outline

Improvements

• Added an optional SMTP_NAME config for email servers that require a specific hostname
• Collection name is now shown in pin menu in #4705
• "Publish" and "Unpublish" now available in the command menu

Fixes

• Improved experience when publishing or unpublishing a doc in #4706
• Fixed a layout issue in the collection icon picker
• Fixed an issue where you can't select text in the sidebar edit input
• Fixed an issue that would write a "change" to documents when viewing a document with soft breaks
• Fixed full-width image in RTL document is misaligned in #4712

Note: sequelize:migrate is no longer included as a command, if you were using this then use db:migrate instead.

Breaking changes

Warning As of this release all documents edits are sent over websockets, this results in a much better editor experience with full support for realtime collaborative editing but requires websockets. If your self-hosted setup was managing without working websocket connections editing will no longer work with this release.

Warning Any Redis username in the REDIS_URL environment variable will be passed through to Redis as of this release, they were previously ignored. If you see NOAUTH errors then remove the username from the env config.

Warning Detection for HTTPS connections to proxies changed. If your proxy terminates SSL and the installation is in a https redirect loop after updating ensure that your proxy is adding the x-forwarded-proto: https header.

Enhancements

• Add HTML export option in https://github.com/outline/outline/pull/4056
• Images now have a full width display option in https://github.com/outline/outline/pull/4389
• Image resizing in https://github.com/outline/outline/pull/4368
• Added support for LaTeX math blocks in https://github.com/outline/outline/pull/4446
• Added Google Analytics 4 integration in https://github.com/outline/outline/pull/4626
• Added support for "phrase matching" and -negative keywords when searching
• Throttle email notifications upon updating document frequently by @apoorv-mishra in https://github.com/outline/outline/pull/4026
• New document insights panel in https://github.com/outline/outline/pull/4418
• Shared documents can now have a custom path by @apoorv-mishra in https://github.com/outline/outline/pull/4550
• Show diff when navigating revision history in https://github.com/outline/outline/pull/4069
• Updated collection header in https://github.com/outline/outline/pull/4101
• Add Dutch translations to language selector in https://github.com/outline/outline/pull/4120
• Add SENTRY_TUNNEL option by @K3das in https://github.com/outline/outline/pull/4298
• Option for separate edit mode in https://github.com/outline/outline/pull/4203
• Sign webhook requests by @apoorv-mishra in https://github.com/outline/outline/pull/4156
• Render diffs in email notifications in https://github.com/outline/outline/pull/4164
• Introduce account preferences to remember user's previous location by @apoorv-mishra in https://github.com/outline/outline/pull/4126
• Updated designs for pinned docs in https://github.com/outline/outline/pull/4124
• Added syntax highlighting for various languages by @wale in https://github.com/outline/outline/pull/4341
• Code blocks can now optionally display line numbers in https://github.com/outline/outline/pull/4324
• Drafts can now be moved between collections in https://github.com/outline/outline/pull/4652
• New option to search titles only in https://github.com/outline/outline/pull/4587
• User avatars displayed in author dropdown in https://github.com/outline/outline/pull/4551
• Hundreds of updated translations

Fixes

• Animation of InputSelect is janky in https://github.com/outline/outline/pull/4061
• Improving the urls to not break protocols by @iifawzi in https://github.com/outline/outline/pull/3995
• Dialog doesn't close after deleting a document with a parent by @vgwidt in https://github.com/outline/outline/pull/4108
• Enter in table cell adds a row after the current one by @PabloYG in https://github.com/outline/outline/pull/4186
• Share document link that opens full editor by @dolsem in https://github.com/outline/outline/pull/4134
• Add cursor style user preference in https://github.com/outline/outline/pull/4199
• Remove invite button should not overlap with member dropdown button by @apoorv-mishra in https://github.com/outline/outline/pull/4243
• Multiplayer changes potentially attributed to incorrect user in https://github.com/outline/outline/pull/4282
• Set subscribe/unsubscribe state correctly for documents by @apoorv-mishra in https://github.com/outline/outline/pull/4266
• Disallow adding self to collection in https://github.com/outline/outline/pull/4299
• perf: Don't go to disk for html more than once in https://github.com/outline/outline/pull/4312
• chore: Remove method override middleware in https://github.com/outline/outline/pull/4315
• Authentication provider display in https://github.com/outline/outline/pull/4332
• Return correct permissions upon document update by @apoorv-mishra in https://github.com/outline/outline/pull/4352
• Allow viewers to upload avatar in https://github.com/outline/outline/pull/4349
• Allow viewers to upload into documents where they have edit permission for the collection in https://github.com/outline/outline/pull/4468
• Unable to login with matching email from another auth provider in https://github.com/outline/outline/pull/4356
• perf: Avoid fsstat on every request, remove koa-static in https://github.com/outline/outline/pull/4387
• Removed usage of tiley in https://github.com/outline/outline/pull/4406
• DATABASE_URL missing in env does not produce validation error in https://github.com/outline/outline/pull/4409
• Self-hosted logic for allowed domains in https://github.com/outline/outline/pull/4412
• Images and files with cyrillic names now import correctly in https://github.com/outline/outline/pull/4654
• Lists inside of tasks are now styled correctly in https://github.com/outline/outline/pull/4648
• Links between documents are now correct in exports https://github.com/outline/outline/pull/4639
• Fixed extra space rendered around soft breaks in https://github.com/outline/outline/issues/4616
• Added a guard to ensure name is returned from OIDC providers in https://github.com/outline/outline/issues/4453
• Uploaded and immediately deleted attachments are now correctly removed from storage in https://github.com/outline/outline/pull/4562
• Improved handling of pasting into document title in https://github.com/outline/outline/pull/4474

New Contributors

• @iifawzi made their first contribution in https://github.com/outline/outline/pull/3995
• @vgwidt made their first contribution in https://github.com/outline/outline/pull/4108
• @PabloYG made their first contribution in https://github.com/outline/outline/pull/4186
• @dolsem made their first contribution in https://github.com/outline/outline/pull/4134
• @kgeorgiou made their first contribution in https://github.com/outline/outline/pull/4211
• @pbkompasz made their first contribution in https://github.com/outline/outline/pull/4216
• @chavda-bhavik made their first contribution in https://github.com/outline/outline/pull/4247
• @mastqe made their first contribution in https://github.com/outline/outline/pull/4259
• @K3das made their first contribution in https://github.com/outline/outline/pull/4298
• @Daniyaalbeg made their first contribution in https://github.com/outline/outline/pull/4323
• @MihirGH made their first contribution in https://github.com/outline/outline/pull/4336
• @wale made their first contribution in https://github.com/outline/outline/pull/4341
• @ItaloSa made their first contribution in https://github.com/outline/outline/pull/4365

Full Changelog: https://github.com/outline/outline/compare/v0.66.0...v0.67.0

Warning As of this release all documents edits are sent through the collaborative process using websockets, this results in a much better editor experience with full support for realtime collaborative editing but requires websockets. If your self-hosted setup was managing without websocket connections editing will no longer work with this release.

Ensure that websockets are connecting correctly in v0.66.0 before upgrading.

Enhancements

• Throttle email notifications upon updating document frequently by @apoorv-mishra in https://github.com/outline/outline/pull/4026
• Add HTML export option in https://github.com/outline/outline/pull/4056
• Show diff when navigating revision history in https://github.com/outline/outline/pull/4069
• Updated collection header in https://github.com/outline/outline/pull/4101
• Add Dutch translations to language selector in https://github.com/outline/outline/pull/4120
• Add SENTRY_TUNNEL option by @K3das in https://github.com/outline/outline/pull/4298
• Option for separate edit mode in https://github.com/outline/outline/pull/4203
• Sign webhook requests by @apoorv-mishra in https://github.com/outline/outline/pull/4156
• Render diffs in email notifications in https://github.com/outline/outline/pull/4164
• Introduce account preferences to remember user's previous location by @apoorv-mishra in https://github.com/outline/outline/pull/4126
• Updated designs for pinned docs in https://github.com/outline/outline/pull/4124
• Added syntax highlighting for various languages by @wale in https://github.com/outline/outline/pull/4341
• Image resizing in https://github.com/outline/outline/pull/4368
• Code blocks can now optionally display line numbers in https://github.com/outline/outline/pull/4324

Fixes

• Animation of InputSelect is janky in https://github.com/outline/outline/pull/4061
• Improving the urls to not break protocols by @iifawzi in https://github.com/outline/outline/pull/3995
• Dialog doesn't close after deleting a document with a parent by @vgwidt in https://github.com/outline/outline/pull/4108
• Enter in table cell adds a row after the current one by @PabloYG in https://github.com/outline/outline/pull/4186
• Share document link that opens full editor by @dolsem in https://github.com/outline/outline/pull/4134
• Add cursor style user preference in https://github.com/outline/outline/pull/4199
• Remove invite button should not overlap with member dropdown button by @apoorv-mishra in https://github.com/outline/outline/pull/4243
• Multiplayer changes potentially attributed to incorrect user in https://github.com/outline/outline/pull/4282
• Set subscribe/unsubscribe state correctly for documents by @apoorv-mishra in https://github.com/outline/outline/pull/4266
• Disallow adding self to collection in https://github.com/outline/outline/pull/4299
• perf: Don't go to disk for html more than once in https://github.com/outline/outline/pull/4312
• chore: Remove method override middleware in https://github.com/outline/outline/pull/4315
• Authentication provider display in https://github.com/outline/outline/pull/4332
• Return correct permissions upon document update by @apoorv-mishra in https://github.com/outline/outline/pull/4352
• Allow viewers to upload avatar in https://github.com/outline/outline/pull/4349
• Unable to login with matching email from another auth provider in https://github.com/outline/outline/pull/4356
• perf: Avoid fsstat on every request, remove koa-static in https://github.com/outline/outline/pull/4387
• Removed usage of tiley in https://github.com/outline/outline/pull/4406
• DATABASE_URL missing in env does not produce validation error in https://github.com/outline/outline/pull/4409
• Self-hosted logic for allowed domains in https://github.com/outline/outline/pull/4412

New Contributors

• @iifawzi made their first contribution in https://github.com/outline/outline/pull/3995
• @vgwidt made their first contribution in https://github.com/outline/outline/pull/4108
• @PabloYG made their first contribution in https://github.com/outline/outline/pull/4186
• @dolsem made their first contribution in https://github.com/outline/outline/pull/4134
• @kgeorgiou made their first contribution in https://github.com/outline/outline/pull/4211
• @pbkompasz made their first contribution in https://github.com/outline/outline/pull/4216
• @chavda-bhavik made their first contribution in https://github.com/outline/outline/pull/4247
• @mastqe made their first contribution in https://github.com/outline/outline/pull/4259
• @K3das made their first contribution in https://github.com/outline/outline/pull/4298
• @Daniyaalbeg made their first contribution in https://github.com/outline/outline/pull/4323
• @MihirGH made their first contribution in https://github.com/outline/outline/pull/4336
• @wale made their first contribution in https://github.com/outline/outline/pull/4341
• @ItaloSa made their first contribution in https://github.com/outline/outline/pull/4365

Full Changelog: https://github.com/outline/outline/compare/v0.66.0...v0.67.0

Fixes

• Notable performance improvements when serving static files

Fixes

• A regression in v0.66.0 that prevented download of exported data (#4059)

Note This update requires database migrations, take your installation offline, backup the database, and run with yarn db:migrate or yarn db:migrate --env production-ssl-disabled

Once the migrations have run, subscription data can be optionally backfilled with the following command – this will create a notification subscription to each document that users have contributed to which retains the previous notification behavior:
node build/server/scripts/20220722000000-backfill-subscriptions.js

Enhancements

• External SSO methods now allow logging into teams as long as emails match by @thenanyu in https://github.com/outline/outline/pull/3813
• Viewers can now be upgraded to editors on individual collections or groups in https://github.com/outline/outline/pull/4023
• It's now possible to subscribe to a document without editing it, and also to unsubscribe from documents you have by @CuriousCorrelation in https://github.com/outline/outline/pull/3834
• New application-wide request limiter disabled by default. See documentation.
• Added an emailed confirmation code to account deletion in https://github.com/outline/outline/pull/3873
• A random color is now chosen on collection creation by @apoorv-mishra in https://github.com/outline/outline/pull/3912
• Support for Google Form embeds by @apoorv-mishra in https://github.com/outline/outline/pull/3930
• Notifications for export completing are now optional by @codemicro in https://github.com/outline/outline/pull/3935
• Added support for Grist embeds. by @prio in https://github.com/outline/outline/pull/3914
• The draw.io integration now supports self-hosted deployments by @apoorv-mishra in https://github.com/outline/outline/pull/3980
• New and improved language translations

Fixes

• Fixed authentication error the maximum number of teams has been reached in https://github.com/outline/outline/pull/3819
• Use previous language when creating code block from markdown shortcut in https://github.com/outline/outline/pull/3830
• Cannot create collection if all existing collections are deleted in https://github.com/outline/outline/pull/3836
• Long collection description prevents import in https://github.com/outline/outline/pull/3847
• substitution of content when sending an image to a profile in https://github.com/outline/outline/pull/3869
• Cleanup attachments uploaded to storage when import fails in https://github.com/outline/outline/pull/3868
• Expand highlighted languages by @spotlightishere in https://github.com/outline/outline/pull/3891
• Improve document delete confirmation message by @apoorv-mishra in https://github.com/outline/outline/pull/3876
• Harden regex for embeds by escaping by @apoorv-mishra in https://github.com/outline/outline/pull/3907
• Removed templatize action for trashed document by @apoorv-mishra in https://github.com/outline/outline/pull/3922
• refactor auth flow to explicitly pass in a host by @thenanyu in https://github.com/outline/outline/pull/3909
• Put request rate limit at application server by @apoorv-mishra in https://github.com/outline/outline/pull/3857
• Upgrade markdown-it to fix text collapse bug in https://github.com/outline/outline/pull/3953
• chore: Rate limiter audit in https://github.com/outline/outline/pull/3965
• perf: Suppress Mermaid diagram rendering when hidden in https://github.com/outline/outline/pull/3963
• Reference email image by cid for self hosted instances in https://github.com/outline/outline/pull/3957
• perf: Refactoring socket event payloads in https://github.com/outline/outline/pull/4011
• Content is displayed wrongly when printing / Save as PDF by @Nicicalu in https://github.com/outline/outline/pull/4043
• Remove ability to use GET for RPC API requests by default in https://github.com/outline/outline/pull/4042
• Allow backlinks to work with fully qualified urls and anchors in https://github.com/outline/outline/pull/4050
• Login screen not vertically centered on mobile in https://github.com/outline/outline/pull/4052
• Handle GitLab can be configured for tokens to not expire. in https://github.com/outline/outline/pull/4051
• Post-signin redirect path is no longer saved in https://github.com/outline/outline/pull/4054

New Contributors

• @apoorv-mishra made their first contribution in https://github.com/outline/outline/pull/3841
• @spotlightishere made their first contribution in https://github.com/outline/outline/pull/3891
• @psmoros made their first contribution in https://github.com/outline/outline/pull/3906
• @codemicro made their first contribution in https://github.com/outline/outline/pull/3935
• @prio made their first contribution in https://github.com/outline/outline/pull/3914
• @Nicicalu made their first contribution in https://github.com/outline/outline/pull/4043

Full Changelog: https://github.com/outline/outline/compare/v0.65.1...v0.66.0

Fixes

The previous release did not allow for new installations, if you have an existing installation this patch offers no improvements.

Fixes

The previous release did not startup correctly on installations with an unsecured database connection.

This months release comes with a number of new features – full support for outgoing Webhooks so you can integrate Outline with other tools, Mermaid diagrams in the editor, and the ability to setup multiple authentication providers for your team.

We also started a bug bounty program on huntr.dev which has resulted in an above-average number of security related patches in this release.

Note It is highly recommended to visit Settings -> Security and add team domains as an additional measure to restrict access to your self-hosted instance.

Enhancements

• Publicly shared documents now render metadata on the server in https://github.com/outline/outline/pull/3646
• Personal Gmail accounts can now be used to sign into teams with an existing invite that matches by @thenanyu in https://github.com/outline/outline/pull/3652
• The documents.update API endpoint can now be used with collaborative editing enabled in https://github.com/outline/outline/pull/3647
• Mermaid.js support added to the editor in https://github.com/outline/outline/pull/3679
• Webhook support in https://github.com/outline/outline/pull/3691
• Added a new optional notification email when invite is accepted in https://github.com/outline/outline/pull/3718
• A new check for pending migrations during startup by @CuriousCorrelation in https://github.com/outline/outline/pull/3744
• Visiting an unpublished share link will now show a Login screen by @CuriousCorrelation in https://github.com/outline/outline/pull/3760
• Lists that failed to load will now show an error state and automatically retry in https://github.com/outline/outline/pull/3766
• Sign-in options for all configured authentication methods will now be displayed in https://github.com/outline/outline/pull/2986
• As always, new and improved translations from the community

Fixes

Platform

• Now possible to delete user via API in https://github.com/outline/outline/pull/3619
• Context menus now scrollable on iOS in https://github.com/outline/outline/pull/3626
• Lazily polyfill ResizeObserver for old iOS in https://github.com/outline/outline/pull/3629
• Google, Azure, OIDC SSO continued access are now verified on every app load in https://github.com/outline/outline/pull/3590
• Previously provisioned JWT's are now revoked on logout in https://github.com/outline/outline/pull/3639
• Don't show /share/ link in popover when team sharing disabled in https://github.com/outline/outline/pull/3714
• Localstorage cleared correctly after logout by @thenanyu in https://github.com/outline/outline/pull/3731
• Models are now all removed from local store upon access change in https://github.com/outline/outline/pull/3729
• Do not show suspended users to non admins in https://github.com/outline/outline/pull/3776
• Added additional model validations in https://github.com/outline/outline/pull/3725
• Improved websockets error handling in https://github.com/outline/outline/pull/3726
• Save button no longer shown when adding and removing a domain row by @paullessing in https://github.com/outline/outline/pull/3701
• Automatically cleanup api keys and webhooks for suspended users in https://github.com/outline/outline/pull/3756
• svg+xml image type ext not assigned properly by @CuriousCorrelation in https://github.com/outline/outline/pull/3774
• Fixed incorrect length validation with UTF-8 characters by @CuriousCorrelation in https://github.com/outline/outline/pull/3709

Editor

• Cursor no longer disappears behind emoji by @CuriousCorrelation in https://github.com/outline/outline/pull/3786
• Moving an image to empty space no longer results in an endless upload in https://github.com/outline/outline/pull/3799
• Triple-click now selects the current line in codeblocks by @CuriousCorrelation in https://github.com/outline/outline/pull/3798
• The formatting toolbar now shows the correct options on inline code by @CuriousCorrelation in https://github.com/outline/outline/pull/3775
• Enter at beginning of collapsed heading now works correctly in https://github.com/outline/outline/pull/3754

New Contributors

• @l3nnartt made their first contribution in https://github.com/outline/outline/pull/3596
• @CuriousCorrelation made their first contribution in https://github.com/outline/outline/pull/3709
• @paullessing made their first contribution in https://github.com/outline/outline/pull/3701
• @JamieSlome made their first contribution in https://github.com/outline/outline/pull/3711

Full Changelog: https://github.com/outline/outline/compare/v0.64.3...v0.65.0

Fixes

This patch release fixes an issue in the editor that allowed stored XSS to occur by not correctly sanitizing link href's. Note, that In order for this vulnerability to be abused you would need to have a malicious actor with access to the knowledge base (one of your team members).

CVE-2022-2342

Fixes

• Table of contents does not appear in publicly shared documents

Fixes

Fixes another environment parsing bug introduced with the new validation in v0.64.0.

• Fixed: Empty values no longer trigger validations for optional configuration items

Fixes

Fixes two environment parsing bugs introduced with the new validation in v0.64.0.

• Fixed: Postgres and Redis urls did not allow hostnames with underscores
• Fixed: "false" was parsed as truthy for some boolean configuration options

Note: This update requires database migrations, take your installation offline, backup the database, and run with yarn db:migrate or yarn db:migrate --env production-ssl-disabled

The ALLOWED_DOMAINS environment variable was moved into the UI under Settings -> Security. Upon upgrading, any existing values set in the environment will be automatically migrated and you can safely remove the ALLOWED_DOMAINS value post-upgrade.

We also introduced stricter validation of all environment variables to help with debugging and setup of the community edition, depending on your environment this may result in new errors or warnings being output upon server startup. If you have empty environment variables defined these should be removed.

Enhancements

• Migration of ALLOWED_DOMAINS to a team level setting (see above) by @coreyja in https://github.com/outline/outline/pull/3489
• New TLDraw, Otter.ai, Gliffy, JSFiddle, and Scribe embed integrations.
• Document can now be fetched through API with knowing the slug by @coreyja in https://github.com/outline/outline/pull/3453
• Multiple performance improvements for large documents with collaborative editing enabled https://github.com/outline/outline/pull/3567
• Improved performance by requesting less db columns when calculating collection permissions in https://github.com/outline/outline/pull/3498
• Improved performance for large collections by refactoring sorting in https://github.com/outline/outline/pull/3475
• ioredis is now configurable via environment variables by @heilerich in https://github.com/outline/outline/pull/3365
• Disabled state of embeds now persists per-document https://github.com/outline/outline/pull/3407
• Suspended users are no longer shown in the document facepile in https://github.com/outline/outline/pull/3497
• Added initial support to import data from Notion (Settings -> Import -> Notion)
• Publicly shared links now include title and description in metadata for improved previews in third party services
• Improve speed of Azure login (parallelize two slow API requests) in https://github.com/outline/outline/commit/bb074edb0d464c59dfb4a43c5da1707addd90e45
• Turkish language translations were added 🇹🇷

Fixes

Editor

• Emojis and embeds can now be copied to plain text clipboard in https://github.com/outline/outline/pull/3561
• Floating toolbar now only appears on mouse up when selecting text with the mouse in https://github.com/outline/outline/pull/3561
• Links to anchors in other pages are no longer broken when the page is renamed in https://github.com/outline/outline/commit/0577c73f0661b75aafea6a768b4a652781c81f69
• Applying a template no longer overwrites an existing title in https://github.com/outline/outline/commit/7fa0199dcabf285d0b4a317976060d0824946911
• "Referenced by" is now "Backlinks"

Platform

• A shared persistence debounce between docs could result in some docs not saving on the server in high-concurrency editing environments https://github.com/outline/outline/pull/3401
• Fixed translation strings throughout the UI by @Limezy in https://github.com/outline/outline/pull/3417 https://github.com/outline/outline/pull/3441
• Fixed an issue where the "last edited by" timestamp could be updated when the user had made no changes
• Fixed an issue where CRDT creation from markdown state touches document updated timestamp in https://github.com/outline/outline/pull/3482
• Paginated list history headings were not rendering when there was only one unique heading by @thenanyu in https://github.com/outline/outline/pull/3496
• Data import and export codepaths were refactored and improved https://github.com/outline/outline/pull/3434
• Confirm button is now focused by default in confirmation dialogs in https://github.com/outline/outline/commit/4c15f27bb2246da41dd5008a12c62e73087b4f5c
• Fixed extra separator in collection context menu with read-only permissions in https://github.com/outline/outline/commit/b152b9f17b8da7c7c0fd78a844aa48e660f1398e
• Fixed blank screen instead of "Not found" page in some situations in https://github.com/outline/outline/commit/40e41b26a19f4a47582acf9e71272c80abda9396
• Revisions are now created on document publish in https://github.com/outline/outline/commit/ec1bc801a4e391e7528d706d5855b464a1b27093
• Collection names with slashes no longer produce an invalid export in https://github.com/outline/outline/commit/4177031d0b187db7604f6b53f9842db21d854aec
• "Settings" navigation is no longer offered to non-admins in https://github.com/outline/outline/commit/78da5e2335eace26535f5981c0b789f8c7c4a07e

New Contributors

• @meltyshev made their first contribution in https://github.com/outline/outline/pull/3428
• @Limezy made their first contribution in https://github.com/outline/outline/pull/3439
• @gemathus made their first contribution in https://github.com/outline/outline/pull/3447
• @coreyja made their first contribution in https://github.com/outline/outline/pull/3453
• @EmirBoyaci made their first contribution in https://github.com/outline/outline/pull/3473
• @heilerich made their first contribution in https://github.com/outline/outline/pull/3365
• @rusakovdenis made their first contribution in https://github.com/outline/outline/pull/3548

Full Changelog: https://github.com/outline/outline/compare/v0.63.0...v0.64.0

Enhancements

• The editor now supports file attachments in https://github.com/outline/outline/pull/3031
• We added search to publicly shared documents by @thenanyu in https://github.com/outline/outline/pull/3126
• It is now possible to star collections in https://github.com/outline/outline/pull/3327
• Outline will now work behind a Pomerium proxy in https://github.com/outline/outline/pull/3219
• You can now navigate to all the pages of settings through command bar by @iamsaumya in https://github.com/outline/outline/pull/3226
• Much improved settings layout in https://github.com/outline/outline/pull/3234
• Collection creation can now be disabled for members in https://github.com/outline/outline/pull/3270
• Added /date, /time, and /datetime patterns to insert into doc in https://github.com/outline/outline/pull/3309
• Empty documents are now cleaned up automatically in https://github.com/outline/outline/pull/3310
• Adds menu item to resend outstanding invites in https://github.com/outline/outline/pull/3348
• Arm64 docker image build by @Yggdrasil80 in https://github.com/outline/outline/pull/3262

Fixes

Editor

• SVGs without a natural px width are no longer invisible in https://github.com/outline/outline/pull/3220
• Editor title does not autoFocus on first load in https://github.com/outline/outline/pull/3238
• Prevent circumstances where history sidebar would crash by @thenanyu in https://github.com/outline/outline/pull/3257
• Catch error when emoji combinations cause document to be unable to persist in https://github.com/outline/outline/pull/3250
• :: symbols appearing between lines when pasting plaintext in https://github.com/outline/outline/pull/3323
• Improve paste handler parsing for more cases in https://github.com/outline/outline/pull/3322
• Capture file and image drop events below editor in https://github.com/outline/outline/pull/3376
• Added Solidity language support by @fr0zn in https://github.com/outline/outline/pull/3303

Platform

• Navigation of shared trees performance in https://github.com/outline/outline/pull/3171
• Hide TOC toggle on publicly shared links if there are no headings in https://github.com/outline/outline/pull/3172
• Don't hide sidebar when menu is open by @iamsaumya in https://github.com/outline/outline/pull/3203
• Don't load CRDT state from database by default in https://github.com/outline/outline/pull/3215
• Stop copying attachments when moving documents in https://github.com/outline/outline/pull/3251
• chore: documentStructure database locking in https://github.com/outline/outline/pull/3254
• Add stricter validation around image file type uploads in https://github.com/outline/outline/pull/3324
• Allow admin edit/update access to all collections in https://github.com/outline/outline/pull/3335
• Link preview and search should work on collection descriptions in https://github.com/outline/outline/pull/3355
• Queue retry behavior in https://github.com/outline/outline/pull/3359
• Automatic invite reminder email in https://github.com/outline/outline/pull/3354
• Lowercase email from auth providers to match any outstanding invites in https://github.com/outline/outline/pull/3369

New Contributors

• @huruji made their first contribution in https://github.com/outline/outline/pull/3282
• @CommanderRoot made their first contribution in https://github.com/outline/outline/pull/3285
• @fr0zn made their first contribution in https://github.com/outline/outline/pull/3303
• @github-actions made their first contribution in https://github.com/outline/outline/pull/3356
• @Yggdrasil80 made their first contribution in https://github.com/outline/outline/pull/3262

Full Changelog: https://github.com/outline/outline/compare/v0.62.0...v0.63.0

Enhancements

• Updated navigation sidebar design with ability to collapse and expand collections that are not active
• Added navigation sidebar to shared documents https://github.com/outline/outline/pull/2899
• Added reordering to starred documents https://github.com/outline/outline/pull/2953
• Support SSL without usage of reverse proxy https://github.com/outline/outline/pull/2959
• Display progress of import operations in settings https://github.com/outline/outline/pull/3064
• Added the ability to choose a collection as default home https://github.com/outline/outline/pull/3029
• Added DBdiagram (dbdiagram.io) embed by @n3n in https://github.com/outline/outline/pull/3124
• Show icon on external links https://github.com/outline/outline/pull/3100
• Add "new doc" button on collections in sidebar https://github.com/outline/outline/pull/3174
• Add "danger" background to dangerous menu items on hover https://github.com/outline/outline/pull/3148

Fixes

Editor

• fix: Templates menu does not appear when collaborative editing is enabled https://github.com/outline/outline/pull/2915
• Editor shortcut conflicts https://github.com/outline/outline/pull/2943
• Emoji in title positioning https://github.com/outline/outline/pull/2927
• fix: changing the title and body content in quick succession would trigger unsaved changes warning prompt https://github.com/outline/outline/pull/2950
• fix: Flash of content when selecting text on RHS of document https://github.com/outline/outline/pull/2981
• fix: remove scrollbar on x-axis in Table of Contents by @iamsaumya in https://github.com/outline/outline/pull/3008
• fix: Ensure copy code button appears in collaborative editing mode https://github.com/outline/outline/pull/3021
• fix: Disabling editor embeds should work with collaborative editing https://github.com/outline/outline/pull/2968
• fix: Do not parse :smile: style emoji in Markdown paste handler https://github.com/outline/outline/pull/3056
• fix: Improvements to image positioning https://github.com/outline/outline/pull/3061

Platform

• fix: Missing space character by @rossmeissl in https://github.com/outline/outline/pull/2961
• fix: trim collection name on save rather than on change by @thenanyu in https://github.com/outline/outline/pull/2962
• fix: truncate a very long team name with ellipses by @thenanyu in https://github.com/outline/outline/pull/2963
• fix: Share popover incorrectly displays draft as publicly shared https://github.com/outline/outline/pull/2982
• fix: consistently check allowed domains by @eug-vs in https://github.com/outline/outline/pull/2985
• fix: issue-2974 reparent nested document when dropped on current collection by @ChuckJonas in https://github.com/outline/outline/pull/2975
• fix: Should be able to unstar archived and trashed documents https://github.com/outline/outline/pull/2983
• fix: Team logo shows as white in settings https://github.com/outline/outline/pull/3015
• fix: Cannot view history with view-only permissions and collaborative editing enabled https://github.com/outline/outline/pull/3024
• fix: Added Table of Contents to mobile views and account for branding on shared view layouts by @thenanyu in https://github.com/outline/outline/pull/2997
• fix: error from api rate limiting by @iamsaumya in https://github.com/outline/outline/pull/3050
• fix: make mobile popover dialog styling nice by @thenanyu in https://github.com/outline/outline/pull/3059
• fix: Images no longer in original document not included in export https://github.com/outline/outline/pull/3063
• fix: Auth persistence to localStorage https://github.com/outline/outline/pull/3078
• fix: Export now includes all documents that have identical names https://github.com/outline/outline/pull/3098
• fix: sync the correct collection with edit action by @iamsaumya in https://github.com/outline/outline/pull/3166
• fix: Reuse InputSearch style for move dialog https://github.com/outline/outline/pull/3173
• fix: editing collections should not forward to collection on save by @iamsaumya in https://github.com/outline/outline/pull/3187

New Contributors

• @max-mykhailenko made their first contribution in https://github.com/outline/outline/pull/2895
• @rossmeissl made their first contribution in https://github.com/outline/outline/pull/2961
• @eug-vs made their first contribution in https://github.com/outline/outline/pull/2985
• @ChuckJonas made their first contribution in https://github.com/outline/outline/pull/2975
• @louisphn made their first contribution in https://github.com/outline/outline/pull/3034

Fixes

This release addresses a stored XSS vulnerability in document titles that was introduced in v0.57.0.

Note: XSS allows an attacker to execute code in another users browser such as accessing cookie values. As document write permissions are required to inject a malicious payload within Outline, this is not considered to be a high severity issue for self-hosted installations at this time.

Note: This update requires database migrations, take your installation offline, backup the database, and run with yarn db:migrate or yarn db:migrate --env production-ssl-disabled

Pin to Home

This month pinned documents got a visual refresh to help them stand out – we also added the option to reorder pins and pin documents to the home screen for everyone in the team. Make sure to check out all the other enhancements below…

Enhancements

• Drafts are now displayed in the sidebar while viewing and editing (#2820)
• Added ability to "follow" another user in a document by clicking their avatar (#2858)
• Added "full width" option for documents display (#2869)
• Added recent searches to search screen (#2868)
• Added '+' button to create new docs from sidebar (#2864)
• Added 'Whimsical' as embed provider
• Added various new collection icons
• It's now possible to replace images in editor
• You can now choose which events publish to Slack (#2857)
• Updated and improved translations
• Views are now recorded for drafts (#2862)
• IAM role authentication now supported for S3 (#2830)
• 🇻🇳 Vietnamese added as language option

Fixes

Editor

• Fixed emoji text selection behavior
• Document titles in RTL script not correctly aligned
• Github Gist's now load correctly in Safari (#2520)
• Improved inline code display in dark mode (#2835)
• Document hover previews restored when collaborative editing enabled
• Nested list items no longer escape page boundaries
• Emoticons are no longer converted to emojis on save (#2785)

Platform

• Fixed incorrect styling of icon color picker in dark mode
• Fixed an issue that would show group creation options to those without permission (#2621)
• Fixed unresponsiveness of select inputs
• Fixed history sidebar behavior
• Fixed duplicate notification for publish event (#2757)
• It's now possible to use email providers with no password (#2767)
• Clickable area for docs in sidebar is no longer constructed (#2809)
• Removed unused database indexes (#2747)
• Sidebar toggle now displayed on tablets

Fixes

This release fixes a security vulnerability that will be detailed in the future. It affects all previously published versions of Outline and is not known to allow exfiltration of database/document data, however upgrading is recommended.