This release fixes multiple security issues. We recommend upgrading as soon as possible.
Please note: This release dropped support for Node 10, which is end-of-life since April 2021. You now need at least Node 12 to run HedgeDoc, but we recommend running the latest LTS release.
We also published an advisory for CVE-2021-29475: PDF export allows arbitrary file reads,
which has already been fixed since HedgeDoc 1.5.0.
.sequelizercconfiguration file is no longer necessary and can be safely deleted
/metrics, exposing the same stats as
/statusin addition to various Node.js performance figures
yahoo.comfrom the default content security policy
slideOptionsare present in the frontmatter
/downloadroute for non-existent notes in FreeURL mode
/new/<alias>in FreeURL mode
Do you need help with installation or upgrade? Read our docs!
Our docker images are located on quay.io at hedgedoc/hedgedoc.
You can pull our docker image directly with the command below. It is based on Debian Linux (206.69 MB).
docker pull quay.io/hedgedoc/hedgedoc:1.8.0
The alpine-based image is much smaller than the debian-based image, but does not contain glibc resulting in some debugging software not working properly in the container.
docker pull quay.io/hedgedoc/hedgedoc:1.8.0-alpine