Open edX Nutmeg Release#
These are the release notes for the Nutmeg release, the 14th community release of the Open edX Platform, spanning changes from October 15 2021 to April 11 2022. You can also review details about earlier releases or learn more about the Open edX Platform.
Before upgrade: Check that your logs do not contain warnings starting with “SafeCookieData user at request”, or that these warnings are very rare. If they are common, see the SafeSessionMiddleware section below in the Administrators and Operators Section.
Django Admin login disabled by default#
Default Django admin login window is disabled and now one has to login from the LMS.
Bug fix: facebook share links now work on the course about page.
User Tours are walkthroughs that can be presented to users in micro-frontends (MFEs). The default tours that exist are: “Course Home New User Tour” (screencast), “Course Home Existing User Tour”, and “Courseware New User Tour”. In order for User Tours to properly work, the backpopulate user tours management command should be run.
$ python ./manage.py lms backpopulate_user_tours
The Dates Tab has been added as a default static tab on all courses. All new courses will automatically include the Dates Tab. In order to properly have the Dates Tab show up for all your existing courses, a backfill course tabs management command has been created.
$ python manage.py cms backfill_course_tabs
The Dates Tab has also been removed from the legacy learner experience. It is only available in the Learner MFE. This is the first step in remove the legacy learner experience altogether, which will be completed in the Olive release.
Weekly Course Goals#
The old course goals feature has been replaced with a new weekly learning goals feature. Users set a goal for how frequently they want to learn per course and get reminder emails about their goals. See Enabling the Weekly Learning Goals Feature for instructions on how to configure this feature and more details on how the feature works. The new weekly learning goals feature is controlled with the same flag as the previous course goals feature.
Learning Micro-Frontend (MFE)#
When an XBlock fails to render, the user will now see an error message “An unexpected error occurred. Please click the button below to refresh the page.”
RTL languages are now supported
Support for the pre-alpha Discussions MFE was added
Account Micro-frontend (MFE)#
The Account Micro-frontend (MFE) is now enabled by default. The legacy account pages will be removed in the next release, Olive.
Added support for notices in apps.
Added an activation opt in checkbox (default checked) so user can agree to receive marketing messages. See LEARNER-8652 for a screenshot.
Mobile apps can now support LTI by opening it in a browser
Special Exams Experience#
To take a proctored exam, the learner must now be enrolled in a
verified course track. Previously, a learner enrolled in any track could take a proctored exam. Note that ID verification (IDV) is not required.
Default course tabs have a new, standard order. Course authors may still change the order of their custom static tabs, but the ordering of the default tabs cannot be changed. This ensures a more uniform location across courses.
When setting grading policies, course authors can now set the minimum grade cutoff to 99. Previously it could not be higher than 97.
When downloading the team membership csv from the Teams > Manage page, username and external key are now separate columns (previously, an external key would override the username, leading to ambiguity when importing teams csv)
Course authors can now define static and dynamic custom parameters that will be sent to the LTI Tool Provider at launch. See the Custom LTI Parameter section of the LTI Consumer XBlock Readme for more details.
Mobile apps can now support LTI by opening it in a browser
Gradebook Micro-frontend (MFE)#
Added support for transifex translations.
Added support for custom theming.
Various improvements and bugfixes have been applied to Tutor, the officialy-supported Open edX distribution and installation method. Notable features include an overhauled Tutor Plugin API and a new CLI for mounting repositories during development. You can see the full list by viewing Tutor’s changelog, starting at v13.0.1 (the first Tutor release after Maple) and reading upwards until v14.0.0 (the first Tutor release supporting Nutmeg).
An internal performance improvement called learning sequences has been opt-in for a few releases, but is now always-on for Nutmeg. If you have any courses that have not been re-published on Koa or later, run the
simulate_publishcms django command on your courses before upgrading, to populate the learning sequence data.
$ python manage.py cms simulate_publish
By setting the
ENABLE_NEW_RELICto false, the new relic logging integration will be disabled across all MFEs.
It’s now possible to add optional fields to the registations form that are always visible, and do not require the user to click the checkbox “Support education research by providing additional information.” Use the new
optional-exposedsetting in the REGISTRATION_EXTRA_FIELDS setting.
Added an activation opt in checkbox to the registration form (default checked) so user can agree to receive marketing messages. The field
marketing_emails_opt_inis now enabled by default in the REGISTRATION_EXTRA_FIELDS setting.
Waffle overrides can be set at the org level now (in between course level and global).
To customize the template for course emails, set
Course Discovery API now supports Learner Pathways and Course Recommendations
Bug fix: When using GMSTP (Gmail) for sending bulk email, retriable SMTP exceptions were not caught and bulk sending failed. This has been fixed.
Bulk Course Email Tool#
Added the ability to filter recipients of bulk course emails based on the last_login date of Users enrolled in a course run. This feature can be enabled by setting a value for the
BULK_COURSE_EMAIL_LAST_LOGIN_ELIGIBILITY_PERIODsetting. Its value should be an integer (representing months) that represents the eligibility period from the current date to receive a message. The new setting defaults to None which keeps this new feature disabled (and there will be no change in behavior in how recipients are filtered/selected for a message).
Added a simple
bulk_email_disabledcoursetable that allows for the bulk email tool to be disabled for specific course runs, even if the bulk email flag is on and the course is enabled in the
bulk_email_courseauthorizationtable. A course team will not be able to see the bulk email tab on the instructor dashboard for whatever course runs are in this table.
EMAIL_USE_DEFAULT_FROM_FOR_BULKwas changed to
EMAIL_USE_COURSE_ID_FROM_FOR_BULK. Additionally, the behavior was changed. Previously, it was possible for a “from” address constructed out of a course id to be non existent, and thus fail in email servers. Now, those who wish to use their course id in the “from” address for bulk email must enable the flag to true.
SafeSessionMiddleware rejects mismatching requests and sessions#
SafeSessionMiddleware is an existing middleware that provides several protections against vulnerabilities that could result from cache misconfigurations or other bugs resulting in one user getting a different user’s session.
Changed: Previously if a user mismatch was detected between request or session and response, the middleware would log warnings; now, it will invalidate the session and send an error response. The toggle
ENFORCE_SAFE_SESSIONS is enabled by default, but can be disabled to return to just log warnings.
Before upgrade: Check that your logs do not contain warnings starting with “SafeCookieData user at request”, or that these warnings are very rare. If they are common, there is likely a false positive caused by some custom login, masquerading, or registration code. You will need to update your custom code to call
mark_user_change_as_expected`. Otherwise, valid requests may be rejected.
There are no known migrations that will cause compatibility issues when deployed. As always migrations should be run before the new code is deployed.
The following Micro-frontends (MFEs) are in a “pre-alpha” state. They exist on GitHub but are not yet supported in Tutor. Additionally, they may lack key features such as support for theming, internationalization, and path-based deployments. We include mention of them because we expect all of them to be supported in the next release, Olive.
Settings and Toggles#
New settings and toggles added since the Maple release:
the following settings were removed:
There are no notable dependency updates in nutmeg.
Removed in Nutmeg#
django-ratelimit-backend has been removed from edx-platform. Now the django-ratelimit library will be used for rate limiting. See DEPR-150 for more details. Related to this, the default Django admin login window is disabled and now one has to login from LMS.
“Old Mongo” course access has finally been fully removed. This means course runs that have keys like
course-v1:Org+Course+runcannot be accessed by learners. New runs of this type haven’t been able to be created since 2015, but now learner access has also been removed. See [DEPR] Issue #62 for more information on the continuing removal of Old Mongo technology.
videosequenceare old-but-not-entirely-unused aliases to the sequential (in Studio-speak, “Subsection”) block type. Support for them in the Learning MFE ended in the maple release. Now all support has been removed.
Deprecated in Nutmeg (or earlier) and scheduled to be removed in the Olive release#
the frontend-learner-portal-base library
The xblock.fragment module and deprecated
id_generatormethod parameters in
The legacy courseware experience (rendered server-side by Django) will be removed. The Learner MFE will be required.
The legacy account pages will be removed. The Account MFE will be required.
EdxRestApiClient is no longer supported, as you may have been able to tell from the many, many deprecation warnings.
DraftModuleStore (also know as Old Mongo Modulestore) will be removed. “Old Mongo” course access was already removed in nutmeg.
the ability to import legacy OLX attributes
Future deprecations and removals#
Major deprecation work is being funded between now and the Olive release, scheduled for December 2022. Please review the DEPR: Deprecation & Removal board on Github to be sure you have stopped using deprecated technologies.
complete_videoevent that fires when a user has watched a video to the end. Requires the waffle switch
Added support for custom xBlock editors in Studio. Read the pluggable_override docstring to learn more.
Added an API for updating user’s email opt-in setting.
django plugins can now return context for the Instructor Dashboard template, by adding it to the constant
INSTRUCTOR_DASHBOARD_PLUGIN_VIEW_NAME. See PR 29376 for more details.
Events and Filters Extension Framework#
Open edX Events: this standardized version of Django Signals allows extension developers to extend functionality just by listening to the event that’s sent after a key process finishes, e.g after enrollment, login, register, etc.
Open edX Filters: through configuration only, extension developers can set a list of functions to be executed before a key process starts, e.g before enrollment, login, register, etc.