Alfresco Community Edition 7.4 Release Notes

Showing results for 
Search instead for 
Did you mean: 

Alfresco Community Edition 7.4 Release Notes

Alfresco Employee
5 4 13.2K

Alfresco Content Services 7.4 is a minor software update release with improvements to Alfresco Content Services to accelerate use and development for customer solutions for deployment. With Alfresco Content Services 7.4, Alfresco continues to enable open source communities, customers and partners to deliver a highly reliable Content Store upon which to build applications and solutions.

Alfresco Content Services 7.4 delivers functionality to enable customers and developers to install Alfresco created solutions and to customise the product through integrations, APIs and SDKs.

Additionally, customers can purchase an upgrade from Alfresco Community Edition to Alfresco Content Services 7.4 to enable advanced features and purchase Alfresco applications, connectivity and solutions. To learn more about the differences of Alfresco Community Edition and Alfresco Content Services, we have a datasheet here that highlight the gains of upgrading to Alfresco Content Services.

This release contains enhancements completed for the release of Alfresco Content Services 7.4. In addition, this release contains an updated stack of supported databases, operating systems and platforms providing up to date support. All hot fixes and patches from Alfresco Content Services 7.0.0 onwards are included in this release.

Alfresco’s release readiness testing team have successfully completed their regression and upgrade testing cycles to help give you confidence to upgrade to the release. Alfresco Community Edition 7.4 shares much of its code with Alfresco Content Services which adds significant functionality in the release.

Goals for this Release

The main goal of this release is to enable customers, partners and experimenters to create solutions built on top of Alfresco’s content repository. As Alfresco and Hyland have a continuing commitment to Open Source, we value your feedback on the Hyland Community Hub.


  • Change in Logging library
    • Starting from ACS 7.4, log4jv2 will be the library used for logging capabilities. Please refer to the documentation to migrate your current logging configuration from version 1. If you built custom extensions relying on the Slf4j abstraction, no changes will be needed. If you have a direct dependency on log4jv1 instead, please take into consideration updating them.
  • Multi-architecture support for ACS core Docker Images
    • Core ACS Docker Images, produced by ACS Packaging project, are available in both AMD64 and ARM64 architectures. This feature is mainly focused in allowing developers with Apple Silicon processors to work effortless with the SDKs.
    • Note that other Docker Images (like alfresco-search-services and alfresco-transform-core-aio) are provided only in AMD64 architecture. In case you need to build those Docker Images for ARM64, you may use this additional project: aborroy/alfresco-dockerx-builder
  • Option to disable Repo events2 in Repository configuration property
    • Setting the repository value repo.event2.enabled=false prevents Alfresco to send messages to ActiveMQ. When setting this property to false, deploying ActiveMQ (or adding activemq-broker JAR to alfresco WEB-INF/lib folder) is not required.
  • Keycloack client adapter replaced with Spring security
  • Zero trust principle for communications with the Transform Service
    • Communications between Alfresco Content Services and Alfresco Transform Service can now be secured through mutual TLS. Instructions on how to configure this can be found in the documentation.
    • In addition, the tool Alfresco SSL Generator has been evolved to produce all required keystore files to apply this configuration.
    • A new HTTP Client has been created, that includes additional configuration parameters.

Use Cases

  • Provide new features to allow partners and customers to create solutions.
  • Support customers using the Open Source version of our major products and components.
  • Support partners doing open source development for customisations for their customers.
  • Support customers in open source development.
  • Assisting partners and customers to migrate customisations from previous releases to Alfresco Community Edition 7.4.

Please report issues with this Alfresco Community Edition 7.4 using GitHub Issues or by using the discussion tools in the Alfresco Hub for Alfresco Community Edition.


Alfresco Community Edition 7.4 is available as a distribution zip file for manual installation, or it can be installed using an Ansible playbook (Linux only) for non-containerized environments. It is also available as a set of Docker images that can be deployed in containerized environments using docker-compose or Helm charts (for Kubernetes).

ZIP Distribution files


Deployment resources available in

Docker Compose

Reference Docker Compose templates available in

Additional Docker Compose deployment methods:


Helm charts available in

Upgrading from previous releases

Care should be taken when upgrading from any previous releases of Alfresco Community Edition 7.4. There are some steps that should be reviewed and planned before you upgrade. Please take the time to familiarize yourself with the guidance below and plan your upgrade.

Please refer to the detailed Upgrading documentation, including Alfresco Content Services upgrade paths.

In particular, please ensure that the following steps are completed before you start your upgrade process:

Specific Release Components

New Alfresco Repository configuration properties

There is a new type of configuration for repository HttpClients that is used for communicating with the Transform Service, accepting both Plain HTTP and mTLS modes.


When using long transformation processes (like OCR extraction), default timeout settings may be increased.

New REST API Endpoints

New (nodes)

- GET /nodes/{nodeId}/category-links
List categories that a node is assigned to.

- POST /nodes/{nodeId}/category-links
Assign a node to a category.

- DELETE /nodes/{nodeId}/category-links/{categoryId}
Unassign a node from a category.

New (categories)

- GET /categories/{categoryId}
Get a specific category by.

- PUT /categories/{categoryId}
Updates the category.

- DELETE /categories/{categoryId}
Delete a category.

- GET /categories/{categoryId}/subcategories
Gets a list of subcategories within the category *categoryId*.

- POST /categories/{categoryId}/subcategories
Creates a new category within the category *categoryId*.

New (tags)

- POST /tags
Create an orphan tag.

- DELETE /tags/{tagId}
Deletes the tag with *tagId*. Also removes tag from all nodes.

Updated (Tags)

- GET /tags
Added result filtering by tag name. Added result ordering by tag name or count.

- GET /tags/{tagId}
Added optional return field: *count*.

- PUT /tags/{tagId}
Added optional return field: *count*.


REST API Explorer

This release includes an updated of the REST API Explorer to navigate the new REST APIs.

GitHub - rest-api-explorer

Alfresco Share

The latest release of Share is

Search Services

Alfresco Search Services for Community Edition is 2.0.7 is the latest release. Solr 6 is the underlying search engine for 2.0.7.

When relying on Search Services, usage of unauthenticated plain HTTP communication between ACS 7.4 and Solr is not encouraged. In order to use this kind of communication additional steps have to be taken compared to previous releases. You need to switch to SECRET or mTLS communication method, if using HTTP.

Alfresco Governance Services

AGS 7.4.0 is the latest release and is compatible with Alfresco Content Services 7.4.

Source code is available in:

Alfresco Mobile

Alfresco Mobile Workspace is 1.6 for iOS and Android. Both are compatible with Alfresco Content Services 7.4.


The latest release of the Alfresco in-process SDK is SDK 4.5, which is compatible with Alfresco Content Services 7.4.

The latest release of the Alfresco out-of-process Event SDK is SDK 5.2, which is compatible with Alfresco Content Services 7.4.

Alfresco Extension Inspector

This optional utility helps partners and customers better understand the customisations in their existing deployments. The Alfresco Extension Inspector is a utility for AMP inspection for Alfresco Community Edition and Alfresco Content Services 5.2.7, 6.2.2, 7.x releases. The inspector is recommended for use before installing new versions of our product to help expose any issues that might impeded success.

The alfresco-extension-inspector is a tool that scans and validates an Alfresco extension (amp or jar) against an alfresco.war file. The tool parses an extension and generates a report on possible overrides, discouraged usage of nonpublic API, Alfresco's 3rd-party libraries and incompatible libraries.

To download Alfresco Extension Inspector from Nexus click here or from GitHub.

Alfresco Content Application

  • New action to create folders and content from templates in the repository
  • Ability to create, modify or remove folder rules
  • Create external link to share a document with expiration date


The documentation has been refreshed for this release:


The Content Repository supports the following languages: French, German, Italian, Spanish, Japanese, Dutch, Norwegian (Bokmål), Russian, Brazilian Portuguese, Polish, Czech, Danish, Swedish, Finnish and Simplified Chinese.

Share supports the following languages: French, German, Italian, Spanish, Japanese, Dutch, Norwegian (Bokmål), Russian, Brazilian Portuguese and Simplified Chinese.

Alfresco Content Application supports the following languages: French, German, Italian, Spanish, Japanese, Dutch, Norwegian (Bokmål), Russian, Brazilian Portuguese, Polish, Czech, Danish, Swedish, Finnish and Simplified Chinese.

Feature Removals

Alfresco Content Services is no longer using the Keycloak adapter


  • Alfresco Content Repository 7.4.0 (SCM tag)
  • Alfresco Share 7.4.0 (SCM_tag)
  • Alfresco Transform Core AIO 3.1.0 (SCM_tag)
  • Alfresco Search Services 2.0.7 (---)
  • Alfresco Content Application 4.0.0 (SCM_tag)
  • Google Docs 3.4.0 (SCM tag)
  • AOS Module 1.6.0 (SCM tag)

Images available in Docker Hub

AMD64 and ARCH64

AMD64 only

3rd Party Components installed in the docker containers

  • Rocky Linux 8.7 x64
  • OpenJDK 17.0.6 2023-01-17 LTS
  • Apache Tomcat 9.0.73
  • Jetty 9.3.30.v20211001
  • PostgreSQL 14.4

Library Changes

A number of underlying libraries have been updated in both the Repository and Share.

Removed libraries

  • JBoss Logging (3.5.0)
  • Keycloak (18.0.0)
  • Reload4j (

Added libraries

  • ASM Based Accessors Helper Used By JSON Smart (accessors-smart 2.4.9)
  • Nimbus Content Type (2.2)
  • Jakarta Messaging API (2.0.3)
  • Json Path (2.8.0)
  • Json Smart (2.4.10)
  • Nimbus JOSE + JWT (9.24.4)
  • OAuth 2.0 SDK (9.43.1)
  • Spring Security Oauth2 (5.8.3)
  • Spring Security Web (5.8.3)

Libraries upgraded between 7.3.0 and 7.4.0

  • ActiveMQ has been upgraded from 5.17.1 to 5.17.4
  • Gytheio has been upgraded from 0.17 to 0.18
  • Jackson has been upgraded from 2.14.0 to 2.15.0
  • Joda-Time has been upgraded from 2.11.1 to 2.12.1
  • Log4J API has been upgraded from 2.18.0 to 2.19.0
  • Netty has been upgraded from 4.1.79 to 4.1.87
  • Qpid Proton-J has been upgraded from 0.33.10 to 0.34.0
  • Qpid JMS Client has been upgraded from 0.61.0 to 1.7.0
  • Slf4J API has been upgraded from 2.0.1 to 2.0.3
  • Snakeyaml has been upgraded from 1.32 to 2.0
  • Spring has been upgraded from 5.3.25 to 5.3.27
  • Spring security core and crypto have been upgraded from 5.7.3 to 5.8.3
  • Spring surf and webscripts have been upgraded from 8.33 to 8.40
  • Woodstox core has been upgraded from 6.3.1 to 6.4.0

If you’re upgrading from ACS 6.x to ACS 7.x, check out the Migration Guide to find out if your integrations need refactoring actions.

Issues Addressed

We have addressed a number of bugs since the last release of Alfresco Content Services 7.3.1.

Security Fixes

  • MNT-23158 [Security] JavaScripts leak memory and can be used to trigger a denial of service attack
  • MNT-23591 [Security] CVE: CVE-2023-24998, ACS: Apache Commons FileUpload is vulnerable to Denial Of Service (DoS).
  • MNT-23627 [Security] Reflected XSS on /share/service/components/form/control-wrapper

General Fixes

  • MNT-22633 Creation and Last Modification Timestamp changed during "Download As ZIP"
  • MNT-22790 Download as Zip Includes the Folder Rule Node
  • MNT-22888 Share wiki not rendering pages with links (using squared brackets) to other wiki pages correctly
  • MNT-23401 Share UI - Following a Folder link, UI behaves inconsistently
  • MNT-23406 Some Brazilian/Portuguese labels are shown in English in Share WebApp
  • MNT-23411 We need a configurable way to disable the new Event2
  • MNT-23414 Cannot import empty date values for document versions using BFS
  • MNT-23465 [PaaS] Enabling Direct Access URL in an environment with AGS is breaking the functionality
  • MNT-23550 cm:modifier of recently uploaded files is being set to a user who did not modify or view the document
  • MNT-23553 REST API call fails when using Oracle database
  • MNT-23561 HF - Share UI - Following a Folder link, UI behaves inconsistently
  • MNT-23580 ACS 7.3 - Exceptions observed when editing Alfresco Share rules

Known Issues


About the Author
Angel Borroy is Hyland Developer Evangelist. Over the last 15 years, he has been working as a software architect on Java, BPM, document management and electronic signatures. He has been working with Alfresco during the last years to customize several implementations in large organizations and to provide add-ons to the Community based on Record Management and Electronic Signature. He writes (sometimes) on his personal blog He is (proud) member of the Order of the Bee.