summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Mehren2021-05-06 22:31:39 +0200
committerGitHub2021-05-06 22:31:39 +0200
commit71841d7d35808982b712c928d35a1df75317c8a6 (patch)
treeda7af6d4ff8fb5d39cc075885805fb2fa50a3d2b
parentd9604ce1341b13604f33ede8eb0b6b898f8d85fd (diff)
parenta897ef7dea1fd3d0ef7415bff5b3312e5fb3828a (diff)
Merge pull request #1239 from hedgedoc/release/1.8.1
Diffstat (limited to '')
-rw-r--r--config.json.example11
-rw-r--r--docs/content/dev/openapi.yml2
-rw-r--r--docs/content/setup/docker.md2
-rw-r--r--docs/content/setup/manual-setup.md4
-rw-r--r--package.json6
-rw-r--r--public/docs/release-notes.md19
6 files changed, 31 insertions, 13 deletions
diff --git a/config.json.example b/config.json.example
index 258643a9..42dac856 100644
--- a/config.json.example
+++ b/config.json.example
@@ -8,17 +8,15 @@
},
"development": {
"loglevel": "debug",
- "hsts": {
- "enable": false
- },
"db": {
"dialect": "sqlite",
"storage": "./db.hedgedoc.sqlite"
},
- "linkifyHeaderStyle": "gfm"
+ "domain": "localhost",
+ "urlAddPort": true
},
"production": {
- "domain": "localhost",
+ "domain": "change this",
"loglevel": "info",
"hsts": {
"enable": true,
@@ -126,7 +124,6 @@
{
"connectionString": "change this",
"container": "change this"
- },
- "linkifyHeaderStyle": "gfm"
+ }
}
}
diff --git a/docs/content/dev/openapi.yml b/docs/content/dev/openapi.yml
index 1a734451..45585e8a 100644
--- a/docs/content/dev/openapi.yml
+++ b/docs/content/dev/openapi.yml
@@ -3,7 +3,7 @@ openapi: 3.0.1
info:
title: HedgeDoc
description: HedgeDoc is an open source collaborative note editor. Several tasks of HedgeDoc can be automated through this API.
- version: 1.8.0
+ version: 1.8.1
contact:
name: HedgeDoc on GitHub
url: https://github.com/hedgedoc/hedgedoc
diff --git a/docs/content/setup/docker.md b/docs/content/setup/docker.md
index bc8b3ac9..41daac84 100644
--- a/docs/content/setup/docker.md
+++ b/docs/content/setup/docker.md
@@ -28,7 +28,7 @@ services:
restart: always
app:
# Make sure to use the latest release from https://hedgedoc.org/latest-release
- image: quay.io/hedgedoc/hedgedoc:1.8.0
+ image: quay.io/hedgedoc/hedgedoc:1.8.1
environment:
- CMD_DB_URL=postgres://hedgedoc:password@database:5432/hedgedoc
- CMD_DOMAIN=localhost
diff --git a/docs/content/setup/manual-setup.md b/docs/content/setup/manual-setup.md
index 26882ba2..bbd73f79 100644
--- a/docs/content/setup/manual-setup.md
+++ b/docs/content/setup/manual-setup.md
@@ -16,7 +16,7 @@
1. Check if you meet the [requirements at the top of this document](#manual-installation).
2. Download the [latest release](https://hedgedoc.org/latest-release/) and extract it.
- <small>Alternatively, you can use Git to clone the repository and checkout a release, e.g. with `git clone -b 1.8.0 https://github.com/hedgedoc/hedgedoc.git`.</small>
+ <small>Alternatively, you can use Git to clone the repository and checkout a release, e.g. with `git clone -b 1.8.1 https://github.com/hedgedoc/hedgedoc.git`.</small>
3. Enter the directory and execute `bin/setup`, which will install the dependencies and create example configs.
4. Configure HedgeDoc: To get started, you can use this minimal `config.json`:
```json
@@ -58,7 +58,7 @@ If you want to upgrade HedgeDoc from an older version, follow these steps:
and the latest release.
2. Fully stop your old HedgeDoc server.
3. [Download](https://hedgedoc.org/latest-release/) the new release and extract it over the old directory.
- <small>If you use Git, you can check out the new tag with e.g. `git fetch origin && git checkout 1.8.0`</small>
+ <small>If you use Git, you can check out the new tag with e.g. `git fetch origin && git checkout 1.8.1`</small>
5. Run `bin/setup`. This will take care of installing dependencies. It is safe to run on an existing installation.
6. *:octicons-light-bulb-16: If you used the release tarball for 1.7.0 or newer, this step can be skipped.*
Build the frontend bundle by running `yarn run build`.
diff --git a/package.json b/package.json
index 30dd3788..0b9dc600 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "HedgeDoc",
- "version": "1.8.0",
+ "version": "1.8.1",
"description": "The best platform to write and share markdown.",
"main": "app.js",
"license": "AGPL-3.0",
@@ -131,6 +131,10 @@
"name": "Christoph (Sheogorath) Kern",
"email": "codimd@sheogorath.shivering-isles.com",
"url": "https://shivering-isles.com"
+ },
+ {
+ "name":"David Mehren",
+ "email": "hedgedoc@herrmehren.de"
}
],
"repository": {
diff --git a/public/docs/release-notes.md b/public/docs/release-notes.md
index d3173450..307c8e68 100644
--- a/public/docs/release-notes.md
+++ b/public/docs/release-notes.md
@@ -1,4 +1,21 @@
# Release Notes
+## <i class="fa fa-tag"></i> 1.8.1 <i class="fa fa-calendar-o"></i> 2021-05-06
+### Enhancements
+- Speed up `yarn install` in production mode (as performed by `bin/setup`) by marking frontend-only dependencies as dev-dependencies.
+ This also reduces the size of the docker container
+- Speed up the frontend-build by using `esbuild` instead of `terser` to minify JavaScript
+- Improve behavior of the 'Quote', 'List', 'Unordered List' and 'Check List' buttons in the editor to automatically
+ apply to the complete first and last line of the selection
+
+### Bugfixes
+- Correct the 1.8.0 release notes to state that CVE-2021-29475 has been fixed since HedgeDoc 1.5.0.
+- Fix crash on startup when `useSSL` or `csp.upgradeInsecureRequests` is enabled (thanks to [@mdegat01](https://github.com/mdegat01) for reporting)
+- Automatically enable `protocolUseSSL` when `useSSL` is also enabled
+- Fix the 'Quote', 'List', 'Unordered List' and 'Check List' buttons in the editor to not duplicate content
+ when only parts of a line are selected (thanks to [@AnomalRoli](https://github.com/AnomalRoil) for reporting)
+- Fix click handler for numbered task lists (thanks to [@xoriade](https://github.com/xoriade) for reporting)
+
+
## <i class="fa fa-tag"></i> 1.8.0 <i class="fa fa-calendar-o"></i> 2021-05-03
This release fixes multiple security issues. We recommend upgrading as soon as possible.
@@ -11,7 +28,7 @@ This release fixes multiple security issues. We recommend upgrading as soon as p
This issue allowed an attacker to hang HedgeDoc by inserting a malicious string into a note. Thanks to Ralph Krimmel for reporting!
We also published an advisory for [CVE-2021-29475: PDF export allows arbitrary file reads](https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-pxxg-px9v-6qf3),
-which has already been fixed since HedgeDoc 1.6.0.
+which has already been fixed since HedgeDoc 1.5.0.
### Features
- Database migrations are now automatically applied on application startup