Started updates for v0.31
Added docs updates, Started blog post. Also updated user image and text tweaked colors
This commit is contained in:
parent 0198bdeefa
commit f5ee6f269d
GPG key ID: 46D9F943C24A2EF9
8 changed files with 126 additions and 7 deletions
89 content/blog/beta-release-v0-31-0.md Normal file
89
content/blog/beta-release-v0-31-0.md Normal file | | @ -0,0 +1,89 @@ | |||
+++ | ||||
categories = ["Releases"] | ||||
tags = ["Releases"] | ||||
title = "Beta Release v0.31.0" | ||||
date = 2021-01-03T19:30:00Z | ||||
author = "Dan Brown" | ||||
image = "/images/blog-cover-images/winter-fox-birger-strahl.jpg" | ||||
description = "We begin 2021 with BookStack v0.31 which comes with recycle bin functionality, the page REST API endpoints and much more" | ||||
slug = "beta-release-v0-31-0" | ||||
draft = false | ||||
+++ | ||||
| ||||
We kick of this optimistic year with BookStack v0.31 which includes some great additions and updates to existing functionality including | ||||
a new recycle bin system, controllable item ownership, audit log changes, pages API and much more. | ||||
| ||||
| ||||
* [Update instructions](https://www.bookstackapp.com/docs/admin/updates) | ||||
* [GitHub release page](https://github.com/BookStackApp/BookStack/releases/tag/v0.31.0) | ||||
| ||||
| ||||
Just to note, There were a few security releases for v0.30. If you're not upgrading from v0.30.7 be sure to | ||||
read through the version specific notes on the [updates page](https://www.bookstackapp.com/docs/admin/updates). | ||||
| ||||
| ||||
### Recycle Bin | ||||
| ||||
| ||||
| ||||
### Item Ownership | ||||
| ||||
| ||||
| ||||
### Audit Log Updates | ||||
| ||||
| ||||
| ||||
### User List Changes | ||||
| ||||
| ||||
| ||||
### New Revision Comparison System | ||||
| ||||
| ||||
| ||||
### API Update - Pages | ||||
| ||||
| ||||
| ||||
### Iframe & Cookie Security Updates | ||||
| ||||
| ||||
| ||||
### Translations | ||||
| ||||
| ||||
| ||||
### Full List of Changes | ||||
| ||||
* Translation Updates. ([#2439](https://github.com/BookStackApp/BookStack/pull/2439), [#2327](https://github.com/BookStackApp/BookStack/pull/2327)) | ||||
* Added recycle bin implementation. ([#2283](https://github.com/BookStackApp/BookStack/pull/2283), [#2183](https://github.com/BookStackApp/BookStack/issues/2183), [#280](https://github.com/BookStackApp/BookStack/issues/280)) | ||||
* Added Norwegian translation to BookStack. Thanks to [@Swoy](https://github.com/BookStackApp/BookStack/pull/2336). ([#2336](https://github.com/BookStackApp/BookStack/pull/2336)) | ||||
* Added ownership system for pages, chapters, books and shelves. ([#2436](https://github.com/BookStackApp/BookStack/pull/2436), [#2246](https://github.com/BookStackApp/BookStack/issues/2246)) | ||||
* Added host iframe control with cookie security management. ([#2427](https://github.com/BookStackApp/BookStack/issues/2427), [#2207](https://github.com/BookStackApp/BookStack/issues/2207)) | ||||
* Added API endpoints for pages. ([#2382](https://github.com/BookStackApp/BookStack/pull/2382)) | ||||
* Added many more activity types to the audit-log. ([#2360](https://github.com/BookStackApp/BookStack/pull/2360), [#1243](https://github.com/BookStackApp/BookStack/issues/1243)) | ||||
* Added a sortable "Latest Activity" column to the users list. ([#848](https://github.com/BookStackApp/BookStack/issues/848)) | ||||
* Replaced revision diff library so that the php tidy extension is no longer required. ([#2347](https://github.com/BookStackApp/BookStack/issues/2347), [#1553](https://github.com/BookStackApp/BookStack/issues/1553)) | ||||
* Updated GitLab authentication to use the `read_user` scope. ([#2359](https://github.com/BookStackApp/BookStack/issues/2359)) | ||||
* Updated revision restore to add sensible default change summary text. Thanks to [@rondaa](https://github.com/BookStackApp/BookStack/pull/2353). ([#2353](https://github.com/BookStackApp/BookStack/pull/2353), [#2349](https://github.com/BookStackApp/BookStack/issues/2349)) | ||||
* Updated "Cleanup Images" maintenance option wording for clarity. ([#2352](https://github.com/BookStackApp/BookStack/issues/2352)) | ||||
* Updated dev docker setup to install composer dependencies in Docker entrypoint. Thanks to [@timoschwarzer](https://github.com/BookStackApp/BookStack/pull/2298). ([#2298](https://github.com/BookStackApp/BookStack/pull/2298)) | ||||
* Updated chapter delete behaviour so pages are removed instead of being moved to the parent book. ([#2164](https://github.com/BookStackApp/BookStack/issues/2164)) | ||||
* Updated grid-layout book/shelf item names to better fit into two lines. ([#1469](https://github.com/BookStackApp/BookStack/issues/1469)) | ||||
* Fixed issue where the export dropdown may show cut-off with options hidden. Thanks to [@shubhamosmosys](https://github.com/BookStackApp/BookStack/pull/2416). ([#2416](https://github.com/BookStackApp/BookStack/pull/2416)) | ||||
| ||||
| ||||
### Next Steps | ||||
| ||||
Over the last few months we've had a good number of authentication-based pull requests, in addition to some others, which I've been somewhat ignoring so I'll | ||||
look to spend some time reviewing a few of those. | ||||
| ||||
Now we have the core elements of the API integrated we'll now see what other features people may need. I'm imagining we'd add a few endpoints each future release for a while. | ||||
| ||||
With the API base down and the activity system fleshed out, now may be a good time to implement an outbound webook system. I'll likely create an implementation proposal so I | ||||
can ensure we'd be covering the main use-cases required. | ||||
| ||||
---- | ||||
| ||||
<span style="font-size: 0.8em;opacity:0.9;">Header Image Credits: <span>Photo by <a href="https://unsplash.com/@bist31?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText">Birger Strahl</a> on <a href="https://unsplash.com/t/animals?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText">Unsplash</a></span></span> | ||||
| | @ -24,9 +24,9 @@ Below you can find details on how to install BookStack on your own hosting. Ther | |||
| ||||
BookStack has the following requirements: | ||||
| ||||
* **PHP** >= 7.2 | ||||
* **PHP** >= 7.2.5 | ||||
* For installation and maintenence, you'll need to be able to run `php` from the command line. | ||||
* Required Extensions: *OpenSSL, PDO, MBstring, Tokenizer, GD, MySQL, Tidy, SimpleXML & DOM* | ||||
* Required Extensions: *OpenSSL, PDO, MBstring, Tokenizer, GD, MySQL, SimpleXML & DOM* | ||||
* **MySQL** >= 5.6 | ||||
* Single Database *(All permissions advised since application manages schema)* | ||||
* **Git Version Control** | ||||
| | | |||
| | @ -20,6 +20,7 @@ If you'd like to be notified of new potential security concerns you can sign-up | |||
<li><a href="#javascript-in-page-content">JavaScript in Page Content</a></li> | ||||
<li><a href="#web-crawler-control">Web Crawler Control</a></li> | ||||
<li><a href="#secure-cookies">Secure Cookies</a></li> | ||||
<li><a href="#iframe-control">Host IFrame Control</a></li> | ||||
<li><a href="#failed-access-logging">Failed Access Logging</a></li> | ||||
</ul> | ||||
| ||||
| | @ -130,7 +131,26 @@ The rules found in the `/robots.txt` file are automatically controlled via the " | |||
| ||||
### Secure Cookies | ||||
| ||||
BookStack uses cookies to track sessions, remember logins and for XSRF protection. When using HTTPS you may want to ensure that cookies are only sent back to the browser if the connection is over HTTPS. This can be enabled by setting `SESSION_SECURE_COOKIE=true` in your `.env` file. | ||||
BookStack uses cookies to track sessions, remember logins and for XSRF protection. When using HTTPS you may want to ensure that cookies are only sent back to the browser if the connection is over HTTPS. If you have set a https `APP_URL` option in your `.env` this will enabled automatically but it can also be forced on by setting `SESSION_SECURE_COOKIE=true` in your `.env` file. | ||||
| ||||
--- | ||||
| ||||
<a name="iframe-control"></a> | ||||
| ||||
### Host Iframe Control | ||||
| ||||
By default BookStack will only allow itself to be embedded within iframes on the same domain as you're hosting on. This is done through a [CSP: frame-ancestors](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors) header. You can add additional trusted hosts by setting a `ALLOWED_IFRAME_HOSTS` option in your `.env` file like the example below: | ||||
| ||||
```bash | ||||
# Adding a single host | ||||
ALLOWED_IFRAME_HOSTS="https://example.com" | ||||
| ||||
# Mulitple hosts can be separated with a space | ||||
ALLOWED_IFRAME_HOSTS="https://a.example.com https://b.example.com" | ||||
``` | ||||
| ||||
Note, when this option is used then all cookies will served with `SameSite=None` [(info)](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite#None) set so that | ||||
a user session can persist within the iframe. | ||||
| ||||
--- | ||||
| ||||
| | | |||
| | @ -205,7 +205,7 @@ GitLab authentication works for both [gitlab.com](https://gitlab.com) and self-h | |||
3. Set a name to identify the application, such as 'BookStack Authentication', and in the 'Redirect URI' input add both of the below URLs, Changing `https://example.com` to the base URL of your BookStack instance: | ||||
- `https://example.com/login/service/gitlab/callback` | ||||
- `https://example.com/register/service/gitlab/callback` | ||||
4. Do not select any of the 'Scopes' checkboxes. | ||||
4. Select the checkbox for the `read_user` scope. | ||||
5. Press 'Save application'. You will be shown the application ID and secret which you'll need for the next step. | ||||
6. Copy the below details and add them as new variables in your `.env` file like so: | ||||
```bash | ||||
| | | |||
| | @ -33,6 +33,13 @@ Check the below list for the version you are updating to for any additional inst | |||
| ||||
The below lists things you may need to be aware of when upgrading to a newer version of BookStack. | ||||
| ||||
#### Updating to v0.31.0 or higher | ||||
| ||||
**Requirements Change** - The minimum required PHP version has changed from 7.2 to 7.2.5. Additionally, the `Tidy` PHP extension is no longer required. | ||||
| ||||
**GitLab Authentication** - The `read_user` scope will now be passed and will be required on the "Application" setup within GitLab. Not having this scope may lead to errors when users attempt to authenticate via GitLab. | ||||
| ||||
**Security & IFrame Usage** - By default BookStack will set headers to prevent usage within an iframe. You can set trusted iframe hosts through the `ALLOWED_IFRAME_HOSTS`. See the [security page](/docs/admin/security#iframe-control) for more information on this option. | ||||
| ||||
#### Updating to v0.30.6, v0.30.7 or higher | ||||
| ||||
| | | |||
BIN static/images/blog-cover-images/winter-fox-birger-strahl.jpg (Stored with Git LFS) Normal file
BIN
static/images/blog-cover-images/winter-fox-birger-strahl.jpg (Stored with Git LFS) Normal file Binary file not shown.
BIN static/images/dan.jpg (Stored with Git LFS)
BIN
static/images/dan.jpg (Stored with Git LFS) Binary file not shown.
| | @ -70,7 +70,7 @@ h1, h2, h3, h4, h5 { | |||
font-weight: 400; | ||||
position: relative; | ||||
display: block; | ||||
color: #555; | ||||
color: #444; | ||||
.subheader, small { | ||||
font-size: 0.5em; | ||||
line-height: 1em; | ||||
| | | |||
Loading…
Add table
Add a link
Reference in a new issue