Beta Release v0.25.0

2019 is here and to kick it off we have BookStack v0.25. This release does not contain any major new features but instead is focused on making improvements to existing systems within BookStack.

Please Note, During this release cycle it was found that page content includes could leak their content as preview text to users that don’t have permission to view the included content. It’s recommended to re-save any pages that included other page content that’s restricted to ensure included text is not shown in page preview text.

Header Changes

The header bar has received a few tweaks this release. First of all, A sign-up link will now be shown to public guest users that are not yet logged in, if registration is enabled:

Header Signup Link

For users that have permission to manage other users, but do not have permission to alter system settings, a link to the Users admin area will now show instead of “Settings”:

Header Users Link

Thanks to @qianmengnet & @cw1998 for these improvements.

Example Environment File Changes

The default .env.example file has received some changes. It has been cut down from 89 lines to only 31 lines and that includes some better comments. It now only contains common configuration that’s needed to get initially set-up.

A .env.example.complete file is now included as a reference to all the possible options that are available along with their default settings. Options can be copied from this as required.

Custom Avatar Service

BookStack has had built-in Gravatar support for a while to enable unique user profile images upon user creation. This system has been revamped so the URL used to fetch an avatar can be customized as required. This allows you to customize the URL used for gravatar or you can instead use a different avatar service altogether. For example, By setting the below option in your .env file you can instead use libravatar:

1
AVATAR_URL=https://seccdn.libravatar.org/avatar/${hash}?s=${size}&d=identicon

The following variables can be used in this setting which will be populated by BookStack when used:

  • ${email} - The user’s email address, URL encoded.
  • ${hash} - MD5 hashed copy of the user’s email address.
  • ${size} - BookStack’s ideal requested image size in pixels.

Thanks to @Vinrobot for working to implement this feature.

Language Updates

As always we’ve had a good deal of community contributions to bring new and updated translations. In this release we have:

  • Added Ukrainian translations. Thanks to @Mant1kor.
  • Added German informal translations. Thanks to @ezzra.
  • Updated Polish translations. Thanks to @vasiliev123.

Additionally, included in BookStack v0.24.1 & v0.24.2 we had:

  • Added Korean translations. Thanks to @limkukhyun.
  • Updated Brazilian Portuguese translations. Thanks to @DeehSlash.
  • Updated Chinese translations. Thanks to @qianmengnet.
  • Updated French translations. Thanks to @TheLastOperator.
  • Updated Traditional Chinese translations. Thanks to @kejjang.
  • Updated ‘Spanish Argentina’ translations. Thanks to @leomartinez.
  • Updated German translations. Thanks to @CliffyPrime.

Full List of Changes

  • Added Ukrainian translations. Thanks to @Mant1kor. (#1183)
  • Added German informal translations. Thanks to @ezzra. (#1159, #890)
  • Updated Polish translations. Thanks to @vasiliev123. (#1180)
  • Updated Spanish translation formatting. Thanks to @moucho. (#1197)
  • Added proper escaping to LDAP authentication variables. (#1163)
  • Added anchor links to user profile sections and added “Register” to header for guest users. Thanks to @qianmengnet. (#1146)
  • Added configurable timeout for file & image uploads. Thanks to @Abijeet. (#1133, #876)
  • Added system to prevent the last admin from removing themselves as an admin. (#1124)
  • Added link to manage users in header if user has permission to do so but does not have permission to change system settings. Thanks to @cw1998. (#1119, #1110)
  • Added support for custom avatar provider. Thanks to @Vinrobot. (#1111)
  • Added option to disable LDAPS Certificate Validation. Thanks to @christophert. (#1065)
  • Added testing coverage to user avatar fetching. (#1193) (#1096)
  • Updated times in page exports to use absolute time formats instead of relative formats.
  • Updated “Move” operations so that “Delete” permissions are required on the item being moved. (#1200)
  • Updated page preview/search system to prevent leaks in included content when permissions are set on included content. (#1178)
  • Re-enabled missing plaintext copies on system-generated emails. (#1182)
  • Improved ‘SQL’ code block highlighting. (#1181)
  • Simplified “.env.example” file and created full example version. (#1205)
  • Fixed WYSIWYG editor issue that could reset cursor position on code block click. (#1162).

Next Steps

Throughout this last release cycle I’ve been playing with a new design based upon a lot of feedback provided via issues on GitHub. You can see preview along with the goals of this design update on the pull request. This will be my personal primary focus for the time being.


Header Image Credits:   unsplash-logoPatrick Tomasso