jomaxro
November 1, 2022, 5:34pm
1
This beta includes 3 security fixes for issues reported by our community and HackerOne .
Multiple plugins have also received security fixes. Be sure to update plugins in addition to Discourse.
For sites with the General
require change email confirmationWeâve added a new site setting, require change email confirmation. When enabled, all users will need to confirm both their current email, and new email when changing it. When disabled, only staff users will need to confirm their current email when changing it.
All Discourse sites come with a welcome topic that admins are suggested to edit when setting up their site. This topic is now hidden from non-admin users until an edit is made.
Users can choose between Default or new/unread as the destination when clicking links in the sidebar.
We now add a link to the sidebar for admin users when they have not configured the default_sidebar_categories or default_sidebar_tags site settings
In the latest beta of Discourse, we introduced user tips explaining the most important features of Discourse (enabled by default; to disable it, navigate to your site setting and search for âenable user tipsâ).
[Screenshot 2023-08-01 at 6.41.57 AM]
At this moment, there are user tips for:
first notification
topic timeline
post menu
topic notification level
suggested topics
admin guide: getting started (shown to admins on new sites )
[Screenshot 2023-08-01 at 6.47âŚ
Custom users statuses can now be configured via account preferences, /my/preferences/account in addition to the user menu. This change also allows site setting to edit and/or clear a custom status from a user as needed.
Admins can now upload a second category logo which will be used for dark themes.
17 Likes
jomaxro
November 1, 2022, 5:34pm
2
But wait, thereâs more! We do our best to highlight new features and changes for you, but thereâs always too many changes to detail. For a full list of new features, bug fixes, UX improvements, and more, be sure to review the Additional Features and Fixes listed below.
Bug Fixes
Show group icon for group notifications
New Features
Improve mobile chat index screen experience
Improved emoji selection
Enable flagging for DMs
Inline video player for video uploads
Link general chat channel to general category
Use direct_message_enabled_groups for DM access
Improve chat messages flagging.
Bug Fixes
Prevents silenced users to send messages
10ms might be too short for ios hack
Removes requestAnimationFrame
Improves iOS hack for momentum scrolling
Ensures actions backdrop is removed when collapsing on mobile
Channel index mobile issues
Move reaction emoji name from class to data attribute
Improve chat reactions store
Prevents exception when transcripting multiple messages
Donât fail when trying to display DM flags in the review queue.
Makes emoji filtering case insensitive
Remove hijack on webhook and improve documentation
Ensures emojis have a title in the picker
Default is now only used for custom emojis
Prevents shimmer effect to apply to sidebar
Prevents selected toned emoji to append t1
Firefox uses relatedTarget for toElement/fromElement
Prevents blank screen on ios on initial load
Avoids blank screen on ios on sticky scroll
Stalled core emoji cache could return emojis without search_aliases
Ensures we reset selecting messages when switching channel
Prevents scrollbar to appear over content on android
Use sidebar contentCSSClass for muted channels
Staff should always be able to chat
Direct_message_enabled_groups refinements
Closing button not visible on chat index page
Deleting old messages should also clear flags.
Prefers /chat/channel/:id/:title?messageId=x link
Tighten flagging restrictions for chat messages.
Correctly censors excerpts
Simplifies loading message code
Enforces chat_channel_id when present
Add missing translation chat_message_flag_allowed_groups
Make chat_allow_uploads apply to DM channels
UX Changes
Fix link colour channel cards
Implements leave button on channel card
Adjusts composer/uploads padding
Ensures emoji picker search gets focus on first load
Double clicking one of your messages starts editing it
Moves new channel button to browse view
Accessibility
Show emoji color options in WHCM
UX Changes
Avoid double li tag in user-activity-bottom outlet
New Features
When user is on holiday set user status in core
Bug Fixes
Calendar wasnât resetting expired statuses
Disabling of header sorting now checks the correct site setting and defaults to false
Bug Fixes
Click not opening query
Errors when running query due to PG template patterns or comments
Bug Fixes
UX Changes
Remove unnecessary li tag for user-activity-bottom plugin outlet
Bug Fixes
Simplify Stripe webhook handler
UX Changes
Make styling consistent with everything else
New Features
Email notifications for policies
Bug Fixes
Adds prefix to UserOption enums to avoid collision
New Features
Separate sidebar links for anniv and bday
Bug Fixes
Validate post when committing revision
AppEvents.off error when destroying controller:topic
Bug Fixes
Do not override core rate limiting error message
Handle rate limit error messages on server side
Deleted topic should exclude it from reactions given
UX Changes
Use a regular mouse cursor in popover
Remove unnecessary li tag for plugin outlet
Remove unnecessary li tag for user-activity-bottom plugin outlet
New Features
Adds settings and enable_manual_trigger
Adds once support to auto-responder script
Bug Fixes
Adjust QA answers header sorts in RTL mode
Bug Fixes
Do not registerPlugin if no window.markdownitFootnote
New Features
Added a setting for the default leaderboard period
Bug Fixes
UX Changes
Allow picking any leaderboard in minimal component
Add crown
Leaderboard minimal styling
Click to expand
Reduce suspicious distance logins warning to 100km
Control topic width with variables
Generic hashtag autocomplete sorting
Add button to reset seen popups
Generic hashtag autocomplete part 1
Implement new onboarding popups
Show relative time when date is omitted
Add contentCSSClass for sidebar section-link
Double color for subcategories prefix
Adds seeded default categories to the sidebar
Preload resources via link header
Omit showing day when âtoâ day is same as âfromâ day
New outlet topic-list-main-link-bottom added to mobile
Handle oneboxes for complex GitHub URLs
When entering a topic scroll to last visited line marker
Canât change notification level of categories set to regular
Evaluate all callbacks rather than override them
Donât notify topic author about small action posts
Follow up fixes for password-reset error page
Simplify display of multiple AJAX errors
Donât attempt to add user again to a group when syncing groups via SSO
Ignore unique conflicts when backfilling sidebar defaults
Ensure that custom {{action}} modifier works with actions hash
A couple of topic elements are too wide
Move group-box group name from class to data attribute
Allow users already in automatic groups to log in
Add theme-color <meta> tag when a dark scheme is selected
Variable name typo
Reset error props on Topic model
Log user addition/deletion from groups when theyâre changed via DiscourseConnect
Category chooser not updating selection when editing reviewable
Correctly reset controllerReady prop
Use only first line from commit message
Minor typo
Set max-width on category logo img
Clientside checks for personal_message_enabled_groups
Set width on category logo img, not container
Do not show a 404 page when visiting messages
Correctly debounce various functions
Calculate header offset once on load
Skip all post validations if necessary
Ensure minification does not break colocated connectors
Do not include group less emojis in standard list
Sidebar_list_destination on CurrentUserSerializer
Ensure dropdown is above sibling labels
Sidebar list destination for tracked and tags
Exclude hidden topic posts and small actions from the RSS feed.
User card focus state appearing on click
Clarify security key copy
Reset general_category_id if the general category was deleted
Prevent layout shift while traversing dropdown
Adjust the users per trust level cells in RTL mode
Remove RS384 and RS512 cose ciphers
Show timelines dates as clickable
Action_code_path not being loaded for user-stream-item
Missing category badge for category with color stored as 3-digit hex code
Category sidebar link not active when filtered by none and all
Replace prefixCSS with prefixElementColors
Remove nil items before sorting the sha1 string array.
Reset related site settings on general category delete
Status emoji was shown on the left on mobile
Alignment of user status emoji on posts
Correctly handle HTTP errors during dominant color calculation
Typo
Warning about sidebar prefix style
User field styling on login
Change text
Staff action log âshow detailsâ links
Ensure local date format shortcuts work correctly
Ensure poll type toggle buttons function correctly
Deprecated settings should not override from UI
Hide old PM settings
Show error if field is same as password
Remove public topic invite functionality
Do not show welcome CTA banner if the welcome topic is deleted
Ensure group inboxes in messages section is sorted by group name
Determining local date same range is erroring when there is no date
Arrive at topic must be hidden when must_approve_users
Improve error handling for calculate_dominant_color!
Do not prefill default site title value on wizard introduction step
Make sure first admin users are added to auto groups
Watched topic overcome muted category
Ability to trigger emoji after indented code block
Missing sidebar section link icon for PM tags
Link to discovery.category in sidebar`
Skip quality title validations for static topics when edited by admin
Count resulting bulk invites correctly
Do not show user status on posts twice
New general category changes preventing topic create
Review sidebar link showing for users that canât review
Workaround a bug in the R2 gem to produce valid RTL CSS
Allow email login for admins in staff-writes-only-mode
Allow logout for admins in staff-writes-only-mode
Remove zero-width space when not necessary
Add better and more strict invite validators
Revert recursively tag lookup with missing ancestor tags
Missing theme upload should not break precompile process.
Removed bookmark reminder alert for reminders set in the past
Ensure closing sidebar tears down all callbacks.
Quirks around starting new uploads when one was in progress
Ensure image size is maintained even after loading error
Switch no categories/tags configured text in sidebar to a link
Fix grammar typo in trust_level_unlocked_tip
Change emoji graphic on invite error page
Make whole category box clickable
Allow linebreaks mid-word in github onebox file paths
Use a friendlier educational message
Send notification of type replied to topic author if theyâre watching the topic
Drag new user menus, scroll primary user nav
Fix user status display in autocomplete
Stop falling back to topic image on embeds
Improve autocomplete styling
Show category edit button when in tag intersection
Extend horizontal user nav to all user pages
Correct capitalization
Fix alt text cancel button in dark mode
Change button to grey
Simplify bootstrap mode visuals
Prevent reply to name from being longer than 400px
Welcome CTA edits
Theme setting highlight update
Horitzontal scroll controls for new user nav
Hide keyboard shortcuts on mobile
Onboarding edits
Conditionally display sidebar tags section for user
Conditionally hide sidebar categories section for user
Hide tags section in sidebar when user has no visible tags
Danger colour update
Updated styles for user nav with sidebar
Hide tags section from anonymous user when site has no tags
Correct colour to nav instead of danger
Default to dark category logo on dark schemes
Add more spacing to tab btns
Ensures we donât focus invisible button in sidebar
More... â More` in Sidebar
Hide sidebar on 2FA route
Change notifications nav icon in user page to bell
Add max-width to digest email, format erb
Fix post placeholder on mobile
Move dismiss button on the bottom to the right of the footer message
Exclude anon sidebar tags in site serializer for logged in user
Move dominant color calculation to separate job
Add keyboard support to youtube embeds
Add title to drafts remove icon button
Add for attributes for location, website in profile
Sortable header elements should have pointer
Add aria-label to topic post badges
Return focus to header search button upon escape of search
Improve group search accessibility
Improve user card appearance in WHCM
Add aria labels for posts in group activity
Improve topic timeline in WHCM
Bookmarks modal
Add href to frequent poster avatars
Improve accessibility in WHCM themes
Add more information to the âreply toâ button label.
Signal the toggle header can reorder table elements.
Trap focus on auth security modal
Make input popup errors keyboard-accessible
Fix tab order in âFeature topicâ modal
Make âLoad parent postâ element accessible
Set role=presentation if alt attr is missing
9 Likes
