joplin

• Fixed: Prevent application from being stuck when importing an invalid ENEX file (#8699)

• Improved: Add option to import HTML and TXT file (#8729) (#8722 by @hubert)
• Improved: Allow more special content within tables in the Rich Text editor (#8579)
• Improved: Apply correct size to images imported from ENEX files (#8684)
• Improved: Fetch release info from Joplin server (39c118b)
• Improved: Improve pasting content from Word and Excel (#8705) (#8691)
• Improved: Refactor note list in preparation for plugin support (#8624)
• Improved: Scrollbar thumb is barely visible in Light theme (#8831) (#8817 by Shivam Gupta)
• Improved: Updated packages markdown-it-multimd-table (v4.2.3), re-resizable (v6.9.11), react, react-redux (v8.1.2), sass (v1.64.2), sharp (v0.32.5), word-wrap (v1.2.5)
• Fixed: Fix note editor blank after syncing an encrypted note with remote changes (#8666) (#8661 by Henry Heino)
• Fixed: Hide option to share a notebook when it is not available (#8844)
• Fixed: Prevent application from being stuck when importing an invalid ENEX file (#8699)
• Fixed: Rich Text editor toolbar doesn't show all buttons even when there's enough space (#8754) (#8726 by @hubert)
• Fixed: Update CSS variables in user iframes on theme change (#8724) (#8723 by Henry Heino)

• Fixed: Fix AppImage launch on older Linux distros (#8780) (#8777 by Henry Heino)

• Fixed: Pasting a resource in Rich Text editor breaks the resource link (#8706)
• Fixed: Handling of macOS ARM-64 version

Note: This release does not support Windows 7, 8, or 8.1. See the release notes for version 2.12.7.

• Improved: Draw red border around missing encryption key passwords (#8636) (#8493 by Henry Heino)
• Improved: Fetch release info from Joplin server (f0c1042)
• Improved: Link to FAQ when encryption password may have been reset by an update (#8667) (#8493 by Henry Heino)
• Improved: Show missing sync password warning and link to FAQ (#8644) (#8625 by Henry Heino)
• Improved: Temporarily revert to AES-128 as encryption method due to severe performance issues (#8657)
• Improved: Add an option to disable the image resizing prompt (#8575) (#8566 by @hubert)
• Improved: Always show reencrypt button (#8555) (#8380 by Henry Heino)
• Improved: Auto-update to ARM64 version on Apple M1 hardware (#8467)
• Improved: Improved sharing error handling (95ca89b)
• Improved: Sync 15 seconds after changing a note (807384c)
• Improved: Updated packages @rmp135/sql-ts (v1.18.0), buildTools, glob (v10.3.3), react-select (v5.7.4), sharp (v0.32.3), word-wrap (v1.2.4)
• Fixed: Fix editor not refreshed when the current note changes during sync (#8654) (#8652 by Henry Heino)
• Fixed: Error while quitting the app (#8612) (#8591 by @hubert)
• Fixed: Fix toggle external editing button always disabled in rich text editor (#8595) (#8541 by Henry Heino)

• Improved: Adding support for plugin icons (#8499) (#8408 by @hubert)
• Improved: Updated packages gettext-parser (v7.0.1), react-redux (v8.1.1)
• Fixed: #8370: Fix note drag-drop into markdown editor (#8571) (#8370 by Henry Heino)
• Fixed: Fix CodeMirror context menu not containing correct items (#8543) (#8535 by Henry Heino)
• Fixed: Note imported from Web Clipper is broken after being saved from the Rich Text editor (#8485)
• Fixed: Preserve empty newlines created by pressing Enter repeatedly in the rich text editor (#8549) (#6055 by Henry Heino)
• Fixed: Text that is pasted in Rich Text editor had extra new lines (#8476)
• Fixed: Upgrade to electron 25.3.1 (#8550) (#8535 by Henry Heino)
• Security: Fix XSS: Sanitize HTML pasted into the rich text editor.

• New: Add support for Joplin Cloud email to note functionality (#8460 by @pedr)
• New: Enable share permission handling for Joplin Cloud (c88b6b6)
• Improved: Rotating log files (#8376) (#5521 by @hubert)
• Improved: Rich text editor: Disable spellcheck in inline code blocks (#8532 by Henry Heino)
• Improved: Updated packages dayjs (v1.11.9), jsdom (v22.1.0), react-redux (v8.1.0), sass (v1.63.6), ts-loader (v9.4.4)
• Improved: WebDAV: Show a more descriptive error message when the password is empty (#8477) (#8466 by Henry Heino)
• Fixed: Add "insert*before" buttons for tables in the rich text editor (#8393) (#8382 by @Marph)
• Fixed: Fix Rich Text theme not matching the system theme after several global theme changes (#8521) (#8520 by Henry Heino)
• Fixed: Make HTML <br/> tags convert to markdown compatible with the softbreaks setting (#8469) (#8430 by Henry Heino)
• Fixed: Merge changes from upstream turndown project (#8468) (#8448 by Henry Heino)
• Fixed: Rich text editor: Use fewer  s in markdown while still preserving initial paragraph indentation (#8529) (#8530 by Henry Heino)
• Fixed: Support plugin toolbar icons in the Rich Text editor toolbar (#8519) (#8504 by Henry Heino)
• Security: Fix XSS: Sanitize rendered output in safe mode (#8507 by Henry Heino)
• Security: Close root electron window before unload: Prevent top-level redirection (#8478 by Henry Heino)
• Security: Disallow map and area tags (#8479 by Henry Heino)

• Improved: Updated packages css-loader (v6.8.1)
• Improved: Upgrade to Electron 25. Note that it means that Windows 7/8/8.1 are no longer supported (#8451) (#8258 by Henry Heino)
• Fixed: Fix issue with Apple Silicon version (#8452) (#6052 by Noah Nash)

• Improved: Allow importing Evernote task lists (#8440 by Rob Moffat)
• Improved: Prevent app from crashing when changing screens (4c5837b)
• Improved: Quickly synchronise immediately after changing a note (004d2a1)
• Improved: Updated packages standard (v17.1.0)
• Fixed: Don't start window minimized in GNOME (#8441) (#8256 by Henry Heino)
• Fixed: Fix extra lines added to KaTeX source when toggling the rich text editor (#8442) (#6822 by Henry Heino)
• Fixed: Fixed macOS version check so that it does not return the ARM64 version (1abfb1c)

• Improved: Build macOS app as Universal binary (#8423) (#6052)

• Improved: Build macOS app as Universal binary (#8423) (#6052)
• Improved: Updated packages @electron/remote (v2.0.10), @rmp135/sql-ts (v1.17.0), clean-html (v2), glob (v10.2.7)
• Fixed: Removing Markdown when using 'Paste as Text' (#8351) (#8317 by @pedr)

• Improved: Add support for plugin user data (#8312) (#8080)
• Improved: Configure Rich Text editor to handle the first table row as header (#8163) (#3535 by @Marph)
• Improved: Updated packages css-loader (v6.7.4), dayjs (v1.11.8), domhandler (v5), domutils (v3.1.0), highlight.js (v11.8.0), react-redux (v8.0.7), style-loader (v3.3.3), styled-components (v5.3.11), ts-loader (v9.4.3)
• Improved: Upgrade E2EE encryption method to AES-256 (#7686)
• Fixed: Allow certain HTML anchor tags (#8286)
• Fixed: Display plugin console in dev mode (#8210)
• Fixed: Duplicated published notes retain the published note's label's color (#8287)
• Fixed: Include more Rich Text editor commands in the menu (#8316)
• Security: Prevent XSS when passing specially encoded string to a link (PoC by lin@UCCU Hacker) (57b4198)
• Security: Prevent calling arbitrary commands via x-callback-url (PoC by lin@UCCU Hacker) (6982661)

• Improved: Add support for AVIF image format (#8175)
• Improved: Improved word count when em-dash is used (#8083)
• Improved: Fix white screen issue (8b578c5)
• Improved: Updated packages aws, buildTools, tar (v6.1.15)
• Fixed: "New note" buttons so large they occlude Search (#8249) (#8159 by Rio Sinnott)

• Improved: When resetting the master password, also create a new master key with that password (e647775)
• Fixed: Don't display "obsolete encryption method" message if the key is disabled (#8025) (#7933 by @gitstart)
• Fixed: Improve selection of active E2EE key (#8254)
• Fixed: Improve sidebar workaround for Linux w/Intel GPU (#8126) (#7506 by Calum Lind)
• Fixed: Preserve Table Alignment When Editing a Note With the Rich Text Editor (#8214) (#6431 by Christopher O'Toole)

• Improved: Updated packages jsdom (v21.1.2), markdown-it-multimd-table (v4.2.2), react-select (v5.7.3), sass (v1.62.1), sharp (v0.32.1), tar (v6.1.14), yargs (v17.7.2)
• Fixed: Fix slow startup time (#8087)
• Security: Disable SVG tag support in editor to prevent XSS (caf6606) (Vulnerability discovered by RyotaK)
• Security: Prevent XSS by sanitizing certain HTML attributes (9e90d90) (Vulnerability discovered by RyotaK)

• Improved: Improved handling of items with duplicate IDs when synchronising with Joplin Cloud or Server (d4c43a8)
• Security: Fixed possible XSS injection (CVE-2023-33726) (b26bc9e) (Discovery and PoC by @maple3142)
• Security: Prevent XSS and potential RCE when using a special HTML tag (CVE-2023-33727) (19bdda2) (Discovery and PoC by Yaniv Nizry (SonarSource))

• Fixed: Fix slow startup time (#8087)

• Improved: Add support for --safe-mode command line flag (#7919) (#7889 by Arun Kumar)
• Improved: Added export graph button for Mermaid (#7958) (#6101 by Arun Kumar)
• Improved: Auto-detect locale on startup (052a829)
• Improved: Cache code blocks in notes to speed up rendering (#7867)
• Improved: Compress installer to reduce size (#8068) (#8028 by Arun Kumar)
• Improved: Improved handling of items with duplicate IDs (a0b707c)
• Improved: Remove custom PDF viewer to reduce application size (#8028)
• Improved: Translate Welcome notes (#8154)
• Improved: Updated packages aws, fs-extra (v11.1.1), jsdom (v21.1.1), markdown-it-multimd-table (v4.2.1), nanoid (v3.3.6), node-persist (v3.1.3), react-select (v5.7.2), reselect (v4.1.8), sass (v1.60.0), sharp (v0.32.0), sqlite3 (v5.1.6), style-loader (v3.3.2), styled-components (v5.3.9), turndown (v7.1.2), yargs (v17.7.1)
• Fixed: Application cannot be installed on Windows 10 in some cases (#8149)
• Fixed: Do not allow update for plugins incompatible with current version (#7936) (#4801 by @julien)
• Fixed: Encode the non-ASCII characters in OneDrive URI (#7868) (#7851 by Self Not Found)
• Fixed: Enter Key No Longer Saves and Closes The Tag Dialog (#8072)
• Fixed: Fix OneDrive sync attempting to call method on null variable (#7987) (#7986 by Henry Heino)
• Fixed: Fix issue where search bar can randomly lose focus while searching (489d677)
• Fixed: Fix note list blank space display problems (#7888) (#4124 by Arun Kumar)
• Fixed: Fixed Linux tag display issues (#8002) (#8000 by Arun Kumar)
• Fixed: Fixed icon when note is dragged across notebooks (#7924) (#7881 by Arun Kumar)
• Fixed: Fixed issue with text disappearing within plugin-created zones when searching for text (0c8de68)
• Fixed: Fixes crash when using multiple profiles along with certain plugins (#8143)
• Fixed: Removed MasterKey from Sync Status report (#8026) (#7940 by Arun Kumar)
• Fixed: Skip the resources which haven't been downloaded yet when exporting (#7843) (#7831 by Self Not Found)
• Fixed: With Custom Sort, new notes appear at bottom and later randomly "pop" to the top (#7765) (#7741 by Tao Klerks)
• Security: Fixed possible XSS injection (b26bc9e) (Discovery and PoC by @maple3142)
• Security: Prevent XSS and potential RCE when using a special HTML tag (19bdda2) (Discovery and PoC by Yaniv Nizry (SonarSource))

• Fixed: Application cannot be installed on Windows 10 in some cases (#8149)

• Fixed: Enter Key No Longer Saves and Closes The Tag Dialog (#8072)
• Fixed: Fixes crash when using multiple profiles along with certain plugins (#8143)