v0.4.1: Fix API key creation, change password, update profile

What's Changed

• V0.4.1: API key generation fix, change password, account profile by @wayneshn in #273
  • Resolves an issue where generating a new API key would fail. The root cause was improper handling of POST request bodies in the frontend proxy server.
  • Allowing users to change their own password and account profile

Full Changelog: v0.4.0...v0.4.1

v0.4.0: File encryption, integrity report, ingestion enhancement

This release focuses on enhancing security, file integrity, and the robustness of the core ingestion and indexing pipeline. Several key features were added to Open Archiver to meet compliance and security requirements.

Highlights

• File Encryption at Rest: You can now enable AES-256 encryption for all archived data, including email files and attachments, ensuring your data is secure on disk.
• Data Integrity Verification: A new integrity reporting feature allows you to verify that your archived data has not been altered or corrupted since it was ingested.
• Asynchronous Indexing Pipeline: The email indexing process has been completely refactored into a dedicated background job, dramatically improving the speed and reliability of the ingestion process.
• IMAP Connector Stability: The IMAP connector has been overhauled to provide more stable connections and better error handling, ensuring more reliable ingestion from IMAP sources.

New Features

• File Encryption: All archived emails and attachments can now be encrypted at rest using AES-256. This can be enabled via a new environment variable, providing an essential layer of security. #187
• Data Integrity Reporting: Open Archiver now calculates and stores a SHA256 hash for every archived email and attachment. A new API endpoint allows you to trigger a verification process that recalculates these hashes and compares them against the stored values, confirming the integrity of your archive. This feature is also available via the UI. #187
• Deletion Protection: A new instance-wide setting (ENABLE_DELETION environment variable) can be configured to disable the deletion of emails and ingestion sources. #187
• Background Job Monitoring UI: A web-based dashboard has been added for monitoring and managing background jobs (e.g., ingestion, indexing). This gives administrators better visibility into the system's asynchronous operations and helps with troubleshooting. 42b0f6e
• Option to Archive Junk/Trash: The ALL_INCLUSIVE_ARCHIVE environment variable has been added to allow the archiver to include emails from "Junk" and "Trash" folders, which are skipped by default. #187

Improvements

• IMAP Connector Stability: The IMAP connector has been significantly refactored to improve connection management and error handling. The connector is now more resilient to network issues and will automatically re-establish connections when they become unstable. 7ceb85c
• Scoped Attachment Deduplication: The attachment deduplication logic is now scoped on a per-ingestion-source basis. This ensures that attachments with the same content hash but from different sources are handled correctly, preventing incorrect linking in multi-source environments.
• Responsive UI: The main navigation menu, search results pagination, and the new jobs dashboard have been updated to be fully responsive, improving the user experience on mobile and tablet devices. 6e1ebbb
• CORS Configuration: CORS handling has been simplified with the introduction of the APP_URL environment variable, resolving CORS issues during upload. #52 #120

Bug Fixes

• Fixed an issue where the sync-cycle state was not correctly merged, which could cause errors when no successful jobs were present in a cycle.

Full Changelog: v0.3.4...v0.4.0

v0.3.4: OCR support, batch indexing in Meilisearch

What's Changed

• Feat: Tika Integration and Batch Indexing by @wayneshn and @axeldunkel in #132

  • Enhanced Text Extraction: We've integrated Apache Tika to provide text and metadata extraction from a wide range of file types, including PDFs, Office documents, and image-based files. This improves the search capabilities by making the content of attachments fully searchable.
  • Improved Indexing Performance: The indexing process now supports batching, which will significantly speeds up the ingestion and indexing of large volumes of emails.
  • Configurable Batch Size: The batch size can be configured using the MEILI_INDEXING_BATCH environment variable.

• docs: Add OCR docs by @wayneshn in #144

Full Changelog: v0.3.3...v0.3.4

v0.3.3: Mbox ingestion support

What's Changed

• feat: Add Mbox ingestion by @wayneshn in #117
  • Mbox File Ingestion: Users can now ingest emails from Mbox files (.mbox). A new Mbox connector has been implemented on the backend, and the user interface has been updated to support creating Mbox ingestion sources. Documentation for this new provider has also been added.
  • Bug fix: Ingestion form will only be allowed to be submitted after the file is completely uploaded
  • Added Meilisearch upgrate guide
• chore(deps): Update dependencies across packages (Security update) by @wayneshn in #105

Full Changelog: v0.3.2...v0.3.3

v0.3.2: Display version number, new version notification

New features

• feat: Add new version notification in footer by @wayneshn in #99

Other changes

• User api key: Exclude public API endpoints from rate limiting by @wayneshn in #86
• Adding rate limiting docs by @wayneshn in #88
• Update README.md by @scotscotmcc in #89
• Update Italian localization by @albanobattistella in #90

New Contributors

• @scotscotmcc made their first contribution in #89
• @albanobattistella made their first contribution in #90

Get started

Pull the v0.3.2 tag from Docker Hub or update your Docker Compose file to use the v0.3.2 tag.

docker pull logiclabshq/open-archiver:v0.3.2

Full Changelog: v0.3.1...v0.3.2

v0.3.1: User API key support

Key features

• Feat: Implement API key authentication by @wayneshn in #84
• • API Key Management: Users can now generate, manage, and revoke persistent API keys through a new "API Keys" section in the settings UI.
• • Authentication Middleware: API requests are now authenticated via an X-API-KEY header instead of the previous Authorization: Bearer token.
• • Backend Implementation: Adds a new api_keys database table, along with corresponding services, controllers, and routes to manage the key lifecycle securely.
• Rate Limiting: The API rate limiter now uses the API key to identify and track requests.
• Documentation: The API authentication documentation has been updated to reflect the new method.

Bug fixes

• Status API response: needsSetup and Remove SUPER_API_KEY support by @wayneshn in #83

Full Changelog: v0.3.0...v0.3.1

v0.3.0: Role-based access control, system settings, multi-language support

We're excited to announce the release of version 0.3.0! This release introduces robust Role-Based Access Control (RBAC), a new system settings module with multi-language support, and several important fixes to improve user experience.

✨ What's New

• Role-Based Access Control (RBAC)

  • You can now define custom roles with specific permissions to control user access across the application. This allows for granular control over what users can see and do, enhancing security and administrative oversight.
  • Added comprehensive documentation for setting up and managing roles.

• System Settings

  • A new settings module allows administrators to configure system-wide parameters.
  • Introduced multi-language support for the frontend and backend. Supported languages: English, German, French, Spanish, Japanese, Italian. (More to come)

• Other fixes

  • Fixed an issue where the storage chart legend would overflow on smaller screens.
  • Remove extra ports in Docker Compose file
  • Allow self-assigned cert in IMAP connection
  • Share connections between each fetch email action to avoid rate limiting

📜 Other Changes

• Updated the Contributor License Agreement (CLA) to v2.

Get started

Try v0.3.0 out by pulling the v0.3.0 or latest tag from Docker Hub.

docker pull logiclabshq/open-archiver:v0.3.0

Full Changelog: v0.2.1...v0.3.0

v0.2.1: Enhanced stability and new features

This is a maintenance release that brings some bug fixes, new features, and under-the-hood improvements to enhance the stability and usability of the platform.

A key highlight of this version is the new ability to delete archived emails. We've also resolved critical bugs related to IMAP and Microsoft Graph syncing, ensuring a more reliable ingestion process.

We are also thrilled to welcome three new contributors to the project whose efforts have been instrumental in this release. Thank you for your valuable work!

What's Changed

• Increase file upload limit and improve ingestion robustness by @wayneshn in #33
• feat: delete archived emails + improve IMAP UID and PDF parsing by @tilwegener in #36
• Dev: project wide formatting setup by @wayneshn in #41
• Dev: project wide format using prettier by @wayneshn in #42
• Fix Graph delta query: exclude unsupported @removed field by @tilwegener in #48
• Fix IMAP sync marking all emails as synced before fetching by @axeldunkel in #46
• Dev: format setting up by @wayneshn in #49
• Fix UI size display and ingestion history graph by @tilwegener in #50
• feat: optimize Dockerfile by @duhow in #47

New Contributors

• @tilwegener made their first contribution in #36
• @axeldunkel made their first contribution in #46
• @duhow made their first contribution in #47

Full Changelog: v0.2.0...v0.2.1

v0.2.0: Migrate to DB users, implement IAM & add PST/EML importers

This version refactors the core authentication and authorization system, replacing the static .env admin user with a database-backed user model. It also introduces a granular, AWS-style IAM policy engine for permissions. Additionally, it expands data ingestion capabilities by adding connectors for PST and EML files.

Major Updates:

• 👤 Authentication

  • The ADMIN_EMAIL and ADMIN_PASSWORD variables have been deprecated and removed from the environment configuration.
  • A new setup flow is introduced. The backend status endpoint now checks if any users exist in the database. If not, the frontend redirects to a setup page where the initial admin user is created. This operation is restricted and can only run if the users table is empty.
  • The AdminUserService has been replaced with a persistent UserService that interacts with the PostgreSQL database via Drizzle ORM.
  • New tables for users, roles, and sessions have been added to the database schema to support multi-user authentication and role-based access control.

• 🛡️ IAM Policy

  • A new IAM service allows for the creation of roles with specific permissions defined in JSON policy documents.
  • A PolicyValidator has been implemented to ensure that all policies adhere to the defined iam-definitions.ts before being saved, preventing malformed policies.
  • The system supports wildcard permissions for both actions (e.g., archive:*) and resources (e.g., ingestion-source/*).

• 📥 PST & EML Ingestion

  • New ingestion providers for pst_import and eml_import have been added.
  • The frontend form for creating an ingestion source now includes file upload options for .pst and .zip (for EMLs) files.
  • A generic /upload endpoint has been created to handle file streaming with busboy, temporarily storing the file and returning its path for the ingestion job.
  • New backend connectors, PSTConnector and EMLConnector, use pst-extractor and yauzl respectively to parse the uploaded files and extract email objects.

• ✨ Core Improvements

  • Data Model: The archived_emails table now includes path and tags columns to preserve the original folder structure and labels from the source mailbox. The ingestion connectors for IMAP, Google Workspace, and Microsoft 365 have been updated to populate this metadata.
  • IMAP Syncing: The IMAP connector now processes mailboxes in batches and includes retry logic with exponential backoff to handle mail server rate limits more gracefully.
  • Configurability: The continuous email sync frequency is now configurable via the SYNC_FREQUENCY environment variable.

Install via Docker

docker pull logiclabshq/open-archiver:v0.2.0

v0.1.2: Thread discovery, force sync

✨ New Features

• Thread Discovery: Emails are now grouped into threads for easier navigation.
• Demo Mode: A demo mode has been added to showcase the application's features without requiring a full setup.

🐛 Bug Fixes & Improvements

• UI/UX: Various UI improvements have been made, including better error handling and the ability to force a synchronization.
• Frontend: Fixed an issue with the page title not updating correctly.
• Frontend: Corrected the package name.

🔧 Build & CI

• Docker: Docker images are now tagged with the short git SHA for better version tracking.
• Build Process: The build process has been improved to correctly handle dependencies between packages in the pnpm workspace, ensuring a more reliable build. This includes:
  • Using the dependency graph to determine the build order.
  • Building packages separately.

📚 Documentation & Miscellaneous

• Demo Site: Updated information about the demo site.

Version 0.1.2 can be installed via Docker

docker pull logiclabshq/open-archiver:v0.1.2