2.8.0.beta8: API Key Improvements, Image alt Text Editing, Fullscreen Tables, and more

New features in 2.8.0.beta8:

API key improvements

New read-only scope: API Keys can now be created with a read-only scope, allowing the key to be used for any GET API requests. This is in addition to the existing global scope, allowing unrestricted access, and granular, allowing admins to specify which groups of routes the key grants access to.

API key pagination: The API Key page now properly handles large numbers of API keys, with auto-load support as one scrolls.

Easier editing of image alt text

The alt text for an image has long been editable, but doing so required editing the image markdown, and a risk of breaking the upload if the wrong change was made. Users can now quickly edit the image alt text right from the preview window, just as image size can be changed. Hover over the image and the edit options will appear.

image alt text screenshot

Fullscreen tables

Are tables common place on your site? Do they tend to get large, requiring scrolling both vertically and horizontally?

Tables now support being expanded fullscreen, similar to large images. Hover over the table to see the new Expand Table button.

Table in post:

Expanded fullscreen table


  • Set modal widths with EMs; improves scaling
  • Add prefers reduced motion

Even more!

But wait, there’s more! We do our best to highlight new features and changes for you, but there’s always too many changes to detail. For a full list of new features, bug fixes, UX improvements, and more, be sure to review the Additional Features and Fixes listed below.

Security Updates

This beta includes 2 security fixes for issues reported by our community and HackerOne.

  • Disallow caching of MIME/Content-Type errors
  • Ensure _forum_session cookies cannot be reused between sites

Plugin improvements

Many plugins

  • Translations
    • We’ve updated the translations in many of our plugins


New Features

  • Reassign workflow
  • Small post action with link to post
  • Display indirect assignments in the first post
  • Assign to post

Bug Fixes

  • Return proper aria-labels
  • Correctly update UI when post is assigned/unassigned
  • Rename action_code_href to action_code_path
  • Missing assignee icon in search
  • Move post assignment when move post
  • Pin plugin version when running discourse `<= 2.8.0.beta1
  • Deprecate TopicAssigner

Unhandled Tagger

Bug Fixes

  • Use an atomic transaction to update tags
  • Skip revision when adding unhandled tag


Bug Fixes

  • Ensures notifications popup has a key


Bug Fixes

  • Swap fancy_title with decrypted title


New Features

  • Added support for admin synchronisation
  • Introduce saml_groups_ldap_leafcn setting

RSS Polling

New Features

  • Allow to filter from feed category substring matches


Bug Fixes

  • 500 error when editing a pricing plan

Category Experts

Bug Fixes

  • Add scores when creating reviewable
  • Category link in reviewable
  • Use preloaded post custom field
  • Preload post custom fields


Bug Fixes

  • Hide navigation elements when printing a Docs topic

UX Changes

  • Solved filter alignment adjustment

Chat Integration

Bug Fixes

  • Remove use of InputValidation library

Additional Features and Fixes

Click to expand

New Features

  • Direct S3 multipart uploads for backups
  • Use uppy for tags uploader
  • Small action post accepts href
  • Use uppy for watched word uploader
  • Move avatar uploader to uppy
  • Move emoji uploader to use uppy
  • Add setting to disable notifications for topic tags edits
  • Pull hotlinked images in user bios
  • Bypass topic bump when disable_category_edit_notifications is enabled
  • Mark omniauth failures as HTML safe.
  • Include user custom fields in base exporter

Bug Fixes

  • A screen-track/appEvents regression in #14929
  • Composer education message for group mentions were broken
  • Use previous chunk to check if local backup chunk upload complete
  • Set null to group if groupAttrs param is not available.
  • Use the same hljs version in prod and tests
  • Prevent PreloadStore from calling the finder when value is falsy
  • Use Map instead of Object for caching
  • Ensures minimum tags logic is correct and shared
  • Display top posts from private categories if the user has access.
  • Topic queryParams are removed from history state when scrolling.
  • LocalJumpError in rake tasks
  • Call _clearFlash() when displaying a modal
  • Don’t fail if s3_install_cors_rule is off
  • Use instead of localhost for ember CLI
  • Disable scroll events while on full screen
  • Allow bulk invites to be used with DiscourseConnect
  • In Ember CLI some plugin tests were referring to the wrong container
  • Make PostRevisor more consistent
  • Show perma-delete in menu without refresh
  • Remove xlink:href to favour href due to deprecation
  • Use correct attribute method to get post id from dataset.
  • Regression introduced in #14715
  • Keep topic context when redirecting to full search
  • Generate valid heading ids
  • Restore animation for like action on mobile
  • Persist notifications in OS X
  • Include admins in presence reply channel permissions
  • Rename action_code_href to action_code_path
  • Skip post validations for system revisions when author deletes post
  • Ensure CORS rules exist for S3 using rake task
  • Canonical URLs may be relative
  • Stop saving bookmark on modal press ESC
  • Ensure required_tag_group_name is null if no value present
  • Exclude suppressed category topics in digest even if unmuted.
  • Rake categories:move_topics shouldn’t move category description topic
  • Display Instagram Oneboxes in an iframe
  • Use mouse down event when cancelling search
  • Insert commas even when field value is null
  • Prevent duplicate search requests to backend
  • Deleting a for_topic bookmark caused JS error
  • Use the same mode for chinese search when indexing and querying.
  • Resolve responses of 103 should be retried using small_get
  • Include topic details when PMing
  • Allowed_theme_ids should not be persisted in GlobalSettings
  • Do not replace words in hashtags and mentions
  • Hide links to muted topics and in categories list
  • Avoid another N+1 query in Site.json_for
  • Update flair group of all members if primary group setting changed.
  • Should not receive topic invites from ignored users.
  • Do not perform link lookup for replaced links
  • Include new tags in validation if user can create one.
  • Cleanup PresenceChannel instances when composer closed
  • Prevents a circular json error in tests
  • Vanilla importer fixes
  • Avoid N+1 query in Site.json_for
  • Correctly avoid concurrent requests in PresenceChannel get
  • Do not send presence leave beacon if not present in any channels
  • Show right message when permanently deleting topic
  • Correct tracking context for some category routes
  • Include the Vary:Accept header on all Accept-based responses
  • Allow every tag for watched words
  • Remove superfluous topic allowed users on group invite
  • Correct site setting name
  • Don’t leak unhashed user API keys to redis
  • 2N+1 sql in admin /api/keys endpoint

UX Changes

  • Fix share/notify modal styles
  • Number steps in cloud installation README
  • Layout fixes for admin permalinks page
  • Remove tags chooser on PMs for non-staff users
  • Fix several issues with topic progress refactor
  • Fix bar-style category dropdown
  • Better accommodate PM composer with tags
  • Fix short post width on mobile
  • Show quick search hint more consistently
  • Remove animation in admin theme list
  • Change login tabindex, follow-up to 6aa6275
  • Change tabindex on login to skip email login link
  • Apply tags during PM creation
  • Make PresenceChannel changes more responsive
  • Never show back button if less than current position
  • Don’t show anchor icon on touch devices
  • Re-order auth-related site settings for clarity
  • Add special case for user search when in a topic
  • Sometimes the footer would show up while refreshing a list route


  • Update like count in visible posts without an extra GET per like
  • Use different column for better query plan
  • There was a large performance regression in Logster
  • Optimize search in private messages query