The hacks provided on this part of the site generally fall into one of three types: Head HTML Visual Theme System Logical Theme System Some hacks may use a combination of these types. The type of hack required will be shown alongside any example code blocks. Detailed below are the steps required to use each type of hack.| BookStack
Within BookStack you may find that you want to include the same block of content in multiple places. You could copy and paste that content into multiple pages but then, if that content needs to be changed, you’d have to update it multiple times across different pages. By using include tags you can include entire other pages and also include single blocks of content from other pages.| BookStack
BookStack is a simple, open-source, self-hosted, easy-to-use platform for organising and storing information.| BookStack
This hack allows you to dynamically pull in the value of tags into page content, via customizing how page include tags are parsed. This hack will attempt to use tags on the page itself, then look to the parent chapter (if existing), then the parent book’s tags.| BookStack
Today we release the July 2025 version of BookStack which brings a varied bundle of improvements across the platform for better editing, extra customization capabilities and more!| BookStack
BookStack is now over 10 years old! The initial commit for the project was made on the 12th of July 2015, and here we are a decade later. A massive thanks to all those who have contributed to the project. Whether that’s via providing code, reporting issues, providing translations, sponsoring, purchasing support, creating content, interacting with the community, or even just mentioning BookStack to others; This all helps drive the project forward and build motivation to keep the platform evo...| BookStack
BookStack is a simple, open-source, self-hosted, easy-to-use platform for organising and storing information.| BookStack
With the BookStack project soon to be a decade old, I thought it’d be a great time to take a positive look back and assess the things I’m proud about regarding the project.| BookStack
This hack enables interactive Mermaid diagrams to be rendered within a page on BookStack. The Mermaid diagram code itself can be written & edited using either BookStack’s WYSIWYG editor, by creating a code block and assigning it the language “mermaid”, or via the Markdown editor using standard mermaid code fences like so:| BookStack
This hack will, on page view, attempt to convert any drawing images into interactive embedded drawing viewers so that you’ll be able to pan & zoom around the drawings while also being able to interact with things like links within the drawings.| BookStack
Today we have the May 2025 release of BookStack. The headline features of this new version are focused on new comment abilities but we have some other goodies packaged in also!| BookStack
For a while I’ve been playing with the idea of being able to mount a BookStack instance as a Linux file system. I attempted this a while ago, but recently dedicated a day to finishing up a proof on concept for this. The resulting project, with usage details, can be found here on Codeberg:| BookStack
Yesterday I released BookStack v25.02.1 which included a range of updates to the system CLI, one of which being a new command:| BookStack
Today we release BookStack v25.02! This aimed to be a maintenance release with the primary goal of upgrading our core framework, but it grew a little to include some goodies like automatic sorting, theme system additions, and editor improvements.| BookStack
As we cross over yet another year boundary we look back at the progress, maintenance and funding of the project for 2024 with a view of potential plans in 2025:| BookStack
For this Christmas time period we have BookStack v24.12 which includes the gift of a new import & export format, while improving upon the new editor introduced in the last release.| BookStack
BookStack allows its content to be exported in a range of formats, while also providing a few options for importing content. Note that these options are not intended for backup or restore, for which you can find relevant documentation here.| BookStack
This hack adds the ability to write global and book-level glossaries, which will then be utilised when viewing pages by marking those words in page content with a dashed underline. On hover, the set definitions will show in a popup below the word.| BookStack
BookStack v24.10.2 has been released. This is a security release to address a vulnerability in our dependencies where specifically formatted requests could be used to manipulate application configuration in environments where a certain PHP option (register_argc_argv) is enabled. This is not an option that’s typically enabled in production web-serving environments, but it’s advised to update where uncertain.| BookStack
This laggard of a release finally lingers to deployment this day in October bringing the first alpha-state inclusion of the new WYSIWYG editor, which has been the main development focus, but that doesn’t stop a few other goodies being included for this release too!| BookStack
Since we’ve gone a few months without an update I thought it’d be good to provide a post regarding project progress & other activities, so here’s what’s been going on over the last few months:| BookStack
BookStack v24.05.4 has been released. This is a security release to address issues found in LDAP group syncing, where in certain scenarios a user could be matched to extra roles incorrectly, and an issue with content visibility in “book-show” API responses which would not have permissions applied properly.| BookStack
Today the BookStack project becomes 9 years old! Like last year’s post, and the years before it, we’ll take this as an opportunity to provide an update on the status of the project including the financials, current development status, and the growth figures.| BookStack
This hack registers a custom command using the logical theme system, which will prune the revisions of a specific page to just those with a changelog provided (in addition to the current revision), before resetting the revision numbers across the remaining versions to be sequential without gaps. This will also reset the overall revision count on the page.| BookStack
BookStack v24.05.1 has been released. This is a security release that adds extra rate-limiting to some forms that are accessible without authentication, while also implementing changes to prevent methods that could be used to indicate if specific user emails exist in the system.| BookStack
While BookStack has a hierarchy at the center of the platform to organise content, you can sometimes desire an extra dimension of categorisation for content. Tags in BookStack offer this in a flexible manner, where a tag can represent a category and value across all levels & parts of the hierarchy.| BookStack
Today we release a new BookStack feature update that’s mainly focused on updating the core underlying framework and some accompanying code, but that work comes with a sprinkling of extra additions and tweaks too.| BookStack
While we try to ensure a fairly steady & stable path for BookStack updates, requirements do change as software develops & moves on. In particular, the minimum required version of PHP will increase about once per year. Every so often we also may require a new minimum version of composer to be used for BookStack. This page details the common steps required to update these both.| BookStack
When building up a documentation store, or assessing platform options, it can be useful to understand how data is stored so you know how portable & accessible your content is. This page aims to clearly lay-out how content is stored within BookStack and what our general project aims are when it comes to data storage, content formats, and how these may lead design & development decisions.| BookStack
For our first feature release of 2024 we have a variety enhancements to enjoy! Many of these build upon the work from the previous release, while many others address some common pain-points in BookStack.| BookStack
BookStack v23.12.3 has been released. This is a security release that addresses a vulnerability in PDF generation that could be exploited to perform blind server-side-request forgery.| BookStack
Within BookStack you can attach files & links to pages, so they can be referenced within content and shown available for download. Access to attachments is controlled via view permissions to the page they’re uploaded to, so users can only access attachments for pages they can view in the system.| BookStack
As we enter into 2024 I thought we’d once again look back over the past year to review the development of the platform throughout 2023 while also diving into topics about the wider project including funding and the impact of AI.| BookStack
As a little Christmas-time treat we have BookStack v23.12 slipping in as the last release of the year. This release focuses on providing a simple WYSIWYG editor for description inputs, along with adding default page templates within books, in addition to some other additional gifts.| BookStack
BookStack v23.10.3 has been released. This is a security release that addresses a vulnerability in image handling which could be exploited to perform server-side requests or read the contents of files on the server system. Additionally, this update addresses a lack of permission check in some image creation actions.| BookStack
This October maintenance release brings with it more than originally planned, with a significant revamp of user self-management in addition to an updated editor design, along with many other additions & improvements.| BookStack
This is a hack to adapt outgoing webhooks from BookStack so that they are directly compatible with the pushover message API. It specifically targets pushover webhook endpoints, so this won’t affect non-pushover webhooks.| BookStack
The August release of BookStack is now here! This is focused upon an initial implementation of a notification system for content, but as usual there are a few other improvements to enjoy.| BookStack
Since setting it up in 2021, the BookStack YouTube channel has grown to be a fairly significant repository of guides and visual project updates. Our following on YouTube has also grown reaching 1.5k subscribers, which means I can even earn from our content on the platform as an extra minor revenue stream.| BookStack
As we veer towards the middle of July we hit the 8-year mark for the BookStack project. Following the pattern from previous years, we’ll compare the project’s various metrics year-on-year, and provide an update on finances.| BookStack
Today brings us BookStack v23.06 which aims to improve how comments are displayed & used, while also providing a revamp to the image manager among many other fixes and improvements.| BookStack
The BookStack System CLI allows easy running of BookStack infrastructure-level tasks such as backing up, restoring or updating. The CLI is distributed with the BookStack project source code, although the CLI is self-contained and can run independently of a BookStack instance.| BookStack
This hack adds the ability to import “.docx” files into the WYSIWYG editor, by dragging and dropping a “docx” file into the editor area. The file contents are converted to HTML then inserted into the editor at the current cursor position.| BookStack
This hack adds custom autocomplete suggestions to the WYSIWYG page editor (TinyMCE). An autocomplete popup box will show after a “trigger character” (: as configured by default in this hack) is entered after a space, or at the start of a line. Pressing the Escape key will close the autocompleter.| BookStack
This hack adds some level of “footnote” support to the WYSIWYG editor. A new “Footnote” button is added to the toolbar, next to the “Italic” button, that allows you to insert a new footnote reference. Footnotes will automatically be listed at the bottom of the page content. The reference numbering is automatic, chronologically from page top to bottom. New references will change existing numbering if inserted before.| BookStack
BookStack v23.05 releases today, sneaking into the start of May with a bunch of additions, updates and changes including a new command line tool to help with admin operations.| BookStack
There’s no new feature release for BookStack this month, due to various distractions and the type of work done in this release cycle, so I thought it’d be good to instead provide a general project update to highlight what has happened in the last month or so.| BookStack
This hack provides an example of adding custom actions to the WYSIWYG page editor (TinyMCE). By default, this adds an additional “…” overflow menu to the end of the WYSWIYG toolbar, which contains a single new “Insert Cat” button that has a custom icon. When clicked, this adds a placeholder kitten image into the page.| BookStack
This hack will add custom styles & scripts, hiding many parts of the interface while adding additional light/dark mode control, intended to provide a cleaner view that’s suitable for use within iframes embedded on external pages.| BookStack
This hack uses the visual theme system to customize the page export template file, used for both PDF and HTML exports, to add a simple linked “Contents” list to the top of the file, generated from the headers within the document.| BookStack
BookStack requires the ability to write and read files for various uses such as writing logs, handling file uploads and running application code. Ideally, files permissions should be limited to just what’s required to reduce the chance of potential vulnerability exploit.| BookStack
This hack will allow TeX/LaTeX mathematic markup to be rendered within a page on BookStack using MathJax. Inline math can be surrounded with $ and math blocks can be surrounded with $$ or \[...\]. Additionally LaTeX environments and \ref{...} commands will be processed.| BookStack
BookStack v23.02 is here, acting primarily as a maintenance release to upgrade the underlying framework while optimizing things and making a few other additions.| BookStack
Over the last few years BookStack has gained a few different methods that can be used to customize functionally and aesthetics. Quite often, for ideas that don’t quite fit for quick implementation within the core BookStack codebase, I’d provide a simplistic customization that can used to achieve that idea right now, using BookStack’s methods of hackery. These were scattered around GitHub issues, GitHub gists and discord messages, which required me to also provide implementation guidance...| BookStack
This is a hack to add a simple latest-page RSS feed to the BookStack using the logical theme system. A YouTube video covering the build and use of this customization can be found here.| BookStack
BookStack v23.01.1 has been released. This is a security release that addresses a potential vulnerability in PDF generation that could be used to make server-side requests or run potential other PHP code.| BookStack
To start off our releases for the year we have BookStack v23.01 which adds many user experience enhancements & options while also making subtle further back-end changes to permissions.| BookStack
This logical theme system hack allows you to show a custom message on the login form, above the inputs and below the title.| BookStack
This hack will force HTML links, within the main content body of a page, to open in a new tab.| BookStack
This is a hack to BookStack to enable auto-sorting of book chapters and pages upon page or chapter create/update. It sorts by name, ascending, with chapters first. By default it will run for any book with an Autosort tag assigned.| BookStack
Well 2022 is now in the past. During the year BookStack had a few milestones which included reaching the top of Hacker News, becoming 7 years old and hitting 10K stars on GitHub. In this post we’ll look back on how the project has progressed over the year, not just in terms of the codebase but also elements of the wider project as a whole.| BookStack
There are many ways to get around and find content within your BookStack instance outside of following the core hierarchy. Below is an overview of some common options.| BookStack
This allows you to configure notifications to be sent to users within roles defined via tags applied to parent books. For example, if a tag with name Notify and value Admins, Viewers is applied to a book, updates to pages within will be notified via email to all users within the “Admins” and “Viewers” roles.| BookStack
This hack sends out page update notification emails to all users that have marked that page as a favourite. Considerations The sending of emails may slow down page update actions, and these could be noisy if a user edits a page many times quickly. You may run into email system rate-limits with the amount of emails being sent. Options You can customize the email message, if desired, by editing the lines of text within the toMail part at around lines 23-25 of the functions.php code. Code functi...| BookStack
Just sneaking into November is BookStack v22.11 which comes with a splendid spread of surprises intended to enhance many existing interfaces and features of BookStack. There’s no upgrade notices for this one, so let’s jump right in.| BookStack
This is a hack to BookStack, using the theme system, so that login presents itself as a username. Upon login attempt, this will match to a user of <username>@<configured-domain> within the database.| BookStack
Within BookStack you can mark a page as a template so that its content can easily be reused when editing and creating pages. This can be super useful when you need to create many pages following a similar format.| BookStack
BookStack has built-in support for creating and editing drawings via integrating with diagrams.net. This integration provides very powerful drawing/diagram editing capabilities for a range of use-cases. By default BookStack will use the online version of diagrams.net but this is configurable by an admin.| BookStack
This spooky season supplies us with BookStack v22.10, which continues our work to improve permission control while bringing along some extra treats, without any tricks.| BookStack
Today, after over 7 years of continuous active development, we’ve now reached 10,000 stars on GitHub! 🥳 🥳 🥳 Previously when hitting star milestones I’ve written about the the project growth relative to this metric but, since I’ve already published such as post this year, I thought we’d do something different via video.| BookStack
The BookStack September release is here with a variety of desired features that build upon, and enhance, existing BookStack systems. As usual, it also includes language updates and a bunch of tweaks & fixes.| BookStack
As the maintainer of a documentation platform, I find myself taking note of methods of how people go about creating documentation. I strongly believe that there’s no “single best method” when it comes to documentation, and that any option that’d actually be used is a value gain.| BookStack
BookStack v22.07.3 has been released. This is a security release that adds additional filtering to page content to prevent certain cross-site-scripting techniques. These cross-site-scripting techniques would be already by blocked by BookStack’s usage of Content-Security-Policy, but this change will help scenarios where BookStack content is used externally.| BookStack
For July we have what could be considered a “stepping-stone” release since it marks the start of some underlying permission system changes but it does bundle in a rich set of system enhancements & minor features. Let’s jump right in.| BookStack
Another year goes by with BookStack now being 7 years in development from its original commit on the 12th of July 2015. In this post we’ll continue the yearly tradition of reviewing the figures while exploring how this year has proved different to the years before it.| BookStack
BookStack v22.06 is now here! This release was primarily refinement focused but it does include some great new features that may streamline your usage of the platform.| BookStack
Today brings the release of BookStack v22.04! This includes the much-awaited feature of easier page editor switching, in addition to a bunch of other additions and improvements.| BookStack
To support today’s release of the next LTS version of Ubuntu, 22.04 (Jammy Jellyfish), we have added a new BookStack install script for users of this OS:| BookStack
It’s been a while since I last put out a blogpost regarding a GitHub star milestone, with the last being a December 2017 blogpost where we hit 1000 stars. Well today I’m happy to say we’ve now hit 9,000 stars on GitHub! 🥳 🥳 🥳| BookStack
Today we release BookStack v22.03 which features some further additions to the WYSIWYG editor, aiming to align its feature-set with our markdown editor. We also see some changes to the settings view while LDAP users get a useful new debugging option.| BookStack
Today I’m happy to announce availability of official BookStack support services! These services are broken down into a couple of different plans, the detail of which can be found on our new support page.| BookStack
BookStack v22.02.3 has been released. This is a security release that adds better protections against embedded content that could be used in malicious ways. This effectively restricts embedded iframe content in an allow-list approach.| BookStack
Today we announce the first BookStack feature release of 2022. This brings updates & features to the WYSIWYG editor, user management API endpoints and much more. In this post we cover features added in this release in addition to some notable changes in the v21.12 patch releases.| BookStack
A few times recently people have asked how they can get involved and help BookStack so I thought I’d formalize my response into this blog post. While the below is my view in regards to BookStack contributions, it will likely apply to many open source projects| BookStack
BookStack v21.12.1 has been released. This is a security release that better enforces permissions on book-sort & chapter-move operations to address scenarios where content could be moved to non-permissible locations.| BookStack
Thought it would be nice to take some time out to look back over the last year and review how things have progressed. This’ll be a relatively high level summary but more detailed figures can be found in our six years of BookStack post from back in July.| BookStack
As our last feature release of the year BookStack v21.12 is now available. Upon a bunch of fixes & improvements, this release features outgoing webhooks in addition to the ability of copying entire chapters and books.| BookStack
Within BookStack email is used in various ways relating to user management & authentication. Outgoing webhooks are available as a mechanism to extend BookStack or notify in an event-driven manner.| BookStack
BookStack v21.11.3 has been released. This is a security release that helps prevent potential discovery and harvesting of user details including name and email address.| BookStack
BookStack v21.11.2 has been released. This is a security release that address a couple of vulnerabilities relating to API access and page draft related content visibility:| BookStack
Today we release BookStack v21.11 which focuses on a couple of areas that have gone untouched for a while; Those areas being tags and the site-wide search system. These changes sit upon more substantial framework upgrade work that has occurred this release cycle.| BookStack
BookStack v21.10.3 has been released. This is a security release that address a couple of vulnerabilities within the attachment and image serving mechanisms. The attachment vulnerability could result in users uploading content to be served in a way that can be utilized for phishing. The image serving vulnerability could result in unintended file access within your BookStack storage folder.| BookStack
BookStack v21.10.2 has been released. This is a security release that builds upon changes in v21.10.1 which covers a vulnerability which would allow malicious users, who have permission to update or create pages, to upload content that could then be utilized for phishing or other general malicious intent.| BookStack
BookStack v21.10.1 has been released. This is a security release that covers a vulnerability which would allow malicious users, who have permission to update or create pages, to upload content that could then be utilized for phishing or other general malicious intent.| BookStack
October brings us BookStack v21.10. This release is primarily intended to wrap up a few loose ends before we make more substantial framework changes, but it does bring with it a new authentication option in addition to some new API endpoints. In the below we’ll dive into many of the new features and improvements added since v21.08.| BookStack
OpenID Connect (OIDC) can be used within BookStack as a primary method of authentication. This replaces the default email & password authentication mechanism. BookStack supports a simple level of auto-discovery to ease endpoint and key management.| BookStack
Now that I’ve got a bit more time to work on BookStack, I thought it’d be good to do something a little different on the blog and pay tribute to the services we use to help manage the project. Keep in mind that this is not a complete listing of projects that we use within BookStack itself, but instead a listing of the services and projects that we use from a project & code management point of view.| BookStack
BookStack v21.08.5 has been released. This is a security release that covers a vulnerability which would allow malicious users, who have permission to update or create pages, to load content from files stored within the storage/ or public/ directories (Such as application logs) via the page HTML export system.| BookStack
BookStack v21.08.2 has been released. This security release is intended to cover a couple of XSS vulnerabilities, where a malicious user with page edit access could enter script that would execute upon page view. You should update as soon as possible if you allow untrusted users to edit content in your instance.| BookStack
Today we release BookStack v21.08, which brings along multi-factor authentication support in addition to a number of other nice features. Within this post we’ll dive into some of the biggest new changes since the v21.05 release.| BookStack