mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2024-11-29 09:24:19 -05:00
Merge pull request #1267 from hedgedoc/release/1.8.2
This commit is contained in:
commit
8b374d8c19
5 changed files with 13 additions and 5 deletions
|
@ -3,7 +3,7 @@ openapi: 3.0.1
|
||||||
info:
|
info:
|
||||||
title: HedgeDoc
|
title: HedgeDoc
|
||||||
description: HedgeDoc is an open source collaborative note editor. Several tasks of HedgeDoc can be automated through this API.
|
description: HedgeDoc is an open source collaborative note editor. Several tasks of HedgeDoc can be automated through this API.
|
||||||
version: 1.8.1
|
version: 1.8.2
|
||||||
contact:
|
contact:
|
||||||
name: HedgeDoc on GitHub
|
name: HedgeDoc on GitHub
|
||||||
url: https://github.com/hedgedoc/hedgedoc
|
url: https://github.com/hedgedoc/hedgedoc
|
||||||
|
|
|
@ -28,7 +28,7 @@ services:
|
||||||
restart: always
|
restart: always
|
||||||
app:
|
app:
|
||||||
# Make sure to use the latest release from https://hedgedoc.org/latest-release
|
# Make sure to use the latest release from https://hedgedoc.org/latest-release
|
||||||
image: quay.io/hedgedoc/hedgedoc:1.8.1
|
image: quay.io/hedgedoc/hedgedoc:1.8.2
|
||||||
environment:
|
environment:
|
||||||
- CMD_DB_URL=postgres://hedgedoc:password@database:5432/hedgedoc
|
- CMD_DB_URL=postgres://hedgedoc:password@database:5432/hedgedoc
|
||||||
- CMD_DOMAIN=localhost
|
- CMD_DOMAIN=localhost
|
||||||
|
|
|
@ -16,7 +16,7 @@
|
||||||
|
|
||||||
1. Check if you meet the [requirements at the top of this document](#manual-installation).
|
1. Check if you meet the [requirements at the top of this document](#manual-installation).
|
||||||
2. Download the [latest release](https://hedgedoc.org/latest-release/) and extract it.
|
2. Download the [latest release](https://hedgedoc.org/latest-release/) and extract it.
|
||||||
<small>Alternatively, you can use Git to clone the repository and checkout a release, e.g. with `git clone -b 1.8.1 https://github.com/hedgedoc/hedgedoc.git`.</small>
|
<small>Alternatively, you can use Git to clone the repository and checkout a release, e.g. with `git clone -b 1.8.2 https://github.com/hedgedoc/hedgedoc.git`.</small>
|
||||||
3. Enter the directory and execute `bin/setup`, which will install the dependencies and create example configs.
|
3. Enter the directory and execute `bin/setup`, which will install the dependencies and create example configs.
|
||||||
4. Configure HedgeDoc: To get started, you can use this minimal `config.json`:
|
4. Configure HedgeDoc: To get started, you can use this minimal `config.json`:
|
||||||
```json
|
```json
|
||||||
|
@ -58,7 +58,7 @@ If you want to upgrade HedgeDoc from an older version, follow these steps:
|
||||||
and the latest release.
|
and the latest release.
|
||||||
2. Fully stop your old HedgeDoc server.
|
2. Fully stop your old HedgeDoc server.
|
||||||
3. [Download](https://hedgedoc.org/latest-release/) the new release and extract it over the old directory.
|
3. [Download](https://hedgedoc.org/latest-release/) the new release and extract it over the old directory.
|
||||||
<small>If you use Git, you can check out the new tag with e.g. `git fetch origin && git checkout 1.8.1`</small>
|
<small>If you use Git, you can check out the new tag with e.g. `git fetch origin && git checkout 1.8.2`</small>
|
||||||
5. Run `bin/setup`. This will take care of installing dependencies. It is safe to run on an existing installation.
|
5. Run `bin/setup`. This will take care of installing dependencies. It is safe to run on an existing installation.
|
||||||
6. *:octicons-light-bulb-16: If you used the release tarball for 1.7.0 or newer, this step can be skipped.*
|
6. *:octicons-light-bulb-16: If you used the release tarball for 1.7.0 or newer, this step can be skipped.*
|
||||||
Build the frontend bundle by running `yarn install` and `yarn build`. The extra `yarn install` is necessary as `bin/setup` does not install the build dependencies.
|
Build the frontend bundle by running `yarn install` and `yarn build`. The extra `yarn install` is necessary as `bin/setup` does not install the build dependencies.
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{
|
{
|
||||||
"name": "HedgeDoc",
|
"name": "HedgeDoc",
|
||||||
"version": "1.8.1",
|
"version": "1.8.2",
|
||||||
"description": "The best platform to write and share markdown.",
|
"description": "The best platform to write and share markdown.",
|
||||||
"main": "app.js",
|
"main": "app.js",
|
||||||
"license": "AGPL-3.0",
|
"license": "AGPL-3.0",
|
||||||
|
|
|
@ -1,4 +1,12 @@
|
||||||
# Release Notes
|
# Release Notes
|
||||||
|
## <i class="fa fa-tag"></i> 1.8.2 <i class="fa fa-calendar-o"></i> 2021-05-11
|
||||||
|
|
||||||
|
This release fixes two security issues. We recommend upgrading as soon as possible.
|
||||||
|
|
||||||
|
### Security Fixes
|
||||||
|
- [CVE-2021-29503: Improper Neutralization of Script-Related HTML Tags in Notes](https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-gjg7-4j2h-94fq)
|
||||||
|
- Fix a potential XSS-vector in the handling of usernames and profile pictures
|
||||||
|
|
||||||
## <i class="fa fa-tag"></i> 1.8.1 <i class="fa fa-calendar-o"></i> 2021-05-06
|
## <i class="fa fa-tag"></i> 1.8.1 <i class="fa fa-calendar-o"></i> 2021-05-06
|
||||||
### Enhancements
|
### Enhancements
|
||||||
- Speed up `yarn install` in production mode (as performed by `bin/setup`) by marking frontend-only dependencies as dev-dependencies.
|
- Speed up `yarn install` in production mode (as performed by `bin/setup`) by marking frontend-only dependencies as dev-dependencies.
|
||||||
|
|
Loading…
Reference in a new issue