BookStack v21.08

Links

• Update instructions
• Update details on blog

Upgrade Notices

• Config & Administration - The introduction of multi-factor authentication brings the first use of encryption in the platform.
  This uses the APP_KEY value in your .env file. Ensure you have this stored safely since it would be required if you ever
  restore/migrate your instance to another system.
• Security/Exports - During this release cycle it was highlighted that server-side request forgery could be achieved via the
  PDF export system. External fetching in the default PDF renderer has been disabled by default. The WKHTMLtoPDF renderer will now
  not be used if active. Either of these changes can be overridden by setting ALLOW_UNTRUSTED_SERVER_FETCHING=true in your .env file.
  This should only be used were only trusted users can create and export content. To support this we've added permissions that allow disabling of exports per role.
• Security/Authentication - A slight change was made in relation to how email addresses are confirmed. Email confirmations are now primarily checked at point-of-login rather
  than being checked on every request. Enabling email confirmation, or email domain restrictions, may no longer take action on unconfirmed users right away in the future.

Full List of Changes

• Added multi-factor authentication system. (#2827, #1118)
• Added the ability to export content as Markdown. Thanks to @nikhiljha. (#2115, #1717)
• Added role permissions for exporting content. (#2899, #1251)
• Added an advisory notice on the shelf permissions page regarding the lack of cascade. (#2876)
• Added Lithuanian language translations. Thanks to @ffranchina. (#2868)
• Added item parent link in recycle bin restore to make parent item restore easier. Thanks to @arjvand. (#2682, #2594)
• Added some core opengraph tags to content. Thanks to @james-geiger. (#2393, #2348)
• Updated blade views to be more consistent and follow a documented convention. (#2805)
• Fixed markdown blockquotes not rendering correctly in preview. (#2858, #2837)
• Fixed issue on API where page updates can remove HTML. (#2856)
• Fixed inconsistency in list display and nesting. (#2854)
• Standardised styling of the codebase. (#2820)

BookStack v21.05.4

Links

• Update instructions

Full List of Changes

This release contains the following fixes and changes:

• Added VB.NET code block highlighting option. (#2869)
• Improved audit log user select list stability. (#2863)
• Fixed issue where user profile pages item "View All" links used ids hence did not link to proper searches. (#2857)

BookStack v21.05.3

Links

• Update instructions

Full List of Changes

This release contains the following fixes and changes:

• Added a "Skip to content" link as first page focus item for accessibility use. (#2810)
• Updated social account detachment to have CSRF protection. (#2808)
• Updated PHP dependency versions.
• Fixed issue where translations system may attempt to load from the root directory when a theme was not in use. (#2836)

BookStack v21.05.2

Links

• Update instructions

Full List of Changes

This release contains the following fixes and changes:

• Added the ability to server attachments without forcing downloads. (#2791)
• Fixed issue where empty HTML comments could cause errors. (#2804)
• Updated translations with latest changes from Crowdin. (#2790)
• Extracted not found text into it's own view for easier overriding (58117bc)

BookStack v21.05.1

Links

• Update instructions

Full List of Changes

This release contains the following fixes and changes:

• Added base64 image extraction within page content. Thanks to @awarre. (#2700, #2631)
• Added Croatian translations. Thanks to @ffranchina. (#2784, #2785)
• Updated item permission roles list to be sorted alphabetically. (#2782)
• Merged in latest Crowdin translations. (#2787, #2777)
• Fixed incorrect styling of favourites sidebar when using a non-default homepage option. (#2783)

BookStack v21.05

Links

• Update instructions
• Update details on blog

Full List of Changes

• Added shelf/book/chapter/page favourite system. (#2748)
• Added previous/next navigation to chapters and pages. Thanks to @shubhamosmosys. (#2511, #1381)
• Added display of tags within search results. Thanks to @burnoutberni. (#2487, #2462)
• Added the ability to import JPEG user avatar images during LDAP login/registration. Thanks to @jasonhoule. (#2320, #1161)
• Updated export meta date format to align with the format used in revisions. (#2771)
• Updated drawing manager system to verify host on post messages for additional security. (#2769)
• Updated potential external links with rel="noopener" for better security . Thanks to @CorruptComputer. (#2768)
• Updated drawing upload error handling to better advise when images are too large for the server. (#2740)
• Updated page deletions to also delete related revisions. (#2668)
• Updated shelf, book & chapter creation/edit views to autofocus on the name input. (#1956)
• Updated translations with latest Crowdin changes. (#2764)
• Fixed issue where user search field could stack too early in certain languages. (#2147)

BookStack v21.04.6

Links

• Update instructions

This release contains the following fixes and changes:

• Added a way to configure options on a social driver, for the initial redirects, through the Theme::addSocialDriver system. (#2759)
• Fixed scenario where recent Image upload visibility changes caused issues on hosting where webserver and PHP process group/user differ. (#2758)

BookStack v21.04.5

Links

• Update instructions

This release contains the following fixes and changes:

• Fixed error during PDF export in some cases due to incorrect path. (#2746)
• Fixed error thrown when saving a markdown page with empty content. (#2741)
• Updated S3 ACL setting so ACLs are set via another request, as per pre-v21.04.2, but only when actually use AWS S3. (#2739)
• Updated translations with latest Crowdin changes. (#2737)
• Updated overflowing table content to be consistent. Thanks to @dopyrory3. (#2735, #2732)

BookStack v21.04.4

Links

• Update instructions

This release contains the following fixes and changes:

• Added a new SAML2_IDP_AUTHNCONTEXT option for SAML2 authentication since the default did not work well for some Windows environments. Thanks to @ivir. (#1998)
• Updated translations with latest Crowdin changes. (#2719)
• Updated Korean translations. Thanks to @Jokuna. (#2716)
• Improved error messaging when attempting to access a non-existent image file. (#2696)
• Updated table style handling across exports types to be consistent. (#2666)
• Updated export system to remove JavaScript used in Custom HTML Head Content to prevent errors or strange behaviour. (#2490)
• Fixed page export error thrown when the created by, or last updated by user, had been deleted. (#2733)
• Fixed white borders on layout buttons when in dark mode when using Safari. (#2728)

BookStack v21.04.3

Links

• Update instructions

This release contains the following fixes and changes:

• Updated migration string column lengths to better fit within restrictive index limits (#2710)
• Updated select box styles with to work around default iOS styles causing issues in dark mode. (#2709)
• Updated translations with latest Crowdin changes. (#2695)
• Updated styles of layout view buttons in mobile screen sizes to respect dark mode.
• Updated image upload behaviour for s3 style uploads to set public permissions as part of the upload request instead of a separate request.
• Fixed issue where "Recently Viewed" would show non-viewed content for new users. (#2703)