v2.10 🐙

What's Changed

⚠️ Note: This and newer Tobira versions are incompatible with Opencast 15.5 (and only that version). With Opencast 15.4 and earlier, you won't get the new slide previews, but everything works otherwise. With Opencast 15.6 and later, everything works, including slide previews. Only 15.5 is broken.

User-facing changes

• Allow users to delete videos they have write-access to in #1172
• Enable paella slide previews in #1163
  • Note: you have to run a resync to take advantage of that for existing events.
• Adjust sizing and color of new paella icons to be less bold and distracting in #1165
• Add option to embed videos using Opencast IDs by @geichelberger in #1174
• Open studio and editor in current tab and add return-to-tobira links in #1178
• Hide editor link on live videos since they can't be edited anyway in #1182
• Fix issue where very wide videos could overflow and cause horizontal scrolling in #1183

Changes primarily for admins

• Make font configurable in #1167

Changes primarily for developers

• Update and improve deployment scripts for installation on RHEL9 by @wsmirnow in #1169
• Improve asset handling and use frontend bundle splitting in #1167
• Add block editing UI tests in #1147
• Store custom ACL actions in database in #1164

New Contributors

• @wsmirnow made their first contribution in #1169

Full Changelog: v2.9...v2.10

v2.9 🐍

Breaking changes ⚠

• Rework Tobira permission roles: remove "Tobira moderator", add "Tobira admin", add granular roles in #1137
  • You have to adjust your auth integration to give the appropriate new roles to your privileged users. In the easiest case you just have to replace ROLE_TOBIRA_MODERATOR with ROLE_TOBIRA_ADMIN. But please see the PR or the documentation for more information.
• Improve logging: switch to tracing & make filters more powerful in #1145
  • This is only a configuration-breaking-change. The log.level config value is replaced by log.filters. To get the previous behavior, just replace level = "$yourLevel" in config.toml with filters.tobira = "$yourLevel".

User-facing changes

• Add quality selector for progressive download videos in #1143
• Add series to search results in #1144
• Adjust paella progress bar color in #1149
• Adjust spacing of forwards and backwards button text in #1150
• Use new Paella icons and proper translations in #1162

Changes primarily for developers

• Dependency updates (only patch versions)
• Adjust sync code for series metadata in #1160

Changes primarily for developers

• Add basic search filters (experimental) in #1080
• Update loadtest utility with new GraphQL requests in #1142
• Add "danger zone" UI tests in #1151

Full Changelog: v2.8...v2.9

v2.8 🐻‍❄️

🟢 There are no breaking changes.

Changes primarily for admins

• Fix deadlock in auth cache (solves Tobira freezing problem) in #1141
  • See this issue for more details. This bug was introduced in v2.4, occurring randomly depending on a few factors.
• Fix behavior when auth.callback.cache_duration is set to 0 in #1141
  • Tobira went into a kind of busy loop, using CPU resources needlessly. This bug seems to use up to roughly 1/4 of a single CPU core.
• Pass more metadata to Paella (mainly for Matomo integration) in #1140

Full Changelog: v2.7...v2.8

v2.7 🦦

🟢 There are no breaking changes.

What's Changed

User-facing changes

• Fix broken Quality selector UI in Paella in #1122 (note: currently only used for live videos)
• Fix bug where event search was not returning all events for ROLE_ADMIN in #1134
• Improve some button/link descriptions for screen reader accessibility in #1136

Changes primarily for admins

• Add i18ned footer links by @geichelberger in #1119
• Release authkit 0.2.0 in #1124
• Update paella-user-tracking to fix Matomo's customDimensions and media analytics in #1139
• Dependency updates
  • Note: due to this, the glibc requirement of our pre-built x86_64-unknown-linux-gnu has increased to 2.29. If you are using an old OS that does not satisfy this requirement, use the -musl pre-built binary or build the binary yourself in the system in question. Again: Tobira does not require a newer glibc version, just this one pre-built binary.

Changes primarily for developers

• Switch to login callback for local development & deployment server in #1123
• Improve UI tests by running each in isolation (separate Tobira process & DB) with fixed offline data in #1093
• Use secret password for admin user on test deployment in #1135

Full Changelog: v2.6...v2.7

v2.6 🦣

What's Changed

Breaking changes ⚠

With this release, the auth system was restructured to be more flexible, convenient and powerful. All previous "auth modes" are still supported and you don't have to change anything apart from the Tobira config file! See the "Migration" section at the bottom of these release notes. As part of this, the documentation about auth was reworked. See those new docs or this PR for more information.

• Remove auth.mode in favor of auth.source plus auth.session.*
• Move auth.session_duration to auth.session.duration
• Remove a auth.*_header configs. These were not useful, see this commit for the reasoning.
• Move role-related configs into auth.roles. That's moderator_role, upload_role, studio_role, editor_role, user_realm_role, and user_role_prefixes.
• Always add ROLE_ANONYMOUS and ROLE_USER to logged in users. Technically a breaking change, but this should always be the case. It might not have been in the past if fauly auth integrations forgot to add those roles.

Apart from the auth related changes, there are two other breaking changes:

• Tobira moderators (ROLE_TOBIRA_MODERATOR) cannot edit all pages anymore. Only ROLE_ADMIN can do that implicitly. To retain the old behavior, add ROLE_TOBIRA_MODERATOR as "page admin" to the home page. (You might have to add a "known group" for that purpose.)
• The libc requirement for the tobira-x86_64-unknown-linux-gnu binary increased to 2.31 (which is Ubuntu 20.04 kind of old). If this is a problem for you, you an always use the -musl build.

User-facing changes

• Add granular permissions to the page tree in #1097
  • This allows you to give users access to only parts of the page tree. Access is inherited down the tree, meaning that giving a user access to one page means that user also has access to all sub-pages. There are two levels of permissions: page admin (can do everything) and moderator (cannot delete the page, change its path, or change access rules).
• Add configurable "terms and conditions" popup in #1112
  • Useful in combination with the added basic Matomo integration.
• Update Paella and add support for fallback fullscreen mode on iOS in #1113
• Revise download menu listitems in #1111
• Add arrow navigation to remaining popover menus in #1001
• Fix overlarge thumbnails in series slider view in #1078
• Group edit series options by @geichelberger in #1079
• Left align "about tobira" page content in #1084
• Add breadcrumbs to series pages in #1085
• Make logout button work with keyboard in #1083
• Hide child list in "change order" UI if sorted alphabetically in #1105
• Fix login page redirect when login_link is not configured in #1117
• Extend edit series block by @geichelberger in #1058
• Change edit series block label "layout" to "Metadata" in #1076

Changes primarily for admins

• Add auth callbacks in #1032
  • This is a new way to include your custom auth logic with Tobira. It is preferred over the existing "auth header" solution for several reasons. It usually makes setup a lot easier and the whole system faster. See the new auth docs for more information.
• Add initial support for Matomo data collection via Paella player in #1099
• Fix bug in auth.mode = "opencast" in #1109
• Fix deserialization bug for harvesting in special cases in #1109
• Add logging of useful DB server information in #1089
• Future proof harvest sync code for new items in #1115

Changes primarily for developers

• Add url field to routes to build path and use it everywhere in #1035
• Split ci action into two jobs to start deploy faster in #1073
• Actually pass relevant options through to start-dev.sh by @JulianKniephoff in #1104
• Stop using non-existent Roboto fonts in Paella in #1106
• Add realm ACL roles to db dump in #1110

Full Changelog: v2.5...v2.6

Migration

This section should make the it easy to adjust to the auth system changes that replace auth.mode. Be sure to check the other breaking changes as well.

You currently have auth.mode = ...

"opencast"

[auth]
source = "tobira-session"
session.from_login_credentials = "opencast"

"login-proxy"

[auth]
source = "tobira-session"
session.from_session_endpoint = "trust-auth-headers"

Consider migrating to login callbacks.

"full-auth-proxy"

[auth]
source = "trust-auth-headers"

Consider migrating to auth callbacks.

v2.5 🦔

🟢 There are no breaking changes.

User-facing changes

• Fix router bug to prevent critical errors when redirecting internally in #1060
• Filter out past live events from search results in #1062
• Implement several minor UI improvements in #1061
• Unify series block layouts by always placing the description inside the block in #1020
• Improve video item spacing in series blocks for certain screen widths in #1071
• Replace radio buttons in edit series form with simple radio/checkboxes the in #1021

Full Changelog: v2.4...v2.5

v2.4 🐢

This is quite a big release which adds a UI for editing ACLs, switches to the new and much improved Paella design, includes a redesign of the search page, and much more. Unfortunately, there are also a number of breaking changes.

What's Changed

Breaking changes ⚠

• Tobira now requires MeiliSearch ≥ 1.4 (see our docs on how to update)
• Tobira now requires PostgreSQL ≥ 12
• Tobira now requires the hstore extension in the PostgreSQL DB. For PG12 you have to manually install that extension. For PG13 and newer, you don't have to do anything.
• A required config value general.tobira_url was added. You have to specify the public URL under which Tobira is available.
• It is now required that the roles for a user (returned by the auth integration) contain exactly one user role (that is: a role starting with the configured auth.user_role_prefixes, ROLE_USER_ by default). This is almost certainly already the case for almost everyone, but we are now officially requiring this property.

User-facing changes

• Add UI to set ACLs/access rules.
  • Currently this is only used in the uploader, but in the future, the same UI will be used to edit the ACL of events/series or to give granular editing permissions for pages. Developing this UI unblocks quite a few features.
  • The functionality is quite flexible, allowing you to configure "groups" that users can select from. Individual users can also be added by specifying their exact username/email or searching for their name (configurable).
  • There are still some limitations that we plan on addressing in the near future: custom actions, possible to disable, ACL merge support.
• Use new Paella skin and improve player UX
  • Tobira finally uses the new Paella skin, making the player (and by extension the video page) look a lot more modern. Paella uses the configured primary color for accents.
  • The UX was improved by making the Paella UI disappear more quickly while the video is playing, and by showing a more appropriate icon when hovering over elements that can be clicked.
  • Updates: paella-core (1.41.0 -> 1.46.1), paella-basic-plugins (1.31.2 -> 1.44.2), paella-zoom-plugin (1.29.0 -> 1.41.1)
• Improve search page in #1025.
  • This is the start of us finally giving some love to the search functionality, improving the design and adding more feature in the future.
• Add timestamp support via ?t=1m23s parameter and "start at:" option to share menu in #943
• Adjust Paella scaling and background in #984
• Fix paella dual stream layout in #985
• Auto pause videos when playing a different one on the same page in #973
• Retain volume setting across all videos in #983
• Let textarea inputs grow dynamically in #970
• Unify focus style on miscellaneous elements in #962
• Disable automatic font size adjustment in iOS safari in #989
• Wrap delete realm button text in #993
• Adjust some translations in #987
• Stop radio buttons from shrinking in #992
• Add contextual video link to "referencing pages" in #995
• Fix scrolling footer in #1022
• Fix text color in text blocks in #1034
• Hide information on "add child" page behind tooltips in #1030
• Use fixed background/color for inputs and textareas in #939

Changes primarily for admins

• Make user role prefixes configurable in #974
• Add docs with general info about Tobira in #935
• Do not include "email": null in JWT (if there is no email) in #964
• Improve error message in case sync.{user/password} are incorrect in #1000
• Update dependencies

Changes primarily for developers

• Add utility functions for building GraphQL event and series IDs in #981
• Change type of event duration in DB from i32 to i64 in #986
• Forward ExternalLink component ref in #997
• Replace most Hero icons by ones from Lucide in #936
• Replace feather icons with lucide icons in #994
• Add musl release builds and basic load testing scripts in #940
• Add compile target to adopter registration stats in #942
• Replace manual DOM ids with "useId()" hook in #980
• Improve homepage of test deployment in #1051

Full Changelog: v2.3...v2.4

v2.3 🙈

🟢 There are no breaking changes.

• Fixes a security vulnerability allowing non-authorized users to see metadata and the thumbnail of listed events via one API. See the advisory for more information.

Full Changelog: v2.2...v2.3

v2.2 🦆

⚠️ Use v2.3 instead, as that contains a security fix.

🟢 There are no breaking changes.

What's Changed

User-facing changes

• Add video-page-link beneath video in video blocks (can be configured per block) in #926
• Add return label to studio link in #928
• Increase dashboad coherence in #896
• Remove highlight when clicking external studio link in #925
• Add scrollbar to multiline copyable inputs (e.g. embed code) in #915
• Close burger menu when clicking specific items in #916
• Fix cut-off thumbails on vertically narrow screens in #919

Changes primarily for admins

• Reduce log noise when the /tobira/stats endpoint does not exist in OC in #912
• Update Paella (paella-core 1.39.3 -> 1.41.0)
• Dependency upgrades

Changes primarily for developers

• Add playwright e2e tests in #868
• Change debug info to "line-tables-only" in #913
• Switch to GitHub LFS for DB dumps in #931
• Clean up translations in #930

Full Changelog: v2.1...v2.2

v2.1 🐑

User-facing changes

• Introduce dark mode (#871)
  • Important: Check if your logo also works (i.e. looks good) in dark mode. If not, you can add a logo variant to be used in dark mode instead of your regular logo (see https://elan-ev.github.io/tobira/setup/theme for reference)
• Update Paella player to fix portrait videos (#867)
• Fix page redirection after external logins (#890)
• Check upload permission for upload route and "upload" nav item by @geichelberger (#903)
• Add note to clarify that selecting a series for uploads is required (if configured that way) (#887)
• Adjust metadata and description layout (#853)
• Adjust grey tones (add new ones and change brightness values) (#900)
• Close QR-modal on outside click (#892)
• Show warning when clicking outside editing block (#891)
• Many smaller fixes:
  • Fix margin around user realm disclaimer on narrow screens (#837)
  • Fix tooltips not opening on mobile (still broken on iOS) (#851)
  • Fix add button tooltip overflow (#852)
  • Fix setting a page name for user root realms (#860)
  • Fix some links that wouldn't work after changing paths or re-adding previously deleted pages (#866)
  • Fix error text color (#894)
  • Change default font of copyable input (#889)
  • Correct quantity wording for uploads (#888)

Changes primarily for admins

• Improve "update" docs (#873)
• Fix db clear by not dropping automatically created array types (#893)
• Add code to regularly send basic statistics to Opencast for adopter registration (#878)
  • Note: The data is just sent to your connected Opencast (via secured connection) and Opencast will only send it out if you registered as an adopter and agreed to that basic data collection. Further, the data only contains very basic statistics that are considered public anyway.
• Add optional email user property by @geichelberger (#899)

Changes primarily for developers

• Fix import-realm-tree command (#861)
• Use shared ESLint config (#876)
• Use @opencast/appkit (#902)

Full Changelog: v2.0...v2.1