The LeafData API has a pretty serious issue. A request indicates success however, the operation is a failure. This is on top of the gateway-timeout and other service availablity issues they had. The Request and Response POST /plants/update { "plant": { "global_id": "WAJ499999.PL18QN4", "global_area_id": "WAJ499999.AR1T0I", "global_batch_id": "WAJ499999.BA54W6S", "plant_created_at": "2018-04-09 00:00:00", "origin": "inventory", "stage": "growing" } } { "additives":"", "created_at":"04\/09\/2018 11:20am", "deleted_at":null, "external_id":"", "global_area_id":"WAJ499999.AR1T0G", "global_batch_id":"WAJ499999.BA54W6S", "global_id":"WAJ499999.PL18QN4", "global_mme_id":"WAWA1.MMF5", "global_mother_plant_id":null, "global_strain_id":"WAJ499999.ST6MEK" "global_user_id":"WAWA1.USDK", "group_name":"", "is_initial_inventory":"0", "is_mother":"0", "last_moved_at":null, "legacy_id":null, "notes":"", "nutrients":"", "origin":"inventory", "pesticides":"", "plant_created_at":"04\/09\/2018", "plant_harvested_at":"", "plant_harvested_end_at":"", "stage":"growing", "updated_at":"04\/24\/2018 01:13pm", } Notice here that while we requested an update to the Area of AR1T0I the response still indicates Area AR1T0G.

Categories: Technology, Traceability

Two months into the operation of the MJ Freeway / LeafData software in Washington State and we’re still seeing epic data integrity failures. This is the system that failed to launch on Nov 1st 2017, missed the second launch attempt on Jan 1st 2018 and has left us with this broken system beginning Feb 1st. One of the key features that this system is supposed to provide is the unique identifiers necessary for tracking the materials.

Categories: Technology, Traceability

Yet another failure by MJ Freeway / LeafData in their endavour in Washington. It appears that on March 25th, at 6:45 AM UTC (about 22:45 Seattle Time) there was an update deployed to the LeafData system. This time, they’ve mangled the date formats so badly that their own preferred language (PHP) has difficulty interpreting it (strtotime). No release notes were included, this change was not announced. Date Format History Back in December of 2017, before this dumpster fire was even launched (it was in it’s first delay period) I requested that MJ Freeway format all dates using the ISO 8601/RFC3339 standard format.

Categories: Technology, Traceability

Today the WSLCB and MJ FailWhale/LeakData have once again demonstrated their incompetence and negligence. Mary Mueller, the CIO of the LCB sent this out today (we received at 18:31 Pacific Time) Good evening, gang, I know that we were hoping to get this out earlier, but I wanted to let you know that we did find a couple of defects in release 1.35.4.1. Due to the severity of the issue to be fixed, I have reluctantly approved this to roll to Test ASAP and Prod tonight.

Categories: Technology, Traceability

MJ Freeway / LeafData Epic Failure The LCB (after may delays) finally decided to “launch” the LeafData platform. The first few days have been a epic failure. There are 100s of businesses that cannot even operate now. First, there was the disaster of the Secure Access Washington (“SAW”) system. All the cannabis business owners needed access LeafData after a sign-in via SAW. However, due to record-keeping errors on the part of the LCB many of these businesses had a mis-match between their SAW email and their LeafData emails.

Categories: Technology, Traceability

The MJ Freeway / LeafData system will be launching in Washington in a few days (Feb 1st). This is the system that failed to launch Nov 1st, and then failed again to launch on Jan 1st. Third time is the charm, right? State of the System What we have now is a product that is very, very rough around the edges. Third party software vendors, like us, were told we would have API stability in December.

Categories: Technology, Traceability

Once again, MJ Freeway/Leaf Data Systems has failed to launch their platform for the State of Washington. Originally they had set a foolishly aggressive schedule of a November 1st, 2017 launch, which they failed. This was followed up by a second, aggressive schedule of January 1st, 2018. An announcement was made on December 22nd, 2017 that the January deadline would not be met. Some History In May we all knew that BioTrackTHC was out on October 31st.

Categories: Technology, Traceability

On Nov 1st the Washington State cannabis tracking infrastructure operated by the WSLCB went offline, rather abruptly. The WSLCB had issued a contingency plan the week before, however the plan was rough and kept changing day over day with work-arounds and odd modifications to the status-quo. BioTrackTHC’s contact with the WSLCB had terminated on Oct 31st and the replacement system was not operational (estimated delivery date is Jan 2, 2018).

Categories: Technology, Traceability

Just to kind of bring everyone up to date on this one too, it doesn’t look like the contract with BioTrack will be extended. The LCB has asked BioTrackTHC for an extension, WeedTraQR and other third party software providers have publicly (and privately) endorsed this idea. Currently dozens of licensed operators are messaging the LCB to ask to make this happen. We are not so sure it will and are planning for the scenario where it is not extended.

Categories: Marijuana Regulation

UPDATE: The Traceabiliity system will be offline until January 2nd!!! Failure: “all critical tasks will not be complete by the end of our contract with the current vendor on Oct. 31, 2017” The Washington State Cannabis tracking software (Seed-to-Sale) will be degraded starting Oct 25th, and then completely offline Oct 29th. MJ Freeway will perhaps have their system online Oct 31st – even if that system is missing features/requirements that currently exist.

It was announced today that MJ Freeway, with about 10 days until go-live is not ready. The LCB has offered what they refer to as a “generous” offer to BioTrackTHC who has declined to extend their services. So, now we have a scenario where the current system becomes reduced in functionality starting on the 25th of Croptober, and is offline from October 29th, until the morning of Oct 31st. A disaster, we could all see coming months ago despite MJ Freeway claiming that all would be well.

Categories: API, Technology, Traceability

When it was discovered that BioTrackTHC was on the way out in Washington many of you heard WeedTraQR declare: “it’ll get worse before it gets better”. Currently, there is some serious data control issues we’re observing in the BioTrackTHC system. It’s all centered around the Location or License number. In Washington State these are six digit numbers assigned to every location of a business. Licenses are related to a UBI – the Washington State Universal Business Identifier.

It’s now official, confirmed on multiple accounts and the contract negotiations are proceeding. The replacement for BioTrackTHC in Washington State will be MJ Freeway using their Leaf Data Systems product. MJ Freeway has until October 31st to get their replacement system in place. This is a pretty large software project and has a very, very aggressive schedule. The Leaf Data system is barely ready for prime time, we’ve got thousands of businesses to migrate, three years of data and at least six third party API vendors.

Here is a pretty serious bug in the Washington State Traceabilty system that is powered by BioTrackTHC. In the object descriptors provided by the BioTrack API there is a field called ‘sessiontime’. This value is populated with the time the object was last modified, generally. On the QA results API calls however this field is populated with the time the API call is made. So, each call to lookup the QA results reports a different timestamp.

Categories: API

There is a huge bug in the BioTrackTHC API in Washington (and NM, HI, IL). We’ve raised this issue with both the WSLCB and with BioTrack and yet BioTrackTHC refuses to address the issue at all. Even worse, if you are affected by the bug BioTrackTHC refuses to help. Reproduction: From the BioTrack API it’s possible to adjust user permissions, with a fairly granular set of permissions including: user_add and user_modify permissions.

Categories: API

Through the Freedom of Information Act we are able to obtain database dumps from the Washington State BioTrack database. Here’s a small anomaly we’ve noticed on this one. Keep in mind, this is a system that is supposed to guarantee unique identifiers for all plants and inventory and provide robust tracking. select id from inventory group by id having count(id) > 1;<br /> 0214523902408153<br /> Everyone knows that quality database systems don’t enforce unique indexes on their system.

Categories: Technology

Yet another data inconsistency in the BioTrackTHC system for Washington State. In this case we see the system indicate an Inventory Adjustment – but there is no corresponding record to the Inventory itself. Either the original Inventory records have been dropped from sync, or the Adjust data-set is improperly including this one. { "atype": 4, "inventoryid": "9385560946883972", "location": "412457", "new_quantity": "0.000000", "previous_quantity": "2187.902796695", "reason": "Originally entered with stems and once reprocessed to remove them, the system was not updated to reflect the loss in tonnage.

Categories: Marijuana Regulation

Today we’ve observed some serious issues with the BioTrackTHC API in New Mexico. These issues clearly indicate their system is not tested or audited for integrity. If BioTrackTHC cannot tell the difference between New Mexico and Washington State how can we trust the other data in their system to properly track marijuana? Manifest with Orphaned Vendors First what we see is Manifests that indicate they’ve been delivered to Vendors that don’t exist.

Categories: Marijuana Regulation

Today BioTrackTHC+WSLCB released another update to the API; again with zero advance notice for third party integrators. At the end of Friday an announcement was provided which details the changes. This leaves integrators (such as WeedTraQR) in the lurch. Now, we have to work through the weekend to integrate these critical updates. On multiple occasions WeedTraQR has communicated to both BioTrackTHC and the WSLCB how to deploy updates to an API.

Categories: API, Traceability, Transparency

The authentication system for this API is a fucking joke. Rather than use established standards like oAuth or hash-tokens they require that users of the API use the SAME CREDENTIALS that are used to sign-in to their system. This is a KNOWN ANTI-PATTERN in the technical world for many reasons. It’s problematic because it requires integrators to keep this password on file. If there were any security issues in the integrator platform it could expose this BioTrack credentials.

Categories: API, Traceability

BioTrackTHC abruptly changed their API On Saturday, May 28th with zero notice to any of the third party integrators in Washington State. The change this time created a new value for the LocationType field of the Vendor objects. The new value is ‘9’. BioTrackTHC also (silently) published an updated API document (https://biotrackthc.com/sites/default/files/state-docs/JSON-21.pdf). This new documentation introduces functionality for manifests to be transported by third parties. However, no mention is made about LocationType 9.

Categories: API, Technology, Traceability

Once again BioTrackTHC has modified their API with zero notice to the third party integrator. The API in question this time is inventory_manifest_lookup. This API takes only one parameter, a six digit license ID. Prior to May 14th, if one was to query this API using an in-active license ID it would respond with the message: { "error": "No inbound transfers or pending manifests found.", "errorcode": "602", "success": 0 } Then, the API changed on May 14th without notice.

Categories: API, Traceability

There appears to be a bit of a discrepancy with how the BioTrackTHC system handles the QA results. Sometimes it shows the results are there and keeps the association with the parent ID. In other cases that relationship seems to be lost and one must know a sub-lot of a sub-lot ID to find the results. Oh, and in that specific case one API call shows no results and another API call does provide QA results.

Categories: API, Traceability

For integrators in Washington (and other States) BioTrackTHC maintains the list of the vendors authorized in the system and their license numbers. This list is visible from the sync_vendor API call. However, a critical piece of data is kept out of this data-set – which licenses are active. What this means for an integrator is that is not possible with the data provided by the system to determine which license can and should be used.

Categories: API, Traceability

Recently BioTrackTHC introduced some breaking changes in the data-set returned by the sync_vendor API call. These are breaking changes and the data-set now does not match with the documentation – at all. Here is what one of these broken records looks like { "address1": "1445 INDUSTRIAL WAY", "address2": "STE 19A", "city": "LONGVIEW", "location": "412233", "locationtype": null, "name": "MAMA J'S", "processor": null, "producer": null, "retail": null, "state": "WA", "transactionid": "31019131", "transactionid_original": "

Categories: API, Technology, Traceability