Caveat 🔥

These are the release notes of the upcoming release (pull requests merged to the main branch).

• ℹ️ this document is updated automatically by a bot (pr’s to categorize section)
• ℹ️ this document will be roughly updated manually once a week (put PRs + description to the right section)
• 🔥 We don’t guarantee stable APIs. They can still change until the official release
• 🔥 Integration against the upcoming release (currently main branch) is at your own risk

PRs to Categorize

• Add Norwegian Translations

• fix(media cards): Top Info

• fix(deps): update dependency pusher-js from 8.4.3 to v8.5.0 (main)

• Rename colliding deprecation messages

• Tabs in media library sidepanels

• Export media library entry usage log to CSV

• Expose Usage Log Commands in Public API

• Fix validation of confirmed usage log entries

• Fix display filters on multi-source side panel

• Open lightbox with image locale used for thumbnail

• Patch vulnerabilities [main]

• Patch vulnerabilities [main]

• Handle SVG files above 10MB

• Enable multi-select in side panels

• chore(deps): update aws-sdk from 3.1015.0 to v3.1017.0 (main) (minor)

• Fix selection mode by removing unused scrollPosition property

• fix(deps): update dependency @livingdocs/framework from 33.0.2 to v33.0.3 (main)

• fix(deps): update dependency @livingdocs/framework from 33.0.2 to v33.0.3 (main)

• Keep comments component link on transformed documents

• fix(deps): update dependency @livingdocs/framework from 32.13.4 to v33 (main)

• Clear localStorage to prevent cross-test contamination

• Add playwright tests for media library card configs

• fix(deps): update dependency @livingdocs/framework from 33.0.0 to v33.0.2 (main)

• Patch vulnerabilities [main]

• Add vue-template-compiler to dependencies

• Fix image proposals in assistants

• chore(deps): update dependency puppeteer-core from 24.39.1 to v24.40.0 (main)

• Restrict image processing settings for use2025Behavior

• Do not expose maxDimension if use2025Behavior is enabled

• fix(deps): update dependency entities from 7.0.1 to v8 (main)

• fix(deps): update dependency pusher-js from 8.4.0 to v8.4.2 (main)

• Refactor migrations API

• fix(deps): update dependency @livingdocs/framework from 32.13.1 to v32.13.4 (main)

• fix(deps): update dependency @livingdocs/framework from 32.13.3 to v32.13.4 (main)

• Patch vulnerabilities [main]

• Patch vulnerabilities [main]

• fix(deps): update dependency @livingdocs/framework from 32.13.1 to v32.13.3 (main)

• Update vulnerable server dependencies

• Request confirmation before archiving a group

• chore(deps): update dependency exifreader from 4.36.2 to v4.37.0 (main)

• Prevent unexpected scroll jumps

• chore(deps): update aws-sdk from 3.1005.0 to v3.1007.0 (main) (minor)

• chore(deps): update dependency sass from 1.97.3 to v1.98.0 (main)

• fix(image-collections): remove custom desktop / mobile labels for simplicity reasons

• fix(app navigation): Line wrapping

• Migrate canvas to vue

• chore(deps): update dependency babel-loader from 10.0.0 to v10.1.0 (main)

• Feat preserve updated at

• Fix: correct wrong dimensions in DB for rotated images

• Fix check if image collections are enabled

• Prevent onDrag error

• Add script for migrating image modifications to variants

• Show image toolbar button as active when the panel is open

• chore(deps): update dependency pg from 8.19.0 to v8.20.0 (main)

• fix(deps): update opentelemetry (main) (minor)

• Allow gifs with 1800 frames

• Allow gifs with 1800 frames

• fix(deps): update dependency copy-webpack-plugin from 13.0.1 to v14 (main)

• Sort completed tasks on task screen by completed date

• Fix task boards load more button not showing

• chore(deps): update dependency ioredis from 5.9.3 to v5.10.0 (main)

• Patch vulnerabilities [main]

• Improvements for image collections

• Limit search query length and display understandable error

• Fix undefined property error in user needs form

• fix(deps): update dependency c8 from 10.1.3 to v11 (main)

• fix(deps): update dependency @livingdocs/framework from 32.13.0 to v32.13.1 (main)

• Fix Multiselect Selection Navigation in Sidepanel

• Reset additional language after translation deletion

• Delete data record translation

• chore(deps): update aws-sdk from 3.996.0 to v3.997.0 (main) (minor)

• Prevent image editor save button from overflowing

To get an overview about new functionality, read the Release Notes. To learn about the necessary actions to update Livingdocs to release-2026-05, read on.

Attention: If you skipped one or more releases, please also check the release-notes of the skipped ones.

Webinar

• Feature Webinar Recording: TODO
• Feature Webinar Documentation: TODO
• Dev Webinar Recording: TODO
• Dev Webinar Slides: TODO
• Release Newsletter Subscription

System Requirements

Suggested

Minimal

Deployment

Before the deployment

No pre-deployment steps are required before rolling out this release.

Rollout deployment

Migrate the Postgres Database

No migrations are required for this release.

After the deployment

No post-deployment steps are required after rolling out this release.

Rollback

No rollback steps are required for this release.

Breaking Changes 🔥

Direct Imports from lib/ 🔥

Direct file imports from Livingdocs packages are not supported. This release might break direct imports from lib/. Downstreams are urged to remove all direct imports. Since this has never been supported, we will not communicate such changes in the future.

Stricter Validation of Image Processing Config Properties with use2025Behavior 🔥

The server config properties mediaLibrary.images.processing.failOn, mediaLibrary.images.processing.convert, mediaLibrary.images.processing.lossy, and mediaLibrary.images.processing.lossless are not applied when use2025Behavior is enabled. Configuring them alongside use2025Behavior will now result in an error. Please remove these properties if use2025Behavior is enabled.

Removal of Deprecated Image Processing Config Properties 🔥

The deprecated server config properties mediaLibrary.images.processing.maxFileSize and mediaLibrary.images.uploadRestrictions.maxResolution are no longer supported.

Please use the following replacements instead:

• mediaLibrary.images.processing.maxFileSize → mediaLibrary.images.uploadRestrictions.maxFileSize
• mediaLibrary.images.uploadRestrictions.maxResolution → mediaLibrary.images.processing.maxResolution

Deprecations

Features 🎁

Vulnerability Patches

We are constantly patching module vulnerabilities for the Livingdocs Server and Livingdocs Editor as module fixes are available. Below is a list of all patched vulnerabilities included in the release.

Livingdocs Server

This release we have patched the following vulnerabilities in the Livingdocs Server:

• TBD

No known vulnerabilities. 🎉

Livingdocs Editor

This release we have patched the following vulnerabilities in the Livingdocs Editor:

• TBD

We are aware of the following vulnerabilities in the Livingdocs Editor:

• CVE-2023-44270 vulnerability in postcss, it affects linters using PostCSS to parse external Cascading Style Sheets (CSS). It is not exploitable in the editor as we don’t load untrusted external CSS at build time.
• CVE-2022-25844, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, CVE-2024-21490, CVE-2025-0716 are all AngularJS vulnerabilities that don’t have a patch available. We are working on removing all AngularJS from our code and vulnerabilities will go away when we complete the transition to Vue.js.
• CVE-2024-9506 vulnerability in vue, an ReDoS vulnerability exploitable through inefficient regex evaluation in parseHTML function. The issue can cause excessive CPU usage but is not exploitable in the editor as we don’t load untrusted HTML at runtime.

Patches

Here is a list of all patches after the release has been announced.

Livingdocs Server Patches

Livingdocs Editor Patches

Icon Legend

• Breaking changes: 🔥
• Feature: 🎁