Bug fix - failed to load elevation tif files after non-tif file encountered in the same folder. E.g. the elevation data directory contains a hidden file like .DS_Store no tif files will be loaded.

Disabled elevation tests when elevation data not configured.

Updated to use newer version of xmlhttprequest-ssl re CVE-2020-28502.

Updated some packages to use newer versions.

Updated jsdoc to remove underscore vulnerability.

Can be built with either npm or yarn. Implemented forced package resolutions for npm (this feature is included in yarn). If package-lock.json doesn't already exist when npm install target is first executed, npm install needs to be run a second time to force the package resolutions.

Improvements to development environment with Vagrant.

Run unit and end-to-end tests with headless Chromium.


Replaced node-static, which appears to be no longer maintained, with send.


Bug fix - The count of itineraries was half the correct value when the number of personal itineraries was identical to the number of shared itineraries, causing an incorrect page count calculation.


Allow limiting Cross-Origin Resource Sharing (CORS). This introduces a configuration setting for - Valid origins to handle. Typically this is the protocol, host domain and port, e.g. The default is *:* which currently allows all origins to ensure backward compatibility.

See - Socket.IO 2.4.0 - CORS Misconfiguration in · Issue #3671 · socketio/ - Cross-Origin Resource Sharing (CORS)

Show an alert on the live itinerary map when the websocket is disconnected or fails to connect.


Update some dependent packages


Add tl_settings column to usertable in database schema


  • Implemented upload and download of TripLogger iOS client app settings

    A new column has been added to the usertable table to support this functionality. The following SQL statement needs to be executed in the trip database:

    ALTER TABLE usertable ADD COLUMN IF NOT EXISTS tl_settings text;
  • Options to import and export full itinerary, including text and sharing.

  • Option to create a duplicate copy of an itinerary.

  • Where the start and finish dates of an itinerary being viewed relate to a different time zone, show the time alongside the date on the itinerary page to clarify, otherwise it can appear the dates differ by a day in some circumstances.

  • Optionally using YAML instead of JSON for the TRIP configuration file.

    The existing config.json script can be converted to config.yaml with yarn run config2yaml.

  • Bug fix - pasting waypoints into an itinerary didn't necessarily create them in time order.


  • Asynchronously load elevation data on startup


  • Bug fix - request never completed when deleting waypoint
  • Fixed logging not formatting log statements with more than one parameter
  • Correction to example config file for log.timestamp entry
  • Set locale and time zone in Vagrant startup
  • Support Docker deployment
  • Handle root URL GET request when running in Docker container
  • Replace Winston logger with simple implementation following RFC5424
  • Changed autoquit to only quit when app.autoQuit.timeOut is a positive value
  • Disable using OSM tile server until configured properly
  • Graceful handling when no tile provider configured
  • Added nodemon to restart the server during development


  • Re-implemented itinerary search results to provide more detailed results


  • Bug fix - route length not recalculated when points deleted
  • Only relates to deleting points as part of the client 'Edit path' functionality.


  • Updated Vagrant to use trip-web-client 1.1.3

    No actual code changes affecting the deployed server.


  • Prune expired tiles from cache
  • Updated Vagrant to use Debian 10.1 and Node.js version 10.17.0


  • Update required version of lodash due to vulnerability, CVE-2019-10744.

    Vulnerable versions: < 4.17.13


  • Searches for itineraries that contain waypoints, route points or track segment points within a specified distance.

    Note: This release also requires installing the PostGIS extension to PostgreSQL. See the 'Next Release' section of the trip-server README.


  • Implemented user password change