Release announcements, helpful tips, and community discussion


Cerb (8.1) is a feature upgrade released on August 29, 2017. It includes more than 33 new features and improvements from community feedback.

To check if you qualify for this release as a free update, view Setup » Configure » License. If your software updates expire on or after August 29, 2017 then you can upgrade without renewing your license. Cerb Cloud subscribers will be upgraded automatically.

Important Release Notes

  • Always make a backup before upgrading.

  • Cerb 8.1 requires PHP 7.0+.

  • After the update, review your permissions from Search » Roles. There are many new record permissions that are not enabled by default.

  • To upgrade your installation, follow these instructions.


Conversational bots

Recurrent behaviors

Added a new ‘Recurrent behavior’ event to bots.

This allows the creation of behaviors that run at a given interval. The interval of a recurrent behavior is configured using the standard crontab expression format (minutes, hours, days of month, months, days of week).

Any number of crontab expressions can be configured on the same recurrent behavior and the earliest match will be used to schedule the next run of the behavior.

For example:

  • A behavior can be configured to send a report every weekday at 8am and 5pm.
  • A behavior can run every 10 minutes to sync changed tickets data to Salesforce custom objects.

Proactive interactions

Added a new ‘Schedule proactive interaction’ action to bots.

This allows bots to proactively start an interaction with one or more workers.

For instance, a bot may need to notify a worker about a monitoring alert, or show the current day’s schedule when a worker first logs in.

When a worker has at least one new proactive notification, an animated red message icon appears on the floating bot interaction button in the lower right of the browser. Opening the interaction menu will always first display any pending interactions.

Proactive interactions can be given an expiration date, and if a worker doesn’t start the interaction before that date then it will be dismissed automatically.

File upload prompts

Conversational bots can now prompt workers for a file upload. This creates an attachment record which can be linked, sent in email, etc.

Encrypted email

See: Encrypted email communication using OpenPGP


PGP/GPG encryption is now supported for incoming and outgoing email.

The gnupg PHP extension is required to enable encryption functionality.

Keys are stored in a standard GPG keyring in the /storage/.gnupg/ directory.

In order to send encrypted email, a public key must exist in the keyring for every recipient. Public keys can be imported and managed from Search » Public Keys.

To automatically decrypt inbound encrypted mail, a corresponding private key must exist in the keyring. If a suitable private key isn’t found then the message will remain encrypted as an attachment. Currently, passphrases on private keys aren’t supported and it’s recommended that you create a decryption subkey to use in Cerb without sharing your master private key.

Messages that were sent or received encrypted are denoted with a new icon in the message history.

When a received message is cryptographically signed, verified senders are denoted with a special icon.

Preview for PGP attachments

PGP-related attachments now display as text on cards (signatures, signed parts, etc).


Simplified role management

In earlier versions, privileges were managed in one massive list grouped by plugin. Now, privileges are segmented into Global, Records, and Plugins.

In earlier versions, plugins had to provide itemized and translated privileges for CRUD (create, retrieve, update, delete) on each record. Now, CRUD privileges are dynamic and automatically generated based on the record type.

In earlier versions, plugins had to be selected before you could see their available privileges. Now, plugin privileges are always expanded. The overall list of privileges is also now much smaller and more manageable.

Itemized permissions for every record type

Implemented per-record permissions for every record type (create, update, bulk update, delete, import, export, merge, etc).

Toggle permission groups

When configuring roles, clicking on a section title toggles the checkboxes for all of its privileges. This makes it easier to grant all privileges on a specific plugin or record type.

Save and continue in roles

When configuring roles, a new ‘Save & Continue’ button saves the role without closing the popup. This makes it easier to incrementally add and test permissions.

Updated date on roles

Role records now have an updated_at field. This makes it possible to synchronize changed records through the API, etc.


Before composing new message event

In bots, added a new ‘Before composing a new message’ event. This allows bots to make changes to the compose form before a worker starts using it. For instance, the default snippet filter could change depending on the group selected in the ‘From:’ field.

Time elapsed using calendar availability

In bots, added a new ‘Get time elapsed using calendar availability’ action for calculating the elapsed available time between two dates with a given calendar. For instance, a bot can use an ‘Office Hours’ calendar to calculate a response time in business hours.

Custom behavior on notification records

In bots, added a new ‘Custom behavior on notification’ event. This simplifies running automation against notification records (e.g. auto-marking read after a threshold of elapsed time).

Clone notifications

In bots, with custom notification behaviors, a new ‘Copy notification’ action is available. This sends a copy of a given notification to any number of other workers. For instance, when a worker is away you could have someone else review a copy of their notifications.


Consistent validation

All record types use the new validation service, which provides consistent rules between the UI, API, mobile, etc. Previously, these were all implemented separately for each record type.

Validation rules are defined in the code:

They are tested in the UI:

And in the API:


Import project boards

Project boards can be included in imported packages. This includes columns, cards, and all configuration.


On worklists, the ‘sort:’ option in quick search queries now allows sorting by multiple columns. For instance: sort:subject,-id

Customize worklist colors

When customizing worklists on workspaces, the list heading color can be configured. This makes it easier to visually separate information. Many clients were already doing this with worklist-modifying bot behaviors.

Improved the performance of message worklists

Column data for linked tickets and groups are now lazy loaded per page rather than joined on the entire resultset in SQL. Ticket worklists already work this way. This should especially help when an unfiltered messages worklist is opened with potentially millions of results.

Improved the performance of email address worklists

Column data for linked organizations is now lazy loaded per page rather than using a LEFT JOIN on the entire resultset in SQL. This should specially help when an unfiltered email address worklist is opened from the search menu.

Custom fields

Multiple text values custom field

Added a new ‘List’ custom field type. This allows multiple arbitrary values to be set on a record.

For instance, a Call Center bot behavior may need to associate multiple SIP endpoints (VoIP devices) with a single worker. A list-based custom field can be used to keep track of these as discrete values (rather than something difficult to search, like a comma-separated list).


Snippet choosers

Snippets now use the standard ‘chooser’ functionality consistent with the rest of Cerb. Previously, snippets had their own search popup. This change makes it easier for bots to modify the default behavior of snippets – changing filters based on properties of the current ticket, etc.


Cards for custom fieldsets

Implemented cards for custom fieldset records.

Cards for file bundles

Implemented cards for file bundle records.


Extended context info in the API

In the API, the /contexts/list.json request now lists the aliases, permissions, and extended options for each record type.

Saved searches in the API

Saved search records can now be created, retrieved, updated, and deleted through the REST API.


Snippets in the API

Snippet records can now be created, retrieved, updated, and deleted through the REST API.


Human readable error codes

Added human-readable error codes to REST API responses. Previously the errors were numeric.


Validation service

Added a validation service to Devblocks at DevblocksPlatform::services()->validation(). This makes it much easier to validate record operations and share validation rules between APIs (REST, UI, etc). Currently these data types are supported: context, id, number, string, and timestamp. Numeric fields can specify lower/upper bounds. Strings can specify max length, uniqueness, non-emptiness, and custom formatters.

Services autocompletion

Developers can now access all of the platform services from DevblocksPlatform::services()->*(). Previously these were individual DevblocksPlatform::get*Service() methods.

Session refresh for Ajax requests

Ajax requests now count toward worker session activity. Previously, a session could be considered idle (and logged out if a seat was needed) if a worker was spending a long time writing a reply, because the automatic drafts being saved didn’t count as activity.