Release notes 4.x.x
Last updated
Was this helpful?
On-premises
Last updated
Was this helpful?
Release date: 2025-03-21
Server Pro Image ID: dcfa08126e52
Community Edition Image ID: 8fda0e836de1
Git Bridge Image ID: 59a17a340612
This is a security release, we updated internal dependencies used by SAML integration.
Release date: 2024-08-13
Server Pro Image ID: 03df62558008
Community Edition Image ID: b455e431db42
Git Bridge Image ID: 59a17a340612
Fix for invalid URLs returning 500 instead of 400.
/metrics and /health_check now return 404.
Security update to prevent remote image loading in Visual Editor.
Release date: 2024-07-12
Server Pro Image ID: b57040dd7e45
Community Edition Image ID: 60b9c65a00a7
Git Bridge Image ID: 59a17a340612
This is a security release. We added stricter controls for accessing project invite details and locked down access to files via the LaTeX compilation service.
We strongly recommend turning on the Sandboxed Compiles feature in Server Pro.
Release date: 2024-06-20
Server Pro Image ID: e9c52f2dd6df
Community Edition Image ID: 8ac3da599b94
Git Bridge Image ID: 59a17a340612
This is a security release. We added stricter controls for creating projects from ZIP URLs.
Release date: 2024-06-11
Server Pro Image ID: cbe8a3d11874
Community Edition Image ID: 8ac3da599b94
Git Bridge Image ID: 59a17a340612
This release provides security updates, bug fixes, and performance enhancements, including:
Stricter controls to prevent arbitrary JavaScript execution in the project editor.
Stricter controls to prevent arbitrary CSS loading in the project editor.
Updated libraries to enhance security and performance.
Release date: 2024-04-17
Server Pro Image ID: 875dd6e64e96
Community Edition Image ID: ab1e82612ec9
Git Bridge Image ID: 455a8c0559a4
Server Pro 4.2.4 is a security release for the application runtime.
The Node.js runtime has been upgraded to 18.20.2. Check the release notes (18.20.1, 18.20.2) for more information.
All services are now using IPv4 in the container
Adds bin/flush-history-queues and bin/force-history-resyncs utility scripts.
Release date: 2024-02-16
Server Pro Image ID: a251a3f77aaa
Community Edition Image ID: 168968a20483
Git Bridge Image ID: 59a17a340612
Server Pro 4.2.3 is a security release for the application runtime.
The Node.js runtime has been upgraded to 18.19.1 as per the security announcement upstream. It is worth noting that only CVE-2024-22019, a Denial of Service vulnerability, is applicable to Server Pro.
If an access point to your Server Pro instance is publicly accessible via the internet, such as a login page or redirect to it, it is particularly important that you upgrade to Server Pro version 4.2.3.
Release date: 2024-02-07
Server Pro Image ID: 166a56c173a1
Community Edition Image ID: f33f1873b490
Git Bridge Image ID: 59a17a340612
This release increases security against brute force attacks on projects with link-sharing enabled.
If your Server Pro instance is configured with link-sharing enabled, using SHARELATEX_ALLOW_PUBLIC_ACCESS=true, it is particularly important that you upgrade to Server Pro version 4.2.2.
We would also like to highlight a required upgrade of MongoDB to version 5.0 for the next Server Pro release. MongoDB 4.4 reaches end of life this month, February 2024. We recommend that all customers upgrade to MongoDB 5.0 at their earliest convenience.
Release date: 2023-11-23
Server Pro Image ID: 3a75a815d297
Community Edition Image ID: ae1b8c082224
Git Bridge Image ID: 59a17a340612
This release restores public access to the /saml/meta endpoint.
Release date: 2023-11-10
Server Pro Image ID: 8bdf368e59f4
Community Edition Image ID: ae1b8c082224
Git Bridge Image ID: 59a17a340612
This release separates the web service into an internal API service and a user facing service. Most of the changes in this regard are behind the scenes. The Git integration in Server Pro talks to the Server Pro container "from the outside" and its config needs changing.
Toolkit users: please upgrade the toolkit (bin/upgrade) before upgrading to Server Pro 4.2.0.
docker-compose deployments: please update the contents of the GIT_BRIDGE_API_BASE_URL variable:
A toolbar has been added to the Code Editor, which provides buttons for basic text styling, and inserting special characters, figures, code for tables, citations, and more.
An easier way to create and edit tables is now available in Server Pro. You can also copy and paste tables and formatted text directly into Visual Editor, without losing the formatting.
Check the blog post for more information.
The new Insert figure feature allows user to upload or just copy and paste an image file from your computer directly into the editor.
Please refer to the blog post for more information.
Math symbols are now previewed along with the autocomplete options in the editor.
XeLatex is now available in the default Tex Live install when not using Sandboxed Compiles.
As announced with the previous Server Pro release, the legacy source editor has been removed from the editor. You can read more about the new editing experience on our blog.
The new release also includes the following changes:
Session length can now be configured with SHARELATEX_COOKIE_SESSION_LENGTH.
Node runtime has been updated to v18.18.2
Release date: 2023-11-02
Server Pro Image ID: e40c0df3207f
Community Edition Image ID: 50437e9a470c
Git Bridge Image ID: f499a7ef6e64
This release adds several dependency patches bringing performance improvements in different parts of the application.
Release date: 2023-10-25
Server Pro Image ID: 47246d85316b
Community Edition Image ID: d909899af648
Git Bridge Image ID: f499a7ef6e64
This release includes a bug-fix for streaming compression in the history system that could result in hanging flushes. History changes will accumulate in Redis and do not get flushed for permanent storage on disk/S3, leading to potential data-loss when Redis runs out of memory.
We advise all customers to upgrade to this release at their earliest convenience.
Release date: 2023-10-24
Server Pro Image ID: ef772a5f1148
Community Edition Image ID: 1bcb24c3b31a
Git Bridge Image ID: f499a7ef6e64
This release includes additional logging and a new config option for a request timeout.
Release date: 2023-10-06
Server Pro Image ID: 6661a336d695
Community Edition Image ID: e46e0cf12e97
Git Bridge Image ID: f499a7ef6e64
This release includes a fix for the history soft retry cronjob, which was executing the operation as a hard retry.
Release date: 2023-09-27
Server Pro Image ID: fab9def8230a
Community Edition Image ID: 1ce6ef6ea798
Git Bridge Image ID: f499a7ef6e64
This release includes security updates for the Git Bridge.
Release date: 2023-09-05
Server Pro Image ID: fab9def8230a
Community Edition Image ID: 1ce6ef6ea798
Git Bridge Image ID: e5e9753fc979
Hide tabs on user admin info pages that are only relevant for overleaf.com
Release date: 2023-08-24
Server Pro Image ID: a6c6bfe92bd1
Community Edition Image ID: 1ce6ef6ea798
Git Bridge Image ID: e5e9753fc979
Server Pro 4.1 is a security release for the application runtime.
The Node.js runtime has been upgraded from version 16 to 18 ahead of the upcoming deprecation of Node.js 16 on September 11, 2023.
Only Server Pro 4.1 will operate with Node.js 18. All other supported versions of Server Pro require Node.js 16, which is being deprecated. We recommend that all customers upgrade to Server Pro 4.1 at their earliest convenience.
If an access point to your Server Pro instance is publicly accessible via the internet, such as a login page or redirect to it, it is particularly important that you upgrade to Server Pro version 4.1 before September 11, 2023.
Reminder: History migration for Server Pro 3.5.X and earlier
If you are still using a Server Pro version before 4.0, we recommend starting with the upgrade process immediately. In Server Pro 4.0 we introduced a breaking change in the history system that requires migrating all the history data into the new system in order for Server Pro to function.
The migration process can handle the majority of project histories without any manual work. However, very old projects can contain data that require additional steps to migrate. Starting the migration process now will give our support team adequate time to take a look into your migration issues and help you finish the migration ahead of the EOL date.
Server Pro versions 3.5.11, 4.0.6 and the latest 4.1 release include an updated script that fully deletes orphaned mongo data from the old history system. It is safe to run the script again. Please refer to the documentation on how to run the cleanup script.
Server Pro 4.1 will be the last release with the legacy source editor. You can read more about the new editing experience on our blog.
The Rich Text/Visual editing experience has been improved.
The "Source" editor has been renamed to "Code Editor" and the "Rich Text" editor has been renamed to "Visual Editor".
Release date: 2023-08-10
Image ID: da6f6f617532 (Community Edition Image ID: 504b19c82c27)
Bring back the History Migration Cleanup Script with a fix to free up mongo storage space.
We advise customers to re-run the script again as per the documentation.
Release date: 2023-07-20
Server Pro Image ID: bd37a572f01a
Community Edition Image ID: 883bb853c896
Git Bridge Image ID: 9bfd98050a43
Fixes numbers replaced by underscores when downloading projects (overleaf/overleaf/issues/1133).
Security updates.
Release date: 2023-07-14
Server Pro Image ID: bcec664460d0
Community Edition Image ID: 1cf00822f942
Git Bridge Image ID: 9bfd98050a43
This release includes security updates.
Release date: 2023-06-29
Server Pro Image ID: 963eb95c3c86
Community Edition Image ID: 380e3cb72a42
Git Bridge Image ID: 9bfd98050a43
Fixes a bug preventing anonymous users from adding changes to the Project History.
Release date: 2023-06-08
Server Pro Image ID: aa27991a39a7
Community Edition Image ID: 26c75dfb6485
Git Bridge Image ID: 9bfd98050a43
Fixes a bug navigating through the documentation pages when SHARELATEX_PROXY_LEARN=true.
Release date: 2023-05-30
Server Pro Image ID: 3014d696b579
Community Edition Image ID: 26c75dfb6485
Git Bridge Image ID: 9bfd98050a43
Note: An issue was discovered with version 4.0 so it was never made public. This resulted in 4.0.1 being the first release in the 4.0 release line.
Important: Before upgrading to this new major version you will need to first upgrade your Overleaf Server Pro instance to version 3.5.10 and migrate your projects to the new Full Project History system. Server Pro 4.0.0 will fail to start unless all the projects have been migrated.
Read Full Project History migration instructions.
This major release includes database migrations. Please ensure you have a database backup before upgrading.
MongoDB now needs to run as a Replica Set. If you use an external Mongo database, you might already be running a replica set. If you use the Overleaf Toolkit you just need to pull the Toolkit's latest version. If you don't use the Toolkit, please see the instructions at the end of these release notes.
We’ve also updated the version of Redis to 6.2. This change requires no action other than updating the image version. If you’re using the Overleaf Toolkit, add the environment variable REDIS_IMAGE=redis:6.2 to config/overleaf.rc (or update the version, if it was already defined). If you’re using a custom docker-compose.yml, change the redis container image to redis:6.2.
If upgrading to Redis 6.2 results in a restart loop, see this article in our troubleshooting guide for more information.
Overleaf Git integration – See the documentation for instructions to set up the git-bridge in your Server Pro install.
Enhanced Rich Text functionality – Rich-text commenting and tracked changes.
Support documentation for horizontal scaling, which allows for increased computing resources for large deployments
A new Source editor in addition to the Legacy editor will be available to users. (The Legacy editor will eventually be retired. If users have any feedback or issues, please fill out this form.) The new Source editor provides better accessibility, and better support for non-latin text.
Deleted projects and users can be automatically cleaned up after 90 days. This is an opt-in feature that can be enabled by setting the ENABLE_CRON_RESOURCE_DELETION environment variable to true. See the configuration documentation.
TeX Live 2023 is now the default version for instances not running Sandboxed Compiles.
The limit on a project’s editable content size (the sum of sizes of all editable files) has been increased from 5MB to 7MB.
General performance and stability improvements to the application, along with many small improvements and bug fixes.
The following instructions are not necessary if you use the Overleaf Toolkit or if you use an external Mongo database already configured as a replica set.
If you run MongoDB with docker-compose, add the following command to the mongo container configuration:
Restart the mongo container then start a mongo shell with docker-compose exec mongo mongo. In that shell, run the following command to initiate the replica set:
The standard Server Pro license allows you to run the application in a production environment as well as one in a non-production/sandbox environment; it is highly recommended that you provision a non-production environment for testing.