Skip to content

@ansuz ansuz released this May 6, 2021



This release cycle we aimed to complete three major milestones: the official release of our calendar app, the ability for admins to close registration on their instance, and the deployment of the admin section of our official documentation. We spent the remainder of our time addressing a growing backlog of issues on GitHub by fixing a number of weird bugs.

Update notes

This release includes a new GitHub issue template (cryptpad/.github/ISSUE_TEMPLATE/ The intent of this file is to make it clear that Bug Reports are for intended for bugs in the software itself, not for soliciting help in configuring your personal server. Such issues take away time that we'd rather spend improving the platform for everybody's benefit, rather than for single administrators.

Sometimes difficulty configuring an instance does stem from an actual bug, however, most of the time these issues relate to the use of an unsupported configuration or failure to correctly follow installation instructions. The issue template includes some basic debugging steps which should identify the vast majority of problems. Beyond its primary goal of narrowing the scope of our issue tracker, we hope it will also be useful as an offline reference for administrators attempting to debug their instance.

This template references the /checkup/ page that we've been steadily improving over the last few releases. It now includes even more tests to diagnose instance configuration problems, each with their own messages that provide some fairly detailed hints about what is wrong when an error is detected. This release introduces a number of tests that print warnings that won't break an instance but might detract from users' experience. We recommend checking this page on your instance with each release as we will continue to improve it on an regular basis, and it might detect some errors of which you were unaware.

Otherwise, this release includes some changes to the provided example NGINX config file. It now includes a header designed to disable clients' participation in Google's FLoC network, as well as some basic rules related to the addition of our calendar app and OnlyOffice's two remaining editors (which are still not officially supported despite their inclusion here).

Lastly, any instance administrators that have had to customize their instance in order to disable registration can instead rely on a built-in feature that is available on the main page of the admin panel. Checking the "Close registration" checkbox will cause the application server to reject the creation of new "login blocks" (which store users' encrypted account credentials) while permitting existing users to change their passwords. Clients will be informed that registration is closed via the /api/config endpoint, causing the registration page to display a notice instead of the usual form. You may need to use the FLUSH CACHE button which can found on the same page of the admin panel in order to force clients to load the updated server config.

To update from 4.4.0 to 4.5.0:

  1. Apply the documented NGINX configuration
  2. Stop your server
  3. Get the latest code with git
  4. Install the latest dependencies with bower update and npm i
  5. Restart your server


  • We included a first version of our new calendar app in our last release, however, it was only accessible by URL as there were no links to it in the UI. We've spent time implementing the basic features we expect of any of our apps, including translated UI text (the first version was mostly for us to test) and the ability to import/export .ics files (via ical.js), and the ability to view and store a calendar shared via its URL. It also introduces support for configurable reminders (which can be disabled via the notifications panel of your settings page) and fixes a number of style issues that occurred on small screens. You can access the calendar app via the user admin menu found at the top-right corner of your screen.
  • The What-is-CryptPad page now includes the logo of our latest sponsor: NGI DAPSI (the Data and Portability Services Incubator). DAPSI is another branch of the European Next Generation Internet initiative which has already done so much for our project. Over the next nine months we will use their funding and mentorship to improve CryptPad's interoperability with other services via support for open and de-facto file formats and increasingly intuitive workflows for import and export of your documents. There is already a lot of demand for this functionality, so we're very grateful to finally have the support necessary to take on this big project.
  • We've merged a contribution that implements a preference for the rich text editor to open links in a single click instead of treating them as text with a clickable bubble that contains a link. This can be configured on the rich text panel of your settings page.
  • The File menu in our apps now includes a Store in CryptDrive. This option appears when you have not already stored the document you are currently viewing and when the prompt to store the file has been dismissed or intentionally suppressed via the never ask setting for pad storage.
  • We've added support for the display of a configurable Roadmap URL in the footer that can be found on our static pages. This is included mostly for our own purposes of increasing the visibility of the project's planned development, but administrators can also use it however they want to keep their own users informed of their upcoming plans. This value can be set via the host instance's customize/application_config.js. An example is included in cryptpad/www/common/application_config_internal.js.
  • Following the addition of some basic telemetry in our 4.3.1 release we observed that about 20% of newly registered users actually opened the What is CryptPad document which was automatically created in their drive. As such, we've removed the code responsible for its creation along with the translations of its text. New users will instead be directed to read our docs.

Bug fixes

  • Our 4.4.0 release included functionality allowing administrators to broadcast notifications to all the users of their instance. Since then, we noticed that clients were incorrectly "pinning" the log file which stores a record of all messages broadcast in this fashion. In other words, they were informing the server that it should continue to store this file on their behalf and that its size should count against their storage quota. We added an explicit exception to code responsible for generating the list of documents that should be "pinned".
  • Right-clicking on rendered markdown extensions in the code editor's preview pane opens a custom menu that offers some basic options. This menu incorrectly displayed some options that were appropriate for encrypted uploads, but not for other extensions such markmap, mathjax, and mermaid. We now handle these explicitly and provide options to export to the relevant image format.
  • In one more example of a long list of browser quirks that have broken CryptPad in bizarre ways, we learned that the web engine that used by all browsers available for iPhone incorrectly handles click events on elements that contain buttons. Rather than emitting a single click event in response to user action, the engine seems to emit an event for each sibling button tag regardless of whether it is visible. The HTML structure of the list/grid view mode toggle in the drive caused the engine to emit two click events, immediately toggling the view mode away from and back to its original state. Since Apple has an anti-competitive policy requiring every browser to use the engine they provide (as opposed to independent ones which include speed-boosting optimizations, modern features, and frequent bug fixes), this means that iPhone users could not switch to an alternative. Anyway, we changed the HTML structure that was working well in literally every other browser to make this better for iPhone users.
  • There were some CSS selectors in the code app that caused the preview pane to be hidden on narrow screens. This rule is no longer applied when the client loads in embed/present mode, which disable all other UI to display only the preview pane.
  • We identified and addressed an unhandled error on the registration page which could have caused clients to act as though the upload of their accounts encrypted credentials had succeeded when it had not. This could result in the inability to access their content on successive login attempts.
  • The whiteboard editor allows users to upload images for inclusion in their whiteboard up to a certain size. It was brought to our attention that the enforced size limit was compared against the size of the image after it had been encoded, while the resulting error message suggested that it was measuring the size of the image as uploaded. We've updated this limit to account for the encoding's overhead.
  • We've added some extra error handling to diffDOM, the library we use to compute and apply a minimal set of patches to a document. It was brought to our attention that it did not correctly parse and compare some input that is valid in the HTML dialect used to display emails but does not commonly occur in modern browsers. This crashed the renderer with a DOMException error when it tried to apply the malformed attribute.
  • Lastly, as usual, we've received a variety of questions and bug reports related to spreadsheets. We've added some guards to prevent the creation of invalid checkpoints. If a generated checkpoint is larger than the maximum file size limit allowed for a particular user we avoid successive attempts to upload within that same session, which avoids spamming the user with repeated warnings of failed uploads. We updated the notice that informs users when conversion to Office formats is not supported in their browser to recommend a recent version of Firefox or Chrome, and displayed the same notice when importing. We also updated the function which checks whether the APIs required for conversion were present, as it checked for SharedArrayBuffers and Atomics but not WebAssembly, all of which are necessary. Finally, we made some minor changes that allow the sheet editor to lock and unlock faster when a checkpoint is loaded and applied, resulting in less disruption to the user's work.
Assets 2

@ansuz ansuz released this Apr 20, 2021



Our main goal for this release was to complete the first steps of our "Dialogue" project, which will introduce surveys into CryptPad. We've also put considerable effort towards addressing some configuration issues, correcting some inconsistently translated UI, and writing some new documentation.

Update notes

This release removes the default privacy policy that has been included in CryptPad up until now. It included some assertions that were true of our own instance ( which we couldn't guarantee on third-party instances. We've updated our custom configuration to link to a privacy policy that was written in a rich text pad. You can do the same on your instance by editing cryptpad/customize/application_config.js to include the absolute URL of your instance, like so: AppConfig.privacy = "";.

We've clarified a point about telemetry in the notes of our 4.3.1 release. The text suggested that users on your instance would send telemetry to OUR webserver. It has been clarified to reflect that telemetry from your users is only ever sent to your instance.

We've spent some time working on improving our (officially) unreleased integrations of OnlyOffice's presentation and document editors. We've advised against enabling these editors on your instance. This release includes changes that may not be fully backwards compatible. If your users rely on either editor we advise that you not update until they have had an opportunity to back up their documents. We still aren't officially supporting either editor and we may make further breaking changes in the future. Consider this a warning and not an advertizement of their readiness!

This release also includes changes to the recommended NGINX configuration. Compare your instance's config against cryptpad/docs/example.nginx.conf and apply all the new changes before updating. In particular, you'll want to pay attention to the configuration for a newly exposed server API (/api/broadcast). This should work much the same as /api/config, so if you're using a non-standard configuration that uses more than one server you may want to proxy it in a similar fashion.

Lastly, we've made some big improvements to the /checkup/ page which performs some basic tests to confirm that your instance is configured correctly. It now provides some much more detailed descriptions of what might be wrong and how you can start debugging any issues that were identified. If you experience any problems after updating please review this page to assess your instance for any known issues before asking for help.

To update from 4.3.1 to 4.4.0:

  1. Apply the documented NGINX configuration
  2. Stop your server
  3. Get the latest code with git
  4. Install the latest dependencies with bower update and npm i
  5. Restart your server

This release requires updates to both clientside and serverside dependencies. You will experience problems if you skip any of the above steps.


  • 4.4.0 includes a basic version of a calendar app. There are no links to it anywhere in the platform, its translations are hardcoded, and its title includes the text BETA. It's included in this release so that we can test and improve it for the next release, however, it should not be considered stable. Use it at your own risk! Our plan for this app is to offer the ability to set and review reminders for deadlines in CryptPad. We haven't secured funding for more advanced functionality, however, our team is available for sponsored development if you'd like to provide funding to include such improvements in our short-term roadmap.
  • The admin panel now includes several closely related features in its "broadcast" tab, which allows administrators to send a few types of notifications to all users:
    1. Maintenance notices inform users that the service may be unavailable during a specified time range.
    2. Survey notices inform users that the instance administrators have published a new survey and would like their feedback. We plan to use this on to perform some voluntary user studies on an ongoing basis.
    3. Broadcast messages allow admins to send all users a custom message with optional localization in their users' preferred language.
  • The drive now includes a "Getting started" message and a link to our docs, like all our other apps. This replaces the creation of a personal "What is CryptPad" pad in the user's drive when they register.
  • We recently wrote some scripts to automatically review our translations. This exposed some inconsistencies and incorrectly applied attributes in translations that included HTML. Since it's not reasonable to expect translators to know HTML, we've taken some steps to remove all but the most basic markup from translatable messages. Instead, more advanced attributes are applied via JavaScript. This makes it easier than ever to translate CryptPad as well as providing a more consistent experience to those using translations written by contributors.

Bug fixes

  • Premium users are now prompted to cancel their subscriptions before deleting their accounts.
  • The /logout/ page will now clear users' local document cache. Admins can recommend that users try loading this page when users are mysteriously unable to load their drive (or that of a team). If you find that this solves a user's problem, please report their exact problem so we can investigate the underlying cause.
  • The support page guards against type errors that appear to have been caused by third-party extensions interfering with some browser APIs and rewriting URLs.
  • We found that anonymous users who had not created a drive were not able to use the "Make a copy" functionality on a pad that they were viewing. This has been fixed.
  • We noticed that under some unknown circumstances it was possible for users to store documents with invalid document IDs in their drive. We've added a few guards that detect these invalid channels and we're working on a solution to automatically repair them, if possible.
  • Links to anchors in read-only rich text documents now navigate to the correct section of the document rather than opening a new tab.
  • We've made a large number of improvements to our OnlyOffice integration. This will primarily affect the sheet app, but it also paves the way for us to introduce presentations and text documents in a future release.
    • We now inform OnlyOffice of user-list changes, which should fix the incorrect display of users names when they lock a portion of a document.
    • Text documents and presentations use a different data format than sheets for locking the document. We've adjusted our code to handle these formats.
    • We've fixed some lock-related errors in sheets that could be triggered when receiving checkpoints from other users while editing in strict mode.
    • We've adjusted some CSS selectors intended to hide parts of OnlyOffice's UI that are invalid within CryptPad, since those elements' IDs have changed since the last version.
    • OnlyOffice's cursors now use your CryptPad account's preferred color.
    • We now handle some errors that occurred when documents were migrated by a user editing a sheet in embed mode.
    • OnlyOffice modified some of the APIs used to lock a document, so we've adjusted our code to match.
  • We found and fixed a race condition which could be triggered when loading a shared folder included in more than one of your user or team drives.
Assets 2

@ansuz ansuz released this Mar 31, 2021


This minor release addresses some bugs discovered after deploying and tagging 4.3.0

  • We found that some browser extensions interfered with checks to determine whether a registered user was correctly logged in, which resulted in some disabled functionality. If you are running extensions that actively delete the tokens that keep you logged your session should now stay alive until you close all its active tabs, after which you will have to log back in.
  • Our 4.2.0 update introduced a new internal format for spreadsheets which broke support for spreadsheet templates using the older format. This release implements a compatibility layer.
  • We fixed some minor bugs in our rich text editor. Section links in the table of contents now navigate correctly. Adding a comment to a link no longer prevents clicking on that link.
  • A race condition that caused poll titles to reset occasionally has been fixed.
  • We've added a little bit of telemetry to tell our server when a newly registered user opens the new user guide which is automatically added to their drive. We're considering either rewriting or removing this guide, so it's helpful to be able to determine how often people actually read it.
  • An error introduced in 4.3.0 was preventing the creation of new teams. It's been fixed.
  • 4.3.0 temporarily broke the sheet editor for iPad users. Migrations to a new internal format that were run while the editor was in a bad state produced some invalid data that prevented sheets from loading correctly. This release improves the platforms ability to recover from bad states like this and improves its ability to detect the kind of errors we observed.
Assets 2

@ansuz ansuz released this Mar 25, 2021

4.3.0 (D)


This release is a continuation of our recent efforts to stabilize the platform, fixing small bugs and inconsistencies that we missed when developing larger features. In the meantime we've received reports of the platform performing poorly under various unusual circumstances, so we've developed some targeted fixes to both improve user experience and decrease the load on our server.

Update notes

This release should be fairly simple for admins.

To update from 4.2.1 to 4.3.0:

  1. Stop your server
  2. Get the latest code with git
  3. Install the latest dependencies with bower update and npm i
  4. Restart your server


  • We're introducing a "degraded mode" for most of our editors (all except polls and sheets). This follows reports we received that CryptPad performed poorly in settings where a relatively large number of users with edit rights were connected simultaneously. To alleviate this, some non-essential features will be disabled when a number of concurrent editors is reached, in order to save computing power on client devices. The user-list will stop being updated as users join and leave, users cursors will stop being displayed, and the chat will not be disabled. Sessions will enter this mode when 8 or more editors are present. This threshold can be configured via customize/application_config.js by setting a degradedLimit attribute.
  • CryptPad was recently used to distribute some high-profile documents. For the first time we were able to observe our server supporting more than 1000 concurrent viewers in a single pad and around 350000 unique visitors over the course of a few days. While the distributed document incurred very little load, CryptPad created a drive for each visitor the first time they visited. Most of these drives were presumably abandoned as these users did not return to create or edit their own documents. Such users that directly load an existing document without having previously visited the platform will no longer create a drive automatically, unless they explicitly visit a page which requires it. This behaviour is supported in most of our editors except sheets and polls. This should result in faster load times for new users, but just in case it causes any issues we've made it easy to disable. Instance admins can disable "no-drive mode" via customize/application_config.js by setting allowDrivelessMode to false.
  • We've updated our sheet editor to use OnlyOffice 6.2, which includes support for pivot tables, among a range of other improvements.
  • Our rich text editor now features some keyboard shortcuts to apply some commonly used styles:
    • heading size 1-6: ctrl+alt+1-6
    • "div": ctrl+alt+8
    • "preformatted": ctrl+alt+9
    • paragraph: ctrl+alt+0
    • remove styles from selection: ctrl+space
  • We've removed a large number of strings that were included in the "Getting started" box that was displayed to new users in each of our editors. Instead, this box simply contains a link to the relevant page in our documentation. Our intent is to both simplify the interface for newcomers and reduce the number of strings that require translation.
  • We've continued to progress on our "checkup page" which performs some routine checks to see whether the host instance is correctly configured. While its hints are not especially helpful for admins without reading the code to understand what they are testing, they do detect a fairly wide range of issues and have already helped us to identify some inconsistencies in our recommended configuration. We plan to link directly from this page to the relevant sections of a configuration guide an in upcoming release.
  • The admin support ticket interface has been updated to collapse very long messages in response to some ticket threads submitted in the last few weeks. We also found that sometimes we needed more information after a ticket had been closed, so we added the ability to re-open closed tickets.
  • Some time ago we removed the "Survey link" option from the user admin dropdown menu (found in the top-right corner of the page). This release re-enables it for instances that explicitly provide a link to a survey, however, we no longer provide a link to a survey by default.

Bug fixes

  • We finally reviewed and merged a number of pull-requests that had been pending for some time. Collectively, they fixed some configuration issues and type errors in some of our older scripts.
  • Sheets can now contain multiple images with the same name, whereas before they would conflict and one would be displayed multiple times.
  • A recent change in our code to conditionally display size measurements in different magnitudes (GB, MB) removed support for Kilobytes (KB). This release restores the previous behaviour.
  • We believe we've identified and corrected an issue that caused the rich text editor to scroll to the top of the document when the button to add a comment was clicked.
  • We recently made it such that documents owned by a particular user would not be automatically re-added to that user's drive when they viewed them. This change revealed a number of odd cases where various commands (destroy, add password, get document size, etc.) did not work as expected unless the document was first added to their drive. We reviewed many of these features and corrected the underlying issues that caused these commands to fail.
  • We performed a similar review of various commands related to user accounts and identified a number of issues that caused account deletion to fail.
Assets 2

@yflory yflory released this Mar 10, 2021

This minor release addresses a few bugs discovered after deploying 4.2.0:

  • The 4.2.0 release included major improvements to the sheet application. This introduced breaking changes to the "lock" system in the application. Existing spreadsheets (before 4.2.0) that were closed by a user without "unlocking" all cells first became impossible to open after the 4.2.0 changes. This has been fixed.
  • Team owners can now properly upload a team avatar.
  • We've improved the file upload script to better recognize markdown files.
  • We've fixed a few issues resulting in an error screen:
    • New users were unable to create a drive without registering first.
    • Snapshots in the sheet application couldn't be loaded.
    • Loading an existing drive as an unregistered user could fail.
Assets 2

@ansuz ansuz released this Mar 3, 2021

4.2.0 (C)


We've made a lot of big changes to the platform lately. This release has largely been an attempt to stabilize the codebase by fixing bugs and merging features that we hadn't had a chance to test until now, all while updating our documentation and removing unused or outdated code.

Update notes

This release includes an update to the sheet editor which is not backwards-compatible. Clients running the new version will not be able to correctly communicate with clients running older versions. Clients will automatically detect that a new version is available upon reconnecting to the server after a restart, so as long as you follow the steps recommended below this should be fine.

We've also updated a server-side dependency that is not backwards-compatible. Failure to update both the platform and its dependencies together will result in errors.

The scripts directory now includes a script to identify unused translations. We used this to reduce the size of our localization files (cryptpad/www/common/translations/*.json). We reviewed the changes carefully and did our best to test, but it's always possible that a string was erroneously removed. If you notice any bugs in the UI where text seems to be missing, please let us (the developers) know via a GitHub issue. now stores more than a terabyte of data, making it quite intensive to run the scripts to remove inactive files from the disk. To help alleviate this strain we've moved the code responsible for deleting files that have been archived for longer than the configured retention period into its own script (./scripts/evict-archived.js). For the moment this script is not integrated into the server and will not automatically run in the background as the main eviction script does. It's recommended that you run it manually if you find you are low on disk space.

Since early in the pandemic we've been serving a custom home page on to inform users that we've increased the amount of storage provided for free. This was originally intended as a temporary measure, but since almost a year has passed we figured it was about time we integrate this custom code into the platform itself. Admins can now add a custom note to the home page, using customized HTML in customize/application_config.js. To do this, define an AppConfig.homeNotice attribute like so: AppConfig.homeNotice = "<b>pewpew</b>";.

To update from 4.1.0 to 4.2.0:

  1. Stop your server
  2. Get the latest code from the 4.2.0 tag (git fetch origin && git checkout 4.2.0, or just git pull origin main)
  3. Install the latest dependencies with bower update and npm i
  4. Restart your server


  • The "What is CryptPad" page now links to our sponsors websites instead of just mentioning them by name.
  • We've updated the colors for the contacts app and the chat integrated into documents and teams to fit better with our other styles.
  • We've reverted the styles for the rich text editor so that the document always has a white background, even in dark mode, since we could not guarantee that documents would be legible to all users if custom text colors had been applied. While we were looking at this editor, we also repositioned several buttons used to control the page's layout, including the width of the document, the presence of the table of contents, and its comments.
  • We've continued to improve several key parts of the platform to accommodate offline usage. Teams, shared folders within teams, and the file app can now load and display content cached within the browser even if the client cannot establish a connection to our API server.
  • The content of whiteboard documents can now be downloaded directly from within team or user drives, rather than exclusively from within the whiteboard editor itself. To do so, right-click a whiteboard and choose download to export a PNG file.
  • Since we now regularly serve more than 125 thousand visitors a week it's gotten quite difficult to keep up with support tickets. To help alleviate this burden we're taking steps to increase the visibility of our documentation ( The support ticket page now displays a link to that documentation above the form to create a new ticket.
  • Several users have reported confusion regarding various password fields in CryptPad, in the access menu, pad creation screen, when uploading new files, and when creating a shared folder. We've updated the text associated with these fields to better indicate that they are not requesting your user password, but rather that they allow you to add an optional password as an additional layer of protection.
  • Server administrators can now refresh the performance table on the admin panel without reloading the page.
  • We've begun working on a checkup page for CryptPad to help administrators identify and fix common misconfigurations of the platform. It's still in a very basic state, but we hope to to make it a core part of the server installation guide that is under development.
  • The kanban app now supports import like the rest of our apps and rejects content of any file-type other than JSON.
  • We've dropped support for a very old migration that handled user accounts that had not been accessed fo several years. This should make everyone else's account slightly faster.

Bug fixes

  • We've fixed a long list of minor stylistic inconsistencies following last release's introduction of dark mode:
    • Text embedded in documents via media-tags now features the same background and text color as is applied to similar preformatted code blocks in markdown.
    • The arrow portion of our tooltips had inherited an inconsistent background color from a parent element. It now uses the same color as the body of the tooltip.
    • Our 404 page now correctly uses the theme's background color.
    • We removed a number of unused color variables from our style sheets.
    • The most recent user message of any thread on the admin panel's view of support tickets is no longer red. Since we now categorize messages according to their answered status and priority, this indicator was no longer necessary.
    • We fixed some contrast issues on for pages with sidebars (settings, teams, admin, etc.) when hovering over items in the sidebar.
    • Various items in the drive and pad type selection menu also had contrast issues when hovering over options.
    • Links in the drive's info boxes and in the admin panel are now correctly styled with the same color as links throughout the rest of the platform.
    • Race conditions between conflicting styles for autocomplete dropdowns caused them to be displayed behind other elements under certain circumstances.
    • The "bell" icon which we use for the notifications menu in the toolbar now uses the same color as documents' titles, rather than the color of the editor's toolbar.
    • Items in the filepicker modal which is opened by various apps' "Insert" menu now have a lighter grey background instead of the almost-black color applied in 4.1.0.
    • The storage limit indicator shown in the bottom-left corner of user and team drives no longer has round corners.
  • An insufficiently specific CSS selector caused the "spinner" animation to persist in the chat interface after it should have been hidden.
  • The client will now check whether a file is larger than is allowed by the server before attempting to upload it, rather failing only when the server rejects the upload.
  • The drive no longer allows files to be dragged and dropped into locations other than the "Documents" section, as it did not make sense for files to be displayed anywhere else.
  • We identified and fixed a number of issues which caused shared folders that were protected with access lists to fail to load due to race conditions between loading the document and authenticating with the server as a user or member of a team. This could also result in a loss of access to documents stored exclusively in those shared folders.
  • There was a similar race condition that could occur when registering an account that could cause some parts of the UI to get stuck offline.
  • We've fixed a number of server issues:
    1. A change in a function signature in late December caused the upload of unowned files to fail to complete.
    2. Messages sent via websocket are no longer broadcast to other members of a session until they have been validated by the server and stored on the disk. This was not a security issue as clients validate messages anyway, however, it could cause inconsistencies in documents when some members of a session incorrectly believed that a message had been saved.
    3. A subtle race condition in very specific circumstances could cause the server's in-memory index for a given session to become incorrect. This could cause one or two messages to be omitted when requesting the most recent history. We observed this in practice when some clients did not realize they had been kicked from a team. This is unlikely to have affected anyone in practice because it only occurred when reconnecting using cached messages for the document which records team membership, and this functionality is only being introduced in this release.
    4. Several HTTP headers were set by both our example NGINX configuration and the NodeJS server which is proxied by NGINX for a particular resource. The duplication of certain headers caused unexpected behaviour in Chrome-based browsers, so we've updated the Node process to avoid conflicting.
  • We spent a lot of time improving our integration of OnlyOffice's sheet editor:
    • The editor is now initialized with your CryptPad account's preferred language.
    • We realized that our peer-to-peer locking system (which replaces the server-based system provided by OnlyOffice's document server) did not correctly handle multiple locks per user. This caused errors when filtering and sorting columns. We've improved our locking system so these features should now work as expected, but old clients will not understand the new format. As mentioned in the "Update notes" section, admins must follow the recommended update steps to ensure that all clients correctly update to the latest version.
    • We've removed a restriction we imposed to ensure all users editing a sheet were using OnlyOffice's "fast mode", since we now support the alternative "strict mode". In strict mode, changes you make to the document are not sent until you choose to save (using a button or by pressing ctrl+s). This introduces some additional complexity into our integration, however, it enables support for undoing local changes as per issue #195.
Assets 2

@ansuz ansuz released this Feb 10, 2021

4.1.0 (B)


Our recent 4.0.0 release introduced major changes to CryptPad's style-sheets which likely caused some difficulty for admins who'd made extensive changes to their instance's appearance. We figure it's best to make more changes now instead of making small breaking changes more frequently, so we decided now is a good time to refactor a lot of our styles to implement an often-requested dark mode in CryptPad.

Update notes

As noted above, this release introduces some major changes to CryptPad styles. If you have customized the look of your instance we recommend testing this new version locally before deploying it to your server to ensure that there are no critical conflicts.

Otherwise, to update from 4.0.0 to 4.1.0:

  1. Stop your server
  2. Get the latest code from the 4.1.0 tag (git fetch origin && git checkout 4.1.0, or just git pull origin main)
  3. Install the latest dependencies with bower update and npm i
  4. Restart your server


  • The new dark theme will be applied if CryptPad detects that your OS or browser are configured to prefer dark modes, otherwise you can choose to enable the dark mode on a per-device basis via the Appearance tab of the settings page. Aside from general tweaks for common stylistic elements like the toolbar and loading screen, we made many app-specific changes:
    • Markdown-based slide colors are initialized to match the theme of their creator.
    • Freshly-opened whiteboards are initialized with white preselected instead of black if you are using dark mode.
    • Markdown-extensions, like mermaid, markmap, and mathjax required additional effort to match users themes.
    • The rich-text editor is somewhat challenging, like the whiteboard, because users can choose to use text colors that may not contrast well against the background, and users may not all see the same thing. The default text color will always contrast with the theme background. Manually set light/dark colors may render the text unreadable for users using another theme.
  • We made some UI updates to offer an increased ability to hide features that can take up too much of the available screen space. In particular, rich-text editors can choose to hide comments and the table of contents. Document owners can use the new Document settings menu (available from the File dropdown) to suggest settings for the current document, such that new users can view the document in its intended configuration unless they have set their own preferences.
  • We've made some performance optimizations in a few key places on the client:
    • Large, complex kanbans tended to slow down quite a bit when multiple people were editing or moving cards at once. Boards are now only applied one second after the most recent change (unless updates have not been displayed for more than five seconds).
    • The drive's search functionality is similarly throttled to prevent multiple concurrent searches from being executed in parallel.
  • Updates to the whiteboard include the undo/redo functionality via fabric-history.js, and the ability to add text to drawings.
  • The teams-picker page has been redesigned to use a card-based interface so that clicking anywhere on a team's card opens its drive, rather than just a single "open" button.
  • We've added a number of new features to the admin panel:
    • The Statistics tab now features a button to load the latest stats from the server instead of requiring a page reload to see the latest numbers.
    • There is a new Performance tab which includes a table of the time spent executing various server functions. We're using this data to prioritize optimizations to decrease resource consumption and increase the number of users one instance can support.
    • We've added a Check account storage section on the User storage tab to allow admins to check how much of their quota any particular user has consumed, however, it seems to return incorrect results some of the time, so you can consider it experimental for now.

Bug fixes

  • The recent updates to display recent versions of user data from a local cache before the latest content had been synchronized introduced a few minor issues which have been addressed:
    • The user menu (in the top-right corner) incorrectly linked to a donate link instead of a link to their subscription page because their first attempt to check their quota failed.
    • The usage bar in the drive, teams, and settings pages only appeared after some time because it is scheduled to update every thirty seconds, and the first attempt failed while it was still connecting. We now update retry more eagerly until a connection is established.
  • We've fixed a few links to our documentation which incorrectly concatenated two URLs together.
  • Users that had added the same document template to their own drive as well as a team's drive could see two instances of it suggested on the pad creation screen. We now deduplicate this list such that only one copy is suggested for use.
  • The Kanban app now offers better touch support, as some users reported that they were unable to drag and drop cards and columns.
  • Finally, we now guard against some edge cases in the access modal in which the owner of a document could send themself a request for edit rights if they loaded the document in view mode after deleting it from their drive.
Assets 2

@ansuz ansuz released this Jan 22, 2021

4.0.0 (A)

We're very happy to introduce CryptPad v4.0!

This release is the culmination of a great deal of work over the last year, in which we searched for the right metaphors and imagery to clearly represent what CryptPad is all about. We've reworked our logo, color theme, text on our static pages, and the icons throughout the platform to convey the calm and safety we want our users to feel.

Our release schedule typically follows an alphabetical naming scheme, ranging from A for the first (or zero-th) release of the cycle to Z for the last, with a thematic name for each letter. In the rush of preparing translations and double-checking all of our changes we never found time to settle on a theme for this release, but we do find there's some value in maintaining the otherwise arbitrary rhythm we've followed all this time. The progression through the alphabet gives a sense of pace to what can otherwise seem like a endless stream of problems that need solving, and the end of the alphabet prompts us to build towards major milestones like this one.

With that in mind, you can expect 25 more major releases in this cycle before version 5.0, roughly every three weeks or so depending on circumstances.


The main intent of this release was to deploy our rebrand branch which had been in development for some time. Along the way we also made notable improvements to the sheet editor which will be mentioned below.

Update notes

In the process of redesigning the platform we started using some new features of the LESS CSS pre-processor language that were not supported by the version of lesshint that we were using to scan for errors. We've updated that dev dependency to a newer version (4.5.0 => 6.3.7) which introduced a rather large number of minor dependencies. These are only used during development, not by the server itself, so this is unlikely to have any impact on the software itself.

Otherwise, this release includes lots of changes to the platform's style sheets and static pages. If you've applied heavy customizations to your instance you might notice errors due to incompatibilities with your local changes. We recommend that you test your customizations against the latest release locally before updating a public instance to avoid service outages.

To update from 3.25.1 to 4.0.0:

  1. Stop your server
  2. Get the latest code from the 4.0.0 tag
  3. Install the latest dependencies with bower update and npm i
  4. Restart your server


  • We've built a new version of the web-assembly code used to convert between OnlyOffice's internal representation of spreadsheet data and standard formats like XLSX, ODS, and CSV. We've also improved the ability to print whole sheets and selections in the UI. This still depends on the host browser's support of the required web APIs, but it should work in common browsers except maybe Safari and Internet Explorer.
  • We found that certain issues reported via the built-in support ticket system were not easy to debug without knowing the id of the user's drive. Support tickets now include a driveChannel attribute to simplify this process.
  • We've added a variety of settings for the control of how your browser uses a local database to speed up loading times and display cached versions of documents even when disconnected from our server. These are available in the "confidentiality" section of the settings page (

Finally, the "rebrand" part of this release:

  • Our home page features our new logo, a cleaner layout, new text (notably dropping the use of "zero-knowledge" from our explanation), new app icons, softer colors, neater fonts, and a custom illustration of a document shredder that hints at how CryptPad works.
  • We no longer include a FAQ page with each instance, and instead link to relevant parts of our dedicated documentation platform ( from any place that previously referenced the FAQ. This will make it easier for translators to focus on text for the platform's interface if they wish. An updated Frequently Asked Questions will be added to the documentation in the near future.
  • Each of our editors now features a dedicated favicon to make it easier to distinguish different CryptPad tabs in your browser.
  • The contact page now points to Element instead of Riot, since the Matrix team rebranded in the last while as well.
  • The "pricing" or "features" page (features.html) reads the server's configured storage limits from a server endpoint and displays them, rather than hardcoding the default values in the text.
  • There is now a custom illustration of a person swallowing a key on the registration page to convey that CryptPad admins cannot restore access to documents if users lose or forget their credentials. This is underscored by highlights to the explanatory text displayed to the left of the form.
  • Our loading screen now features a much simpler color scheme instead of the vibrant blue blocks. This is part of an effort to pave the way for a dark theme that we hope to introduce very soon.
  • Lastly, we've added a number of semantic cues in various places to improve the experience of users that rely on screen-readers. There's still a lot to do in this regard, but this big rewrite was a good opportunity to review some easy pain-points to alleviate.

Bug fixes

  • We found andd fixed a regression in the slide app which caused newly created documents to be initialized without a title.
  • Thanks to a helpful user-report we were able to identify an issue in our rich text editor's comments system that prevented iOS users from typing.
Assets 2

@ansuz ansuz released this Jan 13, 2021

ZyzomysPedunculatus' revenge (3.25.1)

This minor release is primarily intended to fix some minor issues that were introduced or detected following our 3.25.0 release, but it also includes some major improvements that we want to test and stabilize before our upcoming 4.0.0 release.


  • Our recent introduction of a clientside cache for document content now allows us to load and display a readable copy of a document before the most recent history has been fully loaded from the server. You might notice that your drive and some document typees are now displayed in a "DISCONNECTED" of "OFFLINE" state until they gets the latest history. For now this just means the loading screen is removed soon so you can start reading, but it's also an essential improvement that will become even more useful when we introduce the use of service-workers for offline usage.
  • We've added an offline mode to the server so that anyone developing features in CryptPad can test its offline and caching features by disabling the websocket components of the server. Use npm run offline to launch in this mode.
  • We spent some time improving the support ticket components of the administration panel. Tickets are now shown in four categories: tickets from premium users, tickets from non-paying users, answered tickets, and closed tickets.
  • We also improved the readability of some of the server's activity logs by rounding off some numbers to display fewer decimal points. On a related note, log events indicating the completion of a file upload now display the size of the uploaded file.
  • Errors that occur when loading teams now trigger some basic telemetry to the server to indicate the error code. This should help us determine the origin of some annoying teams issues that several users have reported.
  • Users of the rich text editor should now find that their scroll position is maintained when they are at the bottom of the document and a remote users adds more text.

Bug fixes

  • Shortly after deploying 3.25.0 we identified several cases in which its cache invalidation logic was not correctly detecting corrupted cache entries. This caused some documents to fail to load. We quickly disabled most caching until we got the chance to review. Since then, we've tested it much more thoroughly under situations which made it more likely to become corrupt. Our new cache invalidation logic seems to catch all the known cases, so we're re-enabling the use of the cache for encrypted files and most of our supported document types.
  • We found that a race condition in the logout process prevented the document cache from being cleared correctly. We now wait until the asynchronous cache eviction process completes before redirecting users to the login page.
  • We discovered that the postMessage API by which CryptPad's different iframes and workers communicate could not serialize certain error messages after recent changes. We've added some special logic to send such messages in a valid format as well as some extra error handling to better recover from and report failed transmissions.
  • In cases where user avatars fail to load (due to network issues or 404s) the first letter of the user's display name will be displayed instead
  • We found that shared folders were reconnecting to the server correctly after a network failure, however, some changes in the UI caused clients to incorrectly remain locked.
  • Some recent refactoring of some styles caused some buttons on the login page to inherit bootstrap's styles instead of our custom ones.
  • A third-party admin brought it to our attention that a library that was used for some development tests was being fetched via http instead of https, and was thus blocked by some of their local configuration parameters. We've updated its source to load via secure protocols only.
  • The recent replacement of a link to our faq with a link to our documentation platform violated some security headers and prevented the link from loading. We've fixed the inline link with some code to open this link in a compatible way.
  • Finally, we found a bug that caused custom colors in the slide app to revert to the default settings on page reloads. Custom slide colors should now be preserved.

To update from 3.25.0 to 3.25.1:

  1. Stop your server
  2. Get the latest code with git checkout 3.25.1
  3. Install the latest dependencies with bower update and npm i
  4. Restart your server
Assets 2

@ansuz ansuz released this Dec 15, 2020

ZyzomysPedunculatus (3.25.0)


Zyzomys pedunculatus image courtesy of Wikimedia commons


This is the last major release of our 3.0.0 release cycle. We wanted to mark the occasion with some big improvements to keep everyone happy in case we need to take some more time to prepare our upcoming 4.0.0 release.

Update notes

This update introduces some major database optimizations that should decrease both CPU and disk usage over time as users request resources and prime an on-disk cache for the next time.

We've also introduce the ability to archive illegal or otherwise objectionable material from the admin panel assuming you possess the ability to load the content in question. It's also possible to restore archived content via an adjacent form field on the admin panel as long as it has not been permanently deleted. Due to a quirk in how ownership of uploaded files works, restored files will not retain their "owners" property. We hope to fix this in a future release.

We've also made some minor changes to the example NGINX config file provided in cryptpad/docs/example.nginx.confg, specifically in this commit. CryptPad will probably work if you don't apply these changes to your nginx conf, but some functional improvements depend on the exposed headers.

To upgrade from 3.24.0 to 3.25.0:

  1. Update your NGINX config as mentioned above.
  2. Stop your nodejs server.
  3. Pull the latest code using git (from the 3.25.0 tag or the main branch)
  4. Ensure you have the latest clientside and serverside dependencies with bower update and npm install.
  5. Restart the nodejs server.


  • This release makes a lot of changes to how content is loaded over the network.
    • Most notably, CryptPad now employs a client-side cache based on the the indexedDB API. Browsers that support this functionality will opportunistically store messages in a local cache for the next time they need them. This should make a considerable difference in how quickly you're able to load a pad, particularly if you accessing the server over a low-bandwidth network.
    • Uploaded files (images, PDFs, etc.) are also cached in a similar way. Once you'd loaded an asset, your client will prefer to load its local copy instead of the server.
    • We've updated the code for our full drive backup functionality so that it uses the local cache to load files more quickly. In addition to this, backing up the contents of your drive will also populate the cache as though you had loaded your documents in the normal fashion. This cache will persist until it is invalidated (due to the authoritative document having been deleted or had its history trimmed) or until you have logged out.
    • We've added the ability to configure the maximum size for automatically downloaded files. Any encrypted files that are above this size will instead require manual interaction to begin downloading. Files that are larger than this limit which are already loaded in your cache will still be automatically displayed.
  • We've also changed a lot of the UI related to encrypted file uploads and downloads:
    • Encrypted files can display buttons instead of the intended media under a variety of circumstances (if they are larger than your configured limit or if there is no applicable rendering mode). The styles for these buttons are now much more consistent with those found throughout the rest of the platform.
    • The same assets should now display progress bars when downloading and decrypting encrypted media.
    • When the same asset is embedded into a document in more than one location it used to be possible to trigger two (or more) concurrent decryption processes. We've modified the rendering process so that duplicates are detected and rendered simultaneously after the relevant assets have been decrypted (once).
    • We noticed that some old code to filter out forbidden content from rich text pads was interfering with encrypted media. We've clarified the filtering rules to preserve such content (audio, video, iframes) when it occurs within an acceptable context.
    • We've fixed some inconsistencies with media styles and functionality across different editors. Most types of media now allow you to right-click and choose to share (open that asset's share menu) or open it in a different context (in the file app or in the relevant editor where this behaviour is supported).
    • The file app has been greatly simplified. It now uses the same methods to render encrypted media as is used elsewhere, so it also displays progress and has a more consistent UI.
    • The file uploads/downloads table has also been improved somewhat:
      • Download progress is displayed for groups of items when downloading a folder from your drive.
      • We found and removed a hard-coded translation from the table's header.
  • In keeping with the theme of network traffic and files we've also made some improvements to policies for users' storage:
    • Users should now be prompted to trim the history of very large documents when viewing them, saving space for the server operator as well as freeing up some of the user's quota.
    • Users will also be prompted to use similar functionality available through the settings page when the history of their drive and other account-related functionality is consuming a significant amount of their quota.
    • Documents that you own used to be automatically added to your drive when viewed if they weren't already present. This was originally intended as an integrity check and a means to recover from incorrectly removed entries in your drive, however, as we now support the removal of owned elements from your drive without destroying them this only serves as an annoyance. As such, we have dropped this functionality.
    • The whiteboard editor allows users to insert encrypted images into whiteboards, but only up to a certain size. Before it would just warn you that your image was too large. Now it provides the actual size limit that you've exceeded.
    • The prompt to store uploads in your drive is now suppressed when uploading images via the support ticket panel.

Bug fixes

  • This release includes a fix for a very severe bug in Chrome and its derivatives where attempting to open a URL from within our sandboxing system would crash the browser entirely. This version works around the problem by not doing that.
  • We've improved offline detection such that "offline" status is specific to particular resources like your drive, teams, and shared folders rather than treating your account as simply "online or offline".
  • We've optimized one of our less style sheet mixins that was used in a lot of places at a more specific scope than was necessary. This resulted in more time compiling styles and higher storage space requirements for the css cache in localStorage.
  • A small helper function that was intended to stop listening for enter and esc keypresses after closing a modal was overly zealous and stopped listening after any keypress. This made it so that any prompt with an input field did not correctly submit or cancel when pressing enter or esc after typing some text.
  • Various browsers now require the request for the permission to send notifications to originate from a "click" event, so CryptPad now opens a dialog prompting you to allow (or disallow) permission if you haven't already made that decision.
  • Modern browsers commonly prevent tabs from opening new windows unless you've explicitly enabled that behaviour (it's an important feature), however, in some cases the indication that a new tab was blocked can be very subtle and some of our users did not notice it. We now check whether attempts to open a new tab were successful, and prompt the user to enable this behaviour so that CryptPad can perform regular actions like opening a pad from the drive.
  • After some deep investigation we identified a number of scenarios where contact requests would behave incorrectly, such as not triggering a notification. Contact requests should now be much more stable. On a related note, it's now possible to cancel a pending contact request from the concerned user's profile.
Assets 2