v2.5.2

• Change of default behavior: due to possible security concerns, meta generation is now disabled by default for internal IP ranges (e.g. 192.168.x.x). You can enable this again by adding META_ALLOW_PRIVATE_IP_RANGES=true to your .env file.
• Private tags or lists from other users can no longer be added to your links by using internal IDs.
• Several updates for dependencies, including security fixes.

Warning

Note on PHP installation package: I am unable to upload the zip file right now. Getting an "Something went really wrong, and we can’t process that file" error. Will try again later.

v2.5.1

Fixes an issue where the web setup for SQLite could not be completed. #1066

v2.5.0

Support for PHP 8.1 was dropped. LinkAce only supports PHP 8.2 to 8.5.

v2.4.3

• Security patch: RSS feeds now contain proper escaping of HTML and XML
• Minor dependency updates, including security patches.

v2.4.2

• Sorting of lists and tags by link count was fixed. #1047
• A password can now be passed when registering a new user via CLI. #1046
• Minor dependency updates, including security patches.

v2.4.1

• LinkAce now officially supports PHP 8.5.
• Minor dependency updates, including possible security patches.

v2.4.0

What's Changed

• Important security patches, please update as soon as possible:
  • Sharing of links is now properly escaped within the application, preventing XSS attacks
  • RSS feeds no longer contain private links.
  • Private links are no longer exported in HTML exports.
  • Minor change: LinkAce won't fetch keyword suggestions for tags from private and reserved IP addresses like 192.168.x.x or 10.72.x.x.
  • Permission checks of system tokens were corrected to reflect the actual API usage, not the in-browser UI.
• Private RSS feeds can be accessed by using ?api_token=3|tq3K7r... within the URL again (#1034)
• Filter tags by search in the tags overview @Alitindrawan24 (#1028)
• System tokens don't fail while updating links via the API anymore (#1013)
• System tokens are now able to properly delete entities via the API
• Lists and tags starting with numbers like 10 best Soup recipes are correctly parsed in the List and Tags select while adding Links (#1017)
• Dependencies were updated.

New Contributors

• @Alitindrawan24 made their first contribution in #1028

Full Changelog: v2.3.1...v2.4.0

v2.3.1

• Fix for disabling TLS verification for SMTP connections (#1012)
• Minor security fix: user names are only allowed to have alpha-numeric characters and dashes.
• Dependencies were updated.

v2.3.0

• Allow more configuration options for connecting to the database via SSL, see .env Settings for details (#949)
• Improvement for handling existing (even trashed) links during adding or editing links (#1004)
• Improve handling of non-existing links, lists or tags for Postgres databases (#1005)
• Adding new tags or lists correctly takes default privacy settings into account (#1001)
• Link sharing button is removed when no sharing services are enabled (#991)
• New option for OIDC logins: SSO_OIDC_VERIFY_JWT which enables JWT verification and now defaults to true
• Dependencies were updated

v2.2.0

What's Changed

• Allow disabling TLS/SSL verification when using SMTP for sending mails (#986)
• Selecting tags or lists now prefer existing entries instead of creating new ones (#992)
• Allow users to search shared links by @KobyW in #976
• Fix markdown rendering in link lists by using formatted_description attribute by @Copilot in #994
• Add comprehensive GitHub Copilot instructions for LinkAce development by @Copilot in #996
• LinkAce now uses the official Redis docker image instead of the Bitnami one, as Bitnami deprecated their images.
• Dependencies were updated

New Contributors

• @KobyW made their first contribution in #976
• @Copilot made their first contribution in #994

Full Changelog: v2.1.9...v2.2.0