3.0.0.beta16: Security release

Security Updates

This beta includes 8 security fixes for issues reported by our community and HackerOne.

Security

Theme Component Security Updates

The mermaid theme component has also received a security fix. Be sure to update theme components in addition to Discourse.

Additional Features and Fixes

Click to expand

Features

  • Make experimental hashtag autocomplete default for new sites

Bug Fixes

  • Bookmark auto delete preference usage and default value
  • Check that the node has a src attr when getting size

UX Changes

  • More descriptive sidebar titles, casing
  • Fix the positioning of topic admin popup menu
  • Remove unused strings
  • Fix for misalignment in autocomplete

Performance

  • Use user-specific channel for message-bus logout
11 Likes