On Friday, it’s EpiUsers Frideas Day! Have you been to the Epicor Ideas Portal recently? If so, are there some ideas you want to encourage other users to vote for? Maybe want to add comments to an existing idea?
Did you know that AdvancedMES/MATTEC has an Ideas section? I’ve seen several ideas expire due to lack of interest, but did you know that the majority of MATTEC users do not run Kinetic? 
Maybe AdvancedMES gets it’s own category like the other cross-platform products? 
I will put a plug in for my recent ones.
Miscellaneous Charges - Ability to Assign Line | Epicor Ideas Portal (aha.io)
Ability to Select Multiple Contacts or Manually | Epicor Ideas Portal (aha.io)
Improve How Shipping Requirements Are Managed | Epicor Ideas Portal (aha.io)
Just noting that as of this past Tuesday, we started “grooming” features that would be included in the 2025.1 release and beyond. We have multiple parameters to define what we will work on, and one of the main parameters is the number of votes. So… make sure that you have voted on your favorite things in Epicor Ideas.
Here are the current top 5 for Kinetic ERP Ideas (Votes - Years):
It is possible to copy user from User Security Maintenance in 2024.1
All of these Ideas have the status of “Gauging Interest.” 
Well, one idea contains too many changes to do at once. Not sure why
If you don’t half of the cool stuff I have wrote, or planned to, will no longer work.
Idea → Roll back Custom Code Restrictions that are no longer relevant with the move to AKS.
One of Epicor’s strongest draws is the ability to customize processes with custom code.
Recently, there have been warnings added about using
"System.IO", and"System.Reflection".
These warnings are slated to become errors. (I assume there are others.)The reasons stated for
"System.IO"are to prevent arbitrary file access. No reasons have been stated for"System.Reflection".Neither of these restrictions make any sense with the move to AKS.
I understand “security” concerns, but the risk of these particular items is no more relevant than the other items I have access to in custom code. If you have that level of access, it’s already dangerous.
Kinetic SaaS is an “instance” based cloud offering, where we have an instance in the cloud.
It’s the same product as on-prem, except Epicor is hosting it, and they offer limited management capabilities.
The only danger allowing these standard libraries, is to ourselves, which is the same as if we were hosting it.
Kinetic SaaS has become Epicor’s flagship product, and we get less freedom and abilities with every iteration.
I personally have used these standard libraries to work around bugs in Kinetic, as well as add functionality to the product that does not exist, and is sorely needed.
For example, I use
"System.Reflection"to enumerate the fields and properties in my functions, before and after running, so I can log failures or other telemetry.This is an automatic, cut & paste template. Without access to reflection, I have to tailor the logging function for each and every function.
This seems like a solution looking for a problem, and is going to make many developers lives much more difficult, and their solutions less exceptional.
We don’t need protection from ourselves.
Please reconsider.
And I noticed that:
Portal for Cloud Users for Some System Tasks (106 - 2)
is also “Gauging Interest” and I’m pretty sure that’s under development and should be released soon.
There are 50 reasons…
BTW, I’m all for “unmerging” Ideas down into doable pieces!
While I don’t quite agree with this, at least when it comes to me, having an “Advance Code Block” Security Group to allow some of these libraries might be a way for some to protect themselves and others to have the freedom to innovate. Of course, if Epicor could provide equivalent “safer” functions, that would work too.
Appreciate any votes for this new idea - had to reset a password for a user in Quick Ship (cloud, latest production version) this week and was appalled to discover it has like a 1990 security posture on that process:
QS-I-227 Modern and Secure Password Reset for Quick Ship
When you reset a users password as an admin or user in Quick Ship, the password is simply reset to the default password used by Quick Ship across ALL customers - something like password1 (not the real password, but its about that lame).
This is a cloud-based system, no longer somewhat protected behind a firewall. If you do not believe it could possibly be this lame security-wise, read the official Epicor KB article: KB0123524 - How to Unlock and Reset User login password in Quick Ship
That KB article also describes the default passwords assigned to admin users… Quick Ship needs some security locking down.
I agree with the first part, but not this. Sometimes you need to get out and do advanced work.
We’ve been able to this whole time. Now the risk is isolated. Let me take it.
I might could deal with a System.IO replacement (I would cry everyday), but taking away System.Reflection is cutting us off at our knees.
We are fully aware, and do monitor these top-voted items. also be aware, that while they do have lots of votes, some of them are “huge”… we have one idea (none of these at this moment) that would consume over 1/2 of our development time to implement. we want to get as much bang for the buck… accepting one idea with 100 votes could replace 10 ideas with 20 votes each (totaling 200 votes). It is a careful balancing act.
Yes, if we have one idea that is huge, it would be better to split that up into more manageable bite-sized items.
Let’s not forget another big item - Replace Tired SSRS Reports with a more modern | Epicor Ideas Portal (aha.io)
Not in the top for votes, but talk about
If Epicor is concentrating on performance and wants to implement AOT, Reflection is not compatible.
I doubt they will be AOTing bpms and functions lol.
160 votes ain’t nothing to sneeze at!! Let’s go 
This is a big one and a trivial win can be done across the board at the Data Layer even
Ability to activate CreatedBy and Create Time + ChangeTime and Changed By fields for any table
This one is another big one… Task Agent needs a whole revamp but this at least would help.
Allow removal of dead tasks from the System Monitor without Epicor Support or SQL back end hacks
YES and YES - from Data Analyst and Sysadmin standpoints, these two would be great @josecgomez !
