This release fixes multiple security issues. We recommend upgrading as soon as possible.
Please note: This release dropped support for Node 10, which is end-of-life since April 2021. You now need at least Node 12 to run HedgeDoc, but we recommend running the latest LTS release.
marked
libraryWe also published an advisory for CVE-2021-29475: PDF export allows arbitrary file reads,
which has already been fixed since HedgeDoc 1.5.0.
.sequelizerc
configuration file is no longer necessary and can be safely deleted/metrics
, exposing the same stats as /status
in addition to various Node.js performance figuresyahoo.com
from the default content security policyslideOptions
are present in the frontmatter/download
route for non-existent notes in FreeURL mode/new/<alias>
in FreeURL modeDo you need help with installation or upgrade? Read our docs!
Our docker images are located on quay.io at hedgedoc/hedgedoc.
You can pull our docker image directly with the command below. It is based on Debian Linux.
docker pull quay.io/hedgedoc/hedgedoc:1.8.0
The alpine-based image is much smaller than the debian-based image, but does not contain glibc resulting in some debugging software not working properly in the container.
docker pull quay.io/hedgedoc/hedgedoc:1.8.0-alpine