V‑Spark 4.2 is a major release that includes new API endpoints, service dependency upgrades and security enhancements, and bug fixes.

1. Added the /appmatches endpoint, used to retrieve phrase matches from applications. The /appmatches endpoint returns the scores and phrase matches for all or specified applications and application categories for the provided transcriptID . To limit results, submit the names of individual applications and categories as JSON-formatted data with the request.

2. Added the /metadata endpoint, used to add, modify, or delete metadata values for previously processed transcription results. The /metadata endpoint uses the PATCH method to add or modify metadata values, uses the DELETE method to delete them, and requires JSON-formatted data specifying metadata changes to be provided with each request.

3. Added the lastmodifiedrange parameter to the /search endpoint. The lastmodifiedrange parameter filters search results by a specified date range. Date ranges may be expressed using any combination of years, months, days, hours, minutes, and seconds.

4. Added the last_modified field to the Elasticsearch record associated with each newly-created transcript. The last_modified field stores the date and time at which the Elasticsearch record was last changed. Data for the last_modified field is stored using Coordinated Universal Time (UTC). The last_modified field is not included in JSON records in long-term storage, but it is always included in JSON output that is dynamically generated. Dynamically generated output includes, for example, JSON transcripts downloaded using the Files View.

5. Added a new folder setting that rejects duplicate file uploads based on their filenames. This setting is off by default and must be enabled for each folder that uses it. As of version 4.2.0, this setting can only be configured for folders using the UI.

   When a folder has the deduplication setting enabled, that folder will reject file uploads in the following scenarios:

   • A file is uploaded with the same name as a previously uploaded file.

   • A zip file contains a file with the same name as a previously uploaded file.

   • A zip file contains two or more files with the same name.

   Note that the entire zip is rejected when a duplicate file is detected, and duplicate file rejection for zip files nested inside other zip files is not supported. When folder-level deduplication causes a file to be rejected, V‑Spark generates a WARNING -level message in server.log and the Activity Log.

   When duplicate file rejection is enabled for a folder, audio may still be reloaded for reprocessing, but reloaded MP3 audio data will be rejected when the original audio file was also an MP3. A previously processed file that was originally uploaded in any other format is accepted. Reloading JSON data is not affected by the folder-level duplicate rejection setting.

6. Added support for SSL/TLS and password authentication when V‑Spark connects to Elasticsearch. These features are disabled by default. The following system configuration options have been added:

   • es_user — Specify the username defined in Elasticsearch. The default value is elastic .

   • es_pwd — Specify the password defined in Elasticsearch.

   • es_ssl — Set to on to enable SSL/TLS connections.

   • es_ssl_ca — Specify the path to the CA certificate bundle to be used.

   • es_ssl_cert — Specify the path to the client certificate to be used.

   • es_ssl_key — Specify the path to the client certificate key to be used.

   Note that setting these configuration options does not secure the connection; they enable communication with a secured Elasticsearch implementation. For information about configuring security for Elasticsearch, refer to the following topics in the external Elasticsearch documentation:

   • TLS/SSL configuration

   • Set up minimal security for Elasticsearch

   • Encrypt internode communications with TLS

   When securing Elasticsearch with SSL/TLS in a clustered implementation, if nodes in the Elasticsearch cluster access V‑Spark instances locally, two additional configuration file options, elasticsearch_hosts and app_score_es_hosts , should be defined to match the domain used to generate the certificate.

   The app_score_es_hosts option is not typically included in V‑Spark configuration files, in which case it should be added manually. app_score_es_hosts is set to http://localhost:9200 by default. If its value has not been changed from the default, app_score_es_hosts must be set to the same value as elasticsearch_hosts in order for V‑Spark to communicate with a secured Elasticsearch service.

   If the app_score_es_hosts and elasticsearch_hosts configuration file options are not set to match the certificate domain, starting V‑Spark produces a warning banner in the UI with the following message: "The Elasticsearch host(s) configured on {hostname} (from parameter 'app_score_es_hosts') are not running; using the cluster for app scoring instead." V‑Spark will eventually connect to the cluster, but the banner displays until the configuration is corrected and V‑Spark successfully uploads audio.

   If encrypted internode communication is the only required security configuration, and all nodes can be accessed locally from their respective V‑Spark instances, there is no need to set es_ssl to on, and the app_score_es_hosts and elasticsearch_hosts configuration options do not need to be configured from the default http://localhost:9200 value.

7. Added support for SSL/TLS and password authentication when V‑Spark connects to Redis. These features are disabled by default. The following system configuration options have been added:

   • redis_ssl — Set to on to enable SSL/TLS connections.

   • redis_auth_token — Specify the Redis password to be used.

   • redis_ssl_ca — Specify the path to the CA certificate bundle to be used.

   • redis_ssl_cert — Specify the path to the client certificate to be used.

   • redis_ssl_key — Specify the path to the client certificate key to be used.

   Note that setting these configurations does not secure the connection; they enable communication with a secured Redis implementation. For information about configuring security for Redis, refer to the external topics Redis Security and TLS Support in the Redis documentation.

8. Made improvements to the failure and recovery logic used when the connection to Redis Sentinel fails. Clear error messages are now properly generated, and connection retry timing now uses a geometric backoff.

9. Upgraded the Lodash third-party library dependency to version 4.17.21 to address possible security concerns.

10. Improved the data validation behavior for data fields in the company creation and modification dialogs. Previously, unrelated user events would trigger validation on the Servers field before that field had been used.

11. Reclassified log entries generated as a result of SSO configuration errors as ERROR in server.log and the Activity Log. Previously, these entries were classified as WARN in system logs and WARNING in the Activity Log.

12. Changed the labels of the Purify Text and Purify Audio options in the Create New Folder and Modify Folder dialogs. Purify Text is now labeled PCI Redact Text, and Purify Audio is now labeled PCI Redact Audio. The field names used for these options in JSON input and output for the /config API endpoint were not changed, but those field names will be updated with the next major V‑Spark release.

13. Added startup checks to the hostname configuration setting. If the hostname is misconfigured, V‑Spark will not start, and will log ERROR -level messages in backendWorker.log and server.log .