From 08805f01e7616043b0033444f83c735a0b8f3f4d Mon Sep 17 00:00:00 2001
From: Joplin Bot We made many improvements to the Rich Text Editor in this release to improve its usability. For example, you can now embed any content with the tables, including lists and other tables, which was a frequently requested feature: In this update, significant enhancements have been implemented in the Rich Text Editor to enhance user experience. One notable improvement is the ability to seamlessly embed various content within tables, including lists and other tables, which was a frequently requested feature: The interoperability with other text editors such as Word and Excel as also been improved, in particular when copying and pasting content between these tools and Joplin. The interoperability with other text editors such as Word and Excel has also been improved, in particular when copying and pasting content between these tools and Joplin. The Evernote Export format, known as ENEX, has always been very challenging to support. This is because Evernote frequently changes it, breaking importers, and may also occasionally introduce bugs, to the point where their application sometimes can't even import back the files they've exported! At this point, after having worked on this importer for nearly 7 years it is relatively stable and most of the issues we encounter are due to invalid files that Evernote generates due to bugs they introduced in recent versions. We still try to import these files as well as possible by processing the invalid data using various heuristics. The Evernote Export format, known as ENEX, has always been challenging to support. This is because Evernote frequently changes it, breaking importers, and may also occasionally introduce bugs. At times, their own application struggles to import back files that it has exported, highlighting the volatility of the ENEX format. After undergoing continuous improvements for seven years, the importer has achieved a relatively stable state. The majority of issues encountered now stem from invalid files generated by Evernote, a result of bugs introduced in recent versions. Despite these challenges, we strive to enhance the import process by employing various heuristics to process the invalid data as effectively as possible. The list of bug fixes is below: We are continuously improving the plugin API to make it as easy as possible to customize the application. One of the main addition is support note list plugins - it allows any plugins to customise what the note list should display. See the Joplin Plugin Note List API And the Note List Demo Which includes three note list examples, a basic "top to bottom" one, a more advanced "left to right" one, which also renders a thumbnail of the note, and another one which shows how to create an interactive note list item to directly modify the title of the note from the list. This API was developed based on the feedback we got and we hope it will be useful! We are still keen to hear more from users and plugin developers on what features may still be missing and what could be improved! One of the main addition is support note list plugins - it allows any plugins to customise what the list should display each note. See the Joplin Plugin Note List API and the Note List Demo for more information. The demo includes three examples of note lists: a fundamental "top to bottom" version, a sophisticated "left to right" variant that additionally displays a note thumbnail, and a demonstration of an interactive note list, allowing direct modification of the note title from the list. This API was developed based on the feedback we got and we hope it will be useful. We remain open to further input from users and plugin developers regarding any potential missing features and areas for improvement! The imaging API was created to allow plugin developer to easily load and manipulate images. For now it is possible to load PNG and JPG files, and to resize and crop them. The imaging API was created to allow plugin developers to easily load and manipulate images. For now it is possible to load PNG and JPG files, and to resize and crop them. https://joplinapp.org/api/references/plugin_api/classes/joplinimaging.html A few more APIs have been added such as one to open dialog to select a file or folder and a way to access the plugin settings from a renderer script A few more APIs have been added such as one to open dialog to select a file or folder and a way to access the plugin settings from a renderer script. This version also features a new Markdown editor based on CodeMirror 6. This change means that we'll be able to use the same editor on both the desktop and mobile application (which already uses CodeMirror 6), which will allow a more consistent user experience across devices. Another benefit is that, in a future version, it will allow us to support plugins on the mobile application. There are several other advantages that Henry listed in this forum post.RTE🔗
-Improved ENEX import🔗
-
-]]>New plugins APIs🔗
Note list🔗
Imaging API🔗
-And more🔗
-New beta Markdown editor🔗
However, there is one aspect that operates behind closed doors, and for good reason: addressing cybersecurity vulnerabilities. It is imperative that these issues remain undisclosed until they have been resolved. Once a solution is implemented, it is usually accompanied by discreet commits and a message in the changelog to signify the progress made.
Typically, the process begins with an email from a security researcher. They provide valuable insights, such as a specially crafted note that triggers a bug, or an API call, along with an explanation of how the application's security can be circumvented. We examine the vulnerability, create a fix, and create automated test units to prevent any accidental reintroduction of the vulnerability in future code updates. An example of such a commit is: 9e90d9016daf79b5414646a93fd369aedb035071
We then share our fix with the researcher for validation. Additionally, we often apply the fix to previous versions of Joplin, depending on the severity of the vulnerability.
diff --git a/readme/news/20231204-release-2-13.md b/readme/news/20231204-release-2-13.md index 4b0f99f59..5e441b4f5 100644 --- a/readme/news/20231204-release-2-13.md +++ b/readme/news/20231204-release-2-13.md @@ -1,6 +1,6 @@ --- tweet: What's new in Joplin 2.13 -forum_url: https://discourse.joplinapp.org/t/34033 +forum_url: https://discourse.joplinapp.org/t/34040 --- # What's new in Joplin 2.13