactor oe-module-faxsms abstract base class and clients (#7859)

7.0.2.3 - 2024-11-24

Fixed

• Add new document template plugins (#7836)
• Feat openemr b11 7742 decision support interventions (#7743)
• Fix New Documents patient select for actions. (#7812)
• Portal Settings card Default Signature leaves backdrop on save close. (#7835)
• Portal Theme Resets to core theme. (#7800)
• Update Office Notes (#7811)
• Patient Portal with no procedures throws error on viewing Customized Medical History Report (#7814)
• cannot delete from address book when username is null (#7805)
• cannot view fee sheet items if billing.billed is null (#7807)
• prior auth module broken patient report link (#7803)
• report pdf error with faxsms module installed (#7793)

OpenEMR Developer Changes

Fixed

• Clinical Decisions Rule review screen has invalid CSRF class used (#7832)

7.0.2.2 - 2024-10-25

Added

• Change Patient Portal Layout to use tile format for mobile friendly design (#7609)
• Change Patient Portal Request New Appointment Openings Label to See Availability (#7654)
• Convert portal_patient_report.php file to use twig template for module writers to extend (#7707)
• Improve Portal Credential Settings page for patients (#7650)
• Improve asset config to support html script tags of type module for javascript module support (#7698)
• Improve patient and clinician message user interface (#7648)
• Patient Portal Download Medical Record Documents make file path easier to distinguish and download help message. (#7660)
• Patient Portal allow new appointments to choose dates in localized format (#7608)
• Patient portal demographics make save action mobile friendly (#7656)
• Patient portal show single page app page title when page navigation changes (#7646)
• Portal appointments request should not allow No Show appointment type to be selected (#7640)
• Prescription Email Feature (#7480)
• Send Prescription Email using Webclient/Native mail program (#7494)
• Twigify patient portal appointments card list and show clearer message when no appointments are found. (#7652)
• Twigify the patient portal Digital Signature page for module writers (#7658)
• Update EHI documentation to include FHIR _lastUpdated columns (#7764)
• Update Pull Request Template to provide documentation for AI Generated Code (#7705)
• Warn user when attempting prescription fax if signature is not configured (#7525)
• allow embedding of lform javascript/style questionnaire files using the setupHeader syntax (#7699)
• allow patients with 1 character first name (#7714)
• change clinical messages casing in messages.php (#7644)
• upgrade 2025 icd10 (#7712)

Fixed

• Add back faxsms Module RingCentral Support (#7541)
• Add title to all appointment sql queries (#7311)
• Adding module manager (#7500)
• Billing Manager and Some Module fixes (#7747)
• Billing Manager showing unassigned (#7553)
• Bug fixes for nation notes, lbf (#6740)
• Bug openemr fix 7746 export since delta fix (#7754)
• CCDA Service compile is broken node version > v18.x (#7528)
• CKEditor4 now throwing security popup (#7540)
• Change telehealth support contact (#7560)
• Dorn Changes (#7221)
• Eligibility Fixes (#7774)
• Encounter Review shows unknown in tab title. (#7776)
• Fax No Content error (#7505)
• Fax/SMS Weno modules needs updates and bug fixes. (#7696)
• Fixes #7503 user admin create empty google sign in (#7504)
• LBF deletes newly added service when diagnoses already saved (#7579)
• List Edit has a save limit of 40 (#7694)
• Module command line batch notifications broken. (#7752)
• More Changes and Fixes Modules (#7755)
• Need module bootstrap status events (#7462)
• New Fixes (#7770)
• ONC certification requires removal of 2015 wording (#7690)
• Patient menu navigation not working when Prior Auth module enabled (#7677)
• Payor never being returned in FHIR Coverage endpoint (#7684)
• Portal create new appointment is broken (#7688)
• Portal document display (#7632)
• Portal patient documents download broken (#7692)
• Portal updates and bug fixes (#7599)
• Prevent Appointment comment as visit reason (#7680)
• Prior Authorizations Report Error. #7461 (#7558)
• Questionnaire - configure where LOINC terms note is displayed (#7550)
• Repair OA Eligibility (#7773)
• Replace CkEditor Nation Notes and Portal (#7544)
• Replace ckeditor in portal (#7594)
• Template access from Demographics several issues (#7758)
• Update FHIR LForms to latest version v36.3.3 and restyle form rendering. (#7666)
• Wrong insurance information displayed when attempting to update (#7763)
• 'None' does not hide 'search by any demographics' field (#7493)
• Bulk export _since parameter is throwing error (#7746)
• Calendar entries when comments are turned on show html for escaped characters (#7635)
• Create users breaks when more than one user has an empty email address for Google Email For Login (#7503)
• Custom Reports-Superbill not showing Billing Information (#7581)
• Document Uploader when editing document properties shows a stray html tag on success message (#7511)
• EncounterService uses referring provider id for therapy_group name on insert (#7569)
• Insurance coverage save fails for payer relationship self when subscriber name has different casing (#7477)
• Lab Core Procedure Manual eReq breaks due to PHP8 date issue if date_collected is not filled in (#7526)
• Patient Portal Secure Messaging checkbox click should select item instead of open for reading (#7662)
• Patient Portal appointment shows "error" screen for patient's first appointment (#7633)
• Prescription Fax fails when signature file is populated on PHP8 (#7524)
• Questionnaire throws error in clinical documents page if validation fails due to translation failure (#7621)
• Show Visit Category option on Encounters, Hide on New and Edit Form (#7686)
• Skip payment scripts in portal if Portal Allow Online Payments feature disabled. (#7620)
• Upgrade to v702 fails for v301 (#7630)
• User Admin screen Google Email for Login does not save when creating new user (#7393)
• create custom temp directory for htmlpurify (#7520)
• default x12 partner not selected in billing manager (#7501)
• editing insurance company from practice settings 404 not found (#7483)
• export to collections fails to send all encounters for a person (#7768)
• fix variable typo in messages.php (#7467)
• getEffectiveInsurances not inspecting date_end (#7489)
• jquery-datetimepicker-2-5-4-translated.js creates invalid date format when DateFormatRead is not in window scope (#7497)
• migrate table engine array binds (#7565)
• patient portal secure messaging timing issue. Messages sometimes are unclickable in inbox when page loads. (#7663)
• portal htmlpurify serializer path not writable (#7475)
• typo in 837I script (#7468)
• webroot typo documents-go portal home (#7473)
• x12837 billing 5 or 9 digit zip check (#7759)
• configure two logos on the portal login page - as one can on user login page (#7710)
• issue type not shown in encounter add issue form (#7563)
• search by any demographic configured as fixed doesn't use patient finder (#7596)

Changed

• Input sanitation on google signin email (#7356)
• bug (#7535)
• send each checked encounter to collections in form export (#7769)
• x12837 billing 5 or 9 digit zip check (#7760)
• x12837 billing 5 or 9 digit zip check (#7760) for rel-702 (#7765)

OpenEMR Developer Changes

Added

• Convert Dicom Viewer to Twig for Module writers to extend / overwrite (#7509)
• Prescriptions Dialog move to twig to allow module writers to extend / modify the view (#7496)
• pull patient portal health snapshot into modular twig/filter event for customization (#7708)

Changed

• Move patient previous name methods in patient service into its own Service (#7568)

7.0.2.1 - 2024-05-28

Added

• Change Module Manager (#7247)
• Encounter and observation report generation in Patient List Creation (#7014)
• Etherfax need tiff image support and image to PDF (#7436)
• Hide cards in the patient dashboard (#7191)
• Modernize Work School Note (#6946)
• Password strength meter missing (#7366)
• Patient Insurance Policy rest endpoint for updating a specific policy (#7143)
• Show group attendance in encounter summary (#7127)
• Weno EZ Integration (#6635)
• Weno improve design, and pharmacy import speed (#7204)
• When google single sign on is enabled it still requires user to use password from openEMR to sign the encounter doesn't use single sign on. (#7254)
• add Real World Testing Report for 2024 (#7210)
• electronically post payment when billed modifier isn't returned in ERA (#7293)
• improved pharmacy download, user facility selection improvement, improved UX for errors and theme compatibility (#7208)
• make Demographics Insurance Edit Screen its own page (#7108)
• show collection balance in billing widget (#7454)
• support 2024 reporting cqm valueset import (#7317)
• support electronic worker's comp claims (#7206)
• total front receipts by payment method (#7448)
• use default visit category in add edit event (#7189)
• weno changes - restrict NCPDPD to 7 digits per spec (#7384)

Fixed

• Backport etherfax #7429 #7447 (#7452)
• Gap cherry-picks (#7451)
• Patch1 more cherry-picks (#7457)
• Phantom date showing at the top of all reports. (#7433)
• Prevent Upload of ZIP bombs (#7407)
• Pull request #7442 backport Cleanup Background tasks (#7455)
• 837P service location details are not created when service facility and billing facility differ (#7213)
• Add previous name doesn't save New/Search (#7437)
• Authentication Error when opening a patient with Open in New Browser Tab checked. (#7167)
• Billing Manager Date of Service selector not working (#7069)
• CDR gui summary screen submit breaks when set no alert types (#7178)
• CDR reminder_results_integrate() to work when same actions are used in different rules (#7266)
• Cannot delete entry from immunization list (#7345)
• Claimrev leaves background service on when module is uninstalled (#7441)
• Clinical Rules - dates and filters (#7157)
• Clinical Rules - interval boundaries used in evaluating target instances (#7161)
• Clinical Rules - logic issues in filter and target evaluations; divide by zero bug (#7153)
• Eye Form Style fixes (#7051)
• File missing for Quest Lab Hub to function properly (#7084)
• Fixes bugs in user edit screen, restyle Logs Viewer (#7222)
• In Visit History, print, or save as PDF, a multi-page list of encounters doesn't print or save all results. (#7270)
• Insurance Edit Screen overwrites insurance fax value (#7164)
• Insurance Edit screen add provider functionality does not update provider list (#7109)
• Insurance rest endpoints documentation incorrect for patient pid (#7145)
• Layout Based Forms (LBF) printable fatal error (#7148)
• Layout Based Forms (LBF) query error breaks on newer database versions (#7239)
• Messages SMS Zone Combobox width (#6070)
• Missing Pdf and Track Anything style sheets (#7258)
• OpenEMR logs sensitive field - payment reference number (#7340)
• OpenEMR\Service\BaseService->getSelectJoinClauses() join_clause property is improperly escaped (#7188)
• Opening portal templates from documents broken (#7173)
• Patient Insurance List All Endpoint fails (#7107)
• Practice Settings Insurance Company list extremely slow to load with hundreds of insurance companies (#7224)
• SNOMED lookup is slow in some places (#7276)
• Unable to import CCDA XML files in Docker 7.0.3 (#7411)
• Unable to share templates in nations note (#7129)
• User able to select a Date of Birth that occurs in the future on new patient screen (#7378)
• Weno calculate age bug and labels incorrectly used for weno user (#7453)
• [CKEDITOR] Error code: invalid-lts-license-key. (#7097)
• appointments report total incorrect (#7289)
• balance formatting in record front payment (#7260)
• billing manager To Encounter button doesn't load proper person for insurance edit (#7419)
• billing manager broken validation of claim with replaced patient insurance (#7263)
• billing_note duplication each time invoice form is saved (#7287)
• document display fail on empty array key (#7390)
• encounter date of service time format (#7202)
• era posting denial write off (#7186)
• escaping custom templates used with ckeditor (#7151)
• etherFax fails render on large download log. (#7430)
• eye exam chart fails since upgrade to latest chart.js package (#7155)
• fatal implode error registering app when contacts is empty (#7282)
• fix bug (#7231)
• fix bug (#7229)
• fix jspdf versions from PR#7429 (#7447)
• need to handle multiple modifiers in fee sheet (#7165)
• not_due not working in the Clinical Reminders widget (#7200)
• pdf download patient report (#7053)
• php fatal math error when saving empty statement count editing invoice (#7280)
• rel_702 form_encounter missing last_update field (#7183)
• saving # of tablets in a prescription to 9999999999 sets it to 2147483647 (#7314)
• saving existing insurance with no country in address (#7331)
• visit history count for display of ALL results incorrect, if shorter pages displayed previously (#7385)

Changed

• to not allow user to pick future date for DOB (#7379)
• replace htmlspecialchars with escaping functions for recent commit (#7146)
• Nation Notes components display breaks when building a list of components. (#7176)
• batch payments distinct tab (#7398)
• billing manager To Encounter button to load proper person (#7420)
• bug (#7435)
• bug (#7434)
• bug fix (#7230)
• bug fix for rel-702 (#7193)
• cdr fix to correctly show actions that are due, due soon, past due in expanded listings (#7211)

OpenEMR Developer Changes

Added

• Add module perform after actions functionality to Module Manager (#7147)
• Add to SMART style twig files the OpenEMR logo and populate the modal backdrop color (#7134)
• Add zipcode plus_four to address service / apis (#7216)
• Allow module writers to add commands to the bin/console command runner (#7237)
• Enhance BaseService->getSelectFields to support table and column aliases (#7370)
• Extract billing code selector logic from options.inc.php into its own class (#7323)
• Extract local providers list selector logic from options.inc.php into its own class (#7368)
• FHIR Patient missing deceasedBoolean (#7063)
• FHIR ValueSet is missing (#7062)
• Infrastructure to send documents to cloud storage buckets (#7232)
• Insurance Company Service allow setting id and make phone settings optional (#7217)
• Time format in logs should display seconds instead of just hours and minutes (#7335)
• Title is not returned when getting list of Appointments via API. (#7301)
• Twigify Portal Quick Start landing page. Prep for plugin support. (#7116)
• User settings not set if not in globals. (#7194)
• minor CryptoGen class updates (#7365)

Fixed

• Adding calendar event (appointment) via API causes endTime to be set to 0:00:00 (#7300)
• CCDA import creates extra entries in list_options for drug_units list_id (#7319)
• Duplicated "extends" key in stylelint configuration file (#6700)
• FHIR Appointment fields wrong or missing (#7061)
• FHIR Encounter lastUpdated field is wrong and missing as search param (#7064)
• InstallerController needs to pass current status to ModuleManagerAfterActionListener action methods (#7214)
• Insurance Company Service does not load records that have no address entry (#7226)
• PatientValidator email address should not fail to validate with empty string "" for email (#7219)
• SMART on FHIR style url is throwing 500 error. (#7133)
• SectionEvent->addCard append places second function call in first index position (#7171)
• Trusted Email is missing from FHIR Patient (#7113)
• ccda import fails on empty postParseEvent (#7347)
• missing use aclmain statement in prior commit (#7427)

Changed

• bump phpseclib/phpseclib from 3.0.34 to 3.0.36 (#7259)
• ci add mariadb 11.3, change mysql 8.2 to mysql 8.3 (#7273)
• commit 2 that updates github actions for docker builds to prevent deprecations (#7272)
• update github actions for docker builds to prevent deprecations (#7271)
• possible fix of logic in jquery-datetimepicker-2-5-4-translated.js (#7223)

7.0.2.1 - 2024-04-26

Added

• Add to SMART style twig files the OpenEMR logo and populate the modal backdrop color (#7134)
• Add zipcode plus_four to address service / apis (#7216)
• Allow module writers to add commands to the bin/console command runner (#7237)
• Encounter and observation report generation in Patient List Creation (#7014)
• Enhance BaseService->getSelectFields to support table and column aliases (#7370)
• Extract billing code selector logic from options.inc.php into its own class (#7323)
• Extract local providers list selector logic from options.inc.php into its own class (#7368)
• FHIR Patient missing deceasedBoolean (#7063)
• FHIR ValueSet is missing (#7062)
• Infrastructure to send documents to cloud storage buckets (#7232)
• Insurance Company Service allow setting id and make phone settings optional (#7217)
• Modernize Work School Note (#6946)
• Password strength meter missing (#7366)
• Patient Insurance Policy rest endpoint for updating a specific policy (#7143)
• Refactor Demographics Insurance Edit Screen (#7108)
• Title is not returned when getting list of Appointments via API. (#7301)
• add Real World Testing Report for 2024 (#7210)
• electronically post payment when billed modifier isn't returned in ERA (#7293)
• minor CryptoGen class updates (#7365)
• support 2024 reporting cqm valueset import (#7317)
• support electronic worker's comp claims (#7206)
• use default visit category in add edit event (#7189)

Fixed

• Add module perform after actions functionality to Module Manager (#7147)
• Authentication Error when opening a patient with Open in New Browser Tab checked. (#7167)
• CDR gui summary screen submit breaks when set no alert types (#7178)
• Change Module Manager (#7247)
• Eye Form Style fixes (#7051)
• Missing Pdf and Track Anything style sheets (#7258)
• Nation Notes components render broken. (#7176)
• Opening portal templates from documents broken (#7173)
• SNOMED lookup is slow in some places (#7276)
• Saving # of tablets in a prescription to 9999999999 sets it to 2147483647 (#7314)
• Show group attendance in encounter summary (#7127)
• Trusted Email is missing from FHIR Patient (#7113)
• Various Bug fixes. (#7222)
• Weno EZ Integration (#6635)
• Weno fixes and updates (#7204)
• Weno module changes (#7208)
• When google single sign on is enabled it still requires user to use password from openEMR to sign the encounter doesn't use single sign on. (#7254)
• appointments report total incorrect (#7289)
• billing_note duplication (#7287)
• 837P service location details are not created when service facility and billing facility differ (#7213)
• Billing Manager Date of Service selector not working (#7069)
• CCDA import creates extra entries in list_options for drug_units list_id (#7319)
• Clinical Rules - dates and filters (#7157)
• Clinical Rules - interval boundaries used in evaluating target instances (#7161)
• Clinical Rules - several fixes (#7153)
• Duplicated "extends" key in stylelint configuration file (#6700)
• FHIR Appointment fields wrong or missing (#7061)
• FHIR Encounter lastUpdated field is wrong and missing as search param (#7064)
• File missing for Quest Lab Hub to function properly (#7084)
• In Visit History, print, or save as PDF, a multi-page list of encounters doesn't print or save all results. (#7270)
• Inadequate time format in logs (#7335)
• InstallerController needs to pass current status to ModuleManagerAfterActionListener action methods (#7214)
• Insurance Company Service does not load records that have no address entry (#7226)
• Insurance Edit Add Provider Does Not Update Provider List (#7109)
• Insurance Edit Screen overwrites insurance fax value (#7164)
• Insurance rest endpoints documentation incorrect for patient pid (#7145)
• LBF printable fatal error (#7148)
• LBF query error (#7239)
• Messages SMS Zone Combobox width (#6070)
• OpenEMR\Service\BaseService->getSelectJoinClauses() join_clause property is improperly escaped (#7188)
• Patient Insurance List All Endpoint fails (#7107)
• PatientValidator email address should not fail to validate with empty string "" for email (#7219)
• Practice Settings Insurance Company list extremely slow to load with hundreds of insurance companies (#7224)
• SMART on FHIR style url is throwing 500 error. (#7133)
• SectionEvent->addCard append places second function call in first index position (#7171)
• Unable to share templates in nations note (#7129)
• balance formatting in front payment (#7260)
• broken validation of claim with replaced insurance (#7263)
• ccda import fails on empty postParseEvent (#7347)
• document display fail on empty array key (#7390)
• era posting denial write off (#7186)
• escaping custom templates used with ckeditor (#7151)
• eye exam chart fails since upgrade to latest chart.js package (#7155)
• fatal implode error registering app when contacts is empty (#7282)
• fix bug (#7231)
• fix bug (#7229)
• multiple modifiers in fee sheet (#7165)
• pdf download patient report (#7053)
• php fatal math error when saving empty statement count editing invoice (#7280)
• rel_702 form_encounter missing last_update field (#7183)
• saving existing insurance with no country in address (#7331)
• not_due not working in the Clinical Reminders widget (#7200)
• weno changes (#7384)

Changed

• 00:00 (#7300)
• OpenEMR logs sensitive information such as payment details (#7340)
• invalid-lts-license-key. (#7097)
• bump phpseclib/phpseclib from 3.0.34 to 3.0.36 (#7259)
• ci add mariadb 11.3, change mysql 8.2 to mysql 8.3 (#7273)
• commit 2 that updates github actions for docker builds to prevent deprecations (#7272)
• replace htmlspecialchars with escaping functions for recent commit (#7146)
• update github actions for docker builds to prevent deprecations (#7271)
• bug fix (#7230)
• bug fix for rel-702 (#7193)
• cdr fix to correctly show actions that are due, due soon, past due in expanded listings (#7211)
• possible fix of logic in jquery-datetimepicker-2-5-4-translated.js (#7223)
• reminder_results_integrate() to work when same actions are used in different rules (#7266)

OpenEMR Developer Changes

Fixed

• Twigify Portal Quick Start landing page. Prep for plugin support. (#7116)
• User settings not set if not in globals. (#7194)

7.0.2 - 2023-11-17

Added

• 2024 ICD10 update (#6796)
• Add a combined nationality with country list to Demographics Stats group (#6891)
• Add ability to prevent forced portal credential change (#6813)
• Add container, better rendering of header, space buttons on the patient encounter page. (#6768)
• Add global setting for Admins to configure patient portal credential force reset behavior (#6824)
• Add patient upload to portal with portal notifications (#6704)
• Allow In Collection for New Encounter Form to be hidden (#6906)
• Allow default date in new Clinical Note (#6909)
• Better spacing of additional code buttons on fee sheet (#6790)
• Care Plan UI Wider Textbox (#6709)
• Display recent last 10 most recent patients viewed by current user on patient finder (#6641)
• EHI Export - track anything and updated table documentation (#6987)
• Enhanced Default Open Tabs Options (#6604)
• Implement ONC 2015 Certification (b)(10) Electronic Health Information Export (#6945)
• Improve UI and code of newpatient report.php (#6748)
• Improve clinical note report User Interface to be more content-focused instead of table based. (#6802)
• Improve the Facilities UI by moving addresses to pill based tab panel (#6687)
• Issues detail form improve form layout and guide the user to avoid scrolling and show most common fields (#6664)
• Limit OpenEMR core appearance themes to five to simplify both development and user choices. (#6534)
• MFA TOTP should display a seed code to enter into an application that does not use QR Codes (#6839)
• More encounter UI improvements (#6794)
• Nationality list refactor for uniqueness and refactor nationality layout for new list (#6936)
• Need a new demographic field for Preferred Name. (#6726)
• Patient Portal restyle for portrait mode, add select to auto save, and alert patient to unsaved edits in edit mode (#6560)
• Portal update landing page and use default OpenEMR style themes instead of custom portal style theme. (#6523)
• Quest Lab Hub module support (#6941)
• Remove old frameset settings for frames related globals (#6462)
• Reorganize MRD cards (#6582)
• Restyle front dashboard cards on patient demographics screen. (#6883)
• Slight main interface redesign & 7.0.2+ mobile friendly changes on provider login view (#6460)
• Support patient portal onetime login tokens (#6786)
• The client app should avoid re-authenticating during it’s launch within OpenEMR (#6525)
• ability to inactivate facilities that are no longer used (#6585)
• create a fee schedule table to store the fee schedules from various payers (#6955)
• expose valedictory in user admin and esign (#6812)
• fix no-useless-escape error (eslint) (#6734)
• invoices generated should be saved to pt documents (#6950)
• put request urls from x12 clearinghouse screens into globals for versatility (#6913)

Fixed

• Fix typo in interface/usergroup/mfa_totp.php (#6974)
• "Show Title on Login" not working in OpenEMR 7.0.1 Patch 1 (#6650)
• 5010 interchange control numbers are expected to be unique (#6900)
• Add Issue Does not refresh screen on save (#7006)
• Allergy card on MRD fails to render NKDA (#6759)
• ClaimRev Module problem in adding issues to encounter (#6894)
• Clinical Note Category does not respect Active setting (#6907)
• Clinical Note Type does not respect Active flag (#6908)
• Clinical reports are not filtering by diagnosis (#6879)
• Default themes font size to small (#7027)
• Demographics not rendering (#6765)
• Display oauth2 login error messages on login authorization page. (#6845)
• Divide By Zero Fatal Error if PAMI not authorized (#6965)
• EHI Export clinical notes form fixes and track anything implementation. (#6985)
• Emailing invoices broken (#6711)
• Encounter does not insert default POS from facility (#6952)
• Eye Form fails to load correctly. Requires update to eye_mag_functions.php (#6807)
• Facilities page active toggle button not styled correctly (#6682)
• Fix dependencies for core portal apps with dark styling theme (#6555)
• Fix undefined array key mod_relative_link and undefined php var closeAnchorClasses (#6976)
• Form Pain Map fails to save w/ incorrect arguments error (#6742)
• Generate Demographic Widget/Cards from Modules - No custom function call in "btnLink" (#6840)
• Head Circumference is missing from the vitals display chart due to incorrect unit conversion (#6527)
• High severity allergies do not display with proper alarms (#6662)
• Highlight when using custom theme shows text colored pink due to hard coded style (#6865)
• Insufficient contrast when hovering over navbar in dark theme (#6746)
• Issue with medical_problem api (#6988)
• Lab requisition form does not work when connected orders are deleted (#6433)
• Line breaks of text are not exporting as is when generating an xml/word document (#6868)
• Long Problem List leads to bad UI (#6651)
• MFA Management -> add new TOTP key gives blank screen. (#6961)
• MRD Portal Card does not respect global setting if portal and api are disabled (#6653)
• MRD top cards break if all 4 are rendered (#6760)
• Message doesn't allow assigned to user message display (#6692)
• Newcrop send only active diagnosis (#6956)
• Not all eligibilities were displaying in the ClaimRev module (#6778)
• On add new patient Previous name populates with wrong name (#6769)
• PHP 8 inventory lot edit error throws a fatal error when specifying the lot quantity. (#6942)
• Patient portal typo and translation in login page. (#6714)
• Portal documents corrupted on save. (#6617)
• Portal patient default document templates should recur always (#6538)
• Quest lab result should display specimen date (#6917)
• Quickfix to reverse the text and nl2br tags in newpatient forms (#6793)
• Remove hard coded gray background style in login page. (#6920)
• Summary screen user setting not persisting (#7018)
• Telehealth Transfer Appointment fails to launch appointment on latest 7.0.1 patch (#6500)
• Update mfa_totp.php to not show blank screen when user hits enter (#6916)
• add to list feature is broken (#6484)
• add/edit issue fails to update begin or end date to null datetime (#6619)
• address book and demographics contact referring providers with null username (#6526)
• alert on batch payments screen flashes off (#6717)
• allergies appear when adding new patient with no issues (#6724)
• allergies are displayed with duplicates on upgrade to 7.0.2 due to missing user value in lists table (#6930)
• ambiguous facility id label (#6963)
• apostrophe breaks comment in save inside order results (#6938)
• appointments report lists canceled appointments (#6546)
• billing log isn't logging validate only well (#6558)
• calendar php8 fatal error in day, week, and month template views (#6621)
• default payment method checkout (#6564)
• encounter pos code is saving when config option is disabled (#6928)
• encounters history randomly shows "Patient" in red - round invoice amounts for better comparison and display. (#6838)
• era posting display floatval fix and typo in patient.inc (#6675)
• error message on changing table in demographic forms (#6984)
• expand/collapse of widgets on dashboard summary javascript error when click on the font-awesome icon (#6993)
• eye form ROS not saving (#6623)
• eye form lists negative in PMSFH report and side bar even if there are entries (#6625)
• eye form view.php shorthand icons are position incorrectly in 7.0. (#6831)
• fix none issue mechanism in the patient summary screen (#6861)
• fix none mechanism in issues gui (#6860)
• fix parsing of allergy and medication responses from Ensora, prevent sending diagnosis other than ICD10 to Ensora (#6912)
• fix several clinical_notes form fixes (#6811)
• fix solar nav background, set default theme if missing in globals, add portal theme to global settings. (#6536)
• fix static domain included in URL for patient portal onsite documents. (#6829)
• fix summary screen cards expand and collapse persistence (#6836)
• flow board stuck on appointment with status CALL (#6596)
• immunizations are not showing up on the patient summary screen (#6990)
• insurance date_end field not implemented (#6532)
• inventory management datatables warning (#6642)
• login language selector settings for allowed languages and hiding dummy language (#7023)
• menu tab with iframe of external domain shows loading overlay even after iframe has loaded (#6781)
• minor fix in upgrade script for Document_Template_Categories list update (#6590)
• output X12 payer zip even if not 5 or 9 digits (#6529)
• output other insco zip (#6599)
• passing integer instead of referenced variable to genX12837P fatal error (#6495)
• patient finder + Add New Patient missing webroot (#6722)
• patient portal card won't render for non-admins (#6482)
• patient summary screen card sections fix for receptionist (#6902)
• payment receipt not printing total paid (#6492)
• posCode not saved with new encounter (#6871)
• prior auth module hides Report in patient menu for non-admins (#6578)
• referring provider in X125010837P not looking at the claims referrer (#6544)
• remove cards max height to prevent scroll on longer lists. (#7012)
• remove semicolon typos in sql upgrade script for x12_partners table (#6926)
• reopening and clearing claim fatal error in billing report (#6614)
• results only electronic procedure results create multiple encounters for same datetime (#6933)
• service facility zip code not present in 837 professional claims if not 9 digits (#6488)
• topatient call in billing report doesn't load encs (#6583)
• typo in 701 to 702 upgrade (#6586)
• use datetime of procedure result to match existing encounter (#6934)
• quick fix for default open tabs on upgrade (#6646)

Changed

• ClaimRev fix styling issue (#6835)
• Refactor oauth2 authorization flow template files into twig (#6844)
• change stream to file with mpdf output in billing invoice from recent commit (#6970)
• fix IDE intellisense error in front_payment.php (#6898)
• EHI Export - Asynchronous Export Progress Updates. (#6977)
• use patient filter to assist remote chart review (#6553)
• Use bootstrap for list items on multi sorted list options (#6603)
• do not list canceled appts in report by default (#6547)
• fixes to allergy card in patient summary (#6863)
• patient summary screen fix for receptionist (#6862)
• improve button colors in (registration-modal) (#6804)
• test and refactor populateTimezones function in (ccdaservice) (#6818)

OpenEMR Developer Changes

Added

• API support for _sort parameter (#6799)
• Add Delete and Render Event Hooks to appointment add screen (#6591)
• Add OpenEMR regular date time twig filter function (#6631)
• Add Render event on forms.php page for encounter forms page. (#6629)
• Add RestAPISecurityCheckEvent to allow module writers to extend or change the API security checks. (#6504)
• Add a system event to billing payment deletion for module writers to know when a payment is deleted. (#6841)
• Add core event hooks to QuestionnaireResponse save/insert records. (#6506)
• Add new environment variable to disable background services for repeater services (#6601)
• Add system event to send SMS from Secure Messaging for module or core code to hook into (#6593)
• Add system events for module writers to hook into the CDA Parse Engine (#6731)
• Add system events to CDA Import for module writers. (#6715)
• Add system events to be dispatched on the front payments page for module writers. (#6877)
• Add to UtilsService methods for dealing with FHIR Canonical URLs, OperationOutcomes, and Reference resources (#6505)
• Allow CORS content-encoding header (#6634)
• Allow module writers to override / hook into the SMART style_url (#6919)
• Allow multiple paths to be added to TwigContainer for template directories (#6632)
• Convert from smarty to twig the SOAP Note (#5983)
• Create event to send SMS and Email notifications (#6588)
• Email Queue support html/text view with twig templates (#6772)
• Enhance FHIR UtilsService with extension lookup method (#6849)
• Extend PatientService to have methods for retrieving a list of the PCP for a given list of patients (#6509)
• Extend appointment dialog with hooks for modules and smart apps (#6720)
• Extract patient portal pdf generator into separate service (#6570)
• FHIR Date Search support partial seconds component (#6669)
• FHIR Patient Resource support generalPractitioner data field (#6827)
• Fixes #6629 Encounter forms list render event (#6630)
• Implement Portal Dashboard Audit Report Javascript Event (#6568)
• Improved customizations on login page logo and portal navbar logo (#6515)
• Patient Service api sort order for name field make title last field sorted on. (#6851)
• Patient api endpoints support _lastUpdated search parameter (#6800)
• Patient portal pdf document return Document object instead of success message (#6610)
• REST API add user endpoint in order to grab any user not just practitioners. (#6751)
• Twig extension to get logo from within template, instead of having to pass it in as a variable (#6247)
• Update FHIR Capability statement to indicate we do not allow resources to be created with an update operation (#6576)
• add javascript lint support to devtools (#6719)
• coverage reports for js unit tests (jest) (#6735)
• globals setting allow address book data type for user id selection (#6752)
• minor refactor x12 insurance eligibility api (#6915)

Fixed

• API calls with pagination _limit or _offset parameters generates fatal error. (#6848)
• Allow auth portal users to view pnotes from portal (#6695)
• Bulk FHIR Export Capability Statement Operation Name incorrect (#7019)
• Bulk FHIR fails w/ 500 error in patient/system export due to missing patient ids exception (#7001)
• Bulk Patient FHIR Export fails w/ 500 error when OpenEMR has insurance company provider in the system. (#7000)
• Duplicate stylelint command in CI (#6702)
• FHIR Confidential Client fails CORS OPTIONS check in browser window when requesting /token endpoint (#6497)
• FHIR POST _search operation returns different results than GET search (#6732)
• FHIR api warnings for missing array keys in AllergyIntolerance, Vitals Observations, Social History Observations, Procedures (#7002)
• Fix EncounterValidator typo on configureValidator() to avoid fatal error (#6875)
• Fix QuestionnaireResponse search operation to deal with duplicate field ids in where clause (#6574)
• Fix fax/sms module event usage from API dispatch.php call (#6820)
• Fix questionnaire_assessments to not php die if there is a form problem. (#6677)
• Gulp theme build deprecation warning in development mode (#6542)
• Missing user rest controller for API causing user api to fail (#6783)
• Questionnaire URL needs to be a canonical FQDN url (#6507)
• Questionnaire source_url breaks if oauth2 fhir url does not end in a slash (#6672)
• REST API filter by UUID breaks on some endpoints (#6107)
• Telehealth Patient Updated event signature type broken with patient update by uuid (#6499)
• Typos in templates/error HTML files (#6698)
• Unable to use the internal api and fhir apis locally inside a new module by using the existing code in the test files (#6744)
• Zend module installer upgrade broken for custom modules in PHP8 (#6808)
• add ccdaservice/package-lock.json to .gitignore to help with easy development dockers (#6979)
• deprecated php: creation of dynamic property $groupId in src/Events/Encounter/EncounterFormsListRenderEvent.php (#6815)
• escaping in patient portal and transactions screen. (#6697)
• fix no-mixed-spaces-and-tabs error (eslint) (#6728)
• lock down pnotes to user (#6550)
• oauth2 key should regenerate if key is empty or corrupted when in development mode. fix rest config include in api auth controller (#6607)
• openemr-api.yaml fails validation when generating client library with openapi-generator (#6967)
• typo in sql upgrade with email_queue table (#6797)
• use mb_strlen to check field value length in get_layout_form_value() (#6707)

Changed

• Change HttpRestRequest class to implement PSR7 ServerRequestInterface (#6503)
• ESLint setup in OpenEMR (#6708)
• Improved handling of inserting and updating encounters (#6647)
• Make it possible to save OAuth2 client outside of AuthorizationController.php (#6575)
• ci adjustments for alpine 3.18, php 8.2, and mariadb updates (#6581)
• ci mariadb stuff - added 11.1 and removed 10.9 (#6834)
• documentation for flex docker now using alpine 3.18 with php 8.2 (#6580)
• drop support for arm7 (#7007)
• insane dev environment updates (#6925)
• packages update and set min php version 8.1 (#6867)
• php 8.3 fixes to prepare for next release (#6935)
• pinned maennchen/zipstream-php version to work with arm7 and updated packages (#6973)
• specify interface folders with errors (stylelint) (#6780)
• upgrade phpseclib from version 2 to version 3 (#6887)
• bugs (#6552)
• fix AllergyIntoleranceService lookup by pid to return results instead of empty list. (#6864)
• fix stylelint errors in admin.css (gacl) (#6777)
• Refactor portal templates scheduling from profile to individual templates in profile (#6612)
• change the generate_select_list function and incorporate it to Twig (#6659)
• extract and test cleanCode function (ccdaservice) (#6785)
• extract and test date functions (ccdaservice) (#6795)
• extract and test headReplace function (ccdaservice) (#6792)
• extract and test safeTrim function (ccdaservice) (#6788)
• improve DataStack class (ccdaservice) (#6718)
• refactor bucks function with new class based on oeFormatMoney (#6932)
• test and refactor count entities function (ccdaservice) (#6805)
• test and refactor fetchPreviousAddresses function in the ccdaservice (#6828)
• test and refactor populateDemographics function (ccdaservice) (#6837)