BookStack v23.08.2

Links

• Update instructions

Full List of Changes

This release contains the following fixes and changes:

• Fixed WYSIWYG filtering issue, introduced in v23.08.1, which breaks page editing and drawing use when certain elements exist in page content. (#4510, #4509)
• Updated translations with latest Crowdin changes. (#4506)

BookStack v23.08.1

Links

• Update instructions

Full List of Changes

This release contains the following fixes and changes:

• Updated preferences view styles to better respond to content and screen sizes to prevent wrapping buttons. (#4502)
• Updated WYSIWYG editor filtering to help prevent page pointer being pasted into pages. (#4474)
• Updated translations with latest Crowdin changes. (#4481)
• Fixed a range of typos in our dev docs. Thanks to @omahs. (#4484)
• Fixed deleted watched books/chapters/pages breaking notification preferences view from loading. (#4499)
• Fixed notifications not being sent in receiver language preference. (#4497, #4480)

BookStack v23.08

Links

• Release video overview
• Update instructions
• Update details on blog

Upgrade Notices

• Security - Webhooks - In scenarios where admin users are not trusted, webhooks could potentially be used maliciously. This update adds a control for such functionality. Please read our documentation for the new ALLOWED_SSR_HOSTS option if this may be a concern for your instance.

Full List of Changes

• Added content notification system. (#4390, #4371, #241)
• Added browser-based drawing backup storage mechanism. (#4457, #4421)
• Added order/priority control within books via the API. Thanks to @rouet. (#4313, #4298)
• Added host allow list option for server side requests like webhooks. (#4410)
• Added additional comment-specific activities. (#4389)
• Updated translations with latest Crowdin changes. (#4380, #4462)
• Fixed API docs caching failure when using DB cache driver. (#4453)
• Fixed overly wide page view when using an RTL language. (#4429)
• Fixed status cache check to work better for simultaneous requests. (#4396)
• Fixed markdown editor scrolling on mobile screen sizes. (#4466)

BookStack v23.06.2

Links

• Update instructions

Upgrade Notices

• Shelf Create Permissions - If you upgraded specifically to v23.06 or v23.06.1, then create permissions for bookshelves would have been removed upon upgrade. If you made use of these via the "Copy Permissions to Books" action, or CLI command, then you will need to re-apply these permissions where required. If you jumped right over v23.06 and v23.06.1, then no permissions were removed.

Full List of Changes

This release contains the following fixes and changes:

• Re-added shelf create permissions, now include a note to indicate permission usage. (#4375)
• Fixed issue causing some delete-based action webhooks to create not-found errors. (#4373)
• Updated translations with latest Crowdin changes. (#4367)

BookStack v23.06.1

Links

• Update instructions

Upgrade Notices

• Email Configuration (TLS) - Due to issues experienced in v23.06, MAIL_ENCRYPTION=ssl or MAIL_ENCRYPTION=tls will now simply ensure that TLS or STARTTLS are used, rather than forcing full TLS to be used. Our email documentation has been updated to reflect this.

Full List of Changes

This release contains the following fixes and changes:

• Updated MAIL_ENCRYPTION usage due to incorrectly forcing initial TLS usage. (#4358)
• Updated translations with latest Crowdin changes. (#4352)
• Fixed image updated timestamp not updating when gallery images are replaced. (#4354)
• Fixed sort options breaking roles page load. (#4350)
• Fixed IPv6 addresses in audit log spilling into date column. (#4349)
• Fixed many inaccuracies in API example responses. Thanks to @devdot. (#4344)

BookStack v23.06

Links

• Release video overview
• Update instructions
• Update details on blog

Upgrade Notices

• Email Configuration - If you've configured mail with MAIL_ENCRYPTION=ssl it's advised to test sending (via the button in "Settings > Maintenance") after updating to v23.06 since support for SSL has been dropped for email sending, but we instead now force TLS to be required when this option is set.
• Font Customization - The technique for customizing fonts has changed to be simpler, less fragile and more flexible. If customizing fonts it's advised to update to the new method as shown in our updated documentation on changing fonts.
• Guest User Account - Previously custom roles could be given to the "Guest" user account but permissions for those roles would not fully apply. That's been changed in v23.06 so additional role permissions fully apply but, as a precaution to prevent unexpected additional grant of permissions upon upgrade, any additional roles assigned to the "Guest" user will be removed upon update migration. If needed, simply re-assign any desired custom guest user roles after updating.

Full List of Changes

• Added visual comment threading. (#4286, #3400)
• Added read-only comments listing into page editor. (#4322)
• Added methods for screen-reader/keyboard-only users to use the page section popup. (#3975)
• Added option to delete the current page draft. (#3927)
• Added text for each activity type so that webhooks always have readable text. (#4216)
• Updated image manager with new design to be responsive and more accessible. (#4265)
• Updated how fonts are defined for easier CSS customization. (#4302, #4307)
• Updated pages API to provide raw html in single page responses. (#4310)
• Updated system status colors with dark variants and to be CSS variables for easier customization. (#4301)
• Updated API docs with multi-paragraph descriptions for endpoints. (#4332)
• Updated ldap_connect usage to avoid deprecated syntax. (#4274)
• Updated MAIL_ENCRYPTION options & guidance for clarity. (#4342)
• Updated command codebase to align logic. (#4262, #4225)
• Updated default page copy/move view to show the parent book of chapter targets. (#4264)
• Updated export styles to remove rules redundant for HTML/PDF exports. (#4303)
• Updated JsonDebugException to use the "Responsable" interface. Thanks to @devdot. (#4318)
• Updated shelf permissions view to not show the non-used "create" permission. (#2690)
• Updated translations with latest Crowdin changes. (#4256)
• Updated WYSIWYG editor library from TinyMCE 6.3.1 to 6.5.1.
• Fixed API chapter update not using "book_id" parameter. (#4272)
• Fixed API returns responses to return 404 instead of 500 on not found. Thanks to @devdot. (#4290, #4291)
• Fixed created/updated times not showing using the Romanian language. (#4297)
• Fixed guest user role handling so they can accept custom permissions from other roles. (#1229)
• Fixed inaction when certain parameters were combined using the content-permissions API. (#4323)
• Fixed incorrect times in Users list API. (#4325)
• Fixed misaligned case-sensitive sorting in shelves. (#4341)
• Fixed misaligned date and time format returned by the image gallery API. (#4294)
• Fixed growing table rows in the WYSIWYG when using Firefox. (#4337)

BookStack v23.05.2

Links

• Update instructions

Full List of Changes

This release contains the following fixes and changes:

• Updated view-only code block line highlighting to only show on focus. (#4254)
• Updated System CLI. (#4252)
  • Fixed issues regarding symlinked folders for backup and restore.
  • Fixed incorrect app directory searching.
• Updated image/attachment file upload buttons to allow selection of mulitple files. (#4241)
• Updated translations with latest Crowdin changes. (#4239)
• Updated attachment drag handling so they can be dragged via their name/link. (#591)

BookStack v23.05.1

Links

• Update instructions

Full List of Changes

This release contains the following fixes and changes:

• Updated system CLI. (#4229)
  • Fixed wrong env details being used on restore.
  • Updated update-url on restore to actually work.
  • Added better support for symlink-ed locations.
  • Added warning against updating in docker-like (non git controlled) environments.
• Updated "update-url" command to allow running non-interactively. (#4223)
• Updated translations with latest Crowdin changes. (#4211)
• Updated WYSWIYG code editor focus handling to more accurately return to editor. (#4109)
• Fixed code block formatting in print/export views. (#4215)
• Fixed extra spacing being added around horizontal rules within collapsible blocks within the WYSIWYG editor. (#3963)
• Fixed "Custom HTML Head Content" style blocks not being used for code blocks within the WYSWIYG editor. (#4228)
• Fixed UI shortcuts being incorrectly active within code blocks. (#4227)

BookStack v23.05

Links

• Release video overview
• Update instructions
• Update details on blog

Upgrade Notices

• Page Include Tags - Nesting is now allowed for include tags, up to 3 levels of depth. You may now see more content loaded for pages which previously had unparsed nested include tags.
• SAML2 - Single LogOut (SLO) requests will now include a "session_index" for the current user. This technically brings BookStack's implementation closer to the spec, and is not expected to cause issues, but if using SLO it may be wise to check your identity provider behavior remains the same as before during logout.
• Custom Code Block Themes - Due to a change of library, the method of defining custom codeblock themes has significantly changed, and "window.CodeTheme" code is no longer used. Refer to our "Changing Code Block Themes" documentation for further information.
• Editor Event - editor-markdown::setup - This event no longer contains "codeMirrorInstance" in the event data. It instead has a "cmEditorView" property. See the event docs for more details.
• Editor Event - editor-markdown-cm::pre-init - This event has been renamed to "editor-markdown-cm6::pre-init" and no longer contains "config" in the event data. It instead has a "editorViewConfig" property. See the event docs for more details.
• Upload Timeouts - The use of "window.uploadTimeout" has been removed as a way to control upload timeouts. This would previously only be used in certain cases. Instead, if required, timeouts can usually be enforced at the web-server level.

Full List of Changes

• Added system CLI for admin operations. (#4206, #3149)
• Added image gallery API Endpoints. (#4103)
• Added content permission API endpoints. (#2702, #4099)
• Added new logical theme event to customize OIDC ID token data. (#4200)
• Added Clojure syntax highlighting for code blocks. (#4112)
• Added option to disable SSL verification with SMTP email sending. Thanks to @vincentbernat. (#4126, #3166)
• Added support for three-levels of nested include tags. Thanks to @jasonF1000. (#4192, #2845)
• Added detailed documentation for public JS events. (#4179)
• Added standard JS codebase formatting via ESLint. (#4181, #4180)
• Updated code blocks & markdown editor to CodeMirror 6. (#3617, #3518)
• Updated file upload handling for images and attachments. (#4193)
• Updated SAML2 SLO requests to include a session index. (#3936)
• Updated translations with latest Crowdin changes. (#4163)
• Fixed audit log type filter leading to wrong location. (#4201)
• Fixed large videos within content escaping content area. Thanks to @chopin2712. (#4204)
• Fixed missing WKHTMLTOPDF in .env.example.complete file. Thanks to @7nohe. (#4145)
• Fixed not being able to search for terms containing backslashes . Thanks to @esakkiraja100116. (#4202, #4175)
• Fixed timestamp in API docs example chapter response. Thanks to @tigsikram. (#4191)

BookStack v23.02.3

Links

• Update instructions

Full List of Changes

This release contains the following fixes and changes:

• Fixed issue where user delete fails when no "migration" user is selected. (#4162)
• Fixed tag selection via mouse on Safari. (#4139)
• Updated translations with latest Crowdin changes. (#4131)