Merge remote-tracking branch 'origin/develop' into ai-llm-integration

docs/Release Notes/Release Notes/v0.93.0.md

@@ -1,7 +1,4 @@
 # v0.93.0
-## 💡 Key highlights
-
-*   …
 
 ## 🐞 Bugfixes
 
@@ -15,6 +12,10 @@
 *   [config.Session.cookieMaxAge is ignored](https://github.com/TriliumNext/Notes/issues/1709) by @pano9000
 *   [Return correct HTTP status code on failed login attempts instead of 200](https://github.com/TriliumNext/Notes/issues/1707) by @pano9000
 *   [Calendar stops displaying notes after adding a Day Note](https://github.com/TriliumNext/Notes/issues/1705)
+*   Full anonymization not redacting attachment titles.
+*   Unable to trigger "Move to" dialog via keyboard shortcut.
+*   [Note ordering doesn't load correctly, only shows up right after moving a note](https://github.com/TriliumNext/Notes/issues/1727)
+*   [Note selection dialog shows icon class when selecting result with arrow button (jump to note / create link)](https://github.com/TriliumNext/Notes/issues/1721)
 
 ## ✨ Improvements
 
@@ -23,6 +24,7 @@
     *   Reduce extra whitespace between list items.
     *   Preserve include note.
     *   Handle note titles that contain inline code.
+    *   Support to-do lists.
 *   In-app help:
     *   Document structure is now precalculated, so start-up time should be slightly better.
     *   Optimized the content in order to reduce the size on disk.
@@ -35,10 +37,8 @@
 *   Basic Touch Bar support for macOS.
 *   [Support Bearer Token](https://github.com/TriliumNext/Notes/issues/1701)
 *   The tab bar is now scrollable when there are many tabs by @SiriusXT
-
-## 🌍 Internationalization
-
-*   …
+*   Make each part of the note path clickable by @SiriusXT
+*   Allow setting CORS headers by @yiranlus
 
 ## 📖 Documentation
 
@@ -47,6 +47,5 @@
 
 ## 🛠️ Technical updates
 
-*   upgrade to express 5.1.0 by @pano9000
 *   update dependency mind-elixir to v4.5.1
 *   remove non-working cookiePath option by @pano9000

docs/User Guide/!!!meta.json

@@ -9968,6 +9968,26 @@
                                     "format": "markdown",
                                     "dataFileName": "Trilium instance.md",
                                     "attachments": []
+                                },
+                                {
+                                    "isClone": false,
+                                    "noteId": "LWtBjFej3wX3",
+                                    "notePath": [
+                                        "pOsGYCXsbNQG",
+                                        "tC7s2alapj8V",
+                                        "Gzjqa934BdH4",
+                                        "LWtBjFej3wX3"
+                                    ],
+                                    "title": "Cross-Origin Resource Sharing (CORS)",
+                                    "notePosition": 20,
+                                    "prefix": null,
+                                    "isExpanded": false,
+                                    "type": "text",
+                                    "mime": "text/html",
+                                    "attributes": [],
+                                    "format": "markdown",
+                                    "dataFileName": "Cross-Origin Resource Sharing .md",
+                                    "attachments": []
                                 }
                             ]
                         },

docs/User Guide/User Guide/Advanced Usage/Configuration (config.ini or environment variables)/Cross-Origin Resource Sharing .md

@@ -0,0 +1,6 @@
+# Cross-Origin Resource Sharing (CORS)
+By default, Trilium cannot be accessed in web browsers by requests coming from other domains/origins than Trilium itself. 
+
+However, it is possible to manually configure [Cross-Origin Resource Sharing (CORS)](https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS) since Trilium v0.93.0 using environment variables or `config.ini`, as follows:
+
+<figure class="table" style="width:100%;"><table class="ck-table-resized"><colgroup><col style="width:26.93%;"><col style="width:32.46%;"><col style="width:40.61%;"></colgroup><thead><tr><th>CORS Header</th><th>Corresponding option in <code>config.ini</code></th><th>Corresponding option in environment variables in the <code>Network</code> section</th></tr></thead><tbody><tr><td><code>Access-Control-Allow-Origin</code></td><td><code>TRILIUM_NETWORK_CORS_ALLOW_ORIGIN</code></td><td><code>corsAllowOrigin</code>&nbsp;</td></tr><tr><td><code>Access-Control-Allow-Methods</code></td><td><code>TRILIUM_NETWORK_CORS_ALLOW_METHODS</code></td><td><code>corsAllowMethods</code>&nbsp;</td></tr><tr><td><code>Access-Control-Allow-Headers</code></td><td><code>TRILIUM_NETWORK_CORS_ALLOW_HEADERS</code></td><td><code>corsAllowHeaders</code></td></tr></tbody></table></figure>