Arvados 2.3.1 Release Notes

November 24, 2021

The Arvados team is pleased to announce Arvados 2.3.1. This release features server side support for checking metadata properties against a vocabulary, and a number of bug fixes. We recommend that new and existing installations of 2.3.0 or earlier upgrade to 2.3.1. See Upgrading Arvados for upgrade instructions.

New Features


Object properties can now be optionally checked during create an update operations against a metadata vocabulary. The vocabulary lists formal identifiers and human-readable aliases for metadata keys and values. Metadata which is not valid in the vocabulary configuration will be rejected with an error message explaining what is wrong. For more information, see the Metadata vocabulary section of the admin documentation.


New configuration option Users.ActivatedUsersAreVisibleToOthers. When enabled, new users will be visible to other users by default, instead of hidden from other users by default. Based on feedback, this option is also now enabled by default.


arvados-cwl-runner now checks if a workflow has a circular dependency and reports an error before start, instead of failing with “workflow deadlocked”.

Bug Fixes


In a LoginCluster federation, satellite clusters will no longer forward requests to the login cluster when the request is authorized with a token that was issued by the satellite cluster. This prevents a situation from forming where the login cluster connects back to the satellite to attempt to validate the token, creating a queue of pending requests and ultimately making the both clusters unresponsive.

In addition, the arv-mount process started by crunch-run will no longer connect to the websockets server (this was introduced in 2.3.0 as an unintentional side effect of another change).


When a user account is deactivated, Arvados will now explicitly revoke their tokens as well.


Improved error handling in arv-copy when copying one item fails while copying a project.


Sweeping trashed objects is now controlled by arvados-controller, which will acquire an advisory lock before starting a trash sweep process. This prevents multiple trash sweep operations from running at once.


When using the LSF dispatcher, if a container is submitted that cannot ever run (e.g. due to unsatisfiable hardware requirements) the error will now be detected and logged.


Fixes file descriptor leak in Keepstore using the filesystem-backed driver and clients hang up before the operation is completed.


Fix bug when mounting a collection by uuid. Arv-mount will no longer attempt to save the collection (resulting in an error) when the file is opened and then closed on read-only mounts.


Workbench 2 now selects specific fields to be returned by updates (such as changing the name) so that the API server does not unnecessarily send large fields such as manifest_text.


Add preserve_version option to the and save_new() methods in the Python SDK.


Deleting role and filter groups will now delete them immediately instead of marking them as “trashed”. This fixes a bug where role groups would linger and continue to grant unintended permissions.


Clarify that properties marked as Protected: true under Collections.ManagedProperties can be set if not already defined, but once set cannot be changed except by admins (documentation update only).


Change how the Keepstore filesystem driver reads the list of keep blocks from the filesystem during an “index” request to avoid an NFS timeout.


Fix the incorrect “Unknown hint” warning from arvados-cwl-runner when using Arvados extensions.


Crunch-run now reports the correct version number.


Pin upper version of httplib2 in Python SDK to avoid version conflict.


Adjust dependency on faraday Ruby gem for compatability between tools.


Update nokogiri Ruby gem for CVE-2021-41098. (Note: Arvados only supports CRuby, so we do not believe it is affected by this CVE).