Discourse 2.3.0.beta10 Release Notes

Even more!

But wait, there’s more! We do our best to highlight new features and changes for you, but there’s always too many changes to detail. For a full list of new features, bug fixes, UX improvements, and more, be sure to review the Additional Features and Fixes listed below.

Security Updates

This beta includes 4 security fixes for issues reported by our community and HackerOne.

  • Lodash 4.17.11
  • Updates lodash from 1.3.0 to 4.17.5
  • Avoid use of send in favor of public_send
  • Fix tab nabbing.

Discourse Hub updates

  • Safari authentication via iOS
    • this supports better authentication integration with iOS including saved passwords, existing SSO sessions and more
  • Use React Native Webview to load sites for a better, faster UI experience

See New iOS mobile app beta available for testing for full details.

Plugin improvements

WP Discourse

  • Fix: don’t enqueue Discourse sidebar script if no post types have been selected

Algolia

  • Bug fix
  • Upgrade Algolia version

Ad Plugin

GitHub

  • Bug Fix

Docker Manager

  • Upgrade jQuery version

Data Explorer

  • Add support for _url in column name to link to a url

Steam Login

  • Update plugin to work with latest Discourse versions

Login with Amazon

  • Initial release

OAuth2 Basic

  • Bug fix

Policy

  • Improve dark theme compatibility

Spoiler Alert

  • Replace spoilers with URLs to post when sent via email

Placeholder

  • Support lists
  • Bug fixes

Code Review

  • Add helper for importing a single commit
  • Bug fixes
  • Security fix: Patched shell injection
  • Limit oauth scope

    :warning: this plugin update requires you to change your config. See this commit for details

Assign

  • Limit the amount of assigned topics a user can have
  • Remind users of assigned tasks (default every 30 days)
  • Bug fixes
  • Show topic and PM assigns in the user’s assigned activity list
  • Remove “unassign all”

Solved

  • Bug fixes

Onebox

  • Bug fixes

Moderator Attention

  • Bug fix

Calendar

  • Bug fixes
  • Automatic display of regional holidays per user

Anonymous user

  • Bug fixes

Additional Features and Fixes

Click to expand

New Features

  • Support ``[description|attachment](upload://) in MD.
  • Allow import of hidden site settings
  • Use GIVE_UP=1 to inform rake posts:missing_uploads you are done
  • When suspending a user, allow the Delete + Replies action
  • Add backup directory for mmdb files
  • Rake posts:recover_uploads_from_index improvements
  • Rake task for recovery of uploads from an index file
  • Fix_relative_upload_links now multisite safety
  • Rename task to posts:destroy_old_data_exports
  • Add OpenGraph data to /login page
  • Rake posts:destroy_old_user_data_exports
  • Multisite support for posts:rebake_uncooked_posts
  • Warn about sidekiq overload prior to migrating
  • Posts:rebake_uncooked_posts to look at mismatching baked_version
  • Add uploads:s3_migration_status for looking at current status
  • Big warning for uploads missing which can be very very slow on S3
  • Add toggle for uploads:missing so it can skip external
  • Make posts:missing_uploads multisite friendly
  • Add attachment support to xenforo importer
  • Allow a huge number of users to share common prefix
  • Preserve notifications levels when splitting topics.
  • Update mini_racer to version including heap dump support
  • Allow shadowing all s3 settings
  • Use the exact name provided by auth provider
  • Allow overriding download of maxmind db via env
  • Claim Reviewables by Topic
  • Use full screen login by default for social login methods
  • Option to skip posts with ignored missing uploads
  • Hide Reviewable scores, change score filter to Priority
  • Use Beacon API for tracking clicks.
  • Flag count in post menu
  • Rake task to bulk grant badge to members of a group
  • Only scroll to bottom for discobot
  • Show edit indicator on review queue
  • Show diff of local changes before updating remote theme
  • Disable native share API on non tablets/phones
  • Automatically generate optimized site metadata icons
  • Added unlisted topics option to advanced search
  • Adds support for dates in polls
  • Initial implementation of generic filters for reports
  • Ignoring users from the preferences page in a cleaner way

Bug Fixes

  • Don’t show the “Flag to delete” message to staff
  • Add Chromebook detection.
  • The en_US locale depends on en
  • Ensure the post url is present
  • Reduce poll when post is nil
  • Create system message in user selected locale
  • Icon deprecation s/group/users
  • Incorrectly removed moveTypes array
  • Lookup should be done against locale of reference
  • Displays text of asset-version changed modal
  • Have nginx always pass /uploads/short-url requests to app.
  • Verify the exitence of s3_object properly without db name
  • Ensures post-small-action is using timezone to display dates
  • Replace details content with instruction.
  • Position emoji-picker around d-editor.
  • Bump search index version.
  • Correct translations for logs error rate notice
  • Use the right property for post ID.
  • Ensures events have access to correct context
  • We shouldn’t memoize the last time something is read
  • Delete system generated message when user_export record is deleted
  • System generated message for user export should be closed by default
  • Refresh automatic groups after inviting moderators.
  • Username suggester incorrectly skipping over whitelisted username
  • Exception which was meant to be ignored and logged was failing
  • Ensure we can download maxmind without redis or db config
  • Rake maxminddb:get broke cause it required environment
  • Don’t send replies to flags that are ignored by expiry
  • When deleting a user via queued posts, block urls, ip and email
  • Adding a user to a group twice under concurrency
  • Update mapping between locales and Postgres dictionaries.
  • Attempts to prevent stacked-chart from being cut off
  • Update tags on change.
  • Consistently handle category param
  • Catch proper exception
  • Warn instead of excepting if MaxMind DBs can’t be downloaded
  • Gunzip the downloaded file
  • Gz_file might be nil here
  • Introduces onSelectAny (regroup onSelect and onSelectNone)
  • Correctly cache hash of extra translations
  • Fallback locale was not available for extra translations
  • Add missing unique index on user_id for user_profiles.
  • Undefined method when serializing a user
  • Linting
  • Popover should use target when no data attributes
  • Allows scrolling when a lot of categories are used
  • Pull hotlinked images for lightbox links as well.
  • Exception when pressing backspace on empty selection
  • Ensures selection is lookedup into async content
  • Fix build.
  • Ie11 exception on new category popup
  • Avoid logging a warn for 404s.
  • Don’t convert :) into Emoji when emojis or emoji shurtcuts are disabled
  • Allow upload recovery to recover uploads with sha mismatch
  • Ensures we have an elementFromPoint before using it
  • Migrate_to_s3 task should remap attachment links too.
  • Adds groupBy to lodash available functions list
  • Shows parent category name in title anchor
  • Use tar -xzvf to extract maxmind vs Ruby wrappers
  • Skip upload recovery if file not found in s3
  • Skip old scheme upload URLs while validating s3 uploads remap
  • Remove the unwanted code.
  • Puts focus-event at application level
  • Better node check for clickoutside in widgets
  • Should not migrate the system uploads to s3
  • Ensures mousetrap is reset with the application
  • Ensure we don’t queue any jobs during s3 migration
  • Skip uploads without etag in s3 inventory check.
  • Handle clicks counters in full quotes
  • Return consistent character encodings when downloading S3 uploads
  • Prevents events on toolbar when in form
  • Only delete theme folder if it has been created
  • Missing post revision when editing the first post.
  • _.include is no longer imported from lodash
  • Wrong file used when updating lodash
  • Small tweak to percentiles based on feedback
  • Blocked watched words should apply to staff
  • Btn class was duplicated on admin-menu-buttons
  • Share-and-invite modal was too narrow
  • Include posts with data-orig-src attribute in have_uploads scope query.
  • Skip validation while recovering uploads from s3
  • Retrieve original filename from s3 object’s content disposition header
  • Select-kit too narrow in topic timer
  • Don’t hide back button at the bottom of timeline
  • Do not send duplicate alerts for the same post
  • Remove full quote on direct replies when “typographed”
  • Make serverside and clientside omniauth origin redirects consistent
  • Ensure get_a_room link starts with 'base_path translation
  • Add bucket folder path only if not exists
  • Return 404 only if upload url also not internal.
  • Make frozen string mutable in incoming_domain
  • Don’t allow username to be changed to same as password
  • Don’t try to delete inactive moderators
  • Do not log username change if the save process was unsuccessful
  • Issue with incorrect heights when cloaking plugin content in posts
  • More efficient topic-footer-button-api
  • Remove trailing slash from topic URL
  • Prevents exception if report doest define filters
  • Allow underscores in s3_upload_bucket setting
  • Reload the user record instead of fetching via email
  • Track mutations on topic edit category-chooser only on select
  • Delete duplicate invites earlier in the process
  • Customizing missing pluralized translations didn’t work
  • Catch InvalidPluralizationData exception in fallback locales
  • Correctly calculate fallback locale list
  • When mutating a string to build a diff. Duplicate it first
  • Invalid URL for queued posts review
  • Pluralization error for tag error message
  • Don’t increment version if the reviewable operation fails
  • Correct CSS for instagram video play icon
  • Process image onebox correctly when image is wrapped in a link
  • Don’t display option for users to flag and notify a bot.
  • Don’t create staged users when processing forwarded email fails
  • Show error message if message exists
  • Do not show self edits in Post Edits report.
  • Escape Vimeo iframe URL
  • Return error if new topic category not found take 2
  • Reduce iPad app nav padding
  • Hide Uncategorized in site menu when disabled.
  • Remove default val for colors step if a default theme has been set.
  • AllTimezonesd was mistakenly removed
  • Variable is different from key
  • Return error if new topic category not found
  • Short description title on client side when empty description
  • Correctly clear theme stylesheet cache when changing color scheme
  • Frozen string exception
  • Add short description to title on client side
  • Dynamically adjust scale when rendering wizard canvases
  • Skip attachments in click track.
  • Uglifier needs harmony for ES6 compatibility
  • Return an error if a user tries to whisper
  • Lighten instead of adding transparency to consolidated pageviews
  • Simpler w function check
  • Move default options that were in the bufferedRender function. This will fix shortcut navigation for discourse-assign
  • Wrong color palette after backup restore
  • Optimized site icons were missing after backup restore
  • Close topics deleted by users and ensure topic stubs are destroyed.
  • Only unregister service workers that belongs to Discourse.
  • Discobot mention tutorial should be case insensitive.
  • Your own likes were missing on posts
  • We just show likes to see like count
  • Like-count has been removed from the post menu
  • Don’t send post edit notification when hidden tags are changed
  • Don’t bump topics when hidden tags are added or removed
  • Make select all and below skip small actions.
  • Do not move hidden post actions.
  • Encode the URL per RFC 3986 spec
  • Importing of polls from phpBB3 was broken
  • Don’t trigger PG failover when running db:migrate.
  • Correctly display browser is old message to IE10
  • Conflict error (version was already used)
  • Don’t remap readonly columns
  • Fail gracefully if username parameter is missing when creating user
  • Forces a reload of emoji list if clicked on more
  • Prioritize VERP key over final_recipient header in bounced email
  • Add ReadOnly hear to /srv/status
  • Uses translatedTitle to check validity of topic footer btn
  • Ensures click on topic link has link for target and not children
  • Can’t remove user profile uploads.
  • Better handling of category filter deselection
  • Properly associate user_profiles background urls via upload id.
  • Incorrect DB query for AddUploadsToCategories migration.
  • Crawler layout CSS adjustments
  • Allow category group reviewers to edit queued posts
  • Posts in the approval queue were sometimes dropping category
  • Make ‘stats’ method compatible with multisite.
  • Use full screen login for new-topic route
  • Add test to confirm updating category works.
  • Pass correct date arguments to server when exporting CSV
  • Initialize empty object if no custom filters are present
  • Recursively delete nested replies
  • Mark invited admins as ‘approved’
  • Linking to /new-topic from /latest
  • Prevents google to track certain pages
  • Loading more broken on groups page.
  • Cache_critical_dns was never caching pg replica
  • Use PostgreSQL ‘ON CONFLICT’ to deal with race condition
  • Use more specific target for “.tag-box”
  • Staff-only tags visible on /tags page when restricted to a category
  • Generate ASCII slug with default locale
  • Skip click-tracking for mentions
  • Remove duplicate Emoji names from blurb
  • Reduce mentions in blurbs to @username or @groupname
  • Category logo upload error in Discuz importer.
  • Prevents exception in the composer with regexp flags
  • Revert tracking links in quotes
  • Open links in external tabs.
  • Respect “open external links in new window” in quotes and edit history
  • URL encode username and first letter in avatar URL
  • Prevents exception when clicking directly on site text
  • Prevents exception when search q params is a hash
  • Set upper limit on clean up invalid users (10 years)
  • Fixed uploadPlaceholder regex failing on not escaped characters
  • Ensures file extension doesnt have a leading point
  • Restores skipHeader computed property
  • If mandatory parent tag is missing, add it
  • Get vimeo URL from data-original-href iframe attribute
  • Plain text table detection should work even if html content not found.
  • Update mini scheduler
  • Return ‘failed’ attribute when catching an ajax error and the attribute is present
  • Uses no tags label for tag-drop header
  • Don’t try to delete inactive admins
  • Fix notifications for flag PMs and show topics with moderator posts in inbox
  • Category list order using category featured topics
  • Ensures we have touches when starting pan event
  • Rescue InvalidURIError when removing user ids from links
  • Narration Bot now gets site setting for automatic post deletion
  • Use first grapheme cluster for letter avatar
  • Handle missing letter avatar
  • Reload the ‘post’ model to retrive raw field value.
  • Don’t treat ‘upload_patterns’ as constant to make the rake task compatible with multisite
  • Fall back to large logo on mobile no_ember pages
  • Make sure we hide the first post in a topic by an ignored user
  • Refactor padding when exiting composer

UX Changes

  • Minor composer button alignment adjustments, simplification
  • Move preview button to bottom right of mobile composer
  • Adjust text a little more
  • Better language about sensitivity
  • Try tweaking how soon images are lazily loaded
  • Wrap long names on user admin page
  • Separate section for 2FA settings, more consistent layout
  • Prevent long names from overflowing on user admin
  • Prevent long names from overflowing on user profiles
  • Remove padding from empty row
  • Hide pending score statuses
  • Ignore leading/trailing whitespaces in site settings search
  • Rename discobot tutorial triggers.
  • Save scroll position in tags topic list.
  • Better permalink feature description/warning.
  • Initialize client side category model with right search_priority.
  • Add information about the use of permalinks
  • Correct order of site statistics on /about page
  • Switch mobile header back for 5s when notification comes in.
  • Fills picker with emoji autocomplete state on more click
  • Changed post stream placeholder to animation
  • Only do plain text table detection in outside code if HTML pasting enabled
  • Add transliteration support for the Greek language

Performance

  • Prefer joins over IN () queries.
  • Ensure priority for rake rebake tasks is ultra low
  • Move crawl_topic_links to the low queue
  • Mark posts for rebake vs forcing a rebake inline when migrating to s3
  • Remove “new posts” stat from summary email
  • Improve performance of publish_notifications_state
  • Reduces cpu/memory consumption of sk in some cases
  • Speed up spec suite, avoid featuring topics
  • Remove SQL notifiers for every SQL execution
  • Avoid looking up the same category twice in TopicCreator.
  • Avoid checking for consecutive replies in test
  • Skip post validation by default when fabricating posts
  • Skip compressing locales for faster rebuilds
  • Speed up migrate_to_s3 rake task by deleting optimized image record.
  • Remove avg_time calculations and regular jobs from posts and topics
  • Add missing bounce_key index to email_logs
  • Use cdn when serving site settings upload.
  • Move where clause up to speed up CalculateAvgTime daily job
  • Call web hook events in a new thread
  • Destroy users in batches of 50 users
  • Add index on user auth tokens (for user lookups)
  • Allow looking up incoming email by user_id
  • Use delete_all to remove notifications and topic_users
  • Speed up user deletion logic
14 Likes