HedgeDoc 2 Alpha 3

⚠️ Please note

• This release requires at least Node 20.
• This release changed the database schema, so unfortunately you can't migrate directly from Alpha 2 to Alpha 3. We'll provide migrations from the 2.0 release onwards.

These are the most noteworthy changes in comparison to Alpha 2, but we worked on many more things under the hood too.

Features

• Allow to keep media uploads while deleting an owned note
• Support OpenID Connect/OAuth2 with or without auto-discover
• Support private S3/Azure buckets for media storage
• Media browser for uploads attached to a note
• Exports to GitHub Gist and GitLab snippets

Enchancements

• Show guest avatar when note owner is anonymous
• Re-add the editor mode buttons (view/both/edit)
• Use stronger password hashing algorithm (argon2id)
• Better handling of revisions
• Better in-app notifications
• More editor settings (spellcheck, indentation)

Bugfixes

• Use more consistent dark-mode theme
• Title gets correctly deleted, if the relevant information in the note are deleted
• Prevent a problem with emojis and the usage of :
• Fixed problems with the alias selection modal

If you're interested in the actual commits then take a look at
/v2.0.0-alpha.2.../v2.0.0-alpha.3

HedgeDoc 1.10.0

This release fixes a security issue when using MySQL/MariaDB. We recommend upgrading as soon as possible, when you use
this database.

Please note: This release dropped support for Node 16, which is end-of-life since September 2023.
You now need at least Node 18 to run HedgeDoc. We recommend to use the latest LTS release of Node.js.

⚠️ Node 22.7.0 has a regression that breaks UTF-8 encoding. Do not use that version to run HedgeDoc. ⚠️

Security Fixes

• GHSA-pjf2-269h-cx7p: MySQL & free URL mode allows to hide existing notes

Features

• Add disableNoteCreation config option for read-only instances

Enhancements

• Add a pointer to Mermaid 9.1.7 documentation, which is what HedgeDoc 1 supports.
• Compatibility with Node.js 22 is now checked in CI

Bugfixes

• Fix a crash when having numeric-only values in opengraph frontmatter
• Fix unnecessary session creation on healthcheck endpoint
• Fix invalid metadata being sent for minio uploads
• Fix screen readers announcing headings twice
• Fix a crash when receiving unexpected OAuth profile data
• Fix some cases of HedgeDoc not redirecting to the previous page after login
• Fix heading anchor links referencing an invalid URL
• Our meta-marked package is now published to NPM, fixing some installation issues

Contributors

• Axel (translator)
• Eduard (translator)
• Jordi Mallach (translator)
• José M. (translator)
• Meskó Balázs (translator)
• TheInfamousToTo (translator)
• Tobias (translator)
• Úr Balázs (translator)

HedgeDoc 2 Alpha 2

Alpha 2 contains many fixes. The most notable ones are

• Fixed the loading of the markdown renderer in chromium based browsers
• Show an alert when a permission is overridden by another permission
• Guest Users are explicitly marked in the user list
• Code suggestions don't default to abc anymore
• Fixed the "maximum length exceeded" dialog not showing the maximal length
• Revision Viewer does not show a bug on the initial opening anymore
• Fixed text color on "note doesn't exist" screen in light mode
• Prevent automatic reload tries when a user looses permissions to access a note

Updating from Alpha 1 to Alpha 2 should be safe.
To update your setup, change the image tag for the frontend and the backend container in your docker-compose.yml to "2.0.0-alpha.2"

If you're interested in the actual commits then take a look at
/v2.0.0-alpha.1.../v2.0.0-alpha.2

HedgeDoc 2 Alpha 1

The HedgeDoc Team is proud to announce that the first alpha release of HedgeDoc 2 is now available! HedgeDoc 2 is a complete rewrite of the collaborative markdown editor, which aims to make the codebase more maintainable and adds often-requested features.

You can read more about this release in our blog post.

HedgeDoc 1.9.9

HedgeDoc has a new slogan! See our announcement for the details.

This release fixes a security issue. We recommend upgrading as soon as possible.

Security Fixes

• CVE-2023-38487: API allows to hide existing notes

Enhancements

• Docker secrets can now be used to provide OAuth2 client secrets (#4196 by @DennisGaida)
• Document how to set up Azure Active Directory authentication (#4413 by @pramitsingh0)
• Add YAML metadata to documentation page (#4371 by @JunedKhan101)

Bugfixes

• Fix non-existing notes being created in some cases, instead of returning a 404 error

Contributors

• Jordi Mallach (translator)
• sujade (translator)

HedgeDoc 1.9.8

Please note: This release dropped support for Node 14, which is end-of-life since May 2023.
You now need at least Node 16 to run HedgeDoc. We recommend to use the latest LTS release of Node.js.

This release switches to Yarn 3 for dependency management, as Yarn 1 has bugs preventing us from upgrading some dependencies.
If you install HedgeDoc manually, run bin/setup again for instructions. Other installation methods should not require
special actions.

Enhancements

• Extend boolean environment variable parsing with other positive answers and case insensitivity
• Allow setting of documentMaxLength via CMD_DOCUMENT_MAX_LENGTH environment variable (contributed by @jmallach)
• Add dedicated healthcheck endpoint at /_health that is less resource intensive than /status
• Compatibility with Node.js 18 and later
• Add support for the arm64 architecture in the docker image
• Add a config option to disable the /status and /metrics endpoints

Bugfixes

• Fix that permission errors can break existing connections to a note, causing inconsistent note content and changes not being saved (contributed by @julianrother)
• Fix speaker notes not showing up in the presentation view
• Fix issues with upgrading some dependencies by upgrading to Yarn 3
• Fix macOS compatibility of bin/setup script

Contributors

• UwYFmLpoKtYn (translator)
• Pub (translator)
• SnowCode (translator)

HedgeDoc 1.9.7

Bugfixes

• Fix note titles with special characters producing invalid file names in user export zip file
• Fix night-mode toggle not working when page is loaded with night-mode enabled

Contributors

• Francesco (translator)
• Gabriel Santiago Macedo (translator)

HedgeDoc 1.9.6

Bugfixes

• Fix migrations deleting all notes when SQLite is used

HedgeDoc 1.9.5

🚨 This release has a bug that leads to data-loss when using SQLite.
We advise users of SQLite databases to skip this release and use 1.9.6. 🚨

Enhancements

• Add dark mode toggle in mobile view
• Replace embedding shortcode regexes with more specific ones to safeguard against XSS attacks

Bugfixes

• Fix a crash when using LDAP authentication with custom search attributes (thanks to @aboettger-tuhh for reporting)
• Fix a crash caused by a long note history when the MySQL database is used
• Fix breaks option not being respected in the publish-view
• Fix missing syntax highlighting in the markdown editor

Contributors

• Bateausurleau (translator)
• Goncalo (translator)
• Ívarr Vinter (translator)
• Oein0219 (translator)
• Pol Dellaiera

HedgeDoc 1.9.4

Please note: This release dropped support for Node 12, which is end-of-life since April 2022.
You now need at least Node 14.13.1 or Node 16 to run HedgeDoc. We don't support more recent versions of Node.

Enhancements

• Remove unexpected shell call during migrations
• More S3 config options: upload folder & public ACL (thanks to @lautaroalvarez)

Contributors

• Al_x (translator)
• Emmanuel Courreges (translator)
• paranic (translator)
• Quentin PAGÈS (translator)