SilverBullet 2.2 released!

The one with client-side encryption and a bunch of Lua fixes and DOM API improvements.

This is a dot release primarily due to changes in how IndexedDB databases are named (to enable client-side encryption). A fully resync and reindex of your space will happen on all your devices after upgrade. I’m sorry for the inconvenience, I try to limit how often this is required. If you’d like to clean up unnecessary databases afterwards you can run the Client: Clean command (once) afterwards.

In addition to the (constantly increasing) number of contributors to this release, I’d really like to thank my Github sponsors for their financial support allowing me to spend more time on SilverBullet than ever. While not nearly financially sustainable, every new sponsor does give me a motivation boost. Just sayin’

What’s in this release:

• Client Encryption: when using a untrusted device (e.g. a public computer), enable this option when logging in (only supported with built-in Authentication) to encrypt all locally stored data (at a performance penalty).
• Lua fixes, making Space Lua more compatible with Lua 5.4 (most courtesy of Matouš Jan Fialka):
  • Fix length (# operator) features
  • Add rawget and rawequal
  • Allow .. to also concatenate strings and numbers
  • Make truthiness more Lua compatible
  • Align arithmetic model with standard Lua
  • Add huge constant and type to math.* API
  • Add load function
  • Support %u in os.date
  • Pass on status code differently when using http.request
• More video embeds in standard library (courtesy of Andy Costanza):
  • Vimeo
  • Peertube
• New widget.htmlBlock and widget.markdownBlock convenience APIs for creating block widgets (that take the full width of the screen rather than being inlined)
• The DOM API now supports embedded widgets and markdown
• The markdown renderer now renders inline code as a code tag with .sb-code class
• Atomic upgrades with silverbullet update and silverbullet update-edge (by Mihai Maruseac)
• Added Client : Clean command that deletes all redundant IndexedDB databases (ones the client is not using)
• Very basic Prometheus metrics
• Fix: bottom search bar dark mode styling (by numan)
• Fix: navigation with auto links (by MrMugame)
• Fix: SB_USER now works with SB_URL_PREFIX

Recently started experimenting with SilverBullet, and love the new client encryption option. This could be fantastic in my work environment, where I don’t really want my notes data potentially exposed to my employer. But I’ve noticed that when I enable encryption, I get logged out after a few minutes (maybe 20 or 30, I haven’t timed it), even if I tick the box to “remember me” when logging in. Is this by design, to prevent someone on a truly public machine from being left logged in?

Does SilverBullet allow note-taking bypassing corporate firewalls, e.g. via Tailscale? Has anyone had similar experience? I might experiment with it once I start working.

@hereiznoy I’m in the same boat, installed a self-hosted SilverBullet today.
After using for a couple of hours, I was wondering why I was repeatedly getting logged out while reading other browser tabs for just a few minutes.

After seeing this thread and your post, and then re-reading the Manual page for the Client Encryption, I think that is the reason.

I checked this without thinking, but do not need it for home use - especially as I have my browsers set to hibernate tabs aggressively and I collapse tab groups. Both of which I think may clear those keys more quickly than expected otherwise.

So far, unchecking the client encryption has lessened the logouts.

The way it works now is that the service worker (the background sync engine) keeps the encryption key in memory. If it detects no clients (tabs) are active, it will flush the key out of memory and ask you to log in again. The idea is that if you close your tabs and leave the PC, those keys go away and nobody can get access. However it seems that browsers can be quite aggressive in pausing tabs, causing them to no longer “ping” the service worker, which would let the service worker believe they disconnected. Or perhaps the service worker itself is shut down by the browser because of all idling tabs. This is where this problem comes from.

As I’m writing this I’m thinking the tabs keep a copy of the key too and could actually give it back to the worker to avoid this problem

Gotcha. Thanks for the explanation. So sounds like there may be hope for a workaround?