Bookstack - Package Updates

nebulon

[1.14.6]

• Update BookStack to 21.08.6
• Release announcement

girish

[1.15.0]

• Update BookStack to 21.10
• Release announcement
• Added Attachment API endpoints. (#2986, #2942)
• Added Estonian language to BookStack via Crowdin. (#2979)
• Added support for base64 image content within markdown text via page POST/PUT. (#2898)
• Updated translations from Crowdin contributors. (#2983)
• Fixed padding within book-tree sidebar items. Thanks to @ffranchina. (#3000)

nebulon

[1.15.1]

• Update BookStack to 21.10.1
• Release announcement
• Fixed image upload vulnerability. Thanks to @Haxatron (#3010)
• Fixed capitalization for Estonian language option. Thanks to @IndrekHaav. (#3008)
• Updated PHP packages to prevent abandoned warning. (#3007)
• Updated translations with latest changes from Crowdin. (#3006)

nebulon

[1.15.2]

• Update BookStack to 21.10.2
• Release announcement
• Made further fixes to address image upload vulnerability. Thanks again to @haxatron (#3019)
• Updated translations with latest changes from Crowdin. (#3014)

girish

[1.15.3]

• Update BookStack to 21.10.3
• Release announcement
• Fixed path image file path traversal vulnerability. Thanks @theWorstComrade for reporting. (#3030)
• Prevented HTML attachments being served inline. Thanks @theWorstComrade for reporting. (#3027)
• Updated translations from latest Crowdin changes. (#3023)

nebulon

[1.16.0]

• Update BookStack to 21.11
• Release announcement

girish

[1.16.1]

• Update BookStack to 21.11.1
• Release announcement
• Added custom command support to the logical theme system. (#3072)
• Added support for prefers-contrast media setting to increase contrast in faded areas when active. (#2634)
• Updated TOTP confirmation view to autofocus on code input. Thanks to @raccettura. (#3068)
• Updated translations with latest changes from Crowdin. (#3057)
• Updated any links on homepage lists to be more obvious & accessible. (#3046)
• Fixed faulty page navigation links when headers are nested within other content. Thanks to @Julesdevops. (#3069, #3058)

girish

[1.16.2]

• Update BookStack to 21.11.2
• Release announcement
• This is a security release that address a couple of vulnerabilities relating to API access and page draft related content visibility
• Fixed issue with greater-than-expected visibility on page-draft-related items. Thanks @Haxatron for reporting. (#3086)
• Fixed issue where public API access was not limited by system public control in certain conditions. (#3091)

girish

[1.16.3]

• Update BookStack to 21.11.3
• Release announcement
• This is a security release that helps prevent potential discovery and harvesting of user details including name and email address.
• Helped prevent discovery and harvesting of user information. Thanks @Haxatron for reporting. (#3108)
• Updated search API results to include the highlighted preview content. (#3096)
• Updated search API results to include item URL. (#3080)

girish

[1.17.0]

• Update BookStack to 21.12
• Release announcement
• Added webhooks. (#147, #3099)
• Added ability to copy books, chapters & roles. (#3118, #1123)
• Added audit log IP address search. Thanks to @johnroyer. (#3081)
• Updated translations with latest Crowdin changes. (#3117)
• Fixed issue where non-ascii content could break search result previews. Thanks to @Kristian-Krastev. (#3113)
• Fixed mismatched password validation rules across the application. (#2237)

nebulon

[1.17.1]

• Update BookStack to 21.12.1
• Release announcement
• Security Release

nebulon

[1.17.2]

• Update BookStack to 21.12.2
• Release announcement
• Improved handling of uploaded images when thumbnails fail to load. (#3142)
• Updated translations with latest Crowdin changes. (#3148)
• Fixed issue where webhooks would error for specific recycle bin operations. (#3154)
• Fixed Spanish invite email subject translation. Thanks to @AitorMatxi. (#3153)
• Fixed issue where custom homepage could cause strange deletion behavior and lead to errors. (#3150)

nebulon

[1.17.3]

• Update BookStack to 21.12.3
• Release announcement
• Updated user creation flow to not persist the user on invitation sending failure. Thanks to @Julesdevops. (#3179, #3174)
• Updated "Recently Updated Pages" view to show update author and date. Thanks to @Julesdevops. (#3177, #3045)
• Updated translations with latest Crowdin changes. (#3158)
• Updated PDF page export image display to help fix image sizing issues again. (#3120)
• Updated "Recently Updated Pages" view to show parent context chain. (#3183)
• Fixed potential errors in revision diff view when multi-byte characters are used. (#3170)
• Fixed duplicate display in image gallery when uploading multiple images at once. (#3160)
• Fixed inaccurate markdown editor cursor position upon sidebar usage. (#3186)

nebulon

[1.17.4]

• Update BookStack to 21.12.4
• Release announcement
• Added --external-auth-id option to the bookstack:create-admin command for use with LDAP/SAML2/OIDC instances. (#3222)
• Added the ability select preferred language when creating a new user. (#2408, #2576)
• Added configuration option for PDF export page size. (#995)
• Updated 503 error view to simplify and prevent thrown errors. Thanks to @Julesdevops. (#3210, #3205)
• Updated translations with latest Crowdin changes. (#3214)
• Fixed mis-represented default registration role and allowed disabling of this option. (#3220, #2338)
• Fixed OIDC autodiscovery when keys are provided in a certain format, as provided by Azure. (#3206)

nebulon

[1.17.5]

• Update BookStack to 21.12.5
• Release announcement
• Added text for "file" validation messages to provide better responses in Attachment API validation failures. (#3248)
• Fixed WYSIWYG editor code block creation across mulitple lines and block elements. Thanks to @Julesdevops. (#3246, #3200)
• Fixed markdown image data URI extraction failing on large images due to regex match limits. (#3249)
• Updated translations with latest Crowdin changes. (#3225)

nebulon

[1.18.0]

• Update BookStack to 22.02
• Release announcement
• Added collapsible content blocks support to the WYSIWYG editor. (#78, #3260)
• Added translation support to the WYSIWYG editor. (#1838)
• Added user management API endpoints. (#3238, #1363, #2701)
• Changed minimum PHP version from 7.3 to 7.4. (#3245, #3152)
• Updated translations with latest Crowdin changes. (#3258, #3251, #3259)
• Updated Korean translations. Thanks to @ististyle. (#3256)
• Updated TinyMCE WYSIWYG editor to the latest version. (#3247)
• Improved PDF export rendering of images within tables. (#3190)
• Fixed potential web console error message when loading the editor. (#2461)
• Fixed issue where OIDC token failures would not be shown to the user. (#3264)
• Fixed issue where the editor could jump-scroll to the top after format change on FireFox (#2692)

nebulon

[1.18.1]

• Update BookStack to 22.02.1
• Release announcement
• Updated editor references to avoid caching issue that would prevent WYSIWYG editor from opening. (#3293)
• Updated code blocks within the editor to be more reliable, especially on first insertion. (#3292)
• Updated translations with latest changes from Crowdin. (#3291)

nebulon

[1.18.2]

• Update BookStack to 22.02.2
• Release announcement
• Added cache breaker to WYSIWYG onward loading to prevent plugin errors appearing if cached. (#3303)
• Updated translations with latest Crowdin changes. (#3301)
• Updated sidebar fade to be more subtle when in dark mode. (#3203)
• Fixed WYISWYG editor issue where blank lines would collapse. (#3302)

nebulon

[1.18.3]

• Update BookStack to 22.02.3
• Release announcement
• Added iframe allow-list control to prevent a range of malicious uses of untrusted iframe sources. (#3314)
• Updated translations with latest Crowdin changes. (#3312)

nebulon

[1.19.0]

• Update BookStack to 22.03.1
• Release announcement
• Added support for checkbox tasklists in the WYSIWYG editor. (#3333, #4)
• Added WYSIWYG control to remove & edit links. (#3276, #3298)
• Added WYSIWYG Ctrl+Shift+K shortcut to show entity selector popup shortcut in WYSIWYG editor. (#3244, #3298)
• Added LDAP user group debugging option. (#3345)
• Added support for the Basque language. (#3296)
• Updated settings view with a re-organized layout for a less confusing user experience. (#3349, #3221)
• Updated code block rendering in WYSIWYG to help prevent scroll jumping upon undo/redo. (#3326)
• Updated translations with latest Crowdin updates. (#3320)
• Updated webhook data to include details of page/chapter/shelf/book creator/updater/owner. (#3279)
• Updated webhook data to include revision details on page_update and page_create events. (#3218)
• Fixed lack of translation support for some editor buttons. (#3342)
• Fixed incorrect page concatenation in book markdown export. (#3341)
• Fixed usage of <br> tags within code blocks instead of newlines when using the WYSIWYG editor. (#3327)
• Fixed image thumbnail generation not taking EXIF rotation data into account. (#1854)
• Fixed issue where /settings redirect would lead to wrong location in some scenarios. (#3356)
• Fixed non-active prevention of custom HTML head content on settings views. (#3355)
• Updated translations with latest Crowdin changes. (#3354)
• Updated project PHP dependencies.