Open edX Redwood Release - Developer and Operator Release Notes

These are the Developer and Operator release notes for the Redwood release, the 18th community release of the Open edX Platform, spanning changes from October 10 2023 to May 09 2024. You can also review details about Open edX Platform Release Notes or learn more about the Open edX Platform.

Breaking Changes

• Deployers must ensure that their JWT_AUTH['JWT_PRIVATE_SIGNING_JWK'] Django setting in LMS contains the full complement of private key numbers.*

  • Background: In LMS, we switched from the pyjwkest library to PyJWT for signing JWTs. (pyjwkest is now unmaintained.) However, PyJWT has stricter requirements for the private key in JWT_PRIVATE_SIGNING_JWK. Before you upgrade to Redwood, you will need to update this key using a script. Otherwise, JWT signing will fail, and users will be unable to log in.

  • Steps:

    1. Locate JWT_PRIVATE_SIGNING_JWK in your deployment configuration.

    2. Check if the JSON contains all of the following params: p, q, dp, dq, and qi. If it does, you don’t need to do anything further. Otherwise, continue.

    3. In your edx-platform virtualenv, run python3 scripts/jwk-precompute-params.py and follow the prompts. (It will ask you to paste in the current JSON.)

    4. Update your config’s JWT_AUTH['JWT_PRIVATE_SIGNING_JWK'] with the output of the script.

    5. You may wish to compare the contents of the private key before and after running the script, and verify that the only changes it has made to the contents of the JSON are that the p, q, dp, dq, and qi params have been added. (Some or all may already have been present.)

  • Notes:

    1. This should be done while you are still running Quince—it is safe to do ahead of the upgrade, and should not have any visible effect at that time.

    2. This key must be handled very carefully. Anyone in possession of the key may impersonate users.

• studio_home.enable_global_staff_optimization flag no longer works in Studio MFE

  • Background: This flag works for the legacy Studio Home, improving performance by adding an organization search bar. This flag does not work in the Studio Home MFE, as it is not needed within the MFE. The MFE already have a search bar and pagination, which improves performance for those home pages with lots of courses.

Learner & Instructor Experiences

For in-depth information on new learner and instructor facing features in the Redwood release, please see the Open edX Redwood Release - Feature-Based Notes. Instructions on how to enable those features which need configuration are as follows.

Enabling Studio Course Search

• The Redwood release includes the Course Search Beta, which is disabled by default as it depends on a new search engine, Meilisearch. We encourage operators to install Meilisearch, test out this feature, and give us feedback on the viability of using Meilisearch as a replacement for Elasticsearch in future Open edX releases. Here’s how to enable it:

  • For tutor-based deployments, install the tutor-contrib-mailsearch plugin, and apply the changes to your deployment. See that plugin’s README for details. Note in particular that the hostname configured as MEILISEARCH_PUBLIC_HOST must be resolvable on the public internet.

  • If you are not using Tutor, you’ll need to install Meilisearch manually (or use the cloud product) and explicitly set the related config variables in the CMS as well as set MEILISEARCH_ENABLED=true in the Course Authoring MFE settings.

  • Whether or not you’re using Tutor, you’ll need to create and populate the search index. To do so, you must run a one-time command from the CMS shell: python manage.py cms reindex_studio --experimental. This command may take a while if you have a lot of courses and/or libraries in Studio; it will display regular progress indicators while it is running. We are interested in hearing how long it takes for you - please share your experience (see next bullet). This command reads from MySQL/MongoDB but does not write to them; it only writes to Meilisearch. Once the indexing has completed, it should not be necessary to run it again; from that point forward, the indexes will be updated automatically as needed.

  • Please share your feedback about Meilisearch, indexing, and operations in this Discourse thread or the #ops Slack channel. Please share feedback about the new course search feature in general in the discussion forums or in the #wg-product-core Slack channel.

Courseware Sidebar

To enable the new Courseware Sidebar, set the courseware.enable_navigation_sidebar waffle flag to True.

Connect Teams in a course to Content Groups

1. Go to your site’s Django Admin Panel

2. Enable the teams feature by turning on the waffle flag: teams.enable_teams_app

3. Then, turn on the teams.content_groups_for_teams waffle flag for everyone or specific courses with a waffle flag course overrides

Make Sections available independently of the course outline

Enable this feature flag: FEATURES["ENABLE_HIDE_FROM_TOC_UI"] = True to your deployment configurations to enable the feature system-wide.

Administrators & Operators

Settings and Toggles

Waffle flags added In Redwood:

• ANONYMOUS_SURVEY_REPORT

• ENFORCE_SESSION_EMAIL_MATCH

• FEATURES[‘ENABLE_BLAKE2B_HASHING’]

• FEATURES[‘ENABLE_CERTIFICATES_INSTRUCTOR_MANAGE]

• FEATURES[‘ENABLE_COURSEWARE_SEARCH_VERIFIED_REQUIRED’]

• FEATURES[‘ENABLE_GRADING_METHOD_IN_PROBLEMS’] - LMS

• FEATURES[‘ENABLE_GRADING_METHOD_IN_PROBLEMS’] - CMS

• FEATURES[‘ENABLE_HIDE_FROM_TOC_UI’]

• FEATURES[‘ENABLE_HOME_PAGE_COURSE_API_V2’]

• FEATURES[‘ENABLE_LTI_PII_ACKNOWLEDGEMENT’]

• FEATURES[‘ENABLE_SEND_XBLOCK_LIFECYCLE_EVENTS_OVER_BUS’]

• FEATURES[‘SEND_LEARNING_CERTIFICATE_LIFECYCLE_EVENTS_TO_BUS’]

• JWT_AUTH_ADD_KID_HEADER:

• SURVEY_REPORT_ENABLE

• agreements.enable_lti_pii_acknowledgement

• commerce.transition_to_coordinator.checkout

• commerce.transition_to_coordinator.refund

• content_tagging.disabled

• course_home.new_discussion_sidebar_view

• teams.content_groups_for_teams

• courseware.always_open_auxiliary_sidebar

• courseware.disable_navigation_sidebar_blocks_caching

• courseware.discovery_default_language_filter

• courseware.enable_navigation_sidebar

• discussions.enable_reported_content_notifications

• notifications.enable_coursewide_notifications

• notifications.enable_email_notifications

• notifications.enable_notifications_filters

• notifications.enable_ora_staff_notifications

• student.redirect_to_courseware_after_enrollment

• studio.enable_course_update_notifications

• user_tours.tours_disabled

• video_config.transcript_feedback

• video_config.xpert_translations_ui

• ENABLE_AUTO_GENERATED_USERNAME

• EDX_DRF_EXTENSIONS[ENABLE_JWT_AND_LMS_USER_EMAIL_MATCH]

• FEATURES[‘ENABLE_ORA_SELECTABLE_LEARNER_WAITING_REVIEW’]

• enterprise.enterprise_groups_v1

• enterprise.feature_prequery_search_suggestions

• EVENT_BUS_PRODUCER_CONFIG[‘org.openedx.content_authoring.course.catalog_info.changed.v1’]

• EVENT_BUS_PRODUCER_CONFIG[‘org.openedx.learning.course.unenrollment.completed.v1’]

• EVENT_BUS_PRODUCER_CONFIG[‘org.openedx.learning.xblock.skill.verified.v1’]

Flags specific to the new Course Authoring MFE

Every page in the new Course Authoring MFE can be toggled on and off individually. By default, these flags default to True when using Tutor.

• new_studio_mfe.use_new_home_page

• contentstore.new_studio_mfe.use_new_custom_pages

• contentstore.new_studio_mfe.use_new_schedule_details_page

• contentstore.new_studio_mfe.use_new_advanced_settings_page

• contentstore.new_studio_mfe.use_new_grading_page

• contentstore.new_studio_mfe.use_new_updates_page

• contentstore.new_studio_mfe.use_new_import_page

• contentstore.new_studio_mfe.use_new_export_page

• contentstore.new_studio_mfe.use_new_files_uploads_page

• contentstore.new_studio_mfe.use_new_video_uploads_page

• contentstore.new_studio_mfe.use_new_course_outline_page

• contentstore.new_studio_mfe.use_new_unit_page

• contentstore.new_studio_mfe.use_new_course_team_page

• contentstore.new_studio_mfe.use_new_certificates_page

• contentstore.new_studio_mfe.use_new_textbooks_page

• contentstore.new_studio_mfe.use_new_group_configurations_page

• contentstore.new_studio_mfe.use_new_textbooks_page

Within the Tutor MFE plugin, additional flags must be set.

• MFE_CONFIG["ENABLE_ASSETS_PAGE"]

• MFE_CONFIG["ENABLE_HOME_PAGE_COURSE_API_V2"]

• MFE_CONFIG["ENABLE_PROGRESS_GRAPH_SETTINGS"]

• MFE_CONFIG["ENABLE_TAGGING_TAXONOMY_PAGES"]

Other Operator Changes

• The default minimum password length has been updated from 2 characters to 8 characters. (PR).

  • For users with an existing password, this change alone will not force them to update it. However if they reset their password or go to change it, they’ll have to conform to the new guidelines. If you would like to force people to update their password, you should take a look at the password_policy plugin and its settings

• The Credentials service updated some requirements and may have implications for anyone who has a massive usersocialauth table.  This is because that table grows endlessly, and the migrations on the table caused by updating the social-auth-app-django package can run out of memory. If maintainers have migration failures on this upgrade, they should run the management command truncate_social_auth.

  • This will remove all entries from the usersocialauth table that haven’t been updated in 90 days, which makes the size of the table tractable for the dependency’s migration. This is harmless in the Credentials IDA.

• The scripts related to user retirement across all services have been moved to the edx-platform repository. If you’ve been using the unsupported tubular repository to run retirement scripts you should update your code.

  • Relevant Tickets

    • Move user retirement code to edx-platform and drop it from Tubular.

    • Move user retirement scripts code from the tubular repo.

    • Deprecate User Retirement Scripts.

• edx-platform and cs_comment_service Mongo Upgrades

  • Operators will need to update their Mongo databases to Mongo 7 to ensure their deployments don’t break in the future.

  • Operators will need to update their forums’ Ruby version from 3.0 to 3.3.

  • If you’re running Tutor and your Mongo/Ruby are in Tutor, they will get automatically upgraded.

  • chore: add mongo 7 to testing matrix.

  • build: Build with newer ruby and mongo versions..

• django-social-auth-django application

  • In redwood.2 and later, the ‘django-social-auth-django application has been upgraded with a security fix. Operators should update to this version of the edx-platform if they are using auth via social media sites eg. “Login with Google, Facebook, etc.” features.

  • Feanil/backport django social auth.

Deprecations & Removals

• Badges app has been deprecated and removed from edx-platform. See [DEPR]: lms/djangoapps/badges .

• • In edxapp, the Waffle switch ip.legacy is removed. See [DEPR]: legacy_ip code and Waffle switch .

  • Any deployment that has been relying on this legacy IP address option will need to switch to setting CLOSEST_CLIENT_IP_FROM_HEADERS appropriately. See Nutmeg Announcement for details.

• Asset Processing (webpack, collectstatic, etc.) using Paver Commands in edx-platform is now Deprecated and will not be available in Sumac

  • [DEPR] Asset processing in Paver.

  • Non deployment paver commands will be removed by Sumac

• The django-splash capability was removed from edx-platform and the relevant code has been archived.

  • openedx/public-engineering#224

Flags and toggles removed in Redwood

• accomplishments_shared field is removed from payloads and settings

• ENABLE_OPENBADGES, ENABLE_SEND_XBLOCK_EVENTS_OVER_BUS are no longer available for configuration in FEATURES

• BADGING_BACKEND, BADGR_BASE_URL, BADGR_ISSUER_SLUG,

• BADGR_USERNAME, BADGR_PASSWORD,

• BADGR_TOKENS_CACHE_KEY, BADGR_TIMEOUT,

• BADGR_ENABLE_NOTIFICATIONS, SEND_CERTIFICATE_REVOKED_SIGNAL,

• blockstore.use_blockstore_app_api,

• contentstore.enable_copy_paste_units,

• course_apps.proctoring_settings_modal_view,

• course_live.enable_big_blue_button,

• course_live.enable_course_live,

• courseware.learning_assistant,

• discussions.enable_learners_stats,

• discussions.enable_learners_tab_in_discussions_mfe,

• discussions.enable_moderation_reason_codes,

• discussions.enable_reported_content_email_notifications,

• learner_recommendations.enable_course_about_page_recommendations,

• learner_recommendations.enable_dashboard_recommendations,

• student.enable_2u_recommendations,

• student.enable_amplitude_recommendations,

• student.enable_fallback_recommendations,

• blockstore.use_blockstore_app_api are also not configurable anymore.

Developer Experience

• Asset Processing (webpack, collectstatic, etc.) using Paver Commands in edx-platform is now Deprecated and will not be available in Sumac

  • • [DEPR] Asset processing in Paver.

  • Non deployment paver commands will be removed by Sumac

Researcher & Data Experiences

Welcome to the Open edX Aspects documentation! is an analytics system for the Open edX platform, bringing actionable data about course and learner performance to instructors and site operators. It is primarily a Tutor plugin that ties together data from the Open edX learning management system and Studio using open source tools to aggregate and transform learning traces into data visualizations.

See the Configure Aspects for Production to learn about setting up Aspects for your production environment.

Known Issues

Please refer to this board for known issues with Redwood.

Maintenance chart

Review Date	Working Group Reviewer	Release	Test situation
2024-06-01	Docs WG	Redwood	Pass

---

Feedback