Skip to main content

Sync-in 2.3 - Markdown

· 5 min read

Sync-in version 2.3 is now available.

It introduces an integrated Markdown editor, improves file editing and search, adds an optional trash retention policy, and adds support for storage quotas through OIDC/LDAP. It also strengthens content indexing, uploads, and user visibility rules.

Markdown integration in Sync-in

✨ New Features

  • Markdown editor
    Markdown files now open in a dedicated editor with visual and source modes.

    The editor supports headings, lists, task lists, links, images, tables, code blocks, quotes, undo/redo, file locking, saving, and protection against closing with unsaved changes.

  • Unified search for text editors
    Text and Markdown editors now share a common search interface with a result counter and previous/next navigation.

  • Configurable document creation
    Administrators can configure the document families shown in the "New document" window.

    Text and Markdown always remain available, while OpenDocument and Microsoft Office templates can be shown or hidden.

    applications:
      files:
        sampleDocuments: [opendocument, microsoft]

  • Optional trash retention
    The trash can now be cleaned automatically after a configurable number of days, separately for user spaces and collaborative spaces.

    Configuration example:

    applications:
      files:
        trashRetention:
          users: 30
          spaces: 30

    This feature is disabled by default to preserve the existing behavior.

  • Improved content indexing
    Full-text indexing is more memory-efficient and more robust on large instances.

    It uses batched metadata processing, deferred full indexing requests, new states such as pending and disabled, and safer cleanup of obsolete index entries.

  • OIDC avatar synchronization
    User avatars can now be synchronized from the OIDC picture field.

    Remote avatars are validated, size-checked, converted to PNG, and ignored when they are already up to date.

  • Quota synchronization through LDAP and OIDC
    User storage quotas can now be synchronized from an LDAP attribute or an OIDC claim.

    auth:
      ldap:
        attributes:
          storageQuota: storageQuota

      oidc:
        options:
          storageQuotaClaim: storageQuota

  • Configurable visibility for users without a group
    Instances can now control whether users without a group are globally visible.

    By default, showUngroupedUsers is true to preserve the existing behavior. Set it to false to prevent this global visibility.

    Example for disabling this visibility:

    applications:
      users:
        showUngroupedUsers: false

  • More reliable text file detection
    Files without an extension or with a generic MIME type are now analyzed more precisely before opening.

    Sync-in checks part of the content to distinguish real text files from binary files. Incompatible files are then offered for download instead of being opened in the text editor.

  • Increased size limit for text and Markdown editing
    The maximum size allowed for editing text and Markdown files has been increased from 10 MB to 25 MB, to better support Markdown files containing base64-encoded images.

🐞 Fixes

  • Fixed temporary path creation for guest links
    Temporary paths for accounts associated with guest links are now created correctly.

  • Stronger uniqueness constraints on file storage
    A more robust uniqueness check has been added to database storage for files and their metadata, to prevent the same file from being stored more than once in some rare cases.

  • More reliable unlocking of edited files
    Locks on editable files are now released more reliably when editors and the browser are closed.

    A browser confirmation has also been added when a file is being edited, to reduce accidental closures. This notably fixes cases where a text file without an extension could remain locked after closing, including when the editing window was closed automatically.

  • MIME type update after renaming or moving
    A file's MIME type is now recalculated dynamically after renaming, moving, or replacing it.

  • Display of trash for disabled spaces
    Trash associated with disabled spaces is now displayed as disabled and can no longer be browsed.

  • Improved file selection
    Range selection works more reliably when filtering is enabled.

    Renaming now selects only the file name, without its extension, to avoid input mistakes while editing.

  • Web interface
    Several interface details have been harmonized, including sidebar submenu visibility, table row height, dialog spacing, and viewer tooltips.

🛡️ Security

  • Immutability of trash associated with spaces
    Files in the trash are now immutable and treated as read-only items.

    Modifying files in the trash and creating new files there are now blocked.

  • More reliable uploads
    Failed uploads are no longer kept in the destination space.

    File replacements also use temporary files before replacing the destination, to avoid corrupting an existing file in case of failure or when the maximum allowed size is exceeded. Exceeding this limit now also returns a more explicit message.

  • Better guest link isolation
    Accounts created from guest links now have restricted visibility over users and groups, limited to their managers and the personal groups they belong to.

  • Stronger security for URL downloads
    Fixed vulnerability CVE-2026-47684.

    SSRF protection has been strengthened, notably against bypasses through IPv4-mapped IPv6 addresses. Remote downloads are also better protected against DNS rebinding, unsafe redirects, proxy bypasses, and oversized data streams.

📥 Upgrade to Sync-in 2.3 to benefit from the new Markdown editor, safer trash, stronger indexing, and all reliability improvements.

➡️ View the release on GitHub