CodiMD 2.5.0 - The Formosan hare

The Formosan hare (scientific name: Lepus sinensis formosus), a species of the rabbit family, is a subspecies unique to Taiwan. It measures 30-40 centimeters in length, with a tail that's 5-6 centimeters long and ears that are 8-10 centimeters long. Smaller than the Chinese hare, it has brownish eyes.
Wikipedia

Security Fixes

• [Security Issue] Strip HTML tags for gist id to avoid stored XSS on showing error [Security Issue] #1691 @jackycute
• [Security Issue] Upgrade mermaid to version 8.10.2 to avoid prototype pollution #1690 @jackycute
• [Security Issue] potential XSS in vimeo embed #1792 @galaxian85
• [Security Issue] FIX: pandoc security issue #1790 by @galaxian85
• [Security Issue] fix: sanitize pdf url to prevent XSS on inline PDFs #1832 @EastSun5566

Fixes

• Avoid append zero suffix on exporting user data #1680 @jackycute
• Handle when request url has no valid referer #1679 @jackycute
• Fix S3 client config passing for image upload #1683 @jackycute
• Set a proper "lang" attribute on <html> #1481
• Fix matchInContainer false positives #1605 @tamo
• Convert "include" directives to functions #1580 @tamo
• Move HTML-related code from JS to EJS to enable more i18n #1587 @tamo
• fix: may referernce out of bound index in clearDuplicatedHistory #1706 @a60814billy
• Feat/csrf export user data #1695 @a60814billy
• sequelize.import deprecation #1724 @Yukaii
• chore: remove unused uglifyjs-webpack-plugin dep #1723 @Yukaii
• fix: should not clear guest history when guest pin note #1697 @a60814billy
• Fix: s3 api supported multiple cloud providers. fixes: https://github.com/hackmdio/codimd/issues/1761 #1762 @blademainer
• Fix: Code Fence parameter parsing #1739 @V1ncNet
• Update README.md to remove IE from supporting list #1729 @jackycute
• FIX: server crash when filename too long #1789 @galaxian85
• fix: use encoded note id to update history #1804 @bbtfr
• 🐛 [fix] modify replacement rule for disqus short-name #1750 @chenxuanzzy
• Fix history page nav #1808 @jackycute
• Fix the uploadimage form #1814 @hcyuser
• bugfix/uploadimage form #1836 @Yukaii
• Add the logout callback to prevent exception. #1813 @hcyuser
• Add the logout callback to prevent exception #1837 @Yukaii

Enhancements

• Add TeX mhchem extensions for MathJax #1684 @jackycute
• Upgrade flowchart.js to version 1.15.0 #1685 @jackycute
• Upgrade codemirror to 5.63.2 #1716 @Yukaii
• Update de.json in #1741
• Documentation - add Music section and move abc abd fretboard to this section #1715 @brunetton
• chore: bump meta-marked to 0.5.0 #1722 @Yukaii
• Typos + Better translation for "Externals" #1793 @eyssette
• feat: Migrate to gtag and support GA4 #1798 @assanges
• 【fix】reword japanese #1802 @AQ-masatoshi-yamaguchi
• upgrading pg to 8.8.0 to support new scram-sha-256 authentication #1784 @phntom
• feat: add organizations whitelist to GitHub OAuth #1710 @jakubgs
• Add oauth2 authorization #1626 @joachimmathes
• Update both Traditional and Simplified Chinese locales #1815 @PeterDaveHello

DX

• Run CI with GitHub Actions #1694 @Yukaii
• Add dev container for GitHub Codespaces and VSCode remote container #1688 @a60814billy
• Add arm64 docker image build. #1701 @YadominJinta
• fix(buildpacks): replace custom buildpack with APT buildpack #1797 @EtienneM
• Update minimum required node.js version to v12 with npm package dependencies #1799 @PeterDaveHello
• Upgrade Node.js version #1767 @inductor
• Update node.js version in .nvmrc #1816 @PeterDaveHello
• Update npm dependencies #1817 @PeterDaveHello

Thank you

Thank you guys for being here and making CodiMD awesome ❤️

• @jackycute
• @galaxian85
• @EastSun5566
• @tamo
• @a60814billy
• @Yukaii
• @blademainer
• @V1ncNet
• @bbtfr
• @chenxuanzzy
• @brunetton
• @eyssette
• @assanges
• @AQ-masatoshi-yamaguchi
• @phntom
• @jakubgs
• @joachimmathes
• @PeterDaveHello
• @YadominJinta
• @EtienneM
• @inductor
• @hcyuser