3.1.0.beta2: Security fixes, new API scopes and more

• Allow changing slug on chat create channel
• Introduce pg_force_readonly_mode GlobalSetting
• Add in:polls filter to search
• Add rake task to mark old hashtag format for rebake
• Verify email webhook signatures
• Extend topic update API scope to allow status updates
• Raise redirect avatar cache to 1 day
• Add basic instrumentation to defer queue
• Allow group owners promote more owners

Bug Fixes

• Lazy_yt_enabled doesn’t affect the engine
• Delete reviewables associated to posts automatically
• Text selection breaks opening of links in new tabs
• Do not add empty use/svg tags in ExcerptParser
• Skip email if blank while syncing SSO attributes.
• TL4 user is not redirected to latest when delete topic
• Do not count deleted post for upload ref security
• Adds negative skidding to popper offset
• Data-popper-reference-hidden too broad
• Fix margin on mini-tag-chooser
• Prevents msg-actions to show hover text
• Generates automatic slug for trashed channels
• TL4 user can see deleted topics
• Allow modals to scroll on mobile when keyboard is open
• Don’t display staff-only options to non-staff in group member bulk menu
• Move min tag setting to tags section in edit category
• Deleted misconfigured embeddable hosts
• Query UploadReference in UploadSecurity for existing uploads
• Switch email domain site settings type to host_list
• Do not override channel name when category selected
• Enqueue notify_mailing_list_subscribers when post is recovered
• Change wording from title ->` name in channel about page
• New hashtag support for narrative bot advanced narrative
• Restore class-property babel transform for themes
• Validate tags parameter of TopicQuery
• Display Discourse onebox tag icon properly in chat
• Fix incorrect hashtag setting migration
• Use hashtags in channel archive PMs if available
• Add migration to reindex invalid indexes
• Ensure poll extraction is not attempted if post body is absent
• Preload user sidebar attrs when ?enable_sidebar=1
• Prevent concurrent updates to top_topics
• Ruby 2 backward compatible plugin logout redirect
• Fix flaky test resulting from PostAlerter keyword arguments
• Regression in TopicTrackingState MessageBus message scope.
• Improve error reporting and failure modes for channel archiving

UX Changes

• Remove extra whitespace in search helper
• Prevent user card status overflow
• Improve bulk button layout and alignment
• Fixes and adjustments for user nav
• Set penalty history to sticky
• Hide date in timeline when wrapping
• Remove left margin
• Add margin to search keyword
• Switch categories-boxes layouts from flexbox to grid
• Prevent search context btn text from wrapping
• Add missing space and other minor search adjustments
• Reorders chat-channel fields
• Restyle quote/share popup, fix hover jitter
• Refactor alignment of tag icon in Discourse onebox
• Fix alignment issues with autocomplete
• Streamline avatar in topic list

Performance

• Don’t parse posts for mentions when user status is disabled
• N+1 queries when viewing tags

Accessibility

• Discourse-tags should have a role and label
• Add aria-labels for flagging textareas
• Remove heading tags from user profile
• Add secondary skip link to user profiles
• More descriptive user page titles
• Add aria tags to the new user nav

• Default user serializer animated avatar to nil

• Automatically open assignee chooser
• Show user status when search assignees

• Add minimal option to events

• The event doesn’t load after creating it
• Add missing translation for event reminder push notification title

• Component import

• Allow diff with first commit
• Skip irrelevant PR events

• Broken mention lookup

• Remove open/firing alerts query that is no longer used client side.

• Improve setting names and descriptions