Release notes 5.x.x
Last updated
Was this helpful?
On-premises
Last updated
Was this helpful?
Release date: 2025-03-21
Server Pro Image ID: 2a15214c521f
Community Edition Image ID: eb2d221f5f5e
Git Bridge Image ID: 8aa85fa0d7df
This is a security release, we updated internal dependencies used by SAML integration.
Release date: 2025-03-11
Server Pro Image ID: 72f7039d52c6
Community Edition Image ID: eb2d221f5f5e
Git Bridge Image ID: 8aa85fa0d7df
Fixes access to Overleaf documentation when using a proxy for external requests.
Adds rate limiters to LDAP /login endpoint
Release date: 2025-01-29
Server Pro Image ID: 6df5c59837a8
Community Edition Image ID: eb2d221f5f5e
Git Bridge Image ID: 8aa85fa0d7df
An issue was discovered with version 5.3.0, so it was never made public. This resulted in 5.3.1 being the first release in the 5.3 release line.
OVERLEAF_LOGIN_SUPPORT_TEXT can now be used to display support information underneath the login button. The text will be shown in the login screen and can be used to direct users to internal support or provide guidance related to logging in, creating accounts, etc.
V1_HISTORY_URL_FOR_GIT_BRIDGE allows separating the history-v1 endpoint for internal traffic (web service → history-v1 service, both in sharelatex container) and external traffic (git-bridge → history-v1, running in separate containers).
Fixed a bug where account deletion fails in certain situations where email service is not available.
Improve file upload processing. The disk-IO load of large instances can drop by up-to 50%.
Security updates to the base image and installed packages, along with improvements and bugfixes.
There are some changes in the languages supported by the spelling service.
Release date: 2024-10-24
Server Pro Image ID: a1b1852ac7bd
Community Edition Image ID: e187f0ff616c
Git Bridge Image ID: f09f6dbba5ee
Note: An issue was discovered with version 5.2.0, so it was never made public. This resulted in 5.0.1 being the first release in the 5.0 release line.
The following environment variables are now available:
LDAP: OVERLEAF_LDAP_IS_ADMIN_ATT and OVERLEAF_LDAP_IS_ADMIN_ATT_VALUE
SAML: OVERLEAF_SAML_IS_ADMIN_FIELD and OVERLEAF_SAML_IS_ADMIN_FIELD_VALUE
When both environment variables are set, the login process updates user.isAdmin = true when the profile returned by the identity provided contains OVERLEAF_LDAP_IS_ADMIN_ATT/OVERLEAF_SAML_IS_ADMIN_FIELD, and its value is either:
Equals to OVERLEAF_LDAP_IS_ADMIN_ATT_VALUE/OVERLEAF_SAML_IS_ADMIN_FIELD_VALUE
An array containing OVERLEAF_LDAP_IS_ADMIN_ATT_VALUE/OVERLEAF_SAML_IS_ADMIN_FIELD_VALUE
Chat feature can be disabled with OVERLEAF_DISABLE_CHAT=true
SAML Audience, which defaults to OVERLEAF_SAML_ISSUER can now be configured with OVERLEAF_SAML_AUDIENCE
Fixes anonymous users accessing a project via read-write link not being able to create labels in the history panel.
Fixes some scenarios where users are unable to change the TeX Live version in the editor (Server Pro only)
Admin: searching users by domain now display admins users.
Admin: a num_active_users metric with the count of active users is now available via /metrics.
Admin: editor resources checks are no longer part of the Launchpad main screen.
Many small improvements and bug fixes.
Release date: 2024-08-13
Server Pro Image ID: cb82f2debf6f
Community Edition Image ID: 28f666f253f8
Git Bridge Image ID: 4cd4bea6fb01
Fixes TexLive version selection after a version of TexLive is removed from ALL_TEX_LIVE_DOCKER_IMAGES.
Fix for invalid URLs returning 500 instead of 400.
Fix SAML SSO when using POST request to the Identity Provider when CSP are enabled.
Removed Editor Resources check from launchpad, which has been broken for a while and wasn't providing any value.
/metrics and /health_check now return 404.
Security update to prevent remote image loading in Visual Editor.
Release date: 2024-07-17
Server Pro Image ID: 7216db608356
Community Edition Image ID: 41a77f59f69e
Git Bridge Image ID: 4cd4bea6fb01
MongoDB 5 is reaching end of life on October 2024. All customers should upgrade to MongoDB 6.0. Follow the link to the official documentation for instructions.
Toolkit users now need to split the MongoDB image between MONGO_IMAGE (with just the image name) and MONGO_VERSION in their config/overleaf.rc file.
Example:
Please ensure you have a consistent database backup before upgrading.
AOF (Append Only File) persistence is now the recommended configuration for Redis persistence.
Redis documentation in the Overleaf wiki.
Toolkit users have AOF persistence enabled by default for new installs. Existing users are recommended to follow the instructions on the official documentation to switch to AOF:
docker-compose v1 has reached its End Of Life in July 2023 (https://docs.docker.com/compose/migrate/). Support for docker-compose v1 in the Overleaf Toolkit will be dropped with the release of Server Pro 5.2. We recommend upgrading to Docker Compose v2 before then.
SAML: multiple certificates are now supported. You can now set a list of comma-separated certificates in OVERLEAF_SAML_SIGNING_CERT and OVERLEAF_SAML_CERT
CSP (Content Security Policy) is now enabled by default. It can be disabled adding OVERLEAF_CSP_ENABLED=false to config/variables.env.
Fixes a bug where projects created before enabling the templates feature couldn't be published as templates.
Fixed spacing in project list footer.
Fixed post-login redirection when login after clicking the "Log in" button in the header.
Removed support for running LaTeX compiles with Docker-In-Docker in Server Pro. Sandboxed compiles using "sibling" containers is not affected by this.
TeX Live images, as used for Sandboxed Compiles, need to be pulled outside of Server Pro now. All customers have been granted read access to quay.io/sharelatex/texlive-full.
The Overleaf Toolkit is pulling all configured images as part of bin/up. You can disable the automatic pulling using SIBLING_CONTAINERS_PULL=false in your config/overleaf.rc file.
Stricter and faster graceful shutdown procedure for the Server Pro container
The environment variable SYNCTEX_BIN_HOST_PATH is no longer used by the application
We are sunsetting window properties like window.project_id. If you need access to any of these, please reach out to support@overleaf.com to discuss options.
Significant reduction in Docker image size for Server Pro and CE
Security updates to the base image and installed dependencies.
Minor improvements and bugfixes.
Release date: 2024-07-12
Server Pro Image ID: a8c301474a4d
Community Edition Image ID: 6f3e55a67fd5
Git Bridge Image ID: 455a8c0559a4
This is a security release. We added stricter controls for accessing project invite details and locked down access to files via the LaTeX compilation service.
We strongly recommend turning on the Sandboxed Compiles feature in Server Pro.
Release date: 2024-06-20
Server Pro Image ID: c9de60b06959
Community Edition Image ID: 46bb44d4215d
Git Bridge Image ID: 455a8c0559a4
This is a security release. We added stricter controls for creating projects from ZIP URLs.
Release date: 2024-06-11
Server Pro Image ID: 60da5806f83e
Community Edition Image ID: 46bb44d4215d
Git Bridge Image ID: 455a8c0559a4
This is a security release. We added stricter controls to prevent arbitrary CSS loading in the project editor.
Release date: 2024-05-24
Server Pro Image ID: b0db0405a7ce
Community Edition Image ID: abcec6efbbf7
Git Bridge Image ID: 455a8c0559a4
This release provides security updates, bug fixes, and performance enhancements, including:
Stricter controls to prevent arbitrary JavaScript execution in the browser.
Updated libraries to enhance security and performance.
Release date: 2024-04-24
Server Pro Image ID: dc88a9ade14d
Community Edition Image ID: b4712d596c75
Git Bridge Image ID: 455a8c0559a4
This release builds up on 5.0.2 and includes the second revision of the recovery process for doc versions.
If you never ran Server Pro version 5.0.1 or Community Edition version 5.0.1, or you started a brand new instance with 5.0.1, you do not need to run this recovery process. Please see the Bugfixes section for Server Pro 5.0.2 below for details on the need for a recovery and follow the updated wiki page on the recovery process.
2024-04-22: We are retracting version 5.0.2. We have identified a few corner cases in the recovery procedure for docs.
2024-04-24: Server Pro version 5.0.3 sports fixes for the previously identified corner cases.
Release date: 2024-04-22
Server Pro Image ID: 06eed5680340
Community Edition Image ID: 9f018f899ba5
Git Bridge Image ID: 455a8c0559a4
Server Pro 5.0.2 is a security release for the application runtime.
The Node.js runtime has been upgraded to 18.20.2. Check their release notes (18.20.1, 18.20.2) for more information.
Fixes database migration that resulted in the loss of doc versions. These are used by the history system and their loss resulted in the history system skipping over updates effectively resulting in no further changes to the history view and git-integration. This release fixes the database migration and also sports a recovery process for instances that ran release 5.0.1. If you ran version 5.0.1, please take a look at the dedicated doc version recovery process.
Fixes references and templates services on Docker 26 IPv6.
Adds bin/flush-history-queues and bin/force-history-resyncs utility scripts.
2024-04-18: We have identified a critical bug in a database migration that causes data loss. Please defer upgrading to release 5.0.1 until further notice on the mailing list.
2024-04-24: Server Pro 5.0.3 has been released with a fix and recovery process that does not need access to a backup. See details above.
Release date: 2024-04-02
Server Pro Image ID: 0d28770b4692
Community Edition Image ID: ee69bf0baddf
Git Bridge Image ID: 455a8c0559a4
This major release includes the following changes:
Required database upgrade from MongoDB 4 to MongoDB 5
Rebranding of SHARELATEX_* to OVERLEAF_* environment variables
Rebranding of filesystem paths from ShareLaTeX brand to Overleaf brand
Important: the Toolkit will help migrating your configuration, please follow the prompts of bin/upgrade.
MongoDB 4.4 has reached end of life on February 2024. All customers should upgrade to MongoDB 5.0 before upgrading to the 5.0 release line.
The release also includes migrations that update the database in a backwards incompatible format.
Please ensure you have a consistent database backup before upgrading. In case of roll-back, you will need to restore the database backup. Server Pro 4.x is not capable of reading the new format, which can result in data-loss or broken projects.
Environment variables have been rebranded from SHARELATEX_* to OVERLEAF_*. Overleaf Toolkit users should be prompted to perform the migration when running bin/upgrade, and warnings will be printed when trying to run the Overleaf instance with the incorrect configuration.
Filesystem paths have also been rebranded from ShareLaTeX brand to Overleaf brand:
/var/lib/sharelatex -> /var/lib/overleaf
/var/log/sharelatex -> /var/log/overleaf
/etc/sharelatex -> /etc/overleaf
Filesystem changes are automatically handled by the Overleaf Toolkit. Otherwise, make sure bind-mount targets are updated to refer to the Overleaf equivalent, e.g.
docker-compose/yml before:
docker-compose.yml after:
Added support for using IAM credentials when using AWS S3 for project/history files
Server Pro will refuse to start when using an older version of MongoDB
Fixes a scenario in which the share project modal doesn't display the link-sharing links immediately after turning on the feature
All services are now using IPv4 in the container
Container image upgrade from Ubuntu 20.04 to 22.04 LTS
Security updates to the base image and installed packages, along with improvements and bugfixes.
The standard Server Pro license allows you to run the application in a production environment as well as one in a non-production/sandbox environment; it is highly recommended that you provision a non-production environment for testing.