This release fixes multiple security issues. We recommend upgrading as soon as possible.
Please note: This release dropped support for Node 10, which is end-of-life since April 2021. You now need at least Node 12 to run HedgeDoc, but we recommend running the latest LTS release.
We also published an advisory for CVE-2021-29475: PDF export allows arbitrary file reads,
which has already been fixed since HedgeDoc 1.5.0.
.sequelizercconfiguration file is no longer necessary and can be safely deleted
/metrics, exposing the same stats as
/statusin addition to various Node.js performance figures
yahoo.comfrom the default content security policy
slideOptionsare present in the frontmatter
/downloadroute for non-existent notes in FreeURL mode
/new/<alias>in FreeURL mode
Do you need help with installation or upgrade? Read our docs!