This is the last major release of our 3.0.0 release cycle. We wanted to mark the occasion with some big improvements to keep everyone happy in case we need to take some more time to prepare our upcoming 4.0.0 release.
## Update notes
This update introduces some major database optimizations that should decrease both CPU and disk usage over time as users request resources and prime an on-disk cache for the next time.
We've also introduce the ability to archive illegal or otherwise objectionable material from the admin panel assuming you possess the ability to load the content in question. It's also possible to restore archived content via an adjacent form field on the admin panel as long as it has not been permanently deleted. Due to a quirk in how ownership of uploaded files works, restored files will not retain their "owners" property. We hope to fix this in a future release.
We've also made some minor changes to the example NGINX config file provided in `cryptpad/docs/example.nginx.confg`, specifically in [this commit](https://github.com/xwiki-labs/cryptpad/commit/2647acbb78643e651b71d2d4f74c2f66e264a258). CryptPad will probably work if you don't apply these changes to your nginx conf, but some functional improvements depend on the exposed headers.
To upgrade from 3.24.0 to 3.25.0:
1. Update your NGINX config as mentioned above.
2. Stop your nodejs server.
3. Pull the latest code using git (from the `3.25.0` tag or the `main` branch)
4. Ensure you have the latest clientside and serverside dependencies with `bower update` and `npm install`.
5. Restart the nodejs server.
## Features
* This release makes a lot of changes to how content is loaded over the network.
* Most notably, CryptPad now employs a client-side cache based on the the _indexedDB API_. Browsers that support this functionality will opportunistically store messages in a local cache for the next time they need them. This should make a considerable difference in how quickly you're able to load a pad, particularly if you accessing the server over a low-bandwidth network.
* Uploaded files (images, PDFs, etc.) are also cached in a similar way. Once you'd loaded an asset, your client will prefer to load its local copy instead of the server.
* We've updated the code for our _full drive backup_ functionality so that it uses the local cache to load files more quickly. In addition to this, backing up the contents of your drive will also populate the cache as though you had loaded your documents in the normal fashion. This cache will persist until it is invalidated (due to the authoritative document having been deleted or had its history trimmed) or until you have logged out.
* We've added the ability to configure the maximum size for automatically downloaded files. Any encrypted files that are above this size will instead require manual interaction to begin downloading. Files that are larger than this limit which are already loaded in your cache will still be automatically displayed.
* We've also changed a lot of the UI related to encrypted file uploads and downloads:
* Encrypted files can display buttons instead of the intended media under a variety of circumstances (if they are larger than your configured limit or if there is no applicable rendering mode). The styles for these buttons are now much more consistent with those found throughout the rest of the platform.
* The same assets should now display progress bars when downloading and decrypting encrypted media.
* When the same asset is embedded into a document in more than one location it used to be possible to trigger two (or more) concurrent decryption processes. We've modified the rendering process so that duplicates are detected and rendered simultaneously after the relevant assets have been decrypted (once).
* We noticed that some old code to filter out forbidden content from rich text pads was interfering with encrypted media. We've clarified the filtering rules to preserve such content (audio, video, iframes) when it occurs within an acceptable context.
* We've fixed some inconsistencies with media styles and functionality across different editors. Most types of media now allow you to right-click and choose to _share_ (open that asset's share menu) or open it in a different context (in the file app or in the relevant editor where this behaviour is supported).
* The _file_ app has been greatly simplified. It now uses the same methods to render encrypted media as is used elsewhere, so it also displays progress and has a more consistent UI.
* The file uploads/downloads table has also been improved somewhat:
* Download progress is displayed for groups of items when downloading a folder from your drive.
* We found and removed a hard-coded translation from the table's header.
* In keeping with the theme of network traffic and files we've also made some improvements to policies for users' storage:
* Users should now be prompted to trim the history of very large documents when viewing them, saving space for the server operator as well as freeing up some of the user's quota.
* Users will also be prompted to use similar functionality available through the settings page when the history of their drive and other account-related functionality is consuming a significant amount of their quota.
* Documents that you own used to be automatically added to your drive when viewed if they weren't already present. This was originally intended as an integrity check and a means to recover from incorrectly removed entries in your drive, however, as we now support the removal of owned elements from your drive without destroying them this only serves as an annoyance. As such, we have dropped this functionality.
* The whiteboard editor allows users to insert encrypted images into whiteboards, but only up to a certain size. Before it would just warn you that your image was too large. Now it provides the actual size limit that you've exceeded.
* The prompt to store uploads in your drive is now suppressed when uploading images via the support ticket panel.
## Bug fixes
* This release includes a fix for a very severe bug in Chrome and its derivatives where attempting to open a URL from within our sandboxing system would crash the browser entirely. This version works around the problem by _not doing that_.
* We've improved offline detection such that "offline" status is specific to particular resources like your drive, teams, and shared folders rather than treating your account as simply "online or offline".
* We've optimized one of our less style sheet mixins that was used in a lot of places at a more specific scope than was necessary. This resulted in more time compiling styles and higher storage space requirements for the css cache in localStorage.
* A small helper function that was intended to stop listening for `enter` and `esc` keypresses after closing a modal was overly zealous and stopped listening after _any keypress_. This made it so that any prompt with an input field did not correctly submit or cancel when pressing `enter` or `esc` after typing some text.
* Various browsers now require the request for the permission to send notifications to originate from a "click" event, so CryptPad now opens a dialog prompting you to allow (or disallow) permission if you haven't already made that decision.
* Modern browsers commonly prevent tabs from opening new windows unless you've explicitly enabled that behaviour (it's an important feature), however, in some cases the indication that a new tab was blocked can be very subtle and some of our users did not notice it. We now check whether attempts to open a new tab were successful, and prompt the user to enable this behaviour so that CryptPad can perform regular actions like opening a pad from the drive.
* After some deep investigation we identified a number of scenarios where contact requests would behave incorrectly, such as not triggering a notification. Contact requests should now be much more stable. On a related note, it's now possible to cancel a pending contact request from the concerned user's profile.
# YunnanLakeNewt (3.24.0)
## Goals
We are once again working to develop some significant new features. This release is fairly small but includes some significant changes to detect and handle a variety of errors.
## Update notes
This release includes some minor corrections the recommended NGINX configuration supplied in `cryptpad/docs/example.nginx.conf`.
To update from 3.23.2 to 3.24.0:
1. Update your NGINX config to replicate the most recent changes and reload NGINX to apply them.
2. Stop the nodejs server.
3. Pull the latest code from the `3.24.0` tag or the `main` branch using `git`.
4. Ensure you have the latest clientside and serverside dependencies with `bower update` and `npm install`.
5. Restart the nodejs server.
## Features
* A variety of CryptPad's pages now feature a much-improved loading screen which provides a more informative account of what is being loaded. It also implements some generic error handling to detect and report when something has failed in a catastrophic way. This is intended to both inform users that the page is in a broken state as well as to improve the quality of the debugging information they can provide to us so that we can fix the underlying cause.
* It is now possible to create spreadsheets from templates. Template functionality has existed for a long time in our other editors, however, OnlyOffice's architecture differs significantly and required the implementation of a wholly different system.
* One user reported some confusion regarding the use of the Kanban app's _tag_ functionality. We've updated the UI to be a little more informative.
* The "table of contents" in rich text pads now includes "anchors" created via the editor's toolbar.
## Bug fixes
* Recent changes to CryptPad's recommended CSP headers enabled Firefox to export spreadsheets to XLSX format, but they also triggered some regressions due to a number of incompatible APIs.
* Our usage of the `sessionStorage` for the purpose of passing important information to editors opened in a new tab stopped working. This meant that when you created a document in a folder, the resulting new tab would not receive the argument describing where it should be stored, and would instead save it to the default location. We've addressed this by replacing our usage of sessionStorage with a new format for passing the same arguments via the hash in the new document's URL.
* The `window.print` API also failed in a variety of cases. We've updated the relevant CSP headers to only be applied on the sheet editor (to support XSLX export) but allow printing elsewhere. We've also updated some print styles to provide more appealing results.
* The table of contents available in rich text pads failed to scroll when there were a sufficient number of heading to flow beyond the length of the page. Now a scrollbar appears when necessary.
* We discovered a number of cases where the presence of an allow list prevented some valid behaviour due to the server incorrectly concluding that users were not authenticated. We've improved the client's ability to detect these cases and re-authenticate when necessary.
* We also found that when the server was under very heavy load some database queries were timing out because they were slow (but not stopped). We've addressed this to only terminate such queries if they have been entirely inactive for several minutes.
* It was possible for "safe links" to include a mode ("edit" or "view") which did not match the rights of the user opening them. For example, if a user loaded a safe link with edit rights though they only had read-only access via their "viewer" role in a team. CryptPad will now recover from such cases and open the document with the closest set of access rights that they possess.
* We found that the server query `"IS_NEW_PAD"` could return an error but that clients would incorrectly interpret such a response as a `false`. This has been corrected.
* Finally, we've modified the "trash" UI for user and team drives such that when users attempt to empty their trash of owned shared folders they are prompted to remove the items or delete them from the server entirely, as they would be with other owned assets.
# XerusDaamsi reloaded (3.23.2)
A number of instance administrators reported issues following our 3.23.1 release. We suspect the issues were caused by applying the recommended update steps out of order which would result in the incorrect HTTP header values getting cached for the most recent version of a file. Since the most recently updated headers modified some security settings, this caused a catastrophic error on clients receiving the incorrect headers which caused them to fail to load under certain circumstances.
constDEFAULT_QUERY_TIMEOUT=60000*15;// increased from three to fifteen minutes because queries for very large files were taking as long as seven minutes
"upload_tooLarge":"Diese Datei überschreitet die für deinen Account erlaubte maximale Größe.",
"upload_tooLargeBrief":"Datei zu groß",
"upload_tooLargeBrief":"Datei überschreitet die maximale Größe von {0} MB",
"upload_choose":"Eine Datei wählen",
"upload_pending":"In der Warteschlange",
"upload_cancelled":"Abgebrochen",
@ -1468,5 +1468,33 @@
"loading_state_1":"Drive laden",
"loading_state_0":"Oberfläche vorbereiten",
"loading_state_5":"Dokument rekonstruieren",
"error_unhelpfulScriptError":"Skriptfehler: Siehe Konsole im Browser für Details"
"error_unhelpfulScriptError":"Skriptfehler: Siehe Konsole im Browser für Details",
"documentID":"Kennung des Dokuments",
"errorPopupBlocked":"Für die Funktionsweise von CryptPad ist es erforderlich, dass neue Tabs geöffnet werden können. Bitte erlaube Pop-up-Fenster in der Adressleiste deines Browsers. Diese Fenster werden niemals dafür verwendet, dir Werbung anzuzeigen.",
"unableToDisplay":"Das Dokument kann nicht angezeigt werden. Drücke ESC, um die Seite neu zu laden. Wenn das Problem weiterhin besteht, kontaktiere bitte den Support.",
"mediatag_notReady":"Bitte schließe den Download ab",
"settings_mediatagSizeTitle":"Limit für automatisches Herunterladen",
"admin_archiveHint":"Ein Dokument unzugänglich machen, ohne es endgültig zu löschen. Es wird in einem Verzeichnis \"archive\" abgelegt und nach einigen Tagen gelöscht (konfigurierbar in der Konfigurationsdatei des Servers).",
"mediatag_loadButton":"Anhang laden",
"settings_mediatagSizeHint":"Maximale Größe in Megabytes (MB) für das automatische Laden von Medienelementen (Bilder, Videos, PDFs), die in Dokumenten eingebettet sind. Größere Elemente können manuell geladen werden. Gib \"-1\" ein, um Medienelemente immer automatisch zu laden.",
"mediatag_saveButton":"Speichern",
"admin_archiveInput2":"Passwort für das Dokument",
"history_trimPrompt":"Dieses Dokument hat einen Verlauf von {0} angesammelt, was das Laden verlangsamen kann. Ziehe in Betracht, den Verlauf zu löschen, sofern er nicht benötigt wird.",
"contacts_confirmCancel":"Bist du sicher, dass du die Kontaktanfrage an <b>{0}</b> zurücknehmen möchtest?"
"upload_tooLarge":"Ce fichier dépasse la taille maximale autorisée pour votre compte.",
"upload_tooLargeBrief":"Fichier trop volumineux",
"upload_tooLargeBrief":"Le fichier dépasse la limite de {0} Mo",
"upload_choose":"Choisir un fichier",
"upload_pending":"En attente",
"upload_cancelled":"Annulé",
@ -1468,5 +1468,33 @@
"loading_state_0":"Construction de l'interface",
"tag_edit":"Modifier",
"tag_add":"Ajouter",
"error_unhelpfulScriptError":"Erreur de script : consultez la console du navigateur pour plus de détails"
"error_unhelpfulScriptError":"Erreur de script : consultez la console du navigateur pour plus de détails",
"documentID":"Référence du document",
"unableToDisplay":"Impossible d'afficher le document. Veuillez recharger la page avec la touche Échap. Si le problème persiste, veuillez contacter le support.",
"errorPopupBlocked":"CryptPad doit pouvoir ouvrir de nouveaux onglets pour fonctionner. Veuillez autoriser les fenêtres pop-up dans la barre d'adresse de votre navigateur. Ces fenêtres ne seront jamais utilisées pour vous montrer de la publicité.",
"settings_mediatagSizeHint":"Taille maximale en mégaoctets (Mo) pour le chargement automatique des pièces jointes (images, vidéos, pdf) intégrés dans les documents. Les pièces jointes dont la taille est supérieure à la taille spécifiée peuvent être chargés manuellement. Utilisez \"-1\" pour toujours charger automatiquement les pièces jointes.",
"settings_mediatagSizeTitle":"Limite de téléchargement automatique",
"mediatag_notReady":"Merci de compléter le téléchargement",
"pad_mediatagOpen":"Ouvrir ce fichier",
"pad_mediatagShare":"Partager ce fichier",
"mediatag_saveButton":"Sauvegarder",
"Offline":"Déconnecté",
"download_zip_file":"Fichier {0}/{1}",
"download_zip":"Construction du fichier ZIP...",
"fileTableHeader":"Téléchargements et imports",
"allowNotifications":"Autoriser les notifications",
"archivedFromServer":"Document archivé",
"restoredFromServer":"Document restauré",
"admin_archiveInval":"Document invalide",
"admin_archiveInput2":"Mot de passe du document",
"admin_archiveInput":"URL du document",
"admin_unarchiveButton":"Restaurer",
"admin_unarchiveHint":"Restaurer un document qui avait été précédemment archivé",
"admin_unarchiveTitle":"Restaurer les documents",
"admin_archiveButton":"Archiver",
"admin_archiveHint":"Rendre un document indisponible sans le supprimer définitivement. Il sera placé dans un répertoire \"archive\" et supprimé après quelques jours (configurable dans le fichier de configuration du serveur).",
"admin_archiveTitle":"Archiver les documents",
"mediatag_loadButton":"Charger la pièce jointe",
"history_trimPrompt":"Ce document a accumulé {0} d'historique qui peut ralentir le temps de chargement. Envisagez de supprimer l'historique s'il n'est pas nécessaire.",
"contacts_confirmCancel":"Êtes-vous sûr de vouloir annuler votre demande de contact avec <b>{0}</b> ?"
"policy_choices_vpn":"私たちがホストするインスタンスを使用したいが、IP アドレスを私たちに公開したくない場合は、<a href=\"https://www.torproject.org/projects/torbrowser.html.en\" title=\"downloads from the Tor project\" target=\"_blank\" rel=\"noopener noreferrer\">Tor Browser</a> または <a href=\"https://riseup.net/en/vpn\" title=\"VPNs provided by Riseup\" target=\"_blank\" rel=\"noopener noreferrer\">VPN</a> を使用してあなたの IP アドレスを保護できます。",
"deletedFromServer":"Pad deleted from the server",
"deletedFromServer":"Document destroyed",
"mustLogin":"You must be logged in to access this page",
"disabledApp":"This application has been disabled. Contact the administrator of this CryptPad for more information.",
"realtime_unrecoverableError":"An unrecoverable error has occured. Click OK to reload.",
@ -571,7 +571,7 @@
"upload_notEnoughSpace":"There is not enough space for this file in your CryptDrive.",
"upload_notEnoughSpaceBrief":"Not enough space",
"upload_tooLarge":"This file exceeds the maximum upload size allowed for your account.",
"upload_tooLargeBrief":"File too large",
"upload_tooLargeBrief":"File exceeds the {0}MB limit",
"upload_choose":"Choose a file",
"upload_pending":"Pending",
"upload_cancelled":"Cancelled",
@ -1468,5 +1468,33 @@
"loading_state_5":"Reconstruct document",
"tag_add":"Add",
"tag_edit":"Edit",
"error_unhelpfulScriptError":"Script Error: See browser console for details"
"error_unhelpfulScriptError":"Script Error: See browser console for details",
"documentID":"Document identifier",
"unableToDisplay":"Unable to display the document. Please press Esc to reload the page. If the problem persists, please contact support.",
"errorPopupBlocked":"CryptPad needs to be able to open new tabs to operate. Please allow popup windows in your browser's address bar. These windows will never be used to show you advertising.",
"admin_archiveTitle":"Archive documents",
"admin_archiveHint":"Make a document unavailable without deleting it permanently. It will be placed in an 'archive' directory and deleted after a few days (configurable in the server configuration file).",
"admin_archiveButton":"Archive",
"admin_unarchiveTitle":"Restore documents",
"admin_unarchiveHint":"Restore a document that had previously been archived",
"admin_unarchiveButton":"Restore",
"admin_archiveInput":"Document URL",
"admin_archiveInput2":"Document password",
"admin_archiveInval":"Invalid document",
"restoredFromServer":"Document restored",
"archivedFromServer":"Document archived",
"allowNotifications":"Allow notifications",
"fileTableHeader":"Downloads and uploads",
"download_zip":"Building ZIP file...",
"download_zip_file":"File {0}/{1}",
"Offline":"Offline",
"mediatag_saveButton":"Save",
"pad_mediatagShare":"Share file",
"pad_mediatagOpen":"Open file",
"mediatag_notReady":"Please complete the download",
"settings_mediatagSizeHint":"Maximum size in megabytes (MB) for automatically loading media elements (images, videos, pdf) embedded into documents. Elements bigger than the specified size can be loaded manually. Use \"-1\" to always load the media elements automatically.",
"mediatag_loadButton":"Load attachment",
"history_trimPrompt":"This document has accumulated {0} of history that may slow down loading time. Consider deleting the history if it is not needed.",
"contacts_confirmCancel":"Are you sure you want to cancel your contact request with <b>{0}</b>?"