From f8b0301a5dd2acb2dc1998deb276c25eee1fbdc8 Mon Sep 17 00:00:00 2001 From: stanley2058 Date: Tue, 26 Dec 2023 17:16:17 +0800 Subject: [PATCH 1/3] doc(release-note): release 2.5.0 Signed-off-by: stanley2058 --- package-lock.json | 2 +- package.json | 2 +- public/docs/release-notes.md | 62 ++++++++++++++++++++++++++++++++++++ 3 files changed, 64 insertions(+), 2 deletions(-) diff --git a/package-lock.json b/package-lock.json index 4238a6414a..c3ebe2207f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "codimd", - "version": "2.4.2", + "version": "2.5.0", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/package.json b/package.json index d85553dd09..c27a495d42 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codimd", - "version": "2.4.2", + "version": "2.5.0", "description": "Realtime collaborative markdown notes on all platforms.", "keywords": [ "Collaborative", diff --git a/public/docs/release-notes.md b/public/docs/release-notes.md index 05054a63e2..2e81570347 100644 --- a/public/docs/release-notes.md +++ b/public/docs/release-notes.md @@ -1,6 +1,68 @@ Release Notes === + 2.5.0 2023-12-26 +--- + +--- +tags: releases +--- + +# CodiMD 2.5.0 + +## Security Fixes +* **\[Security Issue]** Strip HTML tags for gist id to avoid stored XSS on showing error [Security Issue] +* **\[Security Issue]** Upgrade mermaid to version 8.10.2 to avoid prototype pollution +* **\[Security Issue]** potential XSS in vimeo embed +* **\[Security Issue]** FIX: pandoc security issue +* **\[Security Issue]** fix: sanitize pdf url to prevent XSS on inline PDFs + +## Fixes +* Avoid append zero suffix on exporting user data +* Handle when request url has no valid referer +* Fix S3 client config passing for image upload +* Set a proper "lang" attribute on +* Fix matchInContainer false positives +* Convert "include" directives to functions +* Move HTML-related code from JS to EJS to enable more i18n +* fix: may referernce out of bound index in clearDuplicatedHistory +* Feat/csrf export user data +* sequelize.import deprecation +* chore: remove unused uglifyjs-webpack-plugin dep +* fix: should not clear guest history when guest pin note +* Fix: s3 api supported multiple cloud providers. fixes: https://github.com/hackmdio/codimd/issues/1761 +* Fix: Code Fence parameter parsing +* Update README.md to remove IE from supporting list +* FIX: server crash when filename too long +* fix: use encoded note id to update history +* 🐛 [fix] modify replacement rule for disqus short-name +* Fix history page nav + +## Enhancements +* Add TeX mhchem extensions for MathJax +* Upgrade flowchart.js to version 1.15.0 +* Upgrade codemirror to 5.63.2 +* Update de.json in +* Documentation - add Music section and move abc abd fretboard to this section +* chore: bump meta-marked to 0.5.0 +* Typos + Better translation for "Externals" +* feat: Migrate to gtag and support GA4 +* 【fix】reword japanese +* upgrading pg to 8.8.0 to support new scram-sha-256 authentication +* feat: add organizations whitelist to GitHub OAuth +* Add oauth2 authorization +* Update both Traditional and Simplified Chinese locales + +## DX +* Run CI with GitHub Actions +* Add dev container for GitHub Codespaces and VSCode remote container +* Add arm64 docker image build. +* fix(buildpacks): replace custom buildpack with APT buildpack +* Update minimum required node.js version to v12 with npm package dependencies +* Upgrade Node.js version +* Update node.js version in .nvmrc +* Update npm dependencies + 2.4.2 2022-08-06 --- From 86bf44f5c17dd48cb6c8e8711f4d9a05669c31ac Mon Sep 17 00:00:00 2001 From: stanley2058 Date: Tue, 26 Dec 2023 17:35:41 +0800 Subject: [PATCH 2/3] doc(release-note): update release code name Signed-off-by: stanley2058 --- public/docs/release-notes.md | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/public/docs/release-notes.md b/public/docs/release-notes.md index 2e81570347..811138fb38 100644 --- a/public/docs/release-notes.md +++ b/public/docs/release-notes.md @@ -1,14 +1,20 @@ Release Notes === - 2.5.0 2023-12-26 + 2.5.0 The Formosan hare 2023-12-26 --- ---- -tags: releases ---- +
+ + The Formosan hare +
+ +> The Formosan hare (scientific name: Lepus sinensis formosus), a species of the rabbit family, is a subspecies unique to Taiwan. It measures 30-40 centimeters in length, with a tail that's 5-6 centimeters long and ears that are 8-10 centimeters long. Smaller than the Chinese hare, it has brownish eyes. +> [Wikipedia](https://zh.wikipedia.org/wiki/%E5%8F%B0%E7%81%A3%E9%87%8E%E5%85%94?oldformat=true) + +[Check out the complete release note][v2_5_0]. Thank you CodiMD community and all our contributors. ❤️ -# CodiMD 2.5.0 +[v2_5_0]: https://hackmd.io/@codimd/release-notes/%2F%40codimd%2Fv2_5_0 ## Security Fixes * **\[Security Issue]** Strip HTML tags for gist id to avoid stored XSS on showing error [Security Issue] From afe49f4936154745b2c0f44c1522a1d2da7448a1 Mon Sep 17 00:00:00 2001 From: stanley2058 Date: Tue, 26 Dec 2023 18:06:16 +0800 Subject: [PATCH 3/3] doc(release-note): update release note Signed-off-by: stanley2058 --- public/docs/release-notes.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/public/docs/release-notes.md b/public/docs/release-notes.md index 811138fb38..483d72a420 100644 --- a/public/docs/release-notes.md +++ b/public/docs/release-notes.md @@ -43,6 +43,8 @@ Release Notes * fix: use encoded note id to update history * 🐛 [fix] modify replacement rule for disqus short-name * Fix history page nav +* Fix the uploadimage form +* Add the logout callback to prevent exception ## Enhancements * Add TeX mhchem extensions for MathJax