Bookstack - Package updates
-
[1.12.2]
- Update BookStack to 21.04.2
- Fixed issue where a page could become inaccessible when the creator no longer existed. (#2687)
- Updated translations with latest Crowdin changes. (#2691)
-
[1.12.3]
- Update BookStack to 21.04.3
- Updated migration string column lengths to better fit within restrictive index limits (#2710)
- Updated select box styles with to work around default iOS styles causing issues in dark mode. (#2709)
- Updated translations with latest Crowdin changes. (#2695)
- Updated styles of layout view buttons in mobile screen sizes to respect dark mode.
- Updated image upload behaviour for s3 style uploads to set public permissions as part of the upload request instead of a separate request.
- Fixed issue where "Recently Viewed" would show non-viewed content for new users. (#2703)
-
[1.12.4]
- Update BookStack to 21.04.4
- Full changelog
- Updated translations with latest Crowdin changes. (#2719)
- Updated Korean translations. Thanks to @Jokuna. (#2716)
- Improved error messaging when attempting to access a non-existent image file. (#2696)
- Updated table style handling across exports types to be consistent. (#2666)
-
[1.12.5]
- Update BookStack to 21.04.5
- Fixed error during PDF export in some cases due to incorrect path. (#2746)
- Fixed error thrown when saving a markdown page with empty content. (#2741)
- Updated S3 ACL setting so ACLs are set via another request, as per pre-v21.04.2, but only when actually use AWS S3. (#2739)
- Updated translations with latest Crowdin changes. (#2737)
- Updated overflowing table content to be consistent. Thanks to @dopyrory3. (#2735, #2732)
-
[1.12.6]
- Update BookStack to 21.04.6
- Added a way to configure options on a social driver, for the initial redirects, through the Theme::addSocialDriver system. (#2759)
- Fixed scenario where recent Image upload visibility changes caused issues on hosting where webserver and PHP process group/user differ. (#2758)
-
[1.13.0]
- Update BookStack to 21.05
- Added shelf/book/chapter/page favourite system. (#2748)
- Added previous/next navigation to chapters and pages. Thanks to @shubhamosmosys. (#2511, #1381)
- Added display of tags within search results. Thanks to @burnoutberni. (#2487, #2462)
- Added the ability to import JPEG user avatar images during LDAP login/registration.
-
[1.13.1]
- Update BookStack to 21.05.1
- Added base64 image extraction within page content. Thanks to @awarre. (#2700, #2631)
- Added Croatian translations. Thanks to @ffranchina. (#2784, #2785)
- Updated item permission roles list to be sorted alphabetically. (#2782)
- Merged in latest Crowdin translations. (#2787, #2777)
- Fixed incorrect styling of favourites sidebar when using a non-default homepage option. (#2783)
-
[1.13.2]
- Update BookStack to 21.05.2
- Added the ability to server attachments without forcing downloads. (#2791)
- Fixed issue where empty HTML comments could cause errors. (#2804)
- Updated translations with latest changes from Crowdin. (#2790)
- Extracted not found text into it's own view for easier overriding (58117bc)
-
[1.13.3]
- Update BookStack to 21.05.3
- Added a "Skip to content" link as first page focus item for accessibility use. (#2810)
- Updated social account detachment to have CSRF protection. (#2808)
- Updated PHP depedancy versions.
- Fixed issue where translations system may attempt to load from the root directory when a theme was not in use. (#2836)
-
[1.13.4]
- Update BookStack to 21.05.4
- Added VB.NET code block highlighting option. (#2869)
- Improved audit log user select list stability. (#2863)
- Fixed issue where user profile pages item "View All" links used ids hence did not link to proper searches. (#2857)
-
[1.14.0]
- Update BookStack to 21.08
- Release announcement
- Markdown Export
- Multi-Factor Authentication
- Non-Download Attachment Links
- Role-Based Export Permissions
- “Skip to content” Link
-
[1.14.1]
- Update BookStack to 21.08.1
- Updated TOTP setup flow to display a URL of the QR code contents during setup for non-QR scanning usage. (#2908)
- Updated translations with latest Crowdin updates. (#2906)
- Fixed broken page ordering on various views. (#2905)
-
[1.14.2]
- Update BookStack to 21.08.2
- This security release is intended to cover a couple of XSS vulnerabilities
- Release announcement
-
[1.14.3]
- Update BookStack to 21.08.3
- Release announcement
- Fixed certain "Custom HTML Head Content" being incorrectly altered or converted. (#2923, #2914)
- Updated translations with latest Crowdin updates. (#2915)
-
[1.14.4]
- Update BooKStack to 21.08.4
- Release announcement
- Added IP address to tracked activities and displayed in audit log. Thanks to @johnroyer. (#2936, #2747)
- Added the option to use database table prefixes. Thanks to @floviolleau. (#2935)
- Allowed the use of content includes when using a custom homepage.
- Updated translations with latest content from Crowdin. (#2926)
-
[1.14.5]
- Update BookStack to 21.08.5
- Release announcement
- This security release covers a vulnerability which would allow malicious users, who have permission to update or create pages, to load content from files stored within the storage/ or public/ directories (Such as application logs) via the page HTML export system.
- Added concurrent page editing warnings upon draft save events.
-
[1.14.6]
- Update BookStack to 21.08.6
- Release announcement
-
[1.15.0]
- Update BookStack to 21.10
- Release announcement
- Added Attachment API endpoints. (#2986, #2942)
- Added Estonian language to BookStack via Crowdin. (#2979)
- Added support for base64 image content within markdown text via page POST/PUT. (#2898)
- Updated translations from Crowdin contributors. (#2983)
- Fixed padding within book-tree sidebar items. Thanks to @ffranchina. (#3000)
-
[1.15.1]
- Update BookStack to 21.10.1
- Release announcement
- Fixed image upload vulnerability. Thanks to @Haxatron (#3010)
- Fixed capitalization for Estonian language option. Thanks to @IndrekHaav. (#3008)
- Updated PHP packages to prevent abandoned warning. (#3007)
- Updated translations with latest changes from Crowdin. (#3006)
-
[1.15.2]
- Update BookStack to 21.10.2
- Release announcement
- Made further fixes to address image upload vulnerability. Thanks again to @haxatron (#3019)
- Updated translations with latest changes from Crowdin. (#3014)
-
[1.15.3]
- Update BookStack to 21.10.3
- Release announcement
- Fixed path image file path traversal vulnerability. Thanks @theWorstComrade for reporting. (#3030)
- Prevented HTML attachments being served inline. Thanks @theWorstComrade for reporting. (#3027)
- Updated translations from latest Crowdin changes. (#3023)
-
[1.16.0]
- Update BookStack to 21.11
- Release announcement
-
[1.16.1]
- Update BookStack to 21.11.1
- Release announcement
- Added custom command support to the logical theme system. (#3072)
- Added support for prefers-contrast media setting to increase contrast in faded areas when active. (#2634)
- Updated TOTP confirmation view to autofocus on code input. Thanks to @raccettura. (#3068)
- Updated translations with latest changes from Crowdin. (#3057)
- Updated any links on homepage lists to be more obvious & accessible. (#3046)
- Fixed faulty page navigation links when headers are nested within other content. Thanks to @Julesdevops. (#3069, #3058)
-
[1.16.2]
- Update BookStack to 21.11.2
- Release announcement
- This is a security release that address a couple of vulnerabilities relating to API access and page draft related content visibility
- Fixed issue with greater-than-expected visibility on page-draft-related items. Thanks @Haxatron for reporting. (#3086)
- Fixed issue where public API access was not limited by system public control in certain conditions. (#3091)
-
[1.16.3]
- Update BookStack to 21.11.3
- Release announcement
- This is a security release that helps prevent potential discovery and harvesting of user details including name and email address.
- Helped prevent discovery and harvesting of user information. Thanks @Haxatron for reporting. (#3108)
- Updated search API results to include the highlighted preview content. (#3096)
- Updated search API results to include item URL. (#3080)
-
[1.17.0]
- Update BookStack to 21.12
- Release announcement
- Added webhooks. (#147, #3099)
- Added ability to copy books, chapters & roles. (#3118, #1123)
- Added audit log IP address search. Thanks to @johnroyer. (#3081)
- Updated translations with latest Crowdin changes. (#3117)
- Fixed issue where non-ascii content could break search result previews. Thanks to @Kristian-Krastev. (#3113)
- Fixed mismatched password validation rules across the application. (#2237)
-
[1.17.1]
- Update BookStack to 21.12.1
- Release announcement
- Security Release
-
[1.17.2]
- Update BookStack to 21.12.2
- Release announcement
- Improved handling of uploaded images when thumbnails fail to load. (#3142)
- Updated translations with latest Crowdin changes. (#3148)
- Fixed issue where webhooks would error for specific recycle bin operations. (#3154)
- Fixed Spanish invite email subject translation. Thanks to @AitorMatxi. (#3153)
- Fixed issue where custom homepage could cause strange deletion behavior and lead to errors. (#3150)
-
[1.17.3]
- Update BookStack to 21.12.3
- Release announcement
- Updated user creation flow to not persist the user on invitation sending failure. Thanks to @Julesdevops. (#3179, #3174)
- Updated "Recently Updated Pages" view to show update author and date. Thanks to @Julesdevops. (#3177, #3045)
- Updated translations with latest Crowdin changes. (#3158)
- Updated PDF page export image display to help fix image sizing issues again. (#3120)
- Updated "Recently Updated Pages" view to show parent context chain. (#3183)
- Fixed potential errors in revision diff view when multi-byte characters are used. (#3170)
- Fixed duplicate display in image gallery when uploading multiple images at once. (#3160)
- Fixed inaccurate markdown editor cursor position upon sidebar usage. (#3186)
-
[1.17.4]
- Update BookStack to 21.12.4
- Release announcement
- Added --external-auth-id option to the bookstack:create-admin command for use with LDAP/SAML2/OIDC instances. (#3222)
- Added the ability select preferred language when creating a new user. (#2408, #2576)
- Added configuration option for PDF export page size. (#995)
- Updated 503 error view to simplify and prevent thrown errors. Thanks to @Julesdevops. (#3210, #3205)
- Updated translations with latest Crowdin changes. (#3214)
- Fixed mis-represented default registration role and allowed disabling of this option. (#3220, #2338)
- Fixed OIDC autodiscovery when keys are provided in a certain format, as provided by Azure. (#3206)
-
[1.17.5]
- Update BookStack to 21.12.5
- Release announcement
- Added text for "file" validation messages to provide better responses in Attachment API validation failures. (#3248)
- Fixed WYSIWYG editor code block creation across mulitple lines and block elements. Thanks to @Julesdevops. (#3246, #3200)
- Fixed markdown image data URI extraction failing on large images due to regex match limits. (#3249)
- Updated translations with latest Crowdin changes. (#3225)
-
[1.18.0]
- Update BookStack to 22.02
- Release announcement
- Added collapsible content blocks support to the WYSIWYG editor. (#78, #3260)
- Added translation support to the WYSIWYG editor. (#1838)
- Added user management API endpoints. (#3238, #1363, #2701)
- Changed minimum PHP version from 7.3 to 7.4. (#3245, #3152)
- Updated translations with latest Crowdin changes. (#3258, #3251, #3259)
- Updated Korean translations. Thanks to @ististyle. (#3256)
- Updated TinyMCE WYSIWYG editor to the latest version. (#3247)
- Improved PDF export rendering of images within tables. (#3190)
- Fixed potential web console error message when loading the editor. (#2461)
- Fixed issue where OIDC token failures would not be shown to the user. (#3264)
- Fixed issue where the editor could jump-scroll to the top after format change on FireFox (#2692)
-
[1.18.1]
- Update BookStack to 22.02.1
- Release announcement
- Updated editor references to avoid caching issue that would prevent WYSIWYG editor from opening. (#3293)
- Updated code blocks within the editor to be more reliable, especially on first insertion. (#3292)
- Updated translations with latest changes from Crowdin. (#3291)
-
[1.18.2]
- Update BookStack to 22.02.2
- Release announcement
- Added cache breaker to WYSIWYG onward loading to prevent plugin errors appearing if cached. (#3303)
- Updated translations with latest Crowdin changes. (#3301)
- Updated sidebar fade to be more subtle when in dark mode. (#3203)
- Fixed WYISWYG editor issue where blank lines would collapse. (#3302)
-
[1.18.3]
- Update BookStack to 22.02.3
- Release announcement
- Added iframe allow-list control to prevent a range of malicious uses of untrusted iframe sources. (#3314)
- Updated translations with latest Crowdin changes. (#3312)
-
[1.19.0]
- Update BookStack to 22.03.1
- Release announcement
- Added support for checkbox tasklists in the WYSIWYG editor. (#3333, #4)
- Added WYSIWYG control to remove & edit links. (#3276, #3298)
- Added WYSIWYG Ctrl+Shift+K shortcut to show entity selector popup shortcut in WYSIWYG editor. (#3244, #3298)
- Added LDAP user group debugging option. (#3345)
- Added support for the Basque language. (#3296)
- Updated settings view with a re-organized layout for a less confusing user experience. (#3349, #3221)
- Updated code block rendering in WYSIWYG to help prevent scroll jumping upon undo/redo. (#3326)
- Updated translations with latest Crowdin updates. (#3320)
- Updated webhook data to include details of page/chapter/shelf/book creator/updater/owner. (#3279)
- Updated webhook data to include revision details on page_update and page_create events. (#3218)
- Fixed lack of translation support for some editor buttons. (#3342)
- Fixed incorrect page concatenation in book markdown export. (#3341)
- Fixed usage of <br> tags within code blocks instead of newlines when using the WYSIWYG editor. (#3327)
- Fixed image thumbnail generation not taking EXIF rotation data into account. (#1854)
- Fixed issue where /settings redirect would lead to wrong location in some scenarios. (#3356)
- Fixed non-active prevention of custom HTML head content on settings views. (#3355)
- Updated translations with latest Crowdin changes. (#3354)
- Updated project PHP dependencies.
-
[1.20.0]
- Update BookStack to 22.04
- Release announcement
- Database Changes - This release makes some significant changes to data within the database which may cause the update to take a little longer than usual to run. Please give the update extra time to complete.
- REST API Page Create/Update Changes - Create & update page requests now have the potential to change the current editor type for that page, depending on the content type sent in the request, if the API user has permission to change the page editor.
- URL Handling - The way we handle URLs has changed this release to hopefully address some issues in specific scenarios. These changes have been tested and should not affect existing working environments but there's an increased risk this release for setups with more complex URL handling. Please raise an issue or jump into our Discord server if you have any issues with URLs after upgrading.
-
[1.20.1]
- Update BookStack to 22.04.1
- Release announcement
- Fixed issue where a duplicate slash could occur in the URL leading to a 404 page. (#3404)
- Updated translations with latest changes from Crowdin. (#3402)
-
[1.20.2]
- Update BookStack to 22.04.2
- Release announcement
- Added Persian to language list. (#3426)
- Updated API docs to detail rate-limit information. (#3423)
- Updated translations with latest Crowdin changes. (#3418)
- Fixed broken attachment downloads in environments where PHP output buffering is disabled. (#3415)
-
[1.20.3]
- Update BookStack to 22.06
- Release announcement
- Added ability to convert chapters to books, and books to shelves. (#3499, #1087)
- Added ability to use commas in the role "External Auth ID". (#3416, #3405)
- Added body-start/end templates as a convenience to theme system users. (#894)
- Added OCaml to the code editor language list and fixed highlighting type. (#3511)
- Added TypeScript to the code editor language list. (#3494)
- Added common audio types to our WebSafeMimeSniffer for non-download attachment usage. (#3485)
- Added LaTex to the code editor language list. (#3458)
- Updated the UI/design with a mass of fixes & improvements. (#3433)
-
[1.20.4]
- Update BookStack to 22.06.1
- Release announcement
- Updated entity-selector-popup to reset state upon successful selection. (#3528)
- Updated translations with latest CrowdIn changes. (#3526)
- Fixed non-translated settings category options. (#3529)
- Fixed issue where tags would not be saved upon book update. (#3527)
- Fixed long code in "Custom Head" setting breaking page layout. (#3523)
-
[1.20.5]
- Update BookStack to 22.06.2
- Full changelog
- Updated translations with latest CrowdIn changes. (#3540, #3531)
- Fixed bug causing LDAP/SAML2 group mapping to fail if the "External Auth Ids" role field contained upper case characters. (#3535)
- Fixed differing behaviour, between select button and double-click, in the link selector popup. (#3534)
-
[1.21.0]
- Update BookStack to 22.07
- Full changelog
- Added 'Sort Book' action to chapters. (#3598, #2335)
- Added ability to favourite code languages in the WYSIWYG code editor. (#3593, #3542)
- Added option to set IP address storage precision. (#3560)
- Added tag-based css classes to the HTML body tag for tag-based content CSS targeting. (#3583)
- Added new Logical Theme System event, emitted upon any system activity event. (#3572)
- Added editor shortcuts for bullet and numbered lists. (#3599, #1269)
- Updated shelf book management interface with better usability and book search bar. (#3591, #3266)
- Updated translations with latest changes from Crowdin. (#3600, #3545)
- Updated WYSIWYG editor to TinyMCE 6. (#3580, #3517)
- Updated DOMPDF, and other PHP dependencies. (#3579)
- Updated permission system to only "cache" view-based permissions for better performance, and made many other performance improvements. (#3569)
- Updated WYSIWYG color options to have no names, for better cross-language usage. (#3530)
- Updated tests to use ssddanbrown/asserthtml library. (#3519)
- Fixed comment count translation in Chinese translations. Thanks to @GongMingCai. (#3556)
- Fixed issue where AVATAR_URL=false would not properly disable Gravatar fetching. (#1835)
- Fixed some German translation typos and grammar. Thanks to @smartshogu. (#3570)
- Fixed issue where WYSIWYG toolbar would remain when after inserting a drawing. (#3597)
-
[1.21.1]
- Update BookStack to 22.07.1
- Full changelog
- Fixed issue where old WYSWYG editor code would be cached, preventing the editor from showing. (#3611)
- Updated translations with latest Crowdin changes. (#3605)
-
[1.21.2]
- Update BookStack to 22.07.2
- Full changelog
- Added body-start/end partials to export template, for easier export customization via the visual theme system. (#3630)
- Added activity recording for revision delete/restore. (#3628)
- Updated translations with latest changes from Crowdin. (#3625)
- Updated user validation with sensible limit to name input. (#3614)
- Fixed issue where activity type could not be selected in the audit log. (#3623)
- Fixed possibility of breaking page load due to bad user language input. (#3615)
-
[1.21.3]
- Update BookStack to 22.07.3
- Full changelog
- This is a security release that adds additional filtering to page content to prevent certain cross-site-scripting techniques
- Added API documentation section to advise of content security. (#3636)
- Updated Persian translations. Thanks to @samadha56. (#3639)
- Updated code block rendering to help prevent blank blocks on fresh cache. (#3637)
- Updated HTML filtering to prevent SVG animate case. (#3636)
-
[1.22.1]
- Update BookStack to 22.09.1
- Full changelog
- Added PHPCS for project PHP formatting. (#3728)
- Updated SAML error handling to display additional error detail. (#3731)
- Updated translations with latest Crowdin updates. (#3710)
-
[1.23.0]
- Update BookStack to 22.10
- Full changelog
- Added Greek language. (#3732)
- Added MATLAB code syntax highlighting. (#3744)
- Added toolbar for code blocks in WYSIWYG editor to make mobile editing possible. (#2815)
- Updated content permissions interface & logic to allow more selective/intuitive control. (#3760)
- Update WYSIWYG table toolbar icons to be a little more legible. (#3397)
- Updated auth controller components to not depend on older Laravel library. (#3745, #3627)
- Updated book copy behaviour to copy book-shelf relations if permissions allow. (#3699)
- Updated books-read API endpoint to list child book/chapter tree. (#3734)
- Updated list style handling to align deeply nested list styling in & out of editor. (#3685)
- Updated shelf book management for easier touch device usage. (#2301)
- Updated tag suggestions to provide more accurate results. (#3720)
- Updated testing to support parallel running. (#3751)
- Updated tests to align/clean-up certain common actions. (#3757)
- Updated translations with latest Crowdin changes. (#3737)
- Fixed custom code block theme not used within the WYSIWYG editor. (#3753)
- Fixed issue where revision delete control would show to those without permission. (#3723)
- Fixed justified text not applying to list content. (#3750)
- Fixed not being able to deselect "Created/Update by me" search options. Thanks to @Wertisdk. (#3770, #3762)
- Fixed page popover being hidden behind content in chromium-based browsers. (#3774)
- Fixed SAML2 metadata display depending on external IDP metadata page. (#2480)
- Fixed squashing of columns in users list. (#3787)
-
[1.23.1]
- Update BookStack to 22.10.1
- Full changelog
- Fixes issue with generation permissions where a chapter is in the recycle bin.
-
[1.23.2]
- Update BookStack to 22.10.2
- Full changelog
- Updated translations with latest changes from Crowdin (#3791)
-
[1.24.0]
- Update BookStack to 22.11
- Full changelog
- Added user interface shortcuts system. (#3830, #1216)
- Added global search live preview. (#3850)
- Added markdown preview pane resize/hide/sync controls. (#2215)
- Added Dart/Flutter support for code blocks & editor. (#3808)
- Added Swift language support for code blocks & editor. (#3847)
- Added login/register message partials for easier use via theme system. (#3848, #608)
- Added Georgian Language support on Crowdin. (#3823)
- Updated all interface tabular list views to new format with added functionality. (#3821)
- Updated markdown codebase to be modular and tidied some styles. (#3875)
- Updated dark mode styles with fixes and browser color scheme support. (#3878)
- Updated email confirmation routes to be confirmed via POST. (#3797)
- Updated JavaScript usage to align on single cleaned-up component system. (#3853)
- Updated our testing process to ensure PHP8.2 Support. (#3852)
- Updated tests to cover issue of permission regeneration with chapter in the recycle bin. (#3796)
- Updated translations with latest Crowdin changes. (#3828)
- Fixed app logo not being stored for public access when using "local_secure_restricted" images. (#3827)
- Fixed missing translations for some editor elements. (#3822)
- Fixed OIDC JWKs parsing when "use" property missing on keys. (#3869)
-
[1.24.1]
- Update BookStack to 22.11.1
- Full changelog
- Added smarty and twig template code language support. Thanks to @jhit. (#3879)
- Updated translations with latest Crowdin changes. (#3881)
- Fixed global search focus issue with arrow keys. (#3920)
- Fixed lack of scroll in editor sidebar views. (#2887)
-
[1.25.0]
- Update base image to 4.0.0
-
[1.26.0]
- Update BookStack to 23.01
- Full changelog
- Permission Changes - There have been changes to the permission system which can affect how permissions apply and therefore could lead to changes in provided abilities upon upgrade. This is only really relevant to complex permission scenarios that have only been possible since BookStack v22.10.
- Added ability to control app icon (favicon) via settings. (#3994, #3929, #301)
- Added ability to set separate colors for dark mode. (#2314, #4002)
- Added ability to set separate colors for primary color and links. (#3910, #4002)
- Added accessible controls to book sorting & improved user experience. (#3999, #3987)
- Added Scheme code highlight support. (#3954)
-
[1.26.1]
- Update BookStack to 23.01.1
- Full changelog
- Updated pdf library to address vulnerability. (#4010)
- Updated translations with latest Crowdin changes. (#4008)
- Fixed missing default 180px icon. (#4006)
-
[1.27.0]
- Update BookStack to 23.02
- Full changelog
- Added user roles API endpoints. (#4051, #4034)
- Added configuration option for the sendmail command. (#4001)
- Added sort actions and accessible controls to the shelf book management interface. (#4049, #4031, #2050)
- Updated framework to Laravel 9. (#4021, #3123)
- Updated project minimum supported PHP version from 7.4 to 8.0.2. (#4029)
- Updated the URL length limit for link attachments to 2k characters. (#4044)
- Updated app icon handling to generate favicon.ico file where possible. (#4032)
- Updated setting loading to be more efficient. (#4062)
- Updated test handling with cleaner centralized filed/image handling. (#3995)
- Updated translations with latest Crowdin changes. (#4025)
- Fixed issue where uploaded images would not show in the gallery for draft pages. (#4028)
- Fixed issue with increasing WYSIWYG editor lag as pages grow. (#3981)
- Fixed potential pluralization issues in some languages. (#4040)
- Fixed slow response time when saving page due to URL parsing and handling. (#3932)
-
[1.27.1]
- Update BookStack to 23.02.1
- Full changelog
- Fixed an issue with language loading in certain scenarios. (#4068)
- Updated translations with latest Crowdin changes. (#4066)
-
Fixed role deletion failing when submitting with empty migration role. (#4128) Fixed ownership migration upon user delete not working. (#4124) Updated translations with latest Crowdin changes. (#4074)
