All notable changes to this project will be documented in this file.
Warning: Features marked as alpha may change or be removed in a future release without notice. Use with caution.
- Updated the go-toolkit, which fixes a race condition (error) that could occur reading local files
- Now, OPUS files has the mimetype
audio/opusin manifests, but remainaudio/ogg; codecs=opusin webserver responses for better compatibility
- Updated the go-toolkit, which fixes incorrect checking of whether a publication conforms to a specific profile based on its contents. This may have caused mistaken cases of a11y inferrence or Divina/Audiobook/EPUB/PDF profile detection in manifest outputs
- The go-toolkit has been updated, which fixes not being able to retrieve resources at paths containing special characters, such as spaces. This applies to any archived as well as exploded publications which contained such files. Retrieval of local files also had a bug
- Go and third-party dependencies updated
- The go-toolkit has been updated, and the version key present in WebPub manifests has changed from
https://github.com/readium/go-toolkit/releasestohttps://github.com/readium/go-toolkit#version. This was done to reduce confusion as go-toolkit releases have been superseeded by cli releases
- Problems with remote streaming of compressed multimedia have been addressed. This was due to a combination a bug in the implementation of partial resource reading, as well as special logic to make the kinds of requests browsers send for audio/video stream lead to smaller reads of the original resource. It's better just not to compressed multimedia in an EPUB though
- This update also fixes the issues with image inspection (failure to decode images) that occured due the bug in the partial resource reading, which was triggered by image decoding libraries reading fragments of the image files
- Go and third-party dependencies updated
- Docker container build fixed
- When using the serve command, a new
-mflag allows for authenticated access to publications using a JWT in the route to the publication instead of the encoded path. The subject (sub) of the JWT will instead be used as the path to the publication. The first new mode isjwtmode, which uses the HS256 method of authentication and a shared secret that is either provided using--jwt-shared-secretor autogenerated at startup. The second mode,jwks, is combined with the--jwks-urlflag that points to JWKS file, which can contain multiple keys used to validate the JWT, allowing for key rotation and other algorithms using public/private keypairs - The path of a publication with no resource specified now redirects to the manifest file
- The GOAMD64 value for release builds has been changed from
v3tov2. The discussion regarding this is here. This allows execution of the built binaries on older x64 CPUs - The HTTP client configuration used for streaming of remote publications has been changed to require, at minimum, TLSv1.2 for HTTPS connections
- The serve command's routes are now prefixed with
/webpub. So<domain>/<path>/manifest.jsonis now<domain>/webpub/<path>/manifest.json - Go and third-party dependencies updated
- The
/list.jsonroute in the serve command's webserver has been removed. It is not compatible with the new authenticated access schemes, and was only intended to be temporary. It may be replaced in the future by an OPDS2 feed
- When a manifest has no links (such as when using the
manifestcommand), thelinksproperty is now omitted instead of set tonullin the JSON output - The
--infer-page-countworks again, and general issues with services in themanifestcommand have been fixed due to a revamp in how they work in the toolkit
- Go and third-party dependencies updated
- The
--http-host-whitelistflag has been added to the serve command, to which a list of hosts can be passed. If at least one host is passed, access to streamed HTTP/HTTPS publications will be restricted to the provided hosts. A host like example.com can be further restricted to a "folder", such as example.com/the/path/ - The
--http-unsafe-requestsflag has been added. It disabled restrictions that are enabled by default to prevent access to private IP addresses (such as internal infrastructure or localhost), and should be used with caution
- The software version displayed when using the
--versioncommand was incorrect due to a bug. Thanks @tefkah for the fix
- Dependencies were updated
The WebPub data the go-toolkit parses and provides has been updated to more closely match the latest WebPub spec. Pay close attention to these changes if you depend on the WebPub output in reading systems/libraries that use an older version of the spec!
- Major changes to
readium servecommand syntax, to improve ease of use - Docker container no longer includes any test publications, an only enables http/https publication serving by default
- Improvements to documentation
- Updates to dependencies
- Links to services (positions list etc.) are removed from the manifest when running
readium manifest
- Add
--s3-use-path-styleflag to enable broader support for S3-like services that use the deprecated path-style bucket access (especially useful in docker environments)
- The version output from the CLI was incorrect, consisting of the go-toolkit version. It is now a combination of the CLI and go-toolkit version
- Add
--infer-a11y-ignore-image-hashesand--infer-a11y-ignore-image-dirflags tomanifestcommand to ignore certain images when inferring a publication's a11y access mode
- Upgraded go-toolkit from v0.9.0 to v0.10.1
- Default hashing algorithms for inspected images changed from SHA-256 + MD5 to just SHA-256
- Created this project based on the command-line utilities from the [https://github.com/readium/go-toolkit](Go Toolkit)