3.4.0.beta2: Better pageview metrics, multiple category moderator groups, watch chat threads, and more

New features in 3.4.0.beta2

Better pageview metrics with the new site traffic report

We’ve added a new “site traffic” report on the admin dashboard that highlights pageviews from users and hides traffic from crawlers and other sources like bots by default. This now give you a far more accurate gauge of traffic to your site from logged in members to anonymous visitors. Learn more…

Ability to watch chat threads

You can now choose to get notified of all replies to a chat thread by watching the thread. People who are watching a thread will see a green indicator on the chat icon when there are new unread messages, an item in their list of notifications, along with other helpful indicators in the channel list and on the thread itself in the channel where it resides.

Ability to add multiple groups as moderators for a category

We’ve added the ability to configure multiple groups as moderators for a given category. Learn more…

New setting to exclude groups from /about page

Sites can now hide particular users from the admins and moderators section on the /about page by adding them to a group included in the “about page hidden groups” site setting. This allows sites to better highlight which admins are active in the community by hiding admins who are primarily assisting in a more technical role. Learn more…

image

New location for AI helper in the composer

The AI helper has been moved to the composer toolbar, for greater consistency with other composer options and to avoid interrupting a user’s writing and editing experience.

Option to use full names in chat direct message titles

In chat direct message channel titles, full names are now used instead of usernames for sites that have configured the existing preferences to do so elsewhere. Where a full name is unavailable, titles will still fall back to using the username Learn more…

Ability to dismiss admin notices

Admins can now dismiss notices shown on the admin dashboard.

This is a screenshot of a webpage with settings related to a software update or configuration.  (Captioned by AI)

As we’ve begun to surface more minor problems here that deserve some attention, we’ve also discovered a need to allow admins to dismiss things that they may not be able to address right away.

Security Updates

This release includes fixes for these security issues reported by our community and HackerOne.

  • DoS by the absence of restrictions on replies to posts (CVE-2024-43789)
  • Bypass of email address validation via encoded email addresses (CVE-2024-45051)
  • Prevent topic list filtering by hidden tags for unauthorized users (CVE-2024-45297)
  • XSS via chat excerpts when CSP disabled (CVE-2024-47772)
  • Anonymous cache poisoning via XHR requests (CVE-2024-47773)
13 Likes

Even more!

But wait, there’s more! We do our best to highlight new features and changes for you, but there’s always too many changes to detail. For a full list of new features, bug fixes, UX improvements, and more, be sure to review the Additional Features and Fixes listed below.

Plugin improvements

discourse-activity-pub

Bug Fixes

  • Adding tags in admin UI (116)
  • Support multiple moderation groups on category (114)

Performance

  • Static id for like post action type (112)

discourse-ai

New Features

  • Allows forced LLM tool use (818)
  • Allow llm triage to automatically hide posts (820)
  • Add Ollama provider (812)
  • RAG search within tools (802)
  • Basic support for GPT-o models (804)
  • Make tool support polymorphic (798)
  • Add a SambaNova LLM provider (797)
  • Disable rate limiting when skipping hyde (793)
  • More accurate and faster titles (791)
  • API scope for semantic search (785)
  • Smooth streaming animation for summarization (778)
  • Improve site setting search (780)
  • Initial support for seeded LLMs (756)
  • Allow embedding based search without hyde (777)
  • Triage rule can skip posts created via email (775)

Bug Fixes

  • AI Helper not visible on iPads (805)
  • Diff modal closing along with composer menu on mobile (803)
  • Keyboard shortcut should be platform specific (801)
  • Support case insensitive setting lookup (795)
  • Display cached summaries with our new streamer. (792)
  • Bail earlier when a chat thread has no messages (789)
  • Correctly display errors when parent module needs to be disabled first (788)
  • Coerce value before downcasing the hyde param (787)
  • We were never reindexing old content (786)
  • Prevent proofreading when there is no content (779)

UX Changes

  • Update icon and text for copying message (815)
  • Move templates to main LLM config tab, restyle (813)
  • AI composer helper z-index issue (809)
  • Take composer height into account when calculating the max-height for topic summary (806)
  • Improve toast message location (800)
  • AI post helper DMenu styling (770)
  • Replace “share” with “share-alt” icon (784)
  • Summary container should be fixed instead of growing (783)

Performance

  • Speed up spec (794)

discourse-assign

Bug Fixes

  • If a group is deleted also remove assignments (592)

discourse-calendar

UX Changes

  • Prioritize events with high participant counts (610)
  • Allow event time to be hidden if desired (606)

Security Changes

  • Fix XSS in calendar event name (607)

discourse-category-experts

New Features

  • Added Category Experts unapproved post WebHook Event (161)
  • Added Category Experts approved WebHook Event (156)

Bug Fixes

  • New post sending unapproved post webhook event (162)

discourse-chat-integration

New Features

  • Add chat integration reference post (216)

Bug Fixes

  • Adjust full_url method in ChatIntegrationReferencePost to return the correct URL (220)
  • Revert chat-integration move to discourse-automation (219)
  • Revert chat-integration move to discourse-automation (214)

discourse-data-explorer

UX Changes

  • Automatically convert to lowercase in explorer-schema (325)

discourse-encrypt

Bug Fixes

  • Add missing event handler (336)
  • Errors may be null-ish (334)

discourse-gamification

UX Changes

  • Convert admin leaderboard forms to FormKit (157)

discourse-livestream

New Features

  • Add update to chatable when topic category changes (33)

discourse-patreon

Bug Fixes

  • Use current Patreon logo for social login (145)

discourse-reactions

Performance

  • Remove unnecessary ‘includes’ call (309)

discourse-salesforce

Bug Fixes

  • Use correct user_id field from return auth result (90)
  • Remove incorrectly added ‘App not approved’ message (89)

discourse-saml

Security Changes

  • Upgrade ruby-saml to 1.17.0 which fix CVE-2024-45409 (104)

discourse-solved

Bug Fixes

  • Support multiple moderation groups on category (307)

discourse-staff-alias

Bug Fixes

  • Convert type in whisper params (75)

discourse-subscriptions

Bug Fixes

  • Redirect to the pricing table page when enabled (239)
  • Payments not showing up for users (233)
  • Create customer for one off pricing table purchases (232)

discourse-translator

New Features

  • Add ProblemCheck for google (167)

discourse-zoom

New Features

  • Add Zoom description and location to Google Calendar (87)

docker_manager

Bug Fixes

  • Remove `<3.4.0.beta1 version pin (241)

UX Changes

  • Suppress pnpm upgrade notifications in build logs (240)

All Features and Fixes

New Features

  • Limit client side image compression on Safari to version >`= 18 (28373)
  • Improve the suppression for admins when required (29041)
  • Supports mark tag in chat messages (28949)
  • Increasing name length in automation (28945)
  • Add ability to dismiss admin notices (28916)
  • Allow names in chat channel title (28843)
  • Toolbar API supports custom action for keyboard shortcuts (28883)
  • Add setting to exclude groups from /about page (28809)
  • Convert chat plugin UI to new show plugin and admin UI guidelines (28632)
  • Switch to new methods of pageview measurement and reporting (28729)
  • Added Category Experts unapproved post WebHook Event (28802)
  • Log tag group changes in staff action log (28787)
  • Only play chat sound when chat badge icon is shown (28387)
  • Add user to topic_tags_changed event (28714)
  • Add ‘Edit this page’ link at the top of the new /about page (28766)
  • Support designating multiple groups as mods on category (28655)
  • Added Category Experts approved WebHook Event (28525)
  • Add ability to watch chat threads (28639)
  • Post created/edited trigger can skip posts created via email (28615)

Bug Fixes

  • Skips caching a generated secret key base token if skip_redis is true. (29029)
  • Import script didn’t set public attribute of polls (28864)
  • Create an automation with forced_triggerable enabled (29030)
  • Fix broken client-side review actions (29025)
  • Unscoped plugin config page actions outlet (29026)
  • Custom flag name should be unique (28869)
  • Permanent delete of posts by deleted users (28992)
  • Don’t raise on some search terms
  • .badge-posts alignment on mobile glimmer topic list (28959)
  • Appropriately handle uninstalled problem checks (28771)
  • Show topic admin menu if can_split_merge_topic (28937)
  • Prevents user status selection in mentions (28944)
  • Support getters in hbr #each context (28941)
  • Retry updating webview background color (28912)
  • Prevent recurring automations from getting stalled under specific conditions (28913)
  • Don’t show move topic for private messages for TL4 (28871)
  • Error when moving the group default notification state (28910)
  • Remove anonymous users from users directory (28892)
  • Flaky system admin flags specs (28873)
  • Exclude inactive and silenced users from /about page stats (28877)
  • Regression in short description in admin badges page (28884)
  • Support date field in FormKit page object (28872)
  • Incorrect titles in two components (28865)
  • Align bulk award button with the other header action buttons (28859)
  • Use a custom prefix for custom flags (28839)
  • Errors may be null-ish (28826)
  • Poll voters list wasn’t expanding properly (28823)
  • Form template limit validation (28791)
  • Poll preview list styling remove redundant bullets (28592)
  • Prevent chat channel not found ajax error (28818)
  • Add “in:first” to user summary category search (28688)
  • Prevent layout shift caused by locale description length (28807)
  • Remove breaking super call in scroll-tracker component (28810)
  • Open file handles ‘just in time’ during s3 migration (28806)
  • Replace shield-blank with shield-halved for font awesome (28804)
  • Requested changes from dev (28784)
  • Reset cache after flags are seed (28801)
  • Supports groups field in post_created_edited (28783)
  • Supports groups field in post_created_edited (28773)
  • Add traffic info footer to the new /about page (28779)
  • Toggle chat drawer on channel thread list (28759)
  • Creating an automation without script should error (28752)
  • Ensures message field is rendering placeholders (28753)
  • Don’t let static pages overflow on some devices (28751)
  • Don’t use post ID as timeline collapse delay (28712)
  • Passkey login when Discourse used as SSO provider (28672)
  • Prevents PM to large groups (28681)
  • Return proper results when searching for a topic in Japanese
  • Keep the original URLParams in navigation item (28696)
  • Ensures global notices are destroyed on post created (28684)
  • Ensures default required validator handles 0 (28686)
  • Correctly pass updateGroupings to the modal (28683)
  • Mini-profiler CSP nonce when in report-only mode (28664)
  • Chat emoji picker positioning (28643)
  • Chat mailer log noise (28616)
  • Change eq to match_array in topic_tags_changed_spec.rb to solve flaky test (28640)
  • Ensure About#stats uses the cache (28634)
  • Use .login-right-side instead of .has-alt-auth (28628)
  • Do not enforce 2fa when an account is created with OAuth (28625)
  • Correctly filter user bookmarks (28612)
  • Restore propertyEqual following native-class conversions (28605)
  • Correctly render ace editor in FormKit (28601)
  • Poll ensure ranked choice results can handle options with rich text and links (28195)
  • Sum pageviews with number instead of string (28596)
  • Flaky flags spec (28591)
  • Correctly apply translate mod key (28520)

UX Changes

  • Improve bottom padding to chat index on mobile (29086)
  • Chat index mini refactor (29082)
  • Change twitter share link to X (29056)
  • Prevent user stream title from overflowing page (29032)
  • Add label for delete own post button in review queue (28991)
  • Proper description of the allowed_iframes setting (28997)
  • Minor admin mobile fixes (29028)
  • Remove alias from chat direct message channel titles (28958)
  • Chat composer style tweaks (28938)
  • Small colour change to chat composer insert button (28904)
  • Sort chat channels by activity in desktop drawer (28822)
  • Upodate stying of chat composer focused state (28900)
  • Add link to bootstrap mode docs (28898)
  • Link to sections in getting started guide (28882)
  • Tell 1Password to ignore the link name input (28559)
  • Fix confusing “claim reviewable” positioning (28870)
  • Fix admin report filter stacking (28875)
  • Fix double li-element in mobile list control (28840)
  • Update banner to handle responsive images with aspect ratio scaling (28825)
  • Prevent a focus-visible outline on mobile (28815)
  • Hide ‘other’ and ‘crawler’ site traffic on report page (28817)
  • Add learn more URL for admin flags page (28816)
  • Add a description on the about config area (28790)
  • Upgrade to fontawesome 6.6.0 (28778)
  • Fix wizard link in getting started guide (28768)
  • Remove btn-default class from chat thread tracking dropdown (28789)
  • Apply the admin page header component (28767)
  • Change organization alert type from error to info (28762)
  • Add links to getting started check list (28761)
  • Update chat channel sorting (28760)
  • Fix spacing of emoji in chat channel title (28756)
  • Chat drawer increase unread channel visibility (28731)
  • Apply admin UI to Badges (28724)
  • Update Chat Group Name and Placeholder (28703)
  • Update post_menu and post_menu_hidden_items copy (28723)
  • Avoid flashing error when loading form template (28700)
  • Adjustments for the about page banner image (28692)
  • Change admin plugins list to follow UI guidelines (28478)
  • Add descriptions to auto groups and auto group indicator (28630)
  • Change usercard selector to new identifier (28641)
  • Add progress bar to the registration flow (27694)
  • Add group link to category permission row (28560)
  • Fix spacing in topic map views menu (28583)

Security Changes

  • Prevent topic list filtering by hidden tags for unathorized users
  • Block registrations for encoded emails that are invalid
  • Add pagination to post replies
  • Correctly parse URLs in chat excerpts

Performance

  • Cache serialized voters at topic view level (28894)
  • Update migration to drop index concurrently. (28955)
  • Drop user_search_similar_results site setting (28874)
  • Use insertText more efficiently in replaceText (28880)
  • Preload user options when status is enabled (28827)
  • Preload voters_count and has_voted (28808)
  • Don’t do initialization for every DB if RAILS_DB is set (28668)

Accessibility

  • Add aria-label to user profile link in topic list (29088)
  • Announce “link copied!” confirmation for screen readers (29058)
10 Likes