The September 2023 Release was released to production on September 9, 2023. Here is the full list of Features:
Lookup Create Feature
The new Folio Lookup Create feature will enable you to use a Folio Lookup field to create another Folio record or reference an existing Folio record. We see an extensive array of uses for this new Folio feature, here are a few:
Incident - Continuous Improvement Example
- You will be able to seamlessly create a Continuous Improvement while reviewing an Incident using this feature.
- Folio will automatically copy common fields from the incident form to the continuous improvement.
- The Lookup references snapshot will show you which incidents the continuous improvement is referenced on.
Client Incident - Staff WHS Incident Example
- If there was a client incident and a staff member was also injured in the same event, you will be able to create the staff incident seamlessly while creating the client incident.
- Folio will automatically copy common fields from the client incident form to the staff incident form.
- The Lookup references snapshot will show you which staff WHS incident the client incident is referenced on.
Procurement Plan - Contract Example
- You can seamlessly reference a contract on a procurement plan using the lookup create feature.
- Folio will automatically copy common fields from the procurement plan to the awarded contract.
- The Lookup references snapshot will show you which procurement plan the contract is referenced on.
Read more about this here
Approval Workflow based on more than one field
Often there is a need to have approvals based on more than one field. Folio now supports this feature in the approval workflow. You can now set up approvals based on any combination of single select, multi-select or hierarchy field.
Contract Management Example
You can set up approvals based on Business Unit AND Contract Type
Incident Management Example
You can set up approvals based on Location AND Incident Severity.
More information about this is in our workflow article here
Risk Review Frequency added to Update Fields Automation
Risk management Folio Users now have the ability to change the risk review frequency with an Automation. In this release, Review Frequency has been added to the Update Fields Automation, so you can use a set of trigger conditions to set the risk review frequency.
As an example, if a risk was rated as a low risk, the risk review frequency could have been set to Annual but if that risk was changed to an extreme risk this Folio automation can automatically change the review frequency to monthly.
The feature supports more complex conditions too. You could base the change in frequency on a combination of Risk Rating and Risk Tolerance for example. Risk Rating = Extreme AND Risk Tolerance = Low, High OR Moderate Update Review Frequency to Monthly.
Read more about this here
Documents Hub Improvements
Advanced Search
We have now introduced an Advanced Search on the Documents Hub. In addition to searching for Documents by Title and Description, Advanced Search allows you to search for them by Tags and with Document Categories it enables you to Include Sub Categories.
Ability to Bookmark Documents on Hub
Hub now allows you to add your own bookmarks to the documents.
Read more about the document hub here
Reactions on Notes
You can now let others know that you have read their note by giving it a thumbs up reaction. The notes report has also been updated to show who has reacted to any note.
Read more about notes here
Draft Central
Drafts and Saved Public Links have previously not been visible to Super users. Draft Central is a new feature that lets super users see all draft Folios and saved public link folios.
Super users will now be able to publish or delete a draft. With public link folios that have been saved and the submitter has now lost the link, they can now request the super user to find it and resend it to them.
Find out more about draft central here
New Automation List Screen
The Automations List Screen on the Folio Template has been improved to allow you to search on more parameters and easily find the automation that you are looking for.
New Folio Reports
We have 4 new reports making their debut in this release.
Lookup Folios Report
Enables you to see Folios and lookup Folios in one report. Find out more here
Folio Actions Result Report
This report is similar to the Risk Actions results report, and shows you Folio fields alongside the results for actions linked to the folio. Find out more here
Folio Action Framework Report
This report is similar to the Risk Action Framework Report, which shows you Folio fields alongside action fields for actions linked to the Folio. Find out more here
Folio Days in Stage Report
This new report details how long Folios in a template spend in each stage, and includes a charting option as well. Find out more here
Administration Improvements
- User Responsibilities now include where the user has been picked on an user lookup, and can optionally be replaced while retiring the user.
- Ability to import Business Units, Programs & Locations. Folio will now support both importing new and updating existing.
- History of changes has been introduced for the following: Business Unit, Location, Program, Risk classification, Report category, Entity categories, Folio Template categories, Action categories, Checklist categories, Question categories, Document categories. (Please note that changes to the order of the answers will only be captured after this feature is released)
Document Links
Until now if you clicked on the Document Link for a PDF document, it redirected to a temporary link which if shared would expire, The PDF document now opens on the permalink itself.
Security Enhancements
We have recently added a number of security enhancements to Folio, including the following:
Changes to CSV files to prevent CSV injection
Formula Injection or CSV injection is an OWASP Top 10 risk, to mitigate this risk in CSV files generated by Folio we will be implementing recommended best practice, text fields that start with =,+,-,@ or tab or carriage return will now start with a single quotation mark (‘) and then a new line before the above mentioned characters.
These rules will apply not apply to fields that contain a valid numeric value
Virus Scanning of Attachments
Folio has always virus scanned attachments that are uploaded to Folio, we are now implementing further security measures in this release, where you will be unable to download an attachment until the virus scan is complete. If a virus is identified, the file will immediately be quarantined and deleted and your super users will be notified.
Other Features
- Send back to Submitter now available on the create link.
- Variations now support reduction in the contract term as well as extensions.
- Pre-populated tables now have the option to let users add or delete rows
- In Automations, ‘Include Sub’ has been added for all Hierarchy Fields in Conditions
- Lite User Team Leaders can now Create, Activate and Deactivate Contacts against their entity
- While you are creating and editing records (Folios, Actions, Checklists, Documents, etc) you will no longer see the Tags field. The tags will still be visible and editable when viewing the record
- Linked Folios default relationship “Master of” and “Subsidiary to” has now changed to “Parent of” and “Child To”, the functionality is the same but it just has a new name.
API Improvements
We are updating our API with some security related improvements, which are:
- Disabling Introspection on Production
- We will be disabling API Introspection and the GraphiQL tool on the Folio production environment to align with security best practice and ensure the highest level of protection for your Folio instance.
You can access API Introspection and the GraphiQL tool on Sandbox. Your process to use the API should be to use introspection on sandbox and test the API in the sandbox environment prior to moving it to production.
- Changing Default number of records returned to 25
- By default the API will now return 25 records per page, you can still use pagination to access more records.
- Pagination on all Single & Multi Select field responses
- We are implementing pagination on queries for the following fields:
- All Multi/Single select/hierarchy custom fields.
- Users,
- Business Units,
- Entities,
- Contacts,
- Folio Lookups,
- Linked Folios,
- Locations,
- Programs,
- Stages of a Folio Template,
- Attachments
- We are implementing pagination on queries for the following fields:
By default the API will provide the first 25 responses but you can get up to the first 100 responses in one request.
If you are using this API feature, you will need to add nodes to your query when requesting any of these fields.
For example the query
{
folios{
nodes {
key
businessUnit {
title
}
}
}
}
would need to change to
{
folios{
nodes {
key
businessUnit{
nodes{ title }
}
}
}
}
- Pagination on table rows
- Currently we return all table rows in the one response, but we will now only return the first 10 rows of a table. To return the rest of the rows you will need to use the new arguments, first and after
So if you have a table with 30 rows and want rows 11-30 you would use
customFieldResponsess(libraryFieldIds: ["MDBGaWVsZC0zNg", "MDBGaWVsZC0zNQ"],first: 20, after: 10)
- Setting Complexity limits
- To protect against denial of service attacks on the API service we will be introducing complexity limits on our API.
We have introduced a maximum complexity score of 5000, on each query submitted to the API. If you hit the complexity score you will need to split your query to ensure each query comes under that score. The API will advise you when a query is over the maximum complexity score.
An example breakdown of how we calculate the complexity is below.
{
folios(first:30){
nodes {
key
businessUnit(first:50) {
nodes{
title
}
}
}
}
}
The complexity would be calculated as below:
- folios: 1
- nodes (folios): 1
- key: 30
- businessUnits: 30
- nodes (businessUnits): 30
- title: 30 (folios) x 50 (business units)
- Total Complexity: 1592