Release of Daml 2.8.7

Summary

This is a maintenance release that addresses several issues.

What’s New

The Daml SDK installers (.exe, .sh, .bat) no longer require access to the internet during installation.
PQS has several fixes and enhancements:
- As a precautionary measure, a starting PQS will detect an issue and exit if multiple concurrent PQS processes try to address the same postgreSQL database. Note that only a single PQS instance should address a database. This can only happen in an unsupported situation where a PQS is not shut down, a PQS is misconfigured, etc.
- Fixed a race condition that could cause foreign-key duplicate errors on startup if the PQS was shutdown under a sustained, very high ledger event generation situation.
- Correct a PostgreSQL issue where it was possible to see multiple (ie. inconsistent - advancing) latest offsets, on a rapidly advancing ledger, rather than the snapshot isolation that users would expect.
Avoid generating log entries when configuring HA-sequencer pruning. The ``sequencer.health.status`` command can now be used to identify the sequencer that accepts administrative changes.

A bug was fixed in memory resource management so that infinite loops are terminated based on a timer.

Download and Installation

The Daml 2.8.7 SDK has been released. You can install it using the command: daml install 2.8.7.

The table below lists how you can download Daml Enterprise or individual components.

Daml Enterprise v2.8.7
Component	File download	Container Image
SDK	Linux macOS Windows	NA
Canton for Daml Enterprise	Standalone JAR file	digitalasset-docker.jfrog.io/canton-enterprise:2.8.6
Daml Finance	GitHub Page	NA
HTTP JSON API Service	Standalone JAR file	digitalasset-docker.jfrog.io/http-json:2.8.6
Trigger Service	Standalone JAR file	digitalasset-docker.jfrog.io/trigger-service:2.8.6
OAuth 2.0 middleware (Open-Source)	GitHub Page	digitalasset-docker.jfrog.io/oauth2-middleware:2.8.6
Participant Query Store	Standalone JAR file	digitalasset-docker.jfrog.io/participant-query-store:0.3.2
Trigger Runner	Standalone JAR file	digitalasset-docker.jfrog.io/trigger-runner:2.8.6
Daml Script	Standalone JAR file	digitalasset-docker.jfrog.io/daml-script:2.8.6

If you are using Oracle JVM and testing security provider signatures, note that the Canton JAR file embeds the Bouncy Castle provider as a dependency. To enable the JVM to verify the signature, put the bcprov JAR on the classpath before the Canton standalone JAR. For example:

java -cp bcprov-jdk15on-1.70.jar:canton-with-drivers-2.8.6-all.jar com.digitalasset.canton.CantonEnterpriseApp

Note: These Docker images are designed to be suitable for production use, with minimal size and attack surface. Minimal images can sometimes make debugging difficult (e.g. no shell in the containers). For convenience, we provide “debug” versions of each of the above images, which you can access by appending “-debug” to the image tag (e.g. digitalasset-docker.jfrog.io/http-json:2.8.6-debug).