Bookstack - Package updates
-
[1.8.4]
- Update Bookstack to 0.30.4
- Various security fixes
- Full changelog
-
[1.8.5]
- Update BookStack to 0.30.5
- Security issues
-
[1.8.6]
- Update BookStack to 0.30.6
- Full changelog
NOTE: this release was revoked because of a security issue in bookstack.
-
[1.8.7]
- Update BookStack to 0.30.7
- Full changelog
-
[1.8.8]
- Add ldap uuid flag file to help migration to new username based ids
-
[1.9.0]
- Change the default ldap id attribute to username
-
[1.10.0]
- Update BookStack to 0.31.0
- Full changelog
- Added recycle bin implementation. (#2283, #2183, #280)
- Added Norwegian translations to BookStack. Thanks to @Swoy. (#2336)
- Added ownership system for pages, chapters, books and shelves. (#2436, #2246)
- Added host iframe control with cookie security management. (#2427, #2207)
- Added API endpoints for pages. (#2382)
- Added many more activity types to the audit-log. (#2360, #1243)
-
[1.10.1]
- Update BookStack to 0.31.1
- Fixed issue where markdown content would not be stored on first page save (HTML content would still be stored). (#2446)
- Fixed issue where the new content owner fields were not be used for the manage-own-permission role permission. (#2445)
- Fixed recycle bin table style issue which could cause the dropdown menu to be cut-off. (#2442)
- Updated Chinese, Spanish and French translations. (#2441)
-
[1.10.2]
- Update BookStack to 0.31.3
- Full changelog
- Fixed issue where markdown strikethroughs were not rendering in the markdown editor. (#2470)
- Updated Turkish translations. (#2469)
- Updated some user, page and shelf views to use more efficient database querying.
-
[1.10.3]
- Update BookStack to 0.31.4
- Full changelog
- Updated framework to prevent potential security vulnerability.
- Updated Chinese Traditional translations. (#2482)
-
[1.10.4]
- Update BookStack to 0.31.5
- Updated laravel/framework to prevent potential security vulnerability.
-
[1.10.5]
- Update BookStack to 0.31.6
- Fixed issue thrown when deleting shelves from the recycle bin. Thanks to @i4j5. (#2543, #2534, #2530)
- Fixed issue where restoring a revision would restore as HTML instead of Markdown. (#2496)
-
[1.11.0]
- Update base image to v3
- Update PHP to 7.4
-
[1.11.1]
- Update BookStack to 0.31.7
- Fixed incorrect URL being used when using an s3-like file storage service. (#2603)
-
[1.11.2]
- Update BookStack to 0.31.8
- Fixed chapter and page book id misalignment that could occur when the page was in the recycle bin. Could cause some issues with permission generation which have also been addressed. (#2603)
-
[1.12.0]
- Update BookStack to 21.04
- Full changelog
- Added back-end theme system. (#2639)
- Added APP_VIEWS_BOOKSHELF .env option to set default view type within a shelf. Thanks to @philjak. (#2591)
- Added owned_by search filter. Thanks to @benediktvolke. (#2561)
- Added sorting for Books within Shelves. Thanks to @guillaumehanotel. (#2515, #1742)
- Added user filter to the Audit Log. (#2472)
- Added the ability to configure custom footer links via the settings screen. Thanks to @james-geiger. (#1973)
- Added create buttons to the books and shelves homepage view options. Thanks to @philjak. (#1756)
-
[1.12.1]
- Update BookStack to 21.04.1
- Updated mobile header elements for much better keyboard/screen-reader accessibility. (#2681)
- Updated translations with latest CrowdIn changes. (#2672)
- Updated WYSIWYG editor code-block handling provide a more stable undo/redo experience. (#2602)
- Updated AWS S3 SDK to fix incompatibility with Minio. (#2689)
- Fixed HTTP JSON detection when an encoding is in the response JSON content type. (#2684)
-
[1.12.2]
- Update BookStack to 21.04.2
- Fixed issue where a page could become inaccessible when the creator no longer existed. (#2687)
- Updated translations with latest Crowdin changes. (#2691)
-
[1.12.3]
- Update BookStack to 21.04.3
- Updated migration string column lengths to better fit within restrictive index limits (#2710)
- Updated select box styles with to work around default iOS styles causing issues in dark mode. (#2709)
- Updated translations with latest Crowdin changes. (#2695)
- Updated styles of layout view buttons in mobile screen sizes to respect dark mode.
- Updated image upload behaviour for s3 style uploads to set public permissions as part of the upload request instead of a separate request.
- Fixed issue where "Recently Viewed" would show non-viewed content for new users. (#2703)
-
[1.12.4]
- Update BookStack to 21.04.4
- Full changelog
- Updated translations with latest Crowdin changes. (#2719)
- Updated Korean translations. Thanks to @Jokuna. (#2716)
- Improved error messaging when attempting to access a non-existent image file. (#2696)
- Updated table style handling across exports types to be consistent. (#2666)
-
[1.12.5]
- Update BookStack to 21.04.5
- Fixed error during PDF export in some cases due to incorrect path. (#2746)
- Fixed error thrown when saving a markdown page with empty content. (#2741)
- Updated S3 ACL setting so ACLs are set via another request, as per pre-v21.04.2, but only when actually use AWS S3. (#2739)
- Updated translations with latest Crowdin changes. (#2737)
- Updated overflowing table content to be consistent. Thanks to @dopyrory3. (#2735, #2732)
-
[1.12.6]
- Update BookStack to 21.04.6
- Added a way to configure options on a social driver, for the initial redirects, through the Theme::addSocialDriver system. (#2759)
- Fixed scenario where recent Image upload visibility changes caused issues on hosting where webserver and PHP process group/user differ. (#2758)
-
[1.13.0]
- Update BookStack to 21.05
- Added shelf/book/chapter/page favourite system. (#2748)
- Added previous/next navigation to chapters and pages. Thanks to @shubhamosmosys. (#2511, #1381)
- Added display of tags within search results. Thanks to @burnoutberni. (#2487, #2462)
- Added the ability to import JPEG user avatar images during LDAP login/registration.
-
[1.13.1]
- Update BookStack to 21.05.1
- Added base64 image extraction within page content. Thanks to @awarre. (#2700, #2631)
- Added Croatian translations. Thanks to @ffranchina. (#2784, #2785)
- Updated item permission roles list to be sorted alphabetically. (#2782)
- Merged in latest Crowdin translations. (#2787, #2777)
- Fixed incorrect styling of favourites sidebar when using a non-default homepage option. (#2783)
-
[1.13.2]
- Update BookStack to 21.05.2
- Added the ability to server attachments without forcing downloads. (#2791)
- Fixed issue where empty HTML comments could cause errors. (#2804)
- Updated translations with latest changes from Crowdin. (#2790)
- Extracted not found text into it's own view for easier overriding (58117bc)
-
[1.13.3]
- Update BookStack to 21.05.3
- Added a "Skip to content" link as first page focus item for accessibility use. (#2810)
- Updated social account detachment to have CSRF protection. (#2808)
- Updated PHP depedancy versions.
- Fixed issue where translations system may attempt to load from the root directory when a theme was not in use. (#2836)
-
[1.13.4]
- Update BookStack to 21.05.4
- Added VB.NET code block highlighting option. (#2869)
- Improved audit log user select list stability. (#2863)
- Fixed issue where user profile pages item "View All" links used ids hence did not link to proper searches. (#2857)
-
[1.14.0]
- Update BookStack to 21.08
- Release announcement
- Markdown Export
- Multi-Factor Authentication
- Non-Download Attachment Links
- Role-Based Export Permissions
- “Skip to content” Link
-
[1.14.1]
- Update BookStack to 21.08.1
- Updated TOTP setup flow to display a URL of the QR code contents during setup for non-QR scanning usage. (#2908)
- Updated translations with latest Crowdin updates. (#2906)
- Fixed broken page ordering on various views. (#2905)
-
[1.14.2]
- Update BookStack to 21.08.2
- This security release is intended to cover a couple of XSS vulnerabilities
- Release announcement
-
[1.14.3]
- Update BookStack to 21.08.3
- Release announcement
- Fixed certain "Custom HTML Head Content" being incorrectly altered or converted. (#2923, #2914)
- Updated translations with latest Crowdin updates. (#2915)
-
[1.14.4]
- Update BooKStack to 21.08.4
- Release announcement
- Added IP address to tracked activities and displayed in audit log. Thanks to @johnroyer. (#2936, #2747)
- Added the option to use database table prefixes. Thanks to @floviolleau. (#2935)
- Allowed the use of content includes when using a custom homepage.
- Updated translations with latest content from Crowdin. (#2926)
-
[1.14.5]
- Update BookStack to 21.08.5
- Release announcement
- This security release covers a vulnerability which would allow malicious users, who have permission to update or create pages, to load content from files stored within the storage/ or public/ directories (Such as application logs) via the page HTML export system.
- Added concurrent page editing warnings upon draft save events.
-
[1.14.6]
- Update BookStack to 21.08.6
- Release announcement
-
[1.15.0]
- Update BookStack to 21.10
- Release announcement
- Added Attachment API endpoints. (#2986, #2942)
- Added Estonian language to BookStack via Crowdin. (#2979)
- Added support for base64 image content within markdown text via page POST/PUT. (#2898)
- Updated translations from Crowdin contributors. (#2983)
- Fixed padding within book-tree sidebar items. Thanks to @ffranchina. (#3000)
-
[1.15.1]
- Update BookStack to 21.10.1
- Release announcement
- Fixed image upload vulnerability. Thanks to @Haxatron (#3010)
- Fixed capitalization for Estonian language option. Thanks to @IndrekHaav. (#3008)
- Updated PHP packages to prevent abandoned warning. (#3007)
- Updated translations with latest changes from Crowdin. (#3006)
-
[1.15.2]
- Update BookStack to 21.10.2
- Release announcement
- Made further fixes to address image upload vulnerability. Thanks again to @haxatron (#3019)
- Updated translations with latest changes from Crowdin. (#3014)
-
[1.15.3]
- Update BookStack to 21.10.3
- Release announcement
- Fixed path image file path traversal vulnerability. Thanks @theWorstComrade for reporting. (#3030)
- Prevented HTML attachments being served inline. Thanks @theWorstComrade for reporting. (#3027)
- Updated translations from latest Crowdin changes. (#3023)
-
[1.16.0]
- Update BookStack to 21.11
- Release announcement
-
[1.16.1]
- Update BookStack to 21.11.1
- Release announcement
- Added custom command support to the logical theme system. (#3072)
- Added support for prefers-contrast media setting to increase contrast in faded areas when active. (#2634)
- Updated TOTP confirmation view to autofocus on code input. Thanks to @raccettura. (#3068)
- Updated translations with latest changes from Crowdin. (#3057)
- Updated any links on homepage lists to be more obvious & accessible. (#3046)
- Fixed faulty page navigation links when headers are nested within other content. Thanks to @Julesdevops. (#3069, #3058)
-
[1.16.2]
- Update BookStack to 21.11.2
- Release announcement
- This is a security release that address a couple of vulnerabilities relating to API access and page draft related content visibility
- Fixed issue with greater-than-expected visibility on page-draft-related items. Thanks @Haxatron for reporting. (#3086)
- Fixed issue where public API access was not limited by system public control in certain conditions. (#3091)
-
[1.16.3]
- Update BookStack to 21.11.3
- Release announcement
- This is a security release that helps prevent potential discovery and harvesting of user details including name and email address.
- Helped prevent discovery and harvesting of user information. Thanks @Haxatron for reporting. (#3108)
- Updated search API results to include the highlighted preview content. (#3096)
- Updated search API results to include item URL. (#3080)
-
[1.17.0]
- Update BookStack to 21.12
- Release announcement
- Added webhooks. (#147, #3099)
- Added ability to copy books, chapters & roles. (#3118, #1123)
- Added audit log IP address search. Thanks to @johnroyer. (#3081)
- Updated translations with latest Crowdin changes. (#3117)
- Fixed issue where non-ascii content could break search result previews. Thanks to @Kristian-Krastev. (#3113)
- Fixed mismatched password validation rules across the application. (#2237)
-
[1.17.1]
- Update BookStack to 21.12.1
- Release announcement
- Security Release
-
[1.17.2]
- Update BookStack to 21.12.2
- Release announcement
- Improved handling of uploaded images when thumbnails fail to load. (#3142)
- Updated translations with latest Crowdin changes. (#3148)
- Fixed issue where webhooks would error for specific recycle bin operations. (#3154)
- Fixed Spanish invite email subject translation. Thanks to @AitorMatxi. (#3153)
- Fixed issue where custom homepage could cause strange deletion behavior and lead to errors. (#3150)
-
[1.17.3]
- Update BookStack to 21.12.3
- Release announcement
- Updated user creation flow to not persist the user on invitation sending failure. Thanks to @Julesdevops. (#3179, #3174)
- Updated "Recently Updated Pages" view to show update author and date. Thanks to @Julesdevops. (#3177, #3045)
- Updated translations with latest Crowdin changes. (#3158)
- Updated PDF page export image display to help fix image sizing issues again. (#3120)
- Updated "Recently Updated Pages" view to show parent context chain. (#3183)
- Fixed potential errors in revision diff view when multi-byte characters are used. (#3170)
- Fixed duplicate display in image gallery when uploading multiple images at once. (#3160)
- Fixed inaccurate markdown editor cursor position upon sidebar usage. (#3186)
-
[1.17.4]
- Update BookStack to 21.12.4
- Release announcement
- Added --external-auth-id option to the bookstack:create-admin command for use with LDAP/SAML2/OIDC instances. (#3222)
- Added the ability select preferred language when creating a new user. (#2408, #2576)
- Added configuration option for PDF export page size. (#995)
- Updated 503 error view to simplify and prevent thrown errors. Thanks to @Julesdevops. (#3210, #3205)
- Updated translations with latest Crowdin changes. (#3214)
- Fixed mis-represented default registration role and allowed disabling of this option. (#3220, #2338)
- Fixed OIDC autodiscovery when keys are provided in a certain format, as provided by Azure. (#3206)
-
[1.17.5]
- Update BookStack to 21.12.5
- Release announcement
- Added text for "file" validation messages to provide better responses in Attachment API validation failures. (#3248)
- Fixed WYSIWYG editor code block creation across mulitple lines and block elements. Thanks to @Julesdevops. (#3246, #3200)
- Fixed markdown image data URI extraction failing on large images due to regex match limits. (#3249)
- Updated translations with latest Crowdin changes. (#3225)
-
[1.18.0]
- Update BookStack to 22.02
- Release announcement
- Added collapsible content blocks support to the WYSIWYG editor. (#78, #3260)
- Added translation support to the WYSIWYG editor. (#1838)
- Added user management API endpoints. (#3238, #1363, #2701)
- Changed minimum PHP version from 7.3 to 7.4. (#3245, #3152)
- Updated translations with latest Crowdin changes. (#3258, #3251, #3259)
- Updated Korean translations. Thanks to @ististyle. (#3256)
- Updated TinyMCE WYSIWYG editor to the latest version. (#3247)
- Improved PDF export rendering of images within tables. (#3190)
- Fixed potential web console error message when loading the editor. (#2461)
- Fixed issue where OIDC token failures would not be shown to the user. (#3264)
- Fixed issue where the editor could jump-scroll to the top after format change on FireFox (#2692)
-
[1.18.1]
- Update BookStack to 22.02.1
- Release announcement
- Updated editor references to avoid caching issue that would prevent WYSIWYG editor from opening. (#3293)
- Updated code blocks within the editor to be more reliable, especially on first insertion. (#3292)
- Updated translations with latest changes from Crowdin. (#3291)
-
[1.18.2]
- Update BookStack to 22.02.2
- Release announcement
- Added cache breaker to WYSIWYG onward loading to prevent plugin errors appearing if cached. (#3303)
- Updated translations with latest Crowdin changes. (#3301)
- Updated sidebar fade to be more subtle when in dark mode. (#3203)
- Fixed WYISWYG editor issue where blank lines would collapse. (#3302)
-
[1.18.3]
- Update BookStack to 22.02.3
- Release announcement
- Added iframe allow-list control to prevent a range of malicious uses of untrusted iframe sources. (#3314)
- Updated translations with latest Crowdin changes. (#3312)
-
[1.19.0]
- Update BookStack to 22.03.1
- Release announcement
- Added support for checkbox tasklists in the WYSIWYG editor. (#3333, #4)
- Added WYSIWYG control to remove & edit links. (#3276, #3298)
- Added WYSIWYG Ctrl+Shift+K shortcut to show entity selector popup shortcut in WYSIWYG editor. (#3244, #3298)
- Added LDAP user group debugging option. (#3345)
- Added support for the Basque language. (#3296)
- Updated settings view with a re-organized layout for a less confusing user experience. (#3349, #3221)
- Updated code block rendering in WYSIWYG to help prevent scroll jumping upon undo/redo. (#3326)
- Updated translations with latest Crowdin updates. (#3320)
- Updated webhook data to include details of page/chapter/shelf/book creator/updater/owner. (#3279)
- Updated webhook data to include revision details on page_update and page_create events. (#3218)
- Fixed lack of translation support for some editor buttons. (#3342)
- Fixed incorrect page concatenation in book markdown export. (#3341)
- Fixed usage of <br> tags within code blocks instead of newlines when using the WYSIWYG editor. (#3327)
- Fixed image thumbnail generation not taking EXIF rotation data into account. (#1854)
- Fixed issue where /settings redirect would lead to wrong location in some scenarios. (#3356)
- Fixed non-active prevention of custom HTML head content on settings views. (#3355)
- Updated translations with latest Crowdin changes. (#3354)
- Updated project PHP dependencies.
-
[1.20.0]
- Update BookStack to 22.04
- Release announcement
- Database Changes - This release makes some significant changes to data within the database which may cause the update to take a little longer than usual to run. Please give the update extra time to complete.
- REST API Page Create/Update Changes - Create & update page requests now have the potential to change the current editor type for that page, depending on the content type sent in the request, if the API user has permission to change the page editor.
- URL Handling - The way we handle URLs has changed this release to hopefully address some issues in specific scenarios. These changes have been tested and should not affect existing working environments but there's an increased risk this release for setups with more complex URL handling. Please raise an issue or jump into our Discord server if you have any issues with URLs after upgrading.
-
[1.20.1]
- Update BookStack to 22.04.1
- Release announcement
- Fixed issue where a duplicate slash could occur in the URL leading to a 404 page. (#3404)
- Updated translations with latest changes from Crowdin. (#3402)
-
[1.20.2]
- Update BookStack to 22.04.2
- Release announcement
- Added Persian to language list. (#3426)
- Updated API docs to detail rate-limit information. (#3423)
- Updated translations with latest Crowdin changes. (#3418)
- Fixed broken attachment downloads in environments where PHP output buffering is disabled. (#3415)
-
[1.20.3]
- Update BookStack to 22.06
- Release announcement
- Added ability to convert chapters to books, and books to shelves. (#3499, #1087)
- Added ability to use commas in the role "External Auth ID". (#3416, #3405)
- Added body-start/end templates as a convenience to theme system users. (#894)
- Added OCaml to the code editor language list and fixed highlighting type. (#3511)
- Added TypeScript to the code editor language list. (#3494)
- Added common audio types to our WebSafeMimeSniffer for non-download attachment usage. (#3485)
- Added LaTex to the code editor language list. (#3458)
- Updated the UI/design with a mass of fixes & improvements. (#3433)
-
[1.20.4]
- Update BookStack to 22.06.1
- Release announcement
- Updated entity-selector-popup to reset state upon successful selection. (#3528)
- Updated translations with latest CrowdIn changes. (#3526)
- Fixed non-translated settings category options. (#3529)
- Fixed issue where tags would not be saved upon book update. (#3527)
- Fixed long code in "Custom Head" setting breaking page layout. (#3523)
-
[1.20.5]
- Update BookStack to 22.06.2
- Full changelog
- Updated translations with latest CrowdIn changes. (#3540, #3531)
- Fixed bug causing LDAP/SAML2 group mapping to fail if the "External Auth Ids" role field contained upper case characters. (#3535)
- Fixed differing behaviour, between select button and double-click, in the link selector popup. (#3534)
-
[1.21.0]
- Update BookStack to 22.07
- Full changelog
- Added 'Sort Book' action to chapters. (#3598, #2335)
- Added ability to favourite code languages in the WYSIWYG code editor. (#3593, #3542)
- Added option to set IP address storage precision. (#3560)
- Added tag-based css classes to the HTML body tag for tag-based content CSS targeting. (#3583)
- Added new Logical Theme System event, emitted upon any system activity event. (#3572)
- Added editor shortcuts for bullet and numbered lists. (#3599, #1269)
- Updated shelf book management interface with better usability and book search bar. (#3591, #3266)
- Updated translations with latest changes from Crowdin. (#3600, #3545)
- Updated WYSIWYG editor to TinyMCE 6. (#3580, #3517)
- Updated DOMPDF, and other PHP dependencies. (#3579)
- Updated permission system to only "cache" view-based permissions for better performance, and made many other performance improvements. (#3569)
- Updated WYSIWYG color options to have no names, for better cross-language usage. (#3530)
- Updated tests to use ssddanbrown/asserthtml library. (#3519)
- Fixed comment count translation in Chinese translations. Thanks to @GongMingCai. (#3556)
- Fixed issue where AVATAR_URL=false would not properly disable Gravatar fetching. (#1835)
- Fixed some German translation typos and grammar. Thanks to @smartshogu. (#3570)
- Fixed issue where WYSIWYG toolbar would remain when after inserting a drawing. (#3597)
