@ -14,7 +14,7 @@ On the topic of instance configuration, admins that have enabled their instance'
* One checkbox allows you to opt out of the server telemetry which tells our server that your server exists. This is mostly so that we have a rough idea of how many admins are running CryptPad and what version they have installed. It was clearly documented in the config file, but now it's even easier to opt out if you don't want us to know you exist. In the interest of transparency, everything that is sent to our server as a part of this telemetry is also printed to your application server's logs, so you always check what information has been shared.
* One checkbox allows you to opt out of the server telemetry which tells our server that your server exists. This is mostly so that we have a rough idea of how many admins are running CryptPad and what version they have installed. It was clearly documented in the config file, but now it's even easier to opt out if you don't want us to know you exist. In the interest of transparency, everything that is sent to our server as a part of this telemetry is also printed to your application server's logs, so you always check what information has been shared.
* Another setting opts in to listing your server in public directories. At present there is no public directory of CryptPad instances that are suitable for public use, but we plan to launch one in the coming months. For now this checkbox will serve to inform us how many instance admins are interested in offering their server to the public. This setting will have no effect if you've disabled telemetry as that is how your server informs ours of your preferences. We reserve the right to exclude instances from our listing for _any reason_.
* Another setting opts in to listing your server in public directories. At present there is no public directory of CryptPad instances that are suitable for public use, but we plan to launch one in the coming months. For now this checkbox will serve to inform us how many instance admins are interested in offering their server to the public. This setting will have no effect if you've disabled telemetry as that is how your server informs ours of your preferences. We reserve the right to exclude instances from our listing for _any reason_.
* A third option allows you to consent to be contacted by email. We aren't interested in spamming you with marketing email, rather, it's so that we can inform administrators of vulnerabilities in the software before they are publicly disclosed. Leave this unchecked if you prefer to be surprised by security flaws.
* A third option allows admins to consent to be contacted by email. We aren't interested in spamming anyone with marketing email, rather, it's so that we can inform administrators of vulnerabilities in the software before they are publicly disclosed. Leave this unchecked if you prefer to be surprised by security flaws.
* The option to disable crowdfunding notices in the UI can be disabled via a simple checkbox.
* The option to disable crowdfunding notices in the UI can be disabled via a simple checkbox.
* Starting with our next release (4.8.0) anyone running 4.7.0 should also notice that a button appears on this pane informing them that an update is available. We regularly fix security flaws and improve general safeguards against them, so if you aren't up to date you might be putting your users' data at risk.
* Starting with our next release (4.8.0) anyone running 4.7.0 should also notice that a button appears on this pane informing them that an update is available. We regularly fix security flaws and improve general safeguards against them, so if you aren't up to date you might be putting your users' data at risk.
@ -26,9 +26,18 @@ To update from 4.6.0 to 4.7.0:
4. Install the latest dependencies with `bower update` and `npm i`
4. Install the latest dependencies with `bower update` and `npm i`
5. Restart your server
5. Restart your server
Please note that the new _Forms_ app depends on an update to our cryptography library. If you omit `bower update` from the upgrade sequence above, the app will not work.
## Features
## Features
* As mentioned above, this release introduces our new _form_ app. This app depends on an update to our cryptography library, so if you haven't run `bower update` it won't work. This app allows users to create complex forms. Form authors can collaboratively create surveys with different types of questions and generate links to share with participants. Participants can respond to forms, but can't edit their questions or see other users answers unless they have also been granted a separate "auditor" encryption key that will allow them to decrypt the set of results. Auditors can view results, but cannot necessarily add their own answers unless they have the correct participant key. This new app includes all the functionality of our current _poll_ app but adds far more granular permissions, so we've decided to replace the poll app. You'll still be able to view and respond to existing polls and even create new polls by copying existing ones, however, we do not plan to make any improvements to it in the future.
* This release introduces our new _Forms_ app. This app allows users to create complex forms and to collect answers. Three roles are available with granular permissions:
* Authors can collaboratively create surveys with different types of questions and generate links to share with participants.
* Participants can respond to forms and view responses if these are made public (this can be set by authors).
* Auditors can view responses, but cannot necessarily add their own answers unless they have the correct participant key.
This new app addresses many of the shortcomings of our current _Polls_ and vastly expands the feature set. Polls are effectively one of the many question types now available in _Forms_. For this reason we are deprecating the _Polls_ app. It will remain available to view and respond to existing polls, but we discourage the creation of new polls and all future improvements will be focused on _Forms_.
* In response to a GitHub issue we've added an option to the toolbar's _File_ menu to add the current pad to your drive regardless of whether it is already stored in one of your teams' drives.
* In response to a GitHub issue we've added an option to the toolbar's _File_ menu to add the current pad to your drive regardless of whether it is already stored in one of your teams' drives.
* Likewise, we received some reports that some users found it frustrating that the home page automatically redirected them to their drive when they were logged in. We've disabled this behaviour by default but added an option in the settings page through which you may re-enable the old behaviour. This can be found at the top of the "CryptDrive" pane.
* Likewise, we received some reports that some users found it frustrating that the home page automatically redirected them to their drive when they were logged in. We've disabled this behaviour by default but added an option in the settings page through which you may re-enable the old behaviour. This can be found at the top of the "CryptDrive" pane.
* Embedded markdown editors' toolbars (such as that in the kanban and form apps) now include an "embed file" option.
* Embedded markdown editors' toolbars (such as that in the kanban and form apps) now include an "embed file" option.
@ -38,7 +47,7 @@ To update from 4.6.0 to 4.7.0:
## Bug fixes
## Bug fixes
* The home page now displays the appropriate text ("Features" of "Pricing") for the features page depending on whether the instance in question supports subscriptions. We had made some changes to this before but missed an instance where the text was displayed.
* The home page now displays the appropriate text ("Features" or "Pricing") for the features page depending on whether the instance in question supports subscriptions. We had made some changes to this before but missed an instance where the text was displayed.
* The admin page will now display the "General" pane if for some reason the hash in its URL does not contain a supported value.
* The admin page will now display the "General" pane if for some reason the hash in its URL does not contain a supported value.
* We found that there were two cases where localForage (a library that manages an in-browser cache) could throw a DOMExceptionerror because we didn't supply a handler. This caused the calendar app's UI to incorrectly treat a newly created event as though it had not been saved.
* We found that there were two cases where localForage (a library that manages an in-browser cache) could throw a DOMExceptionerror because we didn't supply a handler. This caused the calendar app's UI to incorrectly treat a newly created event as though it had not been saved.
* A user brought it to our attention that the share menu was returning incorrect URLs for password-protected files. This has now been fixed.
* A user brought it to our attention that the share menu was returning incorrect URLs for password-protected files. This has now been fixed.
@ -662,7 +671,6 @@ Once you've reviewed these settings and you're ready to update from 3.22.0 to 3.
## Features
## Features
* As mentioned in the update notes, this release features a server update which will enable XLSX export from our sheet editor in Firefox. XLSX files are generated entirely on the client, so all information will remain confidential, it only required a server update to enable a feature in Firefox which is required to perform the conversion.
* As mentioned in the update notes, this release features a server update which will enable XLSX export from our sheet editor in Firefox. XLSX files are generated entirely on the client, so all information will remain confidential, it only required a server update to enable a feature in Firefox which is required to perform the conversion.
* We've also made some considerable improvements to the _history mode_ available in most of our document editors. We now display a more detailed timeline of changes according to who was present in the session, and group contiguous modifications made by a single user. Our intent is to provide an overview of the document's history which exposes the details which are most relevant to humans, rather than only allowing users to step through each individual change.
* We've also made some considerable improvements to the _history mode_ available in most of our document editors. We now display a more detailed timeline of changes according to who was present in the session, and group contiguous modifications made by a single user. Our intent is to provide an overview of the document's history which exposes the details which are most relevant to humans, rather than only allowing users to step through each individual change.
* Another change which is related to our history mode improvements is support for "version links", which allow you to link to a specific historical version of a document while you scroll through the timeline of its modifications. You can also create _named snapshots_ of documents which will subsequently be displayed as highlights in the document's timeline.
* Another change which is related to our history mode improvements is support for "version links", which allow you to link to a specific historical version of a document while you scroll through the timeline of its modifications. You can also create _named snapshots_ of documents which will subsequently be displayed as highlights in the document's timeline.
@ -724,7 +732,7 @@ If you're only reading this for instructions on how to update your instance from
2. Get the latest platform code with git
2. Get the latest platform code with git
3. Install client-side dependencies with `bower update`
3. Install client-side dependencies with `bower update`
4. Install server-side dependencies with `npm install`
4. Install server-side dependencies with `npm install`
4. Restart the CryptPad API server
5. Restart the CryptPad API server
## Features
## Features
@ -772,7 +780,7 @@ To update from 3.20.0 to 3.20.1:
1. Stop your server
1. Stop your server
2. Get the latest code with `git checkout 3.20.1`
2. Get the latest code with `git checkout 3.20.1`
3. Install the latest dependencies with `bower update` and `npm i`
3. Install the latest dependencies with `bower update` and `npm i`
3. Restart your server
4. Restart your server
# UplandMoa (3.20.0)
# UplandMoa (3.20.0)
@ -1249,7 +1257,7 @@ This release includes updates to:
1. the server and its dependencies
1. the server and its dependencies
2. the example nginx configuration which we recommend for production installations
2. the example nginx configuration which we recommend for production installations
4. the client code and its dependencies
3. the client code and its dependencies
Our ability to debug CryptPad's usage of shared workers (on the client) has been complicated by the fact that Firefox's shared worker debugging panel was not working for our instance. We finally traced the problem back to a Content-Security Policy setting in our configuration file. The issue can be addressed by adding a `resource:` entry in the `connect-src` header. We've updated the example nginx config to reflect this. You can deploy this version of CryptPad without this modification, but without it our ability to debug and fix issues related to shared worker will be extremely limited.
Our ability to debug CryptPad's usage of shared workers (on the client) has been complicated by the fact that Firefox's shared worker debugging panel was not working for our instance. We finally traced the problem back to a Content-Security Policy setting in our configuration file. The issue can be addressed by adding a `resource:` entry in the `connect-src` header. We've updated the example nginx config to reflect this. You can deploy this version of CryptPad without this modification, but without it our ability to debug and fix issues related to shared worker will be extremely limited.
@ -1356,7 +1364,9 @@ Finally, in case you live in a political jurisdiction that requires web site adm
To update from v3.9.0:
To update from v3.9.0:
1. update the CSP settings in your reverse proxy's configuration file to match those in nginx.example.conf
1. update the CSP settings in your reverse proxy's configuration file to match those in nginx.example.conf
* don't forget to reload your server to ensure that your changes are deployed
* don't forget to reload your server to ensure that your changes are deployed
2. stop your API server
2. stop your API server
3. pull the latest server/client code with `git pull origin master`
3. pull the latest server/client code with `git pull origin master`
4. install the latest clientside dependencies with `bower update`
4. install the latest clientside dependencies with `bower update`
@ -1776,9 +1786,9 @@ To update:
1. Take down your server
1. Take down your server
2. Pull the latest code
2. Pull the latest code
2. `npm install`
3. `npm install`
3. `bower update`
4. `bower update`
4. Launch your server
5. Launch your server
## Features
## Features
@ -1919,13 +1929,17 @@ As this is the last release in our 2.0 cycle, we're going to take some extra tim
* We've updated some dependencies that are used to lint the CryptPad codebase to detect errors. Run `npm install` if you plan to develop for CryptPad and you want to use the linter
* We've updated some dependencies that are used to lint the CryptPad codebase to detect errors. Run `npm install` if you plan to develop for CryptPad and you want to use the linter
* This release introduces a _support_ tab within the admin panel. If you generate an asymmetric keypair and add it to your server-side configuration file then users will have the option of opening support tickets if they encounter errors. Their support tickets will include some basic information about their account which might help you to solve their issues. To set up your _"encrypted support mailbox"_:
* This release introduces a _support_ tab within the admin panel. If you generate an asymmetric keypair and add it to your server-side configuration file then users will have the option of opening support tickets if they encounter errors. Their support tickets will include some basic information about their account which might help you to solve their issues. To set up your _"encrypted support mailbox"_:
1. run `node ./scripts/generate-admin-keys.js`
1. run `node ./scripts/generate-admin-keys.js`
2. copy the "public key" and add it to your config.js file like so:
2. copy the "public key" and add it to your config.js file like so:
3. copy the private key and store it in a safe place
3. copy the private key and store it in a safe place
4. navigate to the "support" tab in the admin panel and enter the private key
4. navigate to the "support" tab in the admin panel and enter the private key
5. share the private key with any other administrators who should be able to read the support tickets
5. share the private key with any other administrators who should be able to read the support tickets
6. restart so that your users receive the public key stored in your configuration file
6. restart so that your users receive the public key stored in your configuration file
* this will allow them to submit tickets via the support page
* this will allow them to submit tickets via the support page
* if you don't know how to fix the issue and want to open a ticket on our public tracker, include the information submitted along with their ticket
* if you don't know how to fix the issue and want to open a ticket on our public tracker, include the information submitted along with their ticket
@ -1979,7 +1993,7 @@ Finally, we prioritized the ability to archive files for a period instead of del
3. pull the latest clientside and serverside code via git
3. pull the latest clientside and serverside code via git
4. `npm update` to get the latest serverside dependencies
4. `npm update` to get the latest serverside dependencies
5. update the cache-busting string if you are handling the cache manually, otherwise allow the server to handle this as per its default
5. update the cache-busting string if you are handling the cache manually, otherwise allow the server to handle this as per its default
5. restart the server: clients with open tabs should be prompted to reload instead of reconnecting because the server's version has changed
6. restart the server: clients with open tabs should be prompted to reload instead of reconnecting because the server's version has changed
* We recommend that you test a local version of CryptPad before deploying this latest code, as aspects of the above-mentioned migrations are not backwards-compatible.
* We recommend that you test a local version of CryptPad before deploying this latest code, as aspects of the above-mentioned migrations are not backwards-compatible.
* you can roll back, but users' CryptDrives might have errors coping with data introduced by newer features.
* you can roll back, but users' CryptDrives might have errors coping with data introduced by newer features.