Discourse Version 1.7

releases
4

NEW FEATURES

  • Make discourse remap optionally do regex_replace
  • Retry processing incoming emails on rate limit
  • Allow keyboard shortcuts for topic list to start from last viewed topic
  • Better google docs onebox
  • An option to search more recent posts for very large sites
  • Missing API endpoint for topic tracking states
  • Basic info route for all sites, even ones that require login
  • Support subfolders in S3 bucket name
  • User API key support (server side implementation)
  • New site setting rebake_old_posts_count
  • Digest emails will try to choose topics from your tracked and watched categories first
  • Tags intersection page
  • More user API flow, support key creation
  • Basic UI to view user api keys
  • New rake task to rebake posts using regex matching
  • Support HEAD request to /user-api-key/new
  • New rake task to remap posts matching a string
  • Add flair to avatars using new settings in the groups admin UI
  • Digests choose topics you’re watching or tracking first
  • Highlight last visited topic in topic list
  • Allow changing post owners without creating post revision
  • New rake task to change post ownership for a specific user
  • Add opengraph and twitter meta tags on every page
  • Fall back to apple_touch_icon_url if default_opengraph_image_url is not present
  • Ability to scrub titles when importing embeddable content
  • Support for a whitelist for embeddable host paths
  • Custom html and text can be added to summary emails
  • Backend support for pushing notifications to clients
  • Avatar flair can be font awesome icons
  • New ‘categories_and_latest’ endpoint
  • Support author meta tags for embedding
  • Allow user api key revocation for read only keys
  • Webhooks
  • Support importing email from Twitter
  • Allow write user api keys by default
  • Clean API method for reading a single notification
  • Add seen_notification_id to current user serializer
  • Increase interval to 24 hours for “please refresh site”
  • Webhook for user creation and approval
  • Import facebook avatars when logging in via facebook
  • Optionally get extra profile info from facebook
  • New twitter_summary_large_image_url setting
  • Add more page identifiers
  • Add page identifier on user badges page
  • Optionally delay the rebake_match task
  • Tag filter dropdown menu is scoped to user and category
  • Adds a button to print a topic
  • Add min_trust_level_to_edit_post
  • Support multisite configuration for search:reindex task
  • Added user profile and card outlets
  • Sparkpost webhook
  • Add unique class to topic navigation pages
  • Advanced Search UI
  • Add notification level user preference when replying to a topic
  • Add “Approve new topics unless user level” setting
  • Remap emojis back for push notifications and desktop alerts
  • Search menu options opens full page search
  • Use the top period default for users who have been inactive or are new
  • Allow title override for user avatars
  • User API now contains scopes so permission is granular
  • Add common in: options
  • Set secure flag on _t cookie if https is forced
  • Show timeline component when expanding post progress
  • Configure Admin Account
  • Add a setting to allow url schemes other than http(s)
  • ‘No Echo’ option for mailing list mode
  • Change onebox whitelist to a blacklist
  • New ‘max_oneboxes_per_post’ site setting
  • Onebox everything by default
  • Add interface in Plugin::Instance to register a seedfu fixture.
  • Added X-Discourse-TrackView header
  • Include post image in OpenGraph image tag
  • Per-category default topic list sort order
  • Add instance id in the webhook payload
  • Add a radial ping when user’s first notification has not been read.
  • Add ‘emoji-custom’ class to custom emojis
  • Add censored_pattern setting to censor posts using regex
  • Scroll to new posts when user is near bottom of PM
  • Watch first post default site setting
  • Clinking on stats in user summary take you to the respective activity page
  • SSO support for adding and removing a user to groups
  • Split JavaScript application bundle, so plugins live in own file
  • Add TOS and Privacy links to sign up
  • Notify user when mention can’t see the reply they were mentioned in
  • New ‘enable_forwarded_email’ site setting
  • New ‘always_show_trimmed_content’ site setting
  • Allow date_of_field column to be updated
  • Batch select topics
  • New summary/digest email design
  • Allow options to be set when adding model callbacks
  • Add basic support for Safe Mode
  • Send digest preview to an email address
  • Display text excerpts when scrolling on mobile
  • Hide Profile Text from non-staff if user is suspended
  • Add min_post_count search filter
  • Add help text for no bookmarks in user page
  • Number of new topics at the end of summary email can be controlled by a new setting, digest_other_topics
  • Brotli cdn bypass for assets
  • Allow group owners to edit group name and avatar flair
  • Add bio to group page
  • Allow posting a link with topics
  • Add outlet for user stats in summary
  • Allow group owners to edit title
  • Allow columns on group members page to be sortable
  • Show the reply title and the reply icon in the minimized editor
  • Show close button instead of maximize in collapsed composer
  • Pasting a link into the title of the composer can automatically onebox it and update the title
  • Public groups
  • Group logs
  • Add request membership button for allowed groups
  • Add Group#full_name
  • Add groups page
  • Add staff class to HTML body for staff
  • Add membership request to groups page
  • New settings to customize some colors in emails
  • Setting to allow arbitrary redirects from sso origin
  • Outlet prior to Reply button at the bottom of topics
  • Add referrer never tag to password reset page
  • Rate limit by login on password reset
  • Remove email_token_grace_period_hours
  • Category setting to make all topics wikis
  • Add site setting to disable group directory
  • New setting to validate user website
  • Preserve cursor in editor upload
  • Opt-in native Discourse app install banner
  • Block muted users from sending you PMs

SECURITY CHANGES

  • Do cookie auth rate limiting earlier
  • Escape image title in lightbox
  • Escape HTML in filename
  • Upgrade Rails
  • Don’t allow re-using the current password during password reset
  • Add filename validation for backup uploads
  • Escape advanced search term
  • Don’t grant same privileges to user_api and api access
  • Fix reflected XSS with safe_mode param
  • Protect upload params, only allow very strict filenames
  • Prevent reuse of password reset
  • Users can only bookmark posts which they can see

PERFORMANCE

  • Use simpler serializer for search, eager load post users
  • For estimates, we don’t need to worry about deleted
  • Improve offset discovery query
  • Avoid some more count queries when fetching more results
  • Stop doing work for HEAD requests on topics
  • Only publish notification state if we changed it
  • N+1 query on user summary page
  • Don’t render advanced search options when not expanded
  • Remove ordering by username
  • Improve perf of mention links in preview
  • Debounce the loading of oneboxes
  • Don’t build wizard until we actually load the wizard
  • NOT IN query is really inefficient for large tables
  • Spawn a seperate timer task to check if Redis master is up
  • Add score indexes for top topics
  • Don’t calculate the same query twice
  • Add endpoint to check if a group can be mentioned by user
  • Only show members count on group page
  • Avoid query on every logged on page load
  • Show excerpt on group page
  • N+1 query on groups page
7 Likes