The Problem No One Talks About Enough

Tactical geospatial has a dirty secret: the platforms that operators trust most are often the ones least capable of consuming the data they actually need.

TAK (Tactical Assault Kit, or Team Awareness Kit depending on your community of interest) is one of the most widely deployed situational awareness tools in special operations and beyond. It is powerful, battle-tested, and increasingly adopted across the public safety sector. But it has a major flaw that creates real operational risk: the Common Operational Picture (COP) it provides often fails to properly implement and support standards-based geospatial content.

This means mission-critical data that is standards-based simply vanishes. The layer loads, but the operational picture remains incomplete. The analyst sees nothing. The operator makes decisions without it.

Why This Keeps Happening

The root cause isn’t poor engineering. It’s an ecosystem that has grown faster than its standards.

Modern geospatial workflows pull data from dozens of sources: commercial satellite providers, organic sensor feeds, open-source intelligence layers, allied force feeds, and legacy enterprise systems. Each has its own format, its own metadata schema, its own coordinate reference assumptions. TAK was built around a specific operational model. When data arrives from outside that model, integration breaks.

This creates a lot of point-to-point bridges — custom integrations that work until they don’t, maintained by individuals who may rotate away, and undocumented in ways that make them impossible to audit or improve.

The Standards-First Answer

OGC standards (WMS, WFS, WMTS, OGC API Features) exist precisely for this problem. They define a common language for geospatial data exchange that any compliant system can consume, regardless of origin.

At NGS, we built CoreSpatial around OGC compliance from the ground up. Not as a checkbox. As architecture. CoreSpatial Server publishes geospatial data in OGC-compliant formats natively. That means TAK clients, web mapping applications, enterprise GIS platforms, and custom tactical displays can all consume the same data source without custom adapters.

Our work supporting SOCOM demonstrated this directly: a single CoreSpatial deployment serving standards-based imagery and feature data to many different systems and users, from Kubernetes-hosted enterprise dashboards to lightweight edge containers on tactical servers.

What Comes Next

Defense and public safety geospatial communities are now converging. The interoperability problems that SOCOM has lived with for years are now arriving in local emergency management, state fusion centers, and large-scale event security operations.

The organizations that will navigate this transition best are the ones that stop solving integration as a tactical problem and start treating it as an architectural one. That means investing in OGC-compliant infrastructure, open data pipelines, and platforms that are designed to speak every language the mission requires — not just the one they were built around.

The ecosystem will catch up. NGS intends to help push it there.

The post The Interoperability Problem at the Tactical Edge: Why It’s Still Unsolved first appeared on .

The highlight of this release is our CoreSpatial Portal release based on MapStore2 v2025.02.02. This is a large rollup that advances through multiple upstream MapStore2 releases. See full details below.

We also look forward to continued development in the following areas:

• Bulk tile collection projects via Map Manager UI
• Expanded image handling capabilities in Map Manager – georectification of commercial drone imagery using JPEG EXIF
• Desktop GIS integration via QGIS

CoreSpatial Server and Basemaps Release Notes

2026.1.7 (03/31/2026)

• Update GeoServer to 2.28.3
• Update PostgreSQL JDBC jar to 42.7.10
• Update C3P0 Connection Pooling lib 0.12.0
• Improve SBOM/CVE diff automation (new scripts, live image scans, and previous-release SBOM comparisons)

2026.1.6 (03/03/2026)

• Patch five High/Medium CVEs in bundled JARs
• Add support for multiple SBOM formats: SPDX, CycloneDX, and Syft

2026.1.5 (01/21/2026)

• Patch vulnerabilities discovered in UBI 9 base image

2026.1.4 (01/30/2026)

• Patch vulnerabilities discovered in UBI 9 base image

2026.1.3 (01/26/2026)

• Patch vulnerabilities discovered in UBI 9 base image

2026.1.2 (01/21/2026)

• Patch gnupg2 High severity vulnerability affecting the Docker container base image

2026.1.1 (01/14/2026)

• Patch libpng to remediate High severity vulnerability affecting the Docker container base image

CoreSpatial Map Manager Release Notes

2026.1.9 (03/30/2026)

• Refresh runtime container packages in the final Docker image to clear fixed vulnerabilities in the release container

2026.1.8 (03/25/2026)

• Bump Spring Boot to 3.5.12 to remediate JAR vulnerabilities affecting Tomcat and Spring Web MVC
• Update PostgreSQL JDBC to 42.7.10, Logback to 1.5.32, commons-io to 2.18.0, commons-lang3 to 3.19.0, and commons-compress to 1.27.1
• Separate WMS Scraper into its own versioned release flow

2026.1.7 (03/06/2026)

• Bump Jackson to 2.18.6 to remediate a JAR vulnerability

2026.1.6 (03/03/2026)

• This release was cut to patch vulnerabilities discovered in the base container image

2026.1.5 (02/02/2026)

• Bump react-router and react-router-dom to 6.30.3 and @remix-run/router to 1.23.2
• Bump lodash to 4.17.23

2026.1.4 (01/30/2026)

• Remove Python from the runtime image so it remains build-time only for GDAL
• Pin Logback to 1.5.25 for vulnerability remediation
• Set Flyway baselineVersion to 0 in application and test configuration

2026.1.3 (01/26/2026)

• This release was cut to patch vulnerabilities discovered in the base container image

2026.1.2 (01/21/2026)

• Patch gnupg2 and jaraco-context High severity vulnerabilities affecting the Docker container base image

2026.1.1 (01/14/2026)

• Patch libpng to remediate High severity vulnerability affecting the Docker container base image

CoreSpatial Portal Release Notes

2026.1.1 (3/30/2026)

This release is a large rollup that advances the MapStore2 submodule through multiple upstream releases. The full details of upstream changes can be found in the MapStore2 release notes on GitHub:

• MapStore2 v2025.01.00
• MapStore2 v2025.02.00
• MapStore2 v2025.02.01
• MapStore2 v2025.02.02

New Features & Enhancements

• Cesium Ion World Terrain — Added Cesium Ion World Terrain support for 3D map view; reads ionAccessToken and terrainProvider from localConfig.json with graceful fallback to default ellipsoid when no token is configured
• Manager Page Plugins — Fixed blank manager page by adding UserManager, GroupManager, TagsManager, IPManager, and Footer plugins to the manager configuration; added missing translation keys throughout

Bug Fixes

• Fixed duplicate file upload attempt that could trigger two concurrent upload requests
• Fixed OSM background layer CORS errors by using explicit HTTPS tile URLs in base configuration

Security & Infrastructure

• Switch to Iron Bank ubi9 base image for the container
• Bump Tomcat to 9.0.108 (from 9.0.90) in RPM and container builds, addressing multiple CVEs across the 9.0.x series
• Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0
• Bump org.apache.cxf:cxf-core from 3.5.10 to 3.5.11
• Multi-format SBOM generation (syft-json, cyclonedx-json, spdx-json, table) now included with all releases
• CVE diff reporting added to release pipeline for tracking vulnerability changes between releases

Database Migrations

• Migration 005 — Adds gs_ip_range and gs_security_ip_range tables required by GeoStore 2.4.0 for IP-based access control. Deployments upgrading from older GeoStore versions will have schema validation errors fixed by this migration.

Testing

• Added Playwright end-to-end regression test suite

The post CoreSpatial 2026-Q1 Release Announcement first appeared on .

This quarter has been especially busy on our services projects. We look forward to expanding our CoreSpatial product development team in 2026 to support increased velocity on our roadmap items such as: An updated Portal release based on MapStore2 v2025.02.00, as well as promoting our FIPS compliant GeoServer configuration to our main CoreSpatial Server release branch.

Other exciting features on our roadmap include:

• Bulk tile collection projects via Map Manager UI
• Gazetteer, Geocoding, and Routing services based on OpenStreetMap
• Expanded image handling capabilities in Map Manager – georectification of commercial drone imagery using JPEG EXIF

CoreSpatial Server and Basemaps Release Notes

2025.4.3 (12/24/2025)

• Update GeoServer to 2.28.1

2025.4.2 (11/13/2025)

• Improvement to docker setup script around osm database initialization
• Patch gson high sev CVE-2022-25647

2025.4.1 (10/24/2025)

• Update GeoServer to 2.28.0
• Update PostgreSQL JDBC jar to 42.7.8
• Update Jetty to 9.4.58.v20250814
• Update Marlin Jar to v0_9_4_9_jdk17
• Patch one High, one Medium, and one Low severity CVE in OpenJDK 17

CoreSpatial Map Manager Release Notes

2025.4.3 (12/10/2025)

• Upgraded Python to 3.13.11 to address recent Python 3.13 vulnerabilities
• Bump Spring Boot to 3.5.8 to clear CVEs in Tomcat 10, Spring Framework 6.2, Logback 1.5, and PostgreSQL JDBC jar

2025.4.2 (11/12/2025)

• Minor fixes to wm_scraper: GeoServer URL Handling and Database Setup

2025.4.1 (10/30/2025)

• Use Iron Bank base image openjdk21-runtime-ubi9-slim:1.21 for container
• Bump Spring Boot to 3.5.7 to clear 1 Medium and 1 Low severity CVE
• Bump commons-lang3 to clear 1 Medium CVE
• Update PostgreSQL JDBC jar to 42.7.8
• Bump Python to 3.13.9 to fix one Medium severity CVE
• Patch one High, one Medium, and one Low severity CVE in OpenJDK 17

The post CoreSpatial 2025-Q4 Release Announcement first appeared on .

Contract Number: 47QTCA26D002H
Award Notice: https://sam.gov/workspace/contract/opp/153612a111854ae1a8a6d64f4f76f20c/view

What is GSA MAS and why it matters

GSA MAS is the primary procurement channel federal agencies use to acquire commercial services and solutions. Award under MAS means our offerings are pre-vetted and available under negotiated labor categories and pricing, which reduces procurement friction for agencies and shortens the time from requirement to delivery.

Key outcomes of a MAS award
• Agencies can place orders directly against our contract rather than running a standalone RFP
• Faster procurement cycles and reduced administrative overhead for customers
• Predictable, pre-negotiated rates that simplify budgeting and task order planning
• A government-wide storefront that improves visibility and access to new federal opportunities

What this means for federal customers

With this award, federal programs gain immediate access to mission-ready engineering and geospatial capabilities through a single, trusted contracting vehicle. For DoD, DHS, and civilian agencies, that translates into a simpler buying experience for secure, scalable solutions that meet mission timelines and compliance expectations.

Initial award scope

The initial MAS award covers the following SINs and labor categories.

SIN 54151S — IT Professional Services
• Software Engineer (Journeyman)
• Software Engineer (Senior)
• Software Engineer (SME)
• Technical Project Manager (SME)

SIN 541370GEO — Geospatial Services
• GIS Analyst/Developer (Senior)

These labor categories reflect the core skills NGS brings to systems engineering, software development, geospatial analytics, and DevSecOps delivery at government scale.

Looking ahead: CoreSpatial product SKUs in 2026

In 2026 we will look to expand our MAS offerings to include product SKUs associated with our CoreSpatial technology stack. Those product SKUs will represent turnkey, deployable geospatial platform capabilities built on proven components such as GeoServer, PostGIS, GDAL, Cesium, and MapStore2. Adding product SKUs will let programs procure complete, ready-to-run geospatial solutions through the same streamlined MAS vehicle.

Next steps and how to engage

We will share ordering instructions, capture guidance, and the official contract posting once the award is published on GSA’s schedule. After the posting, agencies and acquisition teams will be able to place orders directly against our MAS contract.

If you are a federal program office or acquisition team that would like to learn how NGS can support an upcoming requirement, contact your NGS account lead or our business development team for a briefing and ordering support.

Final note

This award strengthens our capacity to deliver secure, mission-focused engineering and geospatial services to government customers. Additional details and agency-facing guidance will follow with the official GSA posting.

The post NGS Awarded a 20-Year GSA MAS Contract Vehicle first appeared on .

We anticipate the release of Portal in the upcoming weeks based on MapStore2 v2025.01.01, as well as promoting FIPS compliance for GeoServer to a generally available release.

Other exciting features on our roadmap include:

• Expanded deployment options with Docker Compose
• AI Enablement via MCP API
• Expanded FIPS 140 compliance across all CoreSpatial modules

CoreSpatial Server and Basemaps Release Notes

2025.3.5 (9/24/2025)

• Docker setup scripts hardened and simplified:
  • Unified permission / ownership helpers (fix_dir, fix_file) across data load steps
  • More robust curl version / SigV4 capability detection and consolidated S3 / MinIO download logic
  • Non‑root friendly: scripts no longer require running as root
• Default basemap data storage now points to Cloudflare R2 (via BUCKET_HOST)

2025.3.4 (8/29/2025)

• Update GeoServer to 2.27.2
• Docker build now uses Iron Bank ubi9 base image
• Minor improvements to docker setup script

2025.3.3 (8/14/2025)

• Patch vulnerabilities in OpenJDK 17

2025.3.1 (7/2/2024)

• Update PostgreSQL JDBC jar to 42.7.7 – patches CVE-2025-49146
• Update commons-beanutils to 1.11.0 – patches CVE-2025-48734

2025.2.4 (7/1/2025)

• Add logic for catalog manifest to allow for updates to catalog

CoreSpatial Map Manager Release Notes

2025.3.3 (9/22/2025)

• Bump Spring Boot to 3.5.6 to clear 1 High severity CVE

2025.3.2 (8/27/2025)

• Bump Spring Boot to 3.5.5 to clear 1 High and 1 Medium severity CVEs

2025.3.1 (7/7/2025)

• Bump Postgres JDBC Jar to 42.7.7
• Bump Spring Boot to 3.5.3 to clear 1 High and 2 Medium severity CVEs

The post CoreSpatial 2025-Q3 Release Announcement first appeared on .

What Is FIPS Compliance and Why Does It Matter?

FIPS stands for Federal Information Processing Standards, a set of publicly announced standards developed by the National Institute of Standards and Technology (NIST) for use in computer systems by non-military government agencies and contractors. Specifically, FIPS 140-2 and 140-3 relate to cryptographic module validation. They define the security requirements for cryptographic operations like encryption, hashing, and signing.

• Learn more about FIPS 140-2
  
• Explore the latest FIPS 140-3 standard
  
• NIST’s full FIPS series can be found at csrc.nist.gov
  

Many U.S. federal systems (and an increasing number of enterprise platforms handling sensitive or regulated data) are required to run only FIPS-validated cryptographic modules. Without this validation, software components like web services, authentication providers, or spatial data servers will be deemed unsuitable for use in secure environments, particularly those that handle Controlled Unclassified Information (CUI), Protected Health Information (PHI), or mission-critical defense data.

Why This Is a Big Deal for CoreSpatial and GeoServer Users

GeoServer, a cornerstone of open-source geospatial services, is widely adopted across both public and private sectors. However, until now, deploying GeoServer in a FIPS-validated environment was not possible due to compatibility issues related to the use of older style JCEKS keystores for secret management, among other password handling issues. 

With this new release of CoreSpatial Server, we’ve resolved those limitations by:

• Configuring the Java runtime environment to use Bouncy Castle FIPS 140-2 validated cryptographic providers
  
• Hardening container images and RPM-based installations to ensure strict FIPS mode enforcement
  
• Providing turnkey compatibility with RHEL FIPS-enabled operating systems
  
• Validating compatibility with secure ingress and TLS termination using approved ciphers and key lengths
  
• Ensuring continued compatibility with key plugins and extensions, such as WMS/WFS/WCS services, PostGIS integration, and security modules
  

This means CoreSpatial Server customers can now deploy GeoServer in environments where FIPS 140-2 compliance is not optional – including DoD, DHS, and state-level emergency management systems.

Deployment Scenarios Supported

The FIPS-compliant CoreSpatial Server supports:

• Bare metal or VM installations on RHEL 8 and 9 with FIPS mode enabled
  
• Containerized deployments using Podman, Docker, or Kubernetes where the underlying host supports FIPS 140-2 compliant cryptography
  

Whether you’re deploying in a SCIF, in a hybrid cloud with strict compliance policies, or inside an accredited container security boundary, CoreSpatial Server now enables you to take full advantage of GeoServer’s spatial publishing power without compromising on compliance.

Get Started Today

To explore FIPS-ready deployment options or see a demo, contact us at sales@newmoyergeospatial.com or visit our CoreSpatial overview.

For federal agencies and contractors already navigating FedRAMP, CMMC, or NIST 800-171 compliance landscapes, this enhancement brings CoreSpatial one step closer to being your go-to open-source alternative for secure geospatial systems.

The post CoreSpatial Server Adds FIPS 140-2 Compliance to GeoServer first appeared on .

At NGS, we built CoreSpatial to give government users control over their mapping stack – without locking them into a commercial ecosystem. CoreSpatial combines proven open-source technologies with enterprise support, secure delivery, and mission-aligned flexibility.

What Is CoreSpatial?

CoreSpatial is a fully deployable, modular geospatial platform built on proven open-source technologies.

CoreSpatial Server

Host and serve geospatial data securely and efficiently with GeoServer – an OSGeo project that has long served as a staple of OGC compliant web GIS.  CoreSpatial Server provides a hardened, scalable, OGC-compliant GeoServer for WMS, WFS, WMTS, and vector tile services, including GDAL and PostgreSQL/PostGIS for advanced spatial data processing and visualization. It supports high-throughput deployments for internal operations or external sharing and is designed to meet cyber compliance standards across cloud and on-prem environments.

CoreSpatial Basemaps

A curated package of pre-rendered, production-ready basemaps including OpenStreetMap and publicly available global datasets. Delivered with loading scripts, caching configurations, and high availability support, the basemaps module gives your teams a foundation to start building immediately — without needing to source or tile your own data.

CoreSpatial Map Manager

An intuitive interface for importing and managing new high-resolution imagery or elevation data. Built for usability, Map Manager lets you drag and drop datasets into your CoreSpatial environment, handles preprocessing and tiling, and automatically publishes the data through CoreSpatial Server. No GIS background required.

CoreSpatial HIFLD

This optional data module includes critical infrastructure layers from DHS HIFLD and other government sources, packaged for immediate use. Includes metadata, categories, and integration-ready styling for emergency management, public safety, and infrastructure planning.

CoreSpatial Portal

Built on MapStore2, CesiumJS, and OpenLayers, CoreSpatial Portal is a full-featured content management interface for geospatial assets. It allows users to create dashboards, interactive maps, story maps, and reports — all powered by your CoreSpatial services. Portal is ideal for internal collaboration or public transparency, and includes tools for access control, theming, and analytics.

Every CoreSpatial deployment is standards-based, vendor-agnostic, and tailored to the needs of government organizations.

Who Is CoreSpatial For?

We work with agencies at all levels – federal, state, and local – to deliver custom geospatial platforms that meet operational requirements:

Federal Civilian Agencies

DHS and FEMA geospatial coordination

NOAA and USGS data visualization and dissemination

CBP, TSA, and critical infrastructure overlays

State & Local Governments

Emergency response coordination and common operating pictures

County GIS systems for planning, permitting, and land use

Public safety dashboards for law enforcement and fire services

Defense & Intelligence Programs

C2 system integration

Tactical and ISR mapping

Coalition and interagency data sharing

Why Choose CoreSpatial?

✔️ Full Deployment Control – Run CoreSpatial in your cloud, on-prem, or in an air-gapped environment
✔️ No Licensing Headaches – No per-user, per-core, or hidden fees
✔️ Enterprise-Grade Delivery – Includes support, security, Kubernetes deployment, and DevSecOps automation
✔️ Open Standards – Built entirely on OGC-compliant technologies
✔️ Adaptable to Any Mission – Add plugins, customize layers, and build exactly what your team needs

Let’s Talk

Whether you’re replacing a legacy GIS, building a new app with a map component, or modernizing your entire geospatial backend – we can help.

📧Contact NGS to schedule a live walkthrough or technical briefing.

The post CoreSpatial Buyer’s Guide for Government first appeared on .

This release includes major security and performance updates across the stack. We are hard at work to bring a new release of Portal based on the recently dropped MapStore2 v2025.01.00, as well as FIPS compliance for GeoServer (CS Server).

CoreSpatial Server and Basemaps Release Notes

2025.2.3 (6/10/2025)

• Update GeoServer to 2.27.1
• Update Jetty to 9.4.57.v20241219
• Update PostgreSQL JDBC jar to 42.7.6
• Update C3P0 Connection Pooling lib 0.11.1
• Update Marlin Jar to v0_9_4_8_jdk17

2025.2.2 (5/12/2025)

• Add ability to map data from mounted volume in Kubernetes environment

2025.2.1 (5/2/2025)

• Improvements to container initialization scripts
• Multiple High and Medium severity security patches in OpenJDK, libexpat, c-ares, and giflib
• Update OSM database to 3/31/2025 build

CoreSpatial Map Manager Release Notes

2025.2.2 (6/10/2025)

• Bump Spring Boot to 3.5.0 to clear 2 Low severity CVEs
• Bump Python to 3.12.11 to clear multiple CVEs (Medium, High, and Critical severity)
• Bump Postgres JDBC Jar to 42.7.6

2025.2.1 (5/2/2025)

• Bump Spring Boot to 3.4.5 to clear multiple CVEs

The post CoreSpatial 2025-Q2 Release Announcement first appeared on .

At NGS, we’ve seen this shift firsthand through CoreSpatial – our secure, customizable, open-source GIS stack designed specifically for federal use cases. Here’s why open-source GIS is now a viable, and often superior, option for government agencies.

Reason #1: Security and Compliance Have Caught Up

Modern open-source GIS tools like GeoServer, PostGIS, OpenLayers, and CesiumJS now meet many of the same cybersecurity standards as commercial platforms. They benefit from active community and vendor-backed development cycles that rapidly address CVEs and harden default configurations.

With platforms like CoreSpatial, NGS overlays strict DoD and FedRAMP-informed security architectures on top of these tools. Role-based access control, encrypted transport and storage, centralized logging, and auditing can all be configured from the start – without black-box components.

Reason #2: Deployment Flexibility for Tactical and Enterprise Environments

One of the most powerful advantages of open-source GIS is deployment flexibility. CoreSpatial can run:

• On fully air-gapped networks
• Inside cloud-native environments (AWS GovCloud, Azure IL5)
• On portable edge devices for field operations

This is possible because you’re not locked into a vendor-controlled SaaS model or restrictive license agreement. Government teams have full control over how and where they operate their systems.

Reason #3 Avoiding Lock-In While Enabling Innovation

Many federal agencies are trapped in decades-old licensing cycles with proprietary vendors. This creates two problems:

• High costs for marginal capability improvements
• Little ability to customize or extend platforms to meet modern mission needs

Open-source GIS flips this model. You own the code. You can customize it. And you can collaborate with an ecosystem of innovators – whether they’re internal developers, contractors, or commercial integrators.

Reason #4 Interoperability and Open Standards

Interoperability is essential in environments where multiple agencies, systems, and coalitions must work together. CoreSpatial adheres to OGC standards out of the box, ensuring smooth data sharing across platforms, whether you’re integrating with NATO allies, municipal systems, or intelligence feeds.

Rather than relying on translation layers or costly middleware, open standards are native to the architecture.

Reason #5 Real-World Use Cases Are Already Here

Open-source GIS isn’t theoretical – it’s operational. CoreSpatial and its component parts are already supporting use cases including:

• Command and control and situational awareness platforms using OpenLayers, Cesium, and GeoServer
• Imagery processing and dissemination using GDAL, PostGIS, and GeoServer
• Multi-domain targeting and air mission planning using PostGIS, GeoServer, OpenLayers,  and CesiumJS
  

These systems deliver real value today – and do so at a fraction of the traditional cost.

By the way, we are compiling a list of government programs and agencies that use open source GIS solutions today. We look forward to sharing those in the upcoming weeks ahead. 

Feel free to drop us a line if you’d like to contribute! info@newmoyergeospatial.com

Conclusion: Time to Rethink the Stack

Open-source GIS is no longer a fringe solution. It’s a strategic asset for agencies looking to modernize geospatial capabilities, reduce risk, and stretch every budget dollar further.

If you’re evaluating your next geospatial procurement or modernization effort, it may be time to rethink what’s possible – with open source.

Want to see how CoreSpatial could fit your mission? Contact us for a live demo.

The post Why Open Source GIS Is Ready for Mission-Critical Government Use first appeared on .

CoreSpatial Server 2025.1.2 (3/16/2025)

• Updates GeoServer to 2.26.2
• Update PostgreSQL JDBC jar to 42.7.5
• Allow container to start with default catalog
• Added support for optional map data loading in container initialization
• Moved Docker container usage instructions to Admin Guide
• Enable use of WPS for Geoprocessing services in CoreSpatial Portal
• Fixed issue with loading fonts in container image

CoreSpatial Map Manager 2025.1.3 (3/13/2025)

• Improve startup logic for creating highres store and layers in GeoServer
• Fix bug with initialization of PG variables in datastore.xmls
• Bump spring boot to 3.4.3 to clear multiple CVEs
• Bump Postgres JDBC Jar to 42.7.5
• Bump multiple babel frontend deps to clear 2 Moderate CVEs
• Bump axios frontend dep to clear 1 Critical CVE

CoreSpatial Portal 2025.1.1 (4/01/2025)

New Features & Enhancements

• Interactive Legends & TOC Improvements
  • Enhanced interactive legends for both WFS and Vector layers, including fixes for filter icon visibility and smoother filter management.
• Text Widget Upgrades
  • Enabled image uploads within Text widgets by introducing a new property (renamed to uploadEnabled) along with accompanying unit tests.
• Vector File Import Enhancements
  • Added configurable file size limits for vector imports (now set to 3 MB by default), with warning notifications, translations, and updated tests.
• Layer Style Editing Configuration
  • Introduced dynamic configuration for editing the default styles of layers.
• Cesium Integration Improvements
  • Allowed dynamic setting of the CESIUM_BASE_URL and added support for the Cesium Ion Terrain Provider.
  • Fixed an issue where Cesium maps appeared too dark when opened in the evening.

Bug Fixes

• WMS & 3D Mode
  • Corrected Cesium/3D mode behavior to ensure WMS requests use version 1.1.1.
• Legend & Style Editing
  • Resolved incompatibilities between the legend filter and style editing.
• GeoFence & Proxy Issues
  • Fixed error notifications when moving GeoFence rules.
  • Addressed proxy call issues affecting CORS-disabled domains on the Model layer.
• UI & View Update Fixes
  • Fixed problems with view updates (e.g., when the center prop changes) and issues in various UI elements (dashboard save, search bar overlaps, navbar icon order, etc.).
• Additional Bug Resolutions
  • Corrected parsing issues in WPS responses and resolved problems in feature grid customizations, resource re-rendering, and measure tool functionality.

Build, Dependencies & Infrastructure

• Security & Base Image Updates
  • Updated the Tomcat base image to address multiple external security warnings.
• Build Script & Configuration Improvements
  • Revised build scripts (including build.sh) to pass shellcheck and use build arguments for memory heap configuration.
  • Updated Babel configuration, ESLint settings, and utility package files.
• CI/CD Enhancements
  • Upgraded GitHub Actions for artifact uploads and caching.
• Dependency Bumps
  • Bumped jinja2 from 3.1.4 to 3.1.6.

Documentation & Testing

• Docs Updates
  • Revised query parameter documentation and added missing parts for interactive legends (WFS layer).
  • Improved LDAP and corporate proxy configuration guides.
• Testing Enhancements
  • Expanded unit and integration tests across new features and bug fixes, ensuring better coverage for text widgets, vector import limits, and map preview functionalities.

Miscellaneous

• Code Cleanup & Refactoring
  • Removed unused code and comments, reverted select changes, and fixed lint errors.
• Localization & Styling
  • Updated translations (including Catalan support) and refined resource card styling.
• Developer & Context Updates
  • context configuration and updated various developer guides and JSDoc comments.

The post CoreSpatial 2025-Q1 Release Announcement first appeared on .