3.4.0.beta4: Redesigned emojis, exporting user data, flagging illegal content and more

New features in 3.4.0.beta4

Redesigned emojis

The emoji picker now uses :slightly_smiling_face: icon within the composer. When typing out an emoji, selecting one will replace any partially written text. Additionally, there were several fixes to emoji menu positioning, sizing, and general behavior.

Exporting user data

Discourse continues to be GDPR compliant by allowing admins to export individual user data through the User exports section, which is available when selecting a specific user from admin settings.

Flagging illegal content

Trust level 0 (TL0) and anonymous users can now flag and report illegal content.

Consistent admin settings

Admin settings now only show relevant site settings in dedicated pages when you click on any item that contains settings from the sidebar, i.e., Spam, Experimental, Rate limits, etc.

Security Updates

This release includes fixes for these security issues reported by our community and HackerOne.

7 Likes

Even more!

But wait, there’s more! We do our best to highlight new features and changes for you, but there’s always too many changes to detail. For a full list of new features, bug fixes, UX improvements, and more, be sure to review the Additional Features and Fixes listed below.

Plugin improvements

discourse-activity-pub

Bug Fixes

  • ActivityPub user locale strings (150)
  • Broken followers list for anonymous users (145)

discourse-ai

New Features

  • Changes to summaries’ outdated logic. (1108)
  • Improve o3-mini support (1106)
  • O3-mini supports (1105)
  • Use persona default LLM for Discord integration (1104)
  • Block seeded models for being a persona default (1100)
  • Gemini Tokenizer (1088)
  • Track duration of AI calls (1082)
  • Formalize support for matryoshka dimensions. (1083)
  • Configurable embeddings (1049)
  • Add user location info to spam scanner context (1076)
  • Llm quotas (1047)
  • Add the ability to disable streaming on an Open AI LLM
  • Smart date support for AI helper (1044)

Bug Fixes

  • Need to be able to search replace within lines (1110)
  • Make sure DiscoursePrometheus is installed when collecting metrics (1107)
  • Android tablet composer menu z-index (1102)
  • OpenAI api key still needed for Dall-E. Unhide it. (1098)
  • Open AI embeddings config migration & Seeded indexes cleanup & (1092)
  • Always raise the single exception/Open AI models migration (1087)
  • Embeddings backfill rake task was using old code (1084)
  • Convert provider_params hash to json before db insert (1081)
  • Open AI embedding shortening is only available for some models (1080)
  • Restore the accidentally deleted query prefix. (1079)
  • Set default for existing records. (1073)
  • Make summaries backfill job more resilient. (1071)
  • AWS Bedrock non-streaming calls response log (1072)
  • Only hide posts detected explicitly as spam (1070)
  • Missing table check in post_migration (1068)
  • Do batches for backfilling huge embeddings tables (1065)
  • Composer helper not appearing on tablets (1064)
  • Split backfill into separate migrations to use independent transactions (1063)
  • Split statements to avoid timeout (1062)
  • Invalid locale yaml (1057)
  • Update spam controller action should consider seeded LLM properly (1053)
  • Keep track of silence reason when spam detection flags user (1046)
  • Prevent LLM enumerator from erroring when spam enabled (1045)
  • Embedding validation (1043)
  • AI Helper category / tag suggestion when user does not categories muted (1042)
  • Embeddings validator test needs to use the new Vector class. (1041)
  • Custom prefix causing allowed seeded LLMs not to be shown (1039)
  • Cloudflare Workers AI embeddings (1037)
  • Properly spin down unused streamer threads (1035)

UX Changes

  • Include none false for provider params (1111)
  • Improve embeddings config styles (1085)
  • Update usage “Learn more…” link (1090)
  • Set usage as first AI admin tab (1089)
  • Fix composer helper z-index (1086)
  • Full page search – always show tooltip & add msg (1051)
  • Close summary modal on click outside (1050)
  • Disabled preseeded edit button, add description (1038)
  • Minor improvements to LLM page and admin tables (1034)

Security Changes

  • Fix XSS on Shared AI Conversations local Onebox (1069)

Performance

  • Optimize backfill query to prevent statement timeouts (1066)

discourse-assign

New Features

  • New “notification level when assigned” user preference (626)

discourse-calendar

Bug Fixes

  • Row height on the upcoming events calendar (677)
  • Recurring events not displayed on /upcoming-events (676)
  • Correctly apply local dates on event dates (671)

UX Changes

  • Do not show participants in admin drop down menu for standalone events (679)
  • Remove going indicator for standalone events (672)

discourse-chat-integration

Bug Fixes

  • Topic changing category was not triggering notifications (244)

discourse-client-performance

New Features

  • Record CLS and improve INP target identification (53)
  • Log viewport width/height information (51)

Bug Fixes

  • Do not divide CLS by 1000 (54)
  • Logging of initially-loaded route (38)
  • More robust reporting on mobile (52)

discourse-data-explorer

Bug Fixes

  • Boolean field default state mismatch (353)

UX Changes

  • Apply admin table classes for consistent mobile styling on the recent queries page (349)

discourse-development-auth

UX Changes

  • Add plugin title (22)

discourse-doc-categories

UX Changes

  • Added plugin About information and a link (30)

discourse-encrypt

Bug Fixes

  • Remove a duplicated topic-status icon (366)

discourse-follow

Bug Fixes

  • Stream should come from args instead of this (138)

discourse-gamification

New Features

  • Add option to lock leaderboard view to default period (179)

Bug Fixes

  • Redo period filtering to respect leaderboard date bounds (178)

discourse-post-voting

Bug Fixes

  • Delete reviewable when the user is deleted (227)

discourse-reactions

UX Changes

  • Prevent accidental text selection of the reactions counter (336)

discourse-rewind

UX Changes

  • Text & width adjustments (9)
  • Make card clickable link
  • Adjust styles for long words
  • Simplify hours and minutes shown
  • More books styling (4)

discourse-solved

Bug Fixes

  • Use both possible *_answer attributes (329)

discourse-staff-alias

Bug Fixes

  • Allow any type of post revision for staff alias topics (86)

discourse-translator

New Features

  • Show experimental language switcher for anon users (198)

Bug Fixes

  • Strip detection text before truncation (196)
  • Skip images and quotes when sending for language detection (195)
  • Normalize languages within Discourse AI translator (194)

discourse-whos-online

Bug Fixes

  • Cannot read property of undefined (119)

discourse-zoom

Bug Fixes

  • fast_typing_threshold site setting (112)
  • Modernize topic page integration (111)

docker_manager

UX Changes

  • Removed a redundant git pull statement from the user message (260)
  • Update the admin page header to use DPageHeader (258)

All Features and Fixes

New Features

  • Remove unnecessary org names from PR oneboxes (31102)
  • Handle newer url format for Twitch clips (31080)
  • Localization admin settings config page (31085)
  • Multiple Draft Topics (30790)
  • New fast_typing_threshold site setting (30865)
  • Improve wizard font selection and set Inter as default font for new sites (30974)
  • Allow setting locale from ‘lang’ param (30952)
  • Add attribution to staff notice and rename functionality (30920)
  • Allow admins to export users (30918)
  • Add new hidden site setting to show full names in user card
  • Handle special font properties from discourse-fonts (30891)
  • Improve use_email_for_username_and_name_suggestions (30845)
  • Chat thread inline oneboxes (30834)
  • Setting allowing tl0/anonymous flag illegal content (30785)
  • Add drafts dropdown menu (30277)
  • Add IP Lookup to review queue (30688)
  • Add a onebox_locale site setting. (30655)
  • Show silence reason when viewing silenced users (30635)
  • Add trigger_on option to topic_tags_changed automation (30391)
  • Add new setting to select view for category page on mobile (30519)
  • Improve wizard quality and rearrange steps (30055)
  • Add support for One-Click unsubscribe (RFC 8058)
  • Allow disabling of anti spam profile hiding feature (30508)
  • Add option to hide full name input at signup (30471)
  • Support adobe analytics tags tracking (30433)
  • Unhide ‘suppress_secured_categories_from_admin’ setting (30436)
  • ThreadPool implementation (30364)

Bug Fixes

  • Allow to follow non-ASCII canonical links for oneboxes
  • Better standalone checkbox support (31130)
  • Chat was enqueueing too many “chat summary” emails (31133)
  • Quote from thread in drawer mode (31137)
  • Supports height/preview form-kit composer (31121)
  • Hacker News onebox favicon (31115)
  • Reset the delete automatic group tooltip (31094)
  • Switch panel back to forum last known url (31092)
  • Cannot manually add users to automatic groups (31062)
  • Quoting videos can show a corrupted thumbnail (31079)
  • Change off to disabled for fast_typing_threshold setting (31077)
  • Wizard preview fonts not loaded (31064)
  • Remove groups when promotion is recalculated. (31058)
  • Only validate length when value is set (31053)
  • Hide none on required fields with value (31052)
  • Allow user directory searches to return more than 20 matching results (31032)
  • Remove muted topics/tags/categories from top and hot topics lists (30892)
  • Update AdminNotice details when problem check tracker changes (31031)
  • Hijack controller for topic move posts (31029)
  • Always search email logs including the cc: addresses
  • Correctly closes panels in threads (31013)
  • Reset bool site setting not updating checkbox (30999)
  • Improves reliability of last visit line in chat (30948)
  • Minor i18n problems on admin webhooks pages (31010)
  • NULL IP for similar users caused incorrect message (30981)
  • Enforce second factor with subfolders (30992)
  • Don’t return the last post we already have when paginating /posts (30991)
  • Double click on tag INPUT breaking expected behavior (30975)
  • /posts pagination uses ID not created_at (30990)
  • Ensures category is rendered (30988)
  • Query syntax error in UserBadge.update_featured_ranks! (30979)
  • Truncate extremely long site name titles (30977)
  • Broken tada emoji on subfolder account activation (30972)
  • Scrub Client-Ip request header in nginx (30971)
  • Show the correct message when no user export exists. (30970)
  • Which topic do you want to reply to rendering raw HTML (30962)
  • Only apply the rate limit to user exports, not downloads (30965)
  • Revert “Automatic auth flow with full page login/signup” (30960)
  • Allow touchmove in composer when there is a selection (30957)
  • Keep active state in sidebar button for category/tag hot routes (30954)
  • Automatic auth flow with full page login/signup (30928)
  • Adjust search menu buttons alignment (30939)
  • Display either the topic-status outlet or the fallback (30938)
  • Incorrect i18n titles for fallback topic-status (30937)
  • Prevent frozen string error in import scripts (30325)
  • Ensures more icon is visible on hover (30925)
  • Ensures chat navbar is on top of content (30923)
  • Admin sidebar problem check missing -1 check (30916)
  • Restore footer-nav backdrop-filter for iOS `< 18 (30914)
  • Enforce ‘prefix’ notation for media-query ranges (30913)
  • Lint issue follow-up to a3359ac (30911)
  • Removes mousewheel edge case on messages (30900)
  • Emoji picker position when clicking more (30896)
  • Supports quoting mathjax (30876)
  • Avoid possible rendering infinite-loop in post-menu (30873)
  • Invalidate stylesheet cache when discourse-fonts is bumped (30869)
  • Update nginx types config (30868)
  • Adjust grid-template-columns to prevent text overflow (30864)
  • Prevent wrapping of select box container by applying nowrap (30863)
  • Don’t allow editing own posts user can no longer see (30839)
  • Only attach images in digests (30844)
  • Re-adds favorite reactions on mobile (30746)
  • Relative links in the insert hyperlink modal (30842)
  • Expand the hidden post menu when one option is available. (30831)
  • Do not store 0 has min width for thead panel (30818)
  • Ensures scrolls work in chat when touch is on text (30817)
  • Add a DB migration to update font site settings types (30813)
  • Process tag synonyms when approving reviewable queued post (30810)
  • Include original filename in s3 uploads even if not attachment (30789)
  • S3Inventory#backfill_etags_and_list_missing need to unescape key (30787)
  • Remove /u/ from robots (30782)
  • Do not allow_any on fonts site_settings (30780)
  • Double trigger of close user menu (30732)
  • Safari on iOS crashes when pinch-zooming (30779)
  • Full page search result infinite scroll with added results (30771)
  • Prevent multiple requests when clicking drafts trigger (30736)
  • Add Type column to Flag Status CSV export (30756)
  • Set fixed width for email group chooser dropdown to prevent resizing based on content (30740)
  • Avoid loading reactions index when plugin is not installed (30749)
  • Improve sidebar invite link highlight persisting, link tabbing and activation behavior (30734)
  • Remove complicated ‘chat_duplicate_message_sensitivity’ site setting (30516)
  • Strip unsubscribe links in incoming emails (30695)
  • Ensure GroupChooser works with localized group names (30593)
  • Show both group’s full name & name when they differ (30672)
  • Allow admins to use reserved usernames (30262)
  • Add back API keys plugin outlet lost in translation (30730)
  • Correctly position emoji picker when clicking more (30724)
  • Removes blank spacing in message actions (30697)
  • Simplify body scroll lock on iOS (30696)
  • Add back missing API key ‘peek’ step (30683)
  • Correct emoji picker size in modal (30675)
  • Lockup when navigating with j/k (30674)
  • Emoji picker followups (30670)
  • Improve the user badge alignment on mobile devices. (30665)
  • Inline oneboxes should obey the locale. (30664)
  • Do not memoize score types (30657)
  • Ensure Onebox requests ask for the correct language. (30637)
  • Emoji-picker minor improvements (30645)
  • Cleaned up horizontal nav scrolling so arrows show/hide properly (30621)
  • Name field should appear in the signup form for login-required sites (30634)
  • Move posts modal passing topic instance rather than ID (30622)
  • Wizard improvements post-merge part 1 (30612)
  • Ensure popups from the chat composer dropdown gain focus (30613)
  • ChangeFullNameRequiredSetting could fail if setting was already in DB (30605)
  • Consistent delete button for admin panel (30592)
  • Allow attachments to be opened in a new tab instead of downloading them (30535)
  • Calculate experiment_enabled on server for “What’s new?” (30599)
  • Stuck notification for mentions within threads (30546)
  • Dashboard last checked date was always English (30569)
  • Allow signups when full names are disabled (30551)
  • Show error message when password is too common (30507)
  • Fallback when embedding YouTube videos with lazy videos (30514)
  • Dashboard report change tooltip was not translated (30541)
  • Reports did not respect user locale (30524)
  • Wizard branding step null logo (30523)
  • Correctly extract body and/or reply from exchange emails (30512)
  • Switch back to using a temp table for moving posts. (30509)
  • Correct topics and posts count in import:ensure_consistency rake task (30104)
  • Consistently notify lowest post number if post_moved notification generation (30448)
  • All admins should be allowed to see deleted PM posts regardless of their mod status (30206)
  • Treat contact_url setting as a domain by default (30225)
  • We introduced a Jobs::UserEmail which broke consistency checks (30409)
  • More… should not show when there are no visible links (30405)
  • Correclty allows to untoggle a fk toggle (30404)
  • Better handle race condition when a channel is deleted (30403)
  • Handle more thread pool edge cases (30392)
  • Simplify nginx config change (30383)

UX Changes

  • Restore shared sidebar link for posts and drafts (31159)
  • Improve drafts list (31122)
  • More selectors for transparent buttons (31155)
  • Hide inner site settings sidebar if admin sidebar enabled (31047)
  • Prevent topic map link menu from overflowing when there are many links (31147)
  • Replace href cancel with DButton (31138)
  • Remove half-pixel border from loading dots (31105)
  • Unblock clicking through progress bar wrapper (31135)
  • Fix topic progress position when composer is open (31134)
  • Fix user-select regressions (31129)
  • Update system font stack to system-ui (31125)
  • Clean up post action menu styles, fix issues, add variables (31100)
  • Fix discourse topic onebox styling (31106)
  • Allow msg select buttons to wrap (31084)
  • Move “hide profile” checkbox to profile tab (31095)
  • Show full total numbers in admin reports (31061)
  • Remove animation for back button on mobile (31048)
  • Fix tag revert rename 404 error (31049)
  • Fix mobile chat DM row layout (31043)
  • Add missing class to group bulk select button (31038)
  • Re-check triggerRule to avoid autocomplete in code (30961)
  • Sidebar “more” icon color fix (31017)
  • Hide user card focus until keyboard navigation begins (31014)
  • Respect user locale when sending chat notices (30996)
  • Improvements to posts route (30968)
  • Fix admin dashboard link and style regressions (30969)
  • Add HTML class for composer preview to manage sidebar height (30956)
  • Revert #30547
  • Use em units for code font-size (30936)
  • Inherit font-settings on form controls (30935)
  • Fix minimized composer position on iOS PWA and app (30926)
  • Rename “hamburger menu” to “navigation menu” in keyboard help (30927)
  • Adds chat send shortcut user preference (30473)
  • Set mobile read state indicator to static size to avoid overflow (30910)
  • Only lock viewport scale during focusin events for iOS PWA/Hub (30908)
  • Improve git/code oneboxes (30822)
  • Remove loading="lazy" from avatars for improved UX (30897)
  • Workaround iOS bottom overscroll bug in header-offset calcs (30895)
  • Extend Safari scrolling fix to work in iPad PWA (30894)
  • Improve sidebar positioning in Safari (30888)
  • Fix scrolling of form template composer on mobile (30883)
  • Remove table editor transition effect (30878)
  • Replace font-size-ios-input workaround (30877)
  • Convert “view all notification” to a link (30874)
  • Replaces custom more menu by d-menu (29090)
  • Makes smile the default emoji-picker icon (30843)
  • Improve the alignment of long status messages (30830)
  • Removed a redundant git pull statement from the docs (30801)
  • Wizard and theme install modal improvements (30788)
  • Tweak plugin and customize-based admin page margins (30808)
  • Use DPageHeader on the Logs page (30786)
  • Wizard homepage dropdown improvements (30763)
  • Adjust styling of Back button in topic progress (30769)
  • Use DPageHeader on the Email Style page (30784)
  • Use DPageHeader on the Emails page (30781)
  • Use DPageHeader on the Site Settings page (30783)
  • Remove redundant text-decoration: none, follow up to 912b002 (30775)
  • Show strikethrough, underline in post edit diff (30773)
  • Check category permission before new topic quote (30753)
  • Use DPageHeader on the Components page (30762)
  • Getting started guide fixes (30757)
  • Remove flat icons from wizard step two (30761)
  • Use DPageHeader on the Themes page (30759)
  • Apply admin UI guidelines to Reports pages (30684)
  • Add placeholder title for drafts (30747)
  • Switch button focus state to focus-visible (30744)
  • Improve discobot certificate font language support (30722)
  • Improve git blob oneboxes (30694)
  • Add DPageHeader to watched words and color palettes (30686)
  • Final pass of admin setting pages (30682)
  • Follow-up sidebar variable fixes for c398933 (30676)
  • Use FontSelector for displaying font-related settings. (30636)
  • Use font with more glyphs for discobot certificates (30646)
  • Conditionally render permalinks filter (30633)
  • Align silence reason header text with content alignment (30639)
  • Admin setting page consistency - Files and Other (#30572) (30614)
  • Admin setting page consistency - Onebox (30611)
  • Admin setting page consistency - User API (30610)
  • Admin setting page consistency - Rate Limits (30609)
  • Admin setting page consistency - Developer (30607)
  • Admin setting page consistency - Spam (30606)
  • Admin setting page consistency - Security (30598)
  • Admin setting page consistency - Experimental (#30572) (30603)
  • Admin setting page consistency - Group permissions (#30528) (30578)
  • Refactor nav stack active element (30601)
  • Remove version from “What’s new?” items (30596)
  • Update email and security sidebar link copy (30563)
  • More translations for admin dashboard (30570)
  • Adjust mobile to avoid progress bar jitter (30591)
  • Improve table hover states, fix table button margin issue (30585)
  • Add missing icon for open_topic small action (30586)
  • Only show red count in IP lookup when greater than 0 (30584)
  • Do not anchor scroll on topic navigation/map (30580)
  • Minor copy edit for full name requirement setting options (30581)
  • Admin setting page consistency - Navigation (30574)
  • Admin setting page consistency - Search (#30528) (30573)
  • Admin setting page consistency - Legal (30572)
  • Admin setting page consistency - Trust levels (30571)
  • Admin setting page consistency - Site Logo (30567)
  • Admin setting page consistency - Fonts (30564)
  • Admins embedding page follows admin ux guideline (30122)
  • Avoid triggering the autocomplete mid-word (30042)
  • Use em for code font-size (30547)
  • Admin setting page consistency - Notifications (30528)
  • Inherit font-size for code in headings (30536)
  • Replace partially written emoji when using picker on chat (30517)
  • Tweak suppress_secured_categories_from_admin setting description (30532)
  • Do not tab to an already active tab (30531)
  • Add highlight for active nav in admin secondary sidebar (30486)
  • Move first settings admin route to config page (30510)
  • Add Sentence Casing for Setting Names (30479)
  • Hide before-header-panel-outlet on login page (30472)
  • Remove chat hover effect from github status badge (30447)
  • Add highlight for active nav in category settings (30428)
  • Fix misalignment + remove border-radius of topic progress element (30427)
  • Improve link copy status transition (30401)
  • Site setting filter background inconsistencies (30393)
  • Admin sidebar link changes (30365)
  • Refactor IP lookup using DMenu to improve layout and positioning (30374)

Security Changes

  • Limit /inline-onebox to 10 URLs at a time
  • Ensure user-stream topic titles are always escaped correctly
  • Ability to bypass disabling chat of users
  • Disable access to “activate-account” route for existing users
  • Restrict allowed URL patterns
  • Preload data only when rendering application layout
  • Sanitize video placeholder urls

Performance

  • Remove old fullscreen-detection code (31075)
  • Optimize uploads:disable_secure_uploads to load in batches (31030)
  • Enqueue Job::BackfillBadge in Jobs::BadgeGrant (30945)
  • Enable gzip for ttf/otf fonts (30867)
  • Refactor and optimize splash screen implementation (30373)

Accessibility

  • Fix color issue with delete topic button in WCAG palette (31023)
  • Show focus when tabbing to user menu items (bottom bar) (31015)
  • Allow tabbing to members link in chat channel card (31016)
  • Move heading role to parent tag to fix voice control (30796)
  • Fix screen reader access to user directory (30499)
6 Likes