Papra changelog

Here are the changelogs of the docker images released by Papra.
For version after v0.9.6, Papra uses Calver as a versioning system with the format YY.M.N where M is the month number (1-12, not zero-padded, where 1 = January and 12 = December) and N is the number of releases in the month starting at 0 (e.g. 26.5.11 is the 12th release of May 2026).

v26.2.2

In the advanced PDF viewer, added empty placeholders for thumbnails to prevent layout shifts.

PR #911 548608b By @CorentinTh
Fix an issue in the advanced PDF that caused the outline panel to appear empty

PR #911 548608b By @CorentinTh

v26.2.1

Fixed an issue preventing the "about Papra" dialog from opening.

PR #908 2143728 By @CorentinTh

v26.2.0

Added a "Open with..." button for documents along with a complete PDF viewer page with standard features such as thumbnails, outline, attachments, and document properties.

PR #894 77186da By @CorentinTh
Replaced date-fns functions with in-house implementations to avoid pulling the 30MB lib (mainly due to locale data).

PR #820 3fa398c By @CorentinTh
Added explicit error when trying to update a tag with a name that already exists

PR #852 71872db By @CorentinTh
In the search queries, tag filters are now case-insensitive, so tag:Important and tag:important will match the same tag (as tags names are case-insensitive).

PR #827 ca2ef28 By @CorentinTh
Synchronized pagination state in the URL on the documents list page.

PR #883 63ddecf By @CorentinTh
Trim tag names and descriptions on creation and update to avoid leading/trailing spaces.

PR #826 494aa5b By @CorentinTh
Added a button to generate a random color in the tag creation/edition modal.

PR #829 393a155 By @CorentinTh
Significantly reduced the size of the rootless docker image by preventing file duplications due to chown operations, gaining ~230MB, more than 30% reduction in size.

PR #810 1d5ada8 By @What-is-water93
Added an option to limit the number of tags that can be created in an organization, defaulting to 200. Configurable via the MAX_TAGS_PER_ORGANIZATION environment variable.

PR #900 9058f9e By @CorentinTh
Excluded Synology specific files for the ingestion folder

PR #884 4c7da4b By @CorentinTh
Coerce MIME type of intake email attachments when declared as application/octet-stream or empty, using magic bytes detection with extension-based fallback.

PR #896 fdd955e By @CorentinTh
Fixed a race condition that could incorrectly show the "Email verified" page after successful login, even when email verification had not been completed or was not required.

PR #859 afcfcf7 By @CorentinTh
Improved the document tag picker UI and UX, allowing tags to be managed from the document list.

PR #870 69633fb By @CorentinTh
Added tagging rules creation/update loading states

PR #855 3f4ca07 By @CorentinTh
Removed misleading "git missing" error log on app startup when git isn't available, like in Docker env.

PR #880 4f5b29b By @CorentinTh
Tag names uniqueness enforced with case insensitivity per organization. Migration will ensure deduplication by appending prefixes in case of existing collisions.

PR #822 b6951ea By @CorentinTh
Added small header in organization creation page to quickly access the invitations when first organization is being created

PR #811 1eeb3df By @CorentinTh
The command palette state no longer resets when opening it, allowing to keep the search query and results when closing and reopening it.

PR #903 d13c74f By @CorentinTh
Added tag creation/update button loading state

PR #851 316a8c2 By @CorentinTh
Enforced the length of the intake email webhook secret (INTAKE_EMAILS_WEBHOOK_SECRET) to be between 16 and 128 characters to match the OwlRelay API validation requirements.

PR #892 1c1d273 By @CorentinTh
Prevented multiple tagging-rules creation attempts when clicking the create button quickly.

PR #855 3f4ca07 By @CorentinTh
Prevented multiple tag creation attempts when clicking the create button quickly.

PR #851 316a8c2 By @CorentinTh
Api breaking change: removed the /api/organizations/:organizationId/documents/search endpoint in favor of the existing /api/organizations/:organizationId/documents with an optional searchQuery query parameter. The new /api/organizations/:organizationId/documents endpoint now behave as the old /search endpoint, with all documents being returned when searchQuery is empty. Note that the response field totalCount of the old /search endpoint has been renamed to documentsCount in the new endpoint.

Before:
```
GET /api/organizations/:organizationId/documents/search?searchQuery=invoice&pageIndex=1&pageSize=20
Response: {
  documents: Document[];
  totalCount: number;
}

GET /api/organizations/:organizationId/documents?pageIndex=1&pageSize=20
Response: {
  documents: Document[];
  documentsCount: number;
}
```
After:
```
GET /api/organizations/:organizationId/documents?searchQuery=invoice&pageIndex=1&pageSize=20
Response: {
  documents: Document[];
  documentsCount: number;
}
```
PR #899 d1eae05 By @CorentinTh
Security fix: prevented unauthorized listing to organization tags and webhooks. An authenticated user could list the tags and webhooks of an organization they are not a member of by sending requests to the corresponding endpoints by knowing the organization ID. Credit to Sergio Cabrera, security researcher, for responsibly disclosing this vulnerability.

PR #893 0c62716 By @CorentinTh

v26.1.0

Renamed the internal distribution package from @papra/docker to @papra/app. New release tags will use the format @papra/[email protected] instead of @papra/[email protected].

PR #796 aaa05a8 By @CorentinTh
Tag list: order tags by creation date descending (newest on top)

PR #784 2c078e2 By @CorentinTh
When navigating to / and having only one organization, get redirected to that organization

PR #781 7c5e68f By @CorentinTh
Fix tag automatic search link issue when tags have spaces, before tag:my tag would not work, now generate tag:"my tag" to fix it.

PR #783 ad575bf By @CorentinTh
Hide the "Don't have an account? Register" link on the login page when new account registration is disabled.

PR #795 3a41531 By @CorentinTh
Added the has:tags search filter to check for the presence or absence (-has:tags or NOT has:tags) of tags on documents.

PR #785 45534a0 By @CorentinTh
Properly tree-shake all demo assets to reduce the size of production non-demo build. Reducing the bundle assets by ~~70kB (~~55kB on main chunk + removed demo chunk of ~15kB).

PR #777 42e401c By @CorentinTh
Added Greek language support

PR #794 0485701 By @ktsourdinis
Added Russian language support

PR #798 c27d85f By @cergmin

v26.0.0

API Breaking Change: Document search endpoint now returns complete documents along with total count matching the search query, and no longer nests results under searchResults.

Before:

// GET /api/organizations/:organizationId/documents/search?searchQuery=foobar
{
  searchResults: {
    documents: [
      { id: 'doc_1', name: 'Document 1.pdf' },
      { id: 'doc_2', name: 'Document 2.pdf' },
    ],
  },
}

After:

// GET /api/organizations/:organizationId/documents/search?searchQuery=foobar
{
  documents: [
    { id: 'doc_1', name: 'Document 1.pdf', mimeType: 'application/pdf' /* ...otherProps */ },
    { id: 'doc_2', name: 'Document 2.pdf', mimeType: 'application/pdf' /* ...otherProps */ },
  ],
  totalCount: 42,
}

PR #758 a2a2061 By @CorentinTh

Added a "Show more results" option in quick search when there is more document not displayed

PR #761 2e46c08 By @CorentinTh
Improved search speed by using document and organization ids in index The first restart after updating may take up to few minutes as the search index is rebuilt

PR #733 848671b By @CorentinTh
The documents page can now be used with advanced search queries

PR #758 a2a2061 By @CorentinTh
Auto assign admin role to the first user registering

PR #723 68d848e By @CorentinTh
Added about page and modal with version informations

PR #726 e8f6217 By @CorentinTh
Added a dedicated increased timeout for the document upload route

PR #707 a213f06 By @CorentinTh
Added a feedback message upon request timeout

PR #712 b8c14d0 By @CorentinTh
Added support for two factor authentication

PR #717 f3fb5ff By @CorentinTh
Organizations listing and details in the admin dashboard

PR #702 ec34cf1 By @CorentinTh
Added advanced search syntax support

PR #746 685f03c By @CorentinTh
Properly cleanup orphan file when the same document exists in trash

PR #715 7448a17 By @kirarpit
Added query params sync for the search query in the documents search page for deep linking and browser state navigation

PR #758 a2a2061 By @CorentinTh
Removed the possibility to filter by tag in the /api/organizations/:organizationId/documents route, use the /api/organizations/:organizationId/documents/search route instead.
```
# Before:
GET /api/organizations/:organizationId/documents?tags=yourTagId

# After:
GET /api/organizations/:organizationId/documents/search?query=tag:yourTagNameOrId
```
PR #758 a2a2061 By @CorentinTh
Changed config key config.server.routeTimeoutMs to config.server.defaultRouteTimeoutMs (env variable remains the same)

PR #707 a213f06 By @CorentinTh
Added api endpoint to check current API key (GET /api/api-keys/current)

PR #718 8d70a7b By @CorentinTh

v25.12.0

Document search indexing and synchronization is now asynchronous, and no longer relies on database triggers. This significantly improves the responsiveness of the application when adding, updating, trashing, restoring, or deleting documents. It's even more noticeable when dealing with a large number of documents or on low-end hardware.

PR #685 cf91515 By @CorentinTh
Enforcing the auth secret to be at least 32 characters long for security reasons

PR #686 95662d0 By @CorentinTh
Now throw an error if AUTH_SECRET is not set in production mode

PR #686 95662d0 By @CorentinTh
Added a platform administration dashboard

PR #689 d795798 By @CorentinTh
Added support for Simplified Chinese language

PR #675 17d6e9a By @CorentinTh
Fixed an issue where the document icon didn't load for unknown file types

PR #679 6f38659 By @CorentinTh

v25.11.0

Added the possibility to filter out some email domain names for new registration

PR #638 ae3abe9 By @CorentinTh
Lazy load some demo-mode specific code to reduce production client bundle

PR #633 d267605 By @CorentinTh
Added translations for document table headers

PR #618 868281b By @CorentinTh
Added some logging context when an intake email is received

PR #653 ca80806 By @CorentinTh

Api breaking change: the document search endpoint return format changed, impacting any custom clients consuming it.

Before

// Get /api/organizations/:organizationId/documents/search
{
  documents: {
    id: string;
    name: string;
    mimeType: string;
    // ... other document fields
  }
  [];
}

After

// Get /api/organizations/:organizationId/documents/search
{
  searchResults: {
    documents: {
      id: string;
      name: string;
    }
    [];
  }
}

PR #650 dc6ee5b By @CorentinTh

Limit concurrent browser upload to avoid network crashes

PR #619 5b5ce85 By @CorentinTh
Made the tags clickable in the tag list

PR #609 cb1f1b5 By @dbarenholz
Intake email edge case: use original destination addresses when available for intake emails when forwarded

PR #655 08f4a1c By @CorentinTh
Removed the possibility for unauthorized upload to another organization you're not member of

PR #660 9b43baf By @bkwi
Upgraded to node v24

PR #616 1922f24 By @CorentinTh
Added Dutch translation

PR #607 abc463f By @dbarenholz
Improved server authentication logging

PR #625 ee9eff4 By @CorentinTh
Improved unique constraints error when dealing with hosted libsql db

PR #623 b087764 By @CorentinTh
Fix tags table overflow for long tag descriptions: added some text wrapping for the description

PR #637 479a603 By @CorentinTh
Fix environment variable DOCUMENT_STORAGE_S3_FORCE_PATH_STYLE validation schema to account for boolean string

PR #657 96403c0 By @CorentinTh

v25.10.2

Added an email verification confirmation/expiration page

PR #602 79e9bb1 By @CorentinTh
Improved graceful shutdown

PR #577 bd3e321 By @CorentinTh
Reduced client bundle size by removing date-fns

PR #584 f4740ba By @CorentinTh
Fix client redirection issue on non-existent organization

PR #598 377c11c By @CorentinTh
Added text extraction support for .docx, .odt, .rtf, .pptx and .odp

PR #580 1228486 By @CorentinTh
Updated pnpm version

PR #591 0aad884 By @CorentinTh
Added global errors handlers

PR #575 be25de7 By @CorentinTh
Added missing translations in the tagging rule form

PR #601 16ae461 By @CorentinTh
Choose between All conditions must match and Any condition must match in tagging rules

PR #601 16ae461 By @CorentinTh
Fixed the webhook last triggered date always showing "never" in the webhook list.

PR #582 182ccbb By @CorentinTh
Improved the translation of dates and relative time

PR #583 b0abf7f By @CorentinTh
Added the possibility to start either just the api, just the workers, or both (default)

PR #577 bd3e321 By @CorentinTh
Fix webhook creation form preventing to create webhooks without secrets

PR #585 a857370 By @CorentinTh
Added button to reapply a tagging rule

PR #540 75340f0 By @jodli
Fixed wrongly formatted [object Object] feedback message in auth pages

PR #589 e9a719d By @CorentinTh

v25.10.1

Removed unnecessary left icon navbar

PR #567 d7df2f0 By @CorentinTh
Added deleted and total document counts and sizes in the /api/organizations/:organizationId/documents/statistics route

PR #556 f66a9f5 By @CorentinTh
Added server hostname configuration

PR #570 c3ffa83 By @CorentinTh
Lighten the client bundle by removing lodash dep

PR #552 8aabd28 By @CorentinTh
Fix weird navigation freeze when direct navigation to organizations

PR #550 1a7a14b By @CorentinTh
Made the validation more permissive for incoming intake email webhook addresses, allowing RFC 5322 compliant email addresses instead of just simple emails.

PR #548 17cebde By @CorentinTh
Prevent small flash of wrong theme on initial load for slower connections

PR #565 e4295e1 By @CorentinTh
Redacted webhook signing secret in api update response

PR #566 92daaa3 By @CorentinTh
Reduced the client bundle size by switching to posthog-lite

PR #560 54cc140 By @CorentinTh
Use organization max file size limit for pre-upload validation

PR #555 c5b337f By @CorentinTh
Redesigned the organization picker in the sidenav

PR #567 d7df2f0 By @CorentinTh

v25.10.0

Use calendar based versioning for docker images

PR #544 9c6f14f By @CorentinTh
Drop docker armv7 support

PR #532 9a6e822 By @CorentinTh
Added soft deletion with grace period for organizations

PR #542 c434d87 By @CorentinTh
Added a page to view organization usage

PR #534 624ad62 By @CorentinTh
Save document activity log when auto tagging rule is applied

PR #538 73ab9e8 By @CorentinTh
Trigger tag-added webhooks when auto tagging rule is applied

PR #538 73ab9e8 By @CorentinTh

v0.9.6

Added env variable to configure ip header for rate limit

PR #531 2e2bb6f By @CorentinTh
Fixed the api validation of tag colors to make it case incensitive

PR #524 c84a921 By @CorentinTh

v0.9.5

Properly handle file names encoding (utf8 instead of latin1) to support non-ASCII characters.

PR #521 b287723 By @CorentinTh
Prevented organization deletion by non-organization owner

PR #517 a3f9f05 By @CorentinTh

v0.9.4

Added an option to disable PRAGMA statements from sqlite task service migrations

PR #508 782f70f By @CorentinTh
Added fallbacks env variables for the task worker id

PR #510 ab6fd6a By @CorentinTh
Added organizations permissions for api keys

PR #512 cb3ce6b By @CorentinTh

v0.9.3

Added the possibility to define patterns for email intake username generation

PR #506 6bcb2a7 By @CorentinTh

Split the intake-email username generation from the email address creation, some changes regarding the configuration when using the random driver.

# Old configuration
INTAKE_EMAILS_DRIVER=random-username
INTAKE_EMAILS_EMAIL_GENERATION_DOMAIN=mydomain.com

# New configuration
INTAKE_EMAILS_DRIVER=catch-all
INTAKE_EMAILS_CATCH_ALL_DOMAIN=mydomain.com
INTAKE_EMAILS_USERNAME_DRIVER=random

PR #504 936bc2b By @CorentinTh

Added the possibility to configure OwlRelay domain

PR #504 936bc2b By @CorentinTh

v0.9.2

Fix to allow cross docker volume file moving when consumption is done

PR #493 ed4d7e4 By @CorentinTh
Added the possibility to define a Libsql/Sqlite driver for the tasks service

PR #500 208a561 By @CorentinTh
Enhanced security by serving files as attachement and with an octet-stream content type

PR #499 40cb1d7 By @CorentinTh
Fix an issue preventing to disable the max upload size

PR #501 b5bf0cc By @CorentinTh
Removed the "open in new tab" button for security improvement (xss prevention)

PR #498 3da13f7 By @CorentinTh

v0.9.1

Fix cleanup state when a too-big-file is uploaded

PR #491 bb9d555 By @CorentinTh
Added a client side guard for rejecting too-big files

PR #492 54514e1 By @CorentinTh
Fix favicons display issues on firefox

PR #488 83e943c By @CorentinTh
Fix i18n messages when a file-too-big error happens

PR #492 54514e1 By @CorentinTh
Clean all upload method to happen through the import status modal

PR #492 54514e1 By @CorentinTh

v0.9.0

Dropped support for the dedicated backblaze b2 storage driver as b2 now fully support s3 client

PR #472 b08241f By @CorentinTh
Added documents encryption layer

PR #480 0a03f42 By @CorentinTh
Stream file upload instead of full in-memory loading

PR #472 b08241f By @CorentinTh
Fix a bug where the ingestion folder was not working when the done or error destination folder path (INGESTION_FOLDER_POST_PROCESSING_MOVE_FOLDER_PATH and INGESTION_FOLDER_ERROR_FOLDER_PATH) were absolute.

PR #483 ec0a437 By @CorentinTh
Use node file streams in ingestion folder for smaller RAM footprint

PR #475 ea9d90d By @CorentinTh
Fixed an issue where tags assigned to only deleted documents won't show up in the tag list

PR #477 a62d376 By @CorentinTh
Properly handle missing files errors in storage drivers

PR #472 b08241f By @CorentinTh
Lazy load the PDF viewer to reduce the main chunk size

PR #471 e77a42f By @CorentinTh
Allow for more complex intake-email origin adresses

PR #481 1606310 By @CorentinTh
Simplified i18n tooling + improved performances

PR #470 d488efe By @CorentinTh
Prevent infinit loading in search modal when an error occure

PR #468 14c3587 By @CorentinTh
Improved the UX of the document content edition panel

PR #468 14c3587 By @CorentinTh
Added content edition support in demo mode

PR #468 14c3587 By @CorentinTh

v0.8.2

Fix a regression bug that executed tagging rules before the file content was extracted

PR #461 c085b9d By @CorentinTh

v0.8.1

Removed dev-dependency needed in production build

PR #459 f20559e By @CorentinTh

v0.8.0

Completely rewrote the migration mechanism

PR #452 7f7e5bf By @CorentinTh
The file content extraction (like OCR) is now done asynchronously by the task runner

PR #447 b5ccc13 By @CorentinTh
Fixed the impossibility to delete a tag that has been assigned to a document

PR #448 5868800 By @CorentinTh
Added new webhook events: document:updated, document:tag:added, document:tag:removed

PR #432 6723baf By @CorentinTh
Webhooks invocation is now defered

PR #432 6723baf By @CorentinTh
Added diacritics and improved wording for Romanian translation

PR #419 7768840 By @Edward205
Added feedback when an error occurs while deleting a tag

PR #448 5868800 By @CorentinTh
Simplified the organization intake email list

PR #412 ffdae8d By @OsafAliSayed
Added Italian (it) language support

PR #441 5e46bb9 By @Zavy86
Improved feedback message in case of invalid origin configuration

PR #455 b33fde3 By @CorentinTh

v0.7.0

v0.7 release

PR #417 a82ff3a By @CorentinTh

v0.6.4

Fix permission issue for non 1000:1000 rootless user

PR #392 21a5ccc By @CorentinTh
Added configuration for the ocr language using DOCUMENTS_OCR_LANGUAGES

PR #387 73b8d08 By @CorentinTh
Improve file preview for text-like files (.env, yaml, extension-less text files,...)

PR #377 205c6cf By @CorentinTh
Fix weird centering in document page for long filenames

PR #393 aad36f3 By @CorentinTh
Added the possibility to disable login via email, to support sso-only auth

PR #394 f28d824 By @CorentinTh
Introduce APP_BASE_URL to mutualize server and client base url

PR #405 3401cfb By @CorentinTh
Fixes 400 error when submitting tags with uppercase hex colour codes.

PR #346 c54a71d By @blstmo
Added Romanian (ro) translation

PR #408 09e3bc5 By @CorentinTh
Added Brazilian Portuguese (pt-BR) language support

PR #383 0b276ee By @LMArantes
Fix back to organization link in organization settings

PR #399 47b69b1 By @CorentinTh
Added Polish (pl) language support

PR #403 1711ef8 By @Icikowski
Updated dependencies

PR #379 6cedc30 By @CorentinTh
Added Spanish (es) translation

PR #411 2601566 By @4DRIAN0RTIZ
Added European Portuguese (pt) translation

PR #391 40a1f91 By @itsjuoum
Added tag color swatches and picker

PR #378 f1e1b40 By @CorentinTh

v0.6.3

Added a /llms.txt on main website

PR #357 585c53c By @CorentinTh
Allow for adding/removing tags to document using api keys

PR #366 b8c2bd7 By @CorentinTh
Add German translation

PR #359 0c2cf69 By @Mavv3006

v0.6.2

Ensure database directory exists when running scripts (like migrations)

PR #337 1c574b8 By @CorentinTh
Fixed version release link

PR #333 ff830c2 By @CorentinTh

v0.6.1

Fix content disposition header to support non-ascii filenames

PR #326 17ca8f8 By @CorentinTh

v0.6.0

Set CLIENT_BASE_URL default value to http://localhost:1221 in Dockerfiles

PR #320 8ccdb74 By @CorentinTh
Added document activity log

PR #317 79c1d32 By @CorentinTh
Added pending invitation management page

PR #319 60059c8 By @CorentinTh
Added support for classic SMTP client for email sending

PR #306 f0876fd By @CorentinTh
Reworked the email sending system to be more flexible and allow for different drivers to be used. EMAILS_DRY_RUN has been removed and you can now use EMAILS_DRIVER=logger config option to log emails instead of sending them.

PR #304 cb38d66 By @CorentinTh
Disable "Manage subscription" from organization setting by default

PR #309 d4f72e8 By @CorentinTh
I18n: full support for French language

PR #308 759a3ff By @CorentinTh
Fixed an issue with the reset-password page navigation guard that prevented reset

PR #312 e5ef40f By @CorentinTh

v0.5.1

Set email setting to dry-run by default in docker

PR #302 b62ddf2 By @CorentinTh

v0.5.0

Added support for custom oauth2 providers

PR #295 438a311 By @CorentinTh
Ensure local database directory en boot

PR #294 b400b3f By @CorentinTh
Added invitation system to add users to an organization

PR #291 0627ec2 By @CorentinTh
Fix register page description

PR #296 0ddc234 By @CorentinTh

v0.4.0

Properly hard delete files in storage driver

PR #280 85fa5c4 By @CorentinTh
Added support for b2 document storage

PR #280 85fa5c4 By @CorentinTh
Added support for azure blob document storage

PR #280 85fa5c4 By @CorentinTh
Added webhook management

PR #280 85fa5c4 By @CorentinTh
Added API keys support

PR #280 85fa5c4 By @CorentinTh
Added document searchable content edit

PR #280 85fa5c4 By @CorentinTh
Fix ingestion config coercion

PR #280 85fa5c4 By @CorentinTh
Added tag creation button in document page

PR #280 85fa5c4 By @CorentinTh
Improved tag selector input wrapping

PR #280 85fa5c4 By @CorentinTh
Properly handle file names without extensions

PR #280 85fa5c4 By @CorentinTh
Wrap text in document preview

PR #280 85fa5c4 By @CorentinTh
Excluded deleted documents from doc count

PR #280 85fa5c4 By @CorentinTh