2.8.0.beta3: User-selectable Avatar Flair, Last Topic Visit Indicator, Native File Picker, and more

New features in 2.8.0.beta3

User-selectable avatar flair

Users in multiple groups can now select the avatar flair they wish to display from their preferences, rather than relying on automatic flair assigned based on their primary group. Avatar flair supports both font awesome icons as well as custom images.


Add last visit indication to topic view page

When opening a topic you have already started reading, Discourse will automatically load the topic at the first unread post so you can keep reading. Now, Discourse also displays an indicator of where your last visit was, so you can safely scroll up or down without losing your place.

Use native file picker

When uploading a file to the composer, Discourse will now use the native file picker instead of first displaying a custom modal. Discourse also passes along the supported file extensions to the operating system so users don’t have to think about what is allowed. In addition to the upload button, users can continue to copy/paste and drag/drop files to upload them in the composer.

API key scope for editing posts

When creating an API key, scopes can be applied to restrict the actions allowed with each key, improving security by limiting access should the key be compromised. A posts edit scope has been added to allow an API key to edit posts the API key owner has access to edit.

Improve process for adding users to a group

The Add Members button on the Group page has been split into “Add Users” and “Invite”. Existing users on the site can be added to the group by username or email using the Add Users modal (first image). New users can be invited to join the Discourse site and added to the group upon joining via the “Invite” modal (second image).


Client side image optimization

When users add an image to their post, Discourse attempts to compress the image if it is larger than the allowed size. This compression happened on the server, meaning the large image file needed to be uploaded first. For users with slow or limited bandwidth, this can take a lengthy period of time, and impact their data usage limits.

Sites can now enable the composer_media_optimization_image_enabled site setting to compress the image on the user’s device - computer, phone, or tablet - before it is uploaded.

See more on our blog:

Penalty history improvements

As sites grow in size, it is no longer possible for moderators to know every user’s history as is possible in newer/smaller communities. We’ve made some improvements to assist moderators in their jobs.

  1. Add a history count when applying penalties to give moderators context to the user they are penalizing.
  2. Add a site setting that designates default penalty values in hours.

Silence/suspend modals will auto-fill in the default values, but otherwise will still allow moderators to pick and overwrite values as normal.

First silence/suspend: first value. Second silence/suspend: second value. etc.

Accessibility improvements

  • Adjust heading rules on topic lists
  • Don’t mark multiple form labels as applying to the same element
  • Add labels where needed

Additional features

This beta has so many new features we can’t detail them all. Below are some additional features of note. You can find the full list of new features in the following post.

  • Setting to allow moderators to change post ownership
  • Make invites work with existing users
  • Warn if invited user cannot see topic
  • Add staff action logs for watched words
  • Add multiselect user custom field
  • Add slow_mode_prevents_editing setting.
  • Staff can receive pending user reminders more frequently.
  • Accept the flag modal on CTRL + ENTER and CMD + ENTER
  • Upload to s3 in parallel to speed up backup restores
  • Blocking is optional when deleting a user from the review queue.
  • Add a messages view for all official warnings of a user
  • Add group filter to user directory

Even more!

But wait, there’s more! We do our best to highlight new features and changes for you, but there’s always too many changes to detail. For a full list of new features, bug fixes, UX improvements, and more, be sure to review the Additional Features and Fixes listed below.

Security updates

This beta includes 3 security fixes for issues reported by our community and HackerOne.

  • Onebox canonical links bypassing FinalDestination checks
  • Ensures timeouts are correctly used on connect
  • Sanitize YouTube Onebox data (CVE-2021-32764)
    • This vulnerability only affects sites which have disabled/modified the default content-security-policy

Plugin improvements


New Features

  • Adds support for a random assign automation

Bug Fixes

  • Handle invalid source data in CF migration
  • CF to table migration was incorrect
  • Automation fields now all use the same value property
  • Assign topic button not working

OAuth2 Basic

New Features

  • Fetch custom attributes from the user details.


New Features

  • Blocking is optional when deleting an user


Bug Fixes

  • Use new attribute names for flair
  • Fix constants task and run update it
  • Invitee avatar alignment in Safari 15
  • Holidays gem not required in Sidekiq.

Data Explorer

Bug Fixes

  • Add missing string
  • Translation of column headers in query table

User Card Badges

Bug Fixes

  • Image column is now image_upload in core

Anonymous Moderators

Bug Fixes

  • update_attributes! was removed in Rails 6.1


New Features

  • Show education message in composer when replying on solved topic

Bug Fixes

  • Backwards compatibility for older Discourse versions

UX Changes

  • Fix solution alignment on mobile


New Features

  • Delete videos when posts are deleted

Bug Fixes

  • ApiError should store its status
  • Avoid conflict with other plugins


New Features

  • Client-sided search in encrypted topics

Bug Fixes

  • Add workaround for Safari’s IndexedDb bug
  • Return an empty identity if loading fails
  • Reject promise if identity cannot be loaded
  • Fallback to file size to lookup file info
  • Do not explode if search result is empty
  • Do more to decrypt encrypted results
  • Populate all fields used for serialization
  • Use Session instead of sessionStorage
  • Replace use of global Discourse


  • Preload tags if enabled
  • Preload users and topics encrypt data
  • Fetch only first posts for search cache


Bug Fixes

  • Do not crash when user.name is nil

Code Review

Bug Fixes

  • Do not parse emoji in commit message
  • Allow dots in repo names
  • Translations for bad_github_X were missing
  • Gracefully handle GitHub API errors in plugin config


New Features

  • Add fireworks + gradient animation to campaign success banner
  • Add ability to use custom background image
  • Validate coupon codes on form submit

Bug Fixes

  • New user sessions redirected weirdly on login-required sites
  • Restrict mods from seeing Subscriptions admin features

UX Changes

  • Hide campaign button on goal completion


Bug Fixes

  • Attempts to have a topic level message bus event only
  • Relying on topic level event :acted is enough
  • Cleanup MessageBus subscriptions when navigating between topics

Category Experts

New Features

  • Setting for topic list pills to link to posts

Bug Fixes

  • Do not show endorse button for suspended users
  • Wait for loading to show out of endorsements
  • Do not error when private message is sent
  • Remove custom fields from unapproved posts when user is removed as expert


Bug Fixes

  • Add translations for method name and button title


Initial release:

Additional Features and Fixes

Click to expand

New Features

  • Update existing users when group default notifications changed.
  • Add option to grant badge multiple times to users using Bulk Award
  • Uppy image uploader with UppyUploadMixin
  • Add title tag for group detail page
  • Add period filter in top topics route for tags.
  • Reencoding is safe, trigger it on files >` 500Kb
  • Use group SMTP job and mailer instead of UserNotifications change
  • Render emojis on GitHub labels when oneboxing an issue.
  • Make max number of favorite configurable
  • Add more columns to outbound EmailLog
  • Improvement to history stack handling on server errors
  • Use responsive image sizes in post stream
  • Open the edit bookmark modal when clicking on the topic level bookmark button
  • Add last updated details to SMTP/IMAP group settings UI
  • Make date pickers in the bookmarks UI and topic timer UI consistent with all other pickers
  • Add type=website OpenGraph meta tag
  • Add upgrade-insecure-requests to CSP when force_https is enabled

Bug Fixes

  • Add order to outputted stylesheet link tags
  • Problems with choosing favorite badges
  • Assets for the theme tests page are not compressed
  • Issues with custom icons in themes
  • Remove button to dismiss theme error messages
  • user/badges grid fix
  • A memoization bug in UserLookup and refactor
  • Use array to keep best link for each onebox
  • Use Terser for minification even if uglify-js is not available
  • Don’t try to load badges if there none left
  • Email threads sometimes not grouping for group SMTP
  • Use rem for font sizes in post headings
  • Don’t use user_generated images as avatar images in Oneboxed Twitter content
  • Don’t downcase “all groups” in dropdown
  • Allow uppercase letters in automatic group names
  • Do not show invalid option in flair chooser
  • Set user flair group to primary group
  • Various translation string fixes
  • Suggest current username for staged users
  • Admin_user_response schema
  • Use created_at if last_posted_at is null
  • Show correct dates in topic timelines
  • Scroll to top on badge pages
  • Let staged users choose their username
  • Switch logos live when changing color schemes in user prefs
  • Various translation string fixes
  • Let user clear their flair group
  • Can_admin_group should be true when creating a new group.
  • Handle storage providers not implementing ACLs
  • Do not interpret backreferences in email content
  • Do not wrap flair title in chooser
  • Do not prevent other topic timers running on error
  • Check type of existing reviewables when new reviewable is created
  • Fix error message for fix_missing_s3 rake task
  • Set CSP base-uri to self
  • fix_missing_s3 task fails on failed upload (take 2)
  • Do not stop fix_missing_s3 task if saving an upload failed
  • Maintain order when updating notifications
  • Handle SMTPServerBusy for group smtp email
  • Multiply ratelimiter leniency for own discobot certs
  • Poll wasn’t showing all voters
  • Handle edge cases for group SMTP email job
  • Respect personal_email_time_window_seconds in group SMTP
  • Build quote share URL using post number, not post ID
  • Load the category when the category_id attr is present.
  • Do not reload whole directory table on username input change
  • Invalid link definition in bootstrap-json
  • Update locale keys for watched word logs
  • Delete old reminder topic timers
  • Show empty search results sets
  • Make non-transactional migration idempotent
  • Set class on color scheme links in bootstrap
  • Reorder and hide topic timer options
  • Child themes being precompiled multiple times take 2.
  • Rename ninja edit terminology to grace period
  • Detect decode failures earlier in image optimization pipeline
  • Detect resize failures in the client size image optimization
  • Don’t translate TrustLevel name when generating links
  • Typo in discourse
  • Reintroduce add group user by email
  • Do not close the merged topic if the first post wasn’t merged
  • Clear appropriate cache when updating font settings
  • TL4 users cannot delete others posts
  • Do not redirect to a topic user cannot see
  • Ignore canonical link to localhost
  • Child themes being precompiled multiple times.
  • Problem when [] custom field is send
  • Always render topic counts
  • Use absolute URL when redirecting SVG sprite path.
  • Ensures we don’t apply charts options to other modes
  • Include user_field_ids in pagination URL for directory items
  • Some admin reports (notably backups) were not showing up
  • Do not call ‘set’ in destroyed directory table component
  • Get all groups for user directory dropdown
  • Flaky search-spec
  • Remove legacy topic timer code
  • Handle image decoding failure in composer image optimization
  • Remove extra margin from share topic modal
  • Only delete the word/phrase when the ‘x’ icon is clicked
  • Topic level bookmark button
  • Do not show In Reply To for group SMTP emails
  • Missing category edit icon.
  • Improve participant display in group SMTP emails
  • Backfill topic_id for EmailLog
  • Nil-filled CF arrays were not being deleted
  • Translation of plugin directory column on mobile
  • Follow redirects for inline/mini onebox
  • Always serialize the correct attributes for DirectoryItems
  • Increase max favorite badges to 6
  • Table header translations on admin users list
  • Manually update DirectoryItemSerializer attributes on directory column change
  • Check all migrations for dropped columns/tables during restore
  • Load more users URL respect group param
  • Make favorite work with multiple grant badges
  • Ignore missing uploads in theme settings
  • Absolute path for directory-columns.json
  • Ignore posts needing approval when calculating reviewable counts.
  • fix_missing_s3 rake task could fail due to missing upload
  • ShrinkUploadedImage was broken since cb12a721
  • Ensures average is applied on last incomplete segment
  • Set random values for digest_attempted_at
  • Previewing theme components broken when component has no SCSS.
  • Remove duplicate add_unsubscribe_link hash key
  • Render detailed_404 page from 403 responses
  • Show link count only once for oneboxes
  • TL4 users can see their deleted posts
  • Downsize image last when saving uploads
  • Correctly implements average for reports
  • Multiple links being generated for non-theme targets.
  • Color scheme stylesheet not loaded when no default theme is set.
  • Prevent resurrecting old topics via email reply for group inboxes with SMTP enabled
  • Remove List-Unsubscribe header if using group SMTP
  • Do not display twice a user who changed vote
  • Do not check for duplicate links in Onebox
  • Add word boundaries to replace and tag watched words
  • Update post’s raw from server response
  • Mobile layout for watched words admin UI
  • Ensures validValues is an array
  • Do not add mailing list headers to group SMTP emails
  • Dismiss new keyboard shortcut not working
  • Drop and recreate column properly for directory_columns
  • Use correct property for jump-up embedded post link
  • Allow SVG uploads if dimensions are a fraction of a unit
  • Broken DB issue following a reverted migration
  • Adding multiple auto tags in watched words admin UI
  • Translations of table headers in group members directory
  • Prevents mode to be forced to unexisting mode
  • Resend only pending invites
  • Destroy invites of anonymized emails
  • Ensure we dont collapse data multiple times
  • Move allow_unknown_sender_topic_replies outside SMTP/IMAP box
  • Make sure reset-new for tracked is not limited by per_page count
  • Ember CLI was losing some preloaded data
  • Sort filelists to ensure consistant asset precompilation hash
  • The topic level bookmark button stops working if choose ‘No’ on the clearing all bookmarks confirmation modal
  • Make avatar-flair component fail gracefully group info missing
  • Skip failing tests for composer
  • Update raw and cooked immediate after edit
  • Make sure topic_user.bookmarked is synced in more places
  • Validate upload is still valid after calling the “before_upload_creation” event
  • Respect nofollow exclusion setting in topic featured links.
  • Refresh post stream after in-place post updates
  • Some absolute links were causing full page reloads
  • Show group Email settings if just SMTP enabled
  • Adjust styling of first notification
  • De-prioritize composer category on navigation
  • Do not render user-avatar-flair element when user has no flair
  • Flaky javascript tests with fake timers
  • Clicking on a URL with a different url prefix did not work
  • Do not reload post if raw is present
  • Can’t bootstrap with ember-cli when login_required is enabled
  • Link up reply to post correctly when emailing group
  • count is not defined lint error
  • Lots of plugin tests were using old, non-Ember compat CLI APIs
  • Do not block SVG sprite bundle if a file is missing
  • Theme tests should work in production
  • Errors loading secure uploads when secure uploads is disabled

UX Changes

  • Stop imgur/google photo mobile onebox overflow
  • Make sure there’s always a margin on badges page
  • Improve share modal consistency
  • Move the skip auth confirmation spinner inside the modal body.
  • Add copy button to theme public key
  • Improve the link to the preferences page on the new and unread tabs
  • Add success state to copy button
  • Fix z-index for new topic alert
  • Translate the action type in watched words regex error
  • Layout issues with topic last visit line.
  • Remove background image after image has loaded
  • Remove top border on small action after last visit line.
  • Use topic list bulk select toggle for user messages list.
  • Make emoji size consistent for oneboxed GH issues with short tags.
  • Make poll content selectable
  • Tweak spacing in the admin dashboard
  • Adds ‘Processing Upload’ to the composer status area during upload optimization
  • Horizontal scroll bar on top of user directory (when needed)
  • Tweak the timestamp line in Twitter onebox
  • Improve blockquote styling in emails
  • Add notice when watched words are regexes
  • Margin improvement for mobile alerts
  • Make bulk select checkbox easier to target
  • Fix mobile alert spacing
  • Make it easier to hide the emoji on signup
  • Hide email columns when Hide Emails is selected
  • Improve lightbox gallery zoom/navigation
  • Fix jump-to-post layout on mobile
  • Fix mobile progress bar button alignment
  • Daily automatic grouping for less than 34 days instead of 30
  • Use button instead of anchor in filtered replies bar
  • Remove reference to contact form in setting
  • Improve user delete error message & return correct post count.
  • Improvements for reordering categories
  • Add a hint that tags can be included in tag groups


  • Improve topic_user.liked update performance when moving posts
  • Improve post_timing performance when moving posts
  • Optimise backfilling of topic_id
  • Cache categories in Site model take 3.
  • Remove n+1 in user directory
  • Update post uploads secure status in a job
  • Eager load Theme associations in Stylesheet Manager.
  • Cache categories in Site model take 2.
  • Cache categories in Site model.
  • Remove extra PG query.
  • Perform user filtering in SQL
  • Avoid running a pointless PG query when theme has no variables.
  • Animate request animation frame