New Features

• Add topic_filtered_posts_count attribute to web hook post serializer.
• Add hidden setting to allow unsafe-eval in CSP
• Plugin outlet adjacent to new topic btn
• Make site texts controller handle pages and locales
• Add timezone to core user_options
• New API to apply custom filters to the review queue
• Support RS256 algorithm for webauthn
• Normalize the service worker route
• Block screaming frog SEO spider by default
• Introduce default application level rate limiting by IP
• Allow scoping search to tag
• Allow FinalDestination to use custom user agent for specific hosts

Bug Fixes

• Keep ruby & rt tags in html to markdown conversion.
• Secure Upload URLs in lightbox
• BufferedValuesString.split is not a function
• Prevents multiple jumps to happen with LockOn
• Allow for nil upload record when migrating to S3
• Ensures the element is on the page before scroll with lockon
• Use filtered posts when determining the next page
• Add a component to all themes takes only active ones
• Move select components/themes to top
• Improve defaultIsAvailable
• Add filter(Boolean) and remove btn class
• Inbound link when the only slug available
• Don’t allow category slugs to be entirely digits
• Respect enable_inline_emoji_translation setting in titles
• Prepends whitespace when inserting via emoji picker
• Linting
• Filter readers avatars correctly when the post is a whisper
• Call the right method
• Guarantee order to correctly defer replies in review queue
• 500 error for missing badge grouping
• Hide pie legend when results are grouped
• Poll pie container was too large
• Do not autocomplete categories or emojis in code blocks
• Generate redirect URL correctly when using a subdirectory
• Handle none path correctly with three levels
• Ensures censor has always at least an empty string to handle
• Delay the ‘send_advanced_tutorial_message’ job to prevent race conditions
• Optimize quoted images
• Add a unique index to developers table
• Fix typo
• Make sure the suspended status is up to date
• Adds data-topic-id to quick-access-item
• Improvement after code review
• Improvement after code review2
• Use mapBy and filterBy directly
• Make Google Groups scraper work for G Suite users
• Cache failed onebox URL request server-side
• Mark secure media upload insecure automatically if used for theme component
• Serve crawler view to Google PageSpeed
• Correctly ignore/approve replies when acting on a flagged post
• Do not start the login flow when logging out from SSO/Authenticator
• Use dedicated Vimeo onebox for all video types
• Correctly resize lazy loaded images in Oneboxes
• Correct hostname in vimeo.com
• Bypass finaldestination check for Vimeo links.
• Do not validate topic when resetting bumped_at
• Show updated_at for invite sent date.
• Draft not clearing when replying to new topic
• Oneboxer.js infinitely retrying failed requests
• Improves recurring by ensuring DST is computed correctly
• Don’t error when the empty current value in dif
• The build; ran prettier
• Update site data when we receive a list of categories
• Only trigger upload ACL update when needed
• Show quoted images correctly.
• Be more tactical with replacing markdown chars
• Replace %20 with space in markdown file name for uploads
• When dismissing category inform via MessageBus
• Prevents exception and more duplicates
• Prevents timezone to show duplicated zones in preview
• Method names incorrect
• Always return secure_proxy_without_cdn url for secure media
• Remove uneeded from discourse loader
• Aliases for require functioning
• Allow private media uploads to be reused in login_required sites
• Replace this.get(“foo”) with this.foo to fix linting checks
• Followup to a8d58c3b
• Handle german quotes in discourse local-dates
• Mobile top topic list with a period and a category or tag
• Do not log if an invalid mime type is passed to app
• EventTarget error
• Add skip_validations in one more place for narrative bot plugin
• Allow advanced tutorial when title emojis are disabled
• Use correct MIME type for theme exports
• Abort CensoredWordsValidator early if censored_words_regexp nil
• Amazon video oneboxes were not working.
• Allow secure uploads if global s3 setting active and enable_s3_uploads validations
• More Promise uses that were not imported
• For a single authenticator, do not interrupt registration flow
• Email excerpts for posts starting with a quote were displaying a username
• Turn off auto bumping for topics with scheduled bumps
• Parallel spec system needs needs a dedicated upload folder for each worker.
• ‘default_categories_muted’ site setting not working for anonymous users.
• Do not insert conflict rows into category user
• Automatically recover from bad sprockets cache in development
• Unable to remove required tag group from a category
• Errors when using tags with colons in their name
• Ensure load-more considers current position
• Better handling of Group model state
• Enter key should submit password reset form, not refresh the page
• PM glyph in user-menu should always be shown to staff
• We don’t need to refresh dates so often
• Attempts to be correct about dst when using recurrence
• A pmOnly tag should link to messages
• Don’t error CleanUpInactiveUserJob when user is missing
• Ensure revisions are made to store edit reasons and no reasons get wiped
• Support for rake db:rollback with plugins
• Include 5 participants in topic summary
• Use this.content.category instead of this.category on navigation-item
• Confirm new email with backup codes enabled
• Don’t show bots as post readers
• Revert mobile jump to last post behaviour
• SVG Sprite version hash should be based on bundle result
• Tag topic lists should pass on noSubcategories when building the top menu
• Tracking Topic State know about category_seen_at
• Need to require open-uri for discourse-narrative-bot plugin
• Allow importing themes with subdirectories in extra_js
• Missing User objects in Utilities
• Failing tests
• Missing braces
• Computed is part of @ember/object not @ember/object/computed
• Allow forceActive without a customHref
• Do not strip nil string
• Do not deactivate admin accounts with recent posts or api keys
• Update quotes after moving posts
• Topic lists filtered by tag and a specified filter don’t work
• Tag and category watchers regression
• Better error handling for invalid locale bundle versions
• In case @ember/object hasn’t been loaded yet
• Do not skip some emails in user search
• Keep emoji images in group bio excerpt
• More missing RSVP imports
• Was using a native browser Promise instead of RSVP
• Use correct class variable to get notification levels.
• Remove magic numbers in notification levels.
• Update api_key rake task for recent changes
• Return a deprecation for Discourse.Session
• Add deprecation for Discourse.NavItem in case themes are using it
• Ran prettier to fix build
• Alias modules that are required AND imported
• Count current penalty if it started more than 6 months ago
• Use ‘about.json’ endpoint instead of using ember model to get the data.
• Badge and user title interaction fixes
• Ensure enforce 2FA for staff satisfied by security keys
• Drafts are unique by draft_key and user_id
• Correct display of last used date in API key details UI
• Prettier to fix build
• Downcase SSO external email before checking against Discourse email
• Include onebox default options in development environment
• The internal position on the topic timeline is a scroll position
• Regression not showing excerpts in mobile timeline
• Use long version of month names in date formats
• Unicode group names encoded for url
• Too much blank padding in video oneboxes

UX Changes

• Prevent scrollbars on initial panel load
• Adjusts wizard step margins
• Skip leading spaces in selection when adding a link.
• Show group full name even when title is same.
• Do not show shadow on hover images on touch devices
• Show obvious message when backup restoration is disabled
• Adds hover effect on lightboxed images
• Rename ‘Hide results’ to ‘Show vote’ in polls
• Set selected scale to 100% if scale is undefined
• Make share icons consistent color for dark themes
• Increase fade on long sign-up form content for more evident scroll
• More obvious alt auth link
• Allow enter key to submit test email in admin panel
• Instead of total user count display only the count of users going to be affected.
• Adds +n indicator in PM topic list
• Add CSP documentation link to content_security_policy_script_src setting
• Do not add leading/trailing spaces when copying API key in Firefox

Performance

• Do fewer queries when converting posts.
• Cache static assets in NGINX for longer