Discourse Version 1.8


(Jeff Atwood) #1

Focus

  • :white_check_mark: Improve usability and design of password reset page.

  • :white_check_mark: “Get a room” reminder sent once per topic, to any user who replies to the same user in that topic 3 times in a row.

  • :white_check_mark: Much more secure cookie and token rotation scheme and database storage, upgrading to 1.8 is critical for improved db / cookie security

  • :white_check_mark: Improve usability and design of invite accept page.

  • :white_check_mark: Include Narrative Bot as new default for welcome PMs

  • :white_check_mark: Add new subcategory style options and move subcategory settings to category edit (versus oddball global site setting)

  • :white_check_mark: Congratulations emails (and badge) to new users who get a number of likes by established users

  • :white_check_mark: Generalized topic timer support for close, open (close temporarily), delete, publishing, and reminder

  • :white_check_mark: require email confirm for admin db download and admin grants

  • :white_check_mark: Rebuild theming system for easier theming. Let users select local color theme to taste (dark, light, etc)

  • :white_check_mark: Allow new signups to change their email address as well as resend confirmation, in case they typoed their signup email

  • :white_check_mark: “Private email mode” site setting ensures that no content is leaked to the outside via emails when the site’s content is sensitive.

  • :white_check_mark: Rebuild user prefs page to use subtabs

Codename

  • Aeschines v1.1
  • Andocides v1.2
  • Antiphon v1.3
  • Demosthenes v1.4
  • Dinarchus v1.5
  • Hypereides v1.6
  • Isaeus v1.7
  • Isocrates v1.8
  • Lycurgus
  • Lysias

Start date

January 7, 2017

Planned release date

May 31, 2017


Discourse Version 1.9
Discourse and CommonMark
Material Design Stock Theme
Split user preferences menu into sections
More finely grained Email Preferences recommendations in email
Rebuilding User Preferences
New badges shouldn't be on by default
(Neil Lalonde) #2

NEW FEATURES

  • New ‘max_image_megapixels’ site setting
  • Log admin action when readonly mode is changed
  • Better error message when incoming e-mail is missing a Date: header
  • Let plugins register themes easily
  • Update omniauth twitter as prep for Ruby 2.4 support
  • Remap group mentions when group name has been changed
  • Group avatar flair shows on topic participants list, and participant avatars can have custom styles
  • Posts:remap task now supports removing all occurences of a word
  • Add explicit confirmation button to accept the invite
  • New rake task to delete a word/string from all the posts
  • Add user-main-nav plugin outlet
  • Reply as new message to the same recipients
  • Make discourse remap optionally do regex_rep
  • Redesign the change password page to use javascript and validations
  • Warn a user when they’re replying to the same user too much
  • Per client user tokens
  • Add user title to SSO payload
  • Improve search so it searches sub categories by default
  • Include most popular tag in page title for webcrawlers of tagged uncategorized topics
  • Passwords must have a minimum number of unique characters, configurable with a new setting
  • Allow user search API to restrict to group
  • Allow registrations of custom small action icons via plugins
  • Add hidden setting for verbose auth token logging
  • Allow plugins to preload data in topic list
  • Allow plugins to register custom topic list filters
  • Allow client side of topic list to accept custom params
  • New invite acceptance page, where username can be chosen and password can be set
  • Reset active record cache in sidekiq if needed
  • Links that can’t have onebox can be used as featured topic links
  • Primary group class on avatars in topic list
  • Search should default scope to current category or user
  • Linked topics should be rendered under posts for crawlers
  • Add a button on admin user page that links to action log
  • Make show_subcategory_list a per-category setting
  • Replace emoji with unicode in title and description meta tags
  • Add support for same site cookies
  • Add immutable cache for assets that do not update
  • Add immutable caching to rails site of things
  • New site setting for max logins per ip per hour/minute
  • Log all username and name changes
  • Add order logic to admin users controller
  • Move_to_inbox and archive_message events
  • Append tags bulk action for topics
  • Clean up tags extensibility
  • Autocomplete support on advanced search
  • AddUserMenuGlyph extensibility point
  • Further restrict downloading of backups
  • Each category can control how many topics to show on categories page
  • Greek language support, thanks to Vasilis Vlachokyriakos
  • Add outlet for messages nave extension
  • Make list controller a bit more extensible
  • Add user name in search results
  • Add :all filter for messages
  • Add before topic list filter
  • Subcategories can be discovered by web crawlers on page 1 of the parent category topics list
  • Add bumped_before query param for topic list
  • New category setting for whether to show latest topics or top topics by default
  • Allow for empty description in list
  • Plugin can now extend list of classes for topic-post
  • Allow checking the raw response of a bounced email
  • Autocomplete support on search
  • Allow plugins to transform, the transformed post
  • Search can be scoped to posts that the current user has seen/unseen
  • Add seen/unseen filters to advanced search UI.
  • Anonymized site statistics
  • Add support for SIGTSTP which stops sidekiqs
  • New template parameters for notification emails that can be used in links: topic_title_url_encoded and site_title_url_encoded
  • Log reason staff auto blocks a user
  • RSS feed for top page period filters
  • Stop escaping special chars in title prettify
  • Box-style rendering of sub-categories
  • Make admin user list sortable
  • Redirect to groups page after login/registration flow
  • Allow easier customization to the web hook event serialization
  • Track views on user profile card as profile views
  • Subcategory list style: boxes with featured topics
  • Socialcast Importer: Set category and tags based on group
  • Add hook and asset path variable
  • Add support for backup asset path post precompile
  • Fallback asset path for multi host setups
  • Add user profile fields in user list export
  • Make summary as first tab on user page
  • Category setting for default top period
  • Include email in User webhook
  • Mobile support for row and box category styles
  • Send anonymized usage statistics to Discourse if Discourse Hub can’t reach the site
  • Allow admin to auto reopen a topic
  • Pause a topic instead of permanently closing when flag threshold is reached
  • Allow admins to schedule a topic to be published in the future
  • Change name from admin page
  • Let users update their emails before confirming
  • Add og tags to metadata in individual badges page
  • Add “Show tracked topics” to User Prefs
  • Add option for ExcerptParser to keep onebox source
  • Add AWS S3 EU (London) “eu-west-2” region
  • Native theme support
  • Auto focus text editor when editing themes
  • Upgrade sprockets to latest stable
  • Try adding some preload hints for chrome
  • Allow themes to share color schemes
  • Allow copying of color schemes to clipboard
  • Add hamburger extensibility
  • Show a paintbrush for color schemes
  • Only show overridden option for theme css
  • Added error messages for bad theme CSS / JS
  • Default notification level for group messages
  • Add normal as a preference for topic subscription state when replying to a topic
  • Basic implementation of stats socket
  • Set UNICORN_STATS_SOCKET_DIR for status socket
  • Use image gallery functionality in magnific
  • In vim dev you can focus on spec line in autospec
  • Add support for bootsnap in dev
  • Convert incoming emails in HTML to markdown
  • Secure_email site setting to prevent data going out in email
  • Provide more details when performing a bulk add to group
  • Disable minimum post length check when in PM with non human users
  • Rebuild user preferences page to use tabs
  • Allow users to resend/update email from confirmation page
  • Out-of-the-box dark/light user selectable themes
  • Add .admin-interface class to BODY when in admin
  • Setting to poll feeds more frequently
  • Bulk relist
  • Support uploads for themes
  • Ask for confirmation before resending all invites
  • Set a timer to delete a topic
  • Theme selection is now global per-user
  • Allow users to select theme on single device
  • Use fancy title in notifications
  • Remove table wrapping posts in notification emails
  • Staff can set a timer to remind them about a topic
  • Require spec helpers for plugins
  • A site setting to prevent crawling on private IP blocks
  • Rate limit how often we’ll crawl a destination IP
  • Use ‘l’ as a shorthand for order:latest
  • Add custom User-Agent to Discourse Oneboxes
  • Require name when accepting invite if ‘full name required’ setting is enabled
  • Dropdown to filter staff action logs

(Neil Lalonde) #3

BUG FIXES

  • Can’t add categories when creating a new web hook.
  • Respect site setting to hide username in mailing list summary.
  • Login modal on mobile does not submit on enter.
  • Add validation to disallow censored words in topic title.
  • An image can be shown twice in summary emails
  • Don’t allow formatting in titles when quoting other topics
  • Perform emoji unescape for topic titles in quotes.
  • Only allow CSV file to be uploaded for bulk invite
  • Add noopener to website field in user profile
  • Don’t onebox to IP addresses
  • Mailing list mode digest emails included whispers
  • RSS Language should use a dash/hypen instead of underscore
  • Do not update user stats like counts for private messages.
  • Same user record being saved twice causing validation to fail.
  • Live updates for polls was broken.
  • Votes lost when editing a poll option with votes.
  • Sort is destructive and that is not what we want.
  • Deleting a user was not deleting their directory items
  • [object Object] when hovering over view count
  • Topic Status should display on categories and topic view
  • Log backups download/destroy staff action
  • Pressing enter when searchContext is enabled should just trigger a search.
  • Don’t close search menu on link clicked when context is enabled.
  • Long titles need a max-width in composer when replying on desktop view
  • Don’t change automatic group name if localized name has been taken.
  • Better standardizing on username
  • Use the username scrubber when generating the emails
  • Sso_overrides_avatar should override previously set avatar
  • In the case of a blank name, use a SHA1
  • When blocking a user results in hiding their posts, only hide posts made in the last 24 hours
  • Toggling post’s wiki status should not create a new version.
  • Handle img src starting with “//” in pull_hotlinked_images job
  • Support removing all occurences of a word/string
  • Embedded Youtube videos lacking margin at bottom
  • Incorrect parameter being passed to component.
  • Toggling a post’s wiki status should not skip revision.
  • Don’t skip callbacks when rebaking posts.
  • Forced trailing slash on messageBus.baseUrl
  • Edit category modal throws EmberError when allowed tag groups is set
  • Bulk change tags works with category tag settings
  • Reply buttons and tooltips untranslated in all languages
  • Set max value for purge_unactivated_users_grace_period_days setting
  • Add max value validation for settings containing days
  • Don’t route to a weird blank page when public profiles are disabled
  • Topic links were getting dropped when post is rebaked
  • Prevent huge custom emojis in emails
  • Escape regexp chars in SiteSetting.censored_words.
  • Escape escape regexp characters.
  • Public polls should not make a request per option.
  • Silence and quiet logger not thread safe
  • Can’t use an internal name here if SiteSetting.convert_pasted_images_to_hq_jpg is false.
  • Log message when revoking email with too many bounces
  • Hover text was showing incorrect number
  • Stop stripping local onebox links from tracker
  • Mail threading wasn’t working properly in Mac Mail
  • Eslint was broken
  • Don’t configure Redis connector if Redis slave config is not set.
  • Incorrect title on admin reports
  • Reports for time to first reply and topics without replies were counting whispers and moderator actions
  • Search menu widget breaks when context type is null.
  • Group owners don’t see group owner functions when navigating from user page.
  • Allow existing users to be invited to topic/message when must_approve_users is enabled
  • Incorrect instructions when inviting user to forum
  • Sane error message when inviting an existing user
  • Add /tags routes to robots.txt
  • If you make a new banner, clear the old dismissed values
  • Bounce webhooks should also use recipient address
  • Wasn’t extracting links to quoted posts
  • Tags shouldn’t be listed as breadcrumbs in web crawler view
  • Don’t put attachments on the CDN when ‘prevent anons from downloading files’ is enabled
  • Crawler view of paginated content should have link elements in head for next and previous pages
  • Composer should only feature links to external sites
  • Find replied-to post even when incoming email doesn’t have a reply key
  • Twitter onebox styling was poor on mobile
  • Show groups that user is owner of on groups page.
  • Don’t clear the login hint when the system user is saved
  • Password validator was being too strict
  • Race condition when marking tokens as seen
  • Token rotation not accounting for overlapping tokens correctly
  • Admin dashboard shouldn’t complain when using IAM profile for S3 access
  • Plugin outlets in navigation bar need to be li elements instead of div and span
  • Invited users and new TL1 users will see their first notification highlighted
  • Support multiple embeddable host records with the same host
  • Don’t raise DownloadTooLarge, just do nothing
  • Remove errors when running phantomjs
  • Silence DOMException errors when running phantomjs
  • Silence CSS errors in Safari
  • Don’t try to load avatars in test mode
  • Users page wasn’t loading more on mobile
  • Get a room wasn’t enforcing sequential properly
  • Should not be able to rename a system badge
  • Add Content-Disposition and Content-Type headers when downloading attachments
  • Tag link in breadcrumbs on subfolder installs
  • Refresh header if message bus updates topic
  • Admin dashboard posts count should not include system posts and whispers
  • Allow staff members to send PMs when enable_private_messages is disabled
  • Show all staff events related to the target user
  • Do not refresh staff action logs every time the page is loaded
  • N+1 in topic_list
  • Allow some auth token misses prior to clearing cookie
  • JsLocaleHelper#output_locale was muting cached translations hashes
  • ExtraLocalesController.show’s spec which was randomly failing
  • JsLocaleHelper#output_locale was not properly handling multiple translations
  • ExtraLocalesController.show was not properly handling multiple translations
  • Client’s translation overrides were not working when the current locale was missing a key
  • Eradicate I18n fallback issues :bomb:
  • Ensure localized yamls are compatible with english
  • Check all .yml files in the project for integrity
  • I18n integrity specs
  • Attempt to handle ios edge case where token is seen but unsaved
  • Mobile topic timeline broken on Chrome 56.
  • Typo in a routes.rb comment
  • Search menu results does not refresh when search context is changed.
  • Embedding was broken with non-english URLs and ports
  • From field of emails should be including email_site_title or site title settings
  • Do not log duplicate username changes
  • Correct path for LocaleFileWalker
  • Hamburger shouldn’t show subcategories if show_subcategory_list is enabled on the parent
  • Query parameters were not being cleared when changing filtering.
  • Import scripts were failing to load onebox sanitize config
  • Locale fallback with pluralized strings
  • On initial token issue stop unmarking token as unseen
  • Last seen date erroneously updated when browser in background
  • Back button was broken after clicking flags in hamburger
  • Polls permanently broken if post requires approval.
  • Handle new user when logging name change
  • Allow for empty translated strings
  • Using enter to complete autocomplete doesn’t automatically send you to full page search
  • Populate Category when query/search term is updated
  • Collapsing/Expanding Advanced Search doesn’t wipe out Advanced Search Terms from search query.
  • Autocomplete positioning
  • Render custom tag extensions even when tags disabled
  • Typo in rate_limiter edit_post message
  • Subcategories need the num featured topics setting too
  • Start sidekiq process for all queues in docker dev
  • Add thor to Gemfile. We need it for our CLI tool.
  • Don’t mark user as active if verified email is different.
  • Make it a tad bit harder to accidentally redirect to full page search while autocomplete is open
  • Flag action buttons are missing when visiting flags from the hamburger menu
  • Can’t recover a post when its user has been deleted.
  • Posts in a deleted topic couldn’t be moved.
  • Ensure that we only move posts that belong to the original topic.
  • Group#name is case insensitive.
  • Grant trust level when bulk adding users to group
  • Put back the back button fix again.
  • CORS middleware needs to happen earlier than AnonymousCache middleware
  • Add Discourse-Visible to CORS allowed headers for sites that use a proxy
  • Extra-nav-item outlet no longer adds a DIV to UL
  • Also add Discourse-Visible to allowed headers for message bus
  • Do not trigger fullpage search when selecting autocomplete term with enter.
  • Approve invited user
  • More errors with non-ascii URLs
  • Tags created in secured categories should not be forbidden outside those categories
  • Improve token rotation and increase logging
  • Surround the FROM alias with " in order to support the @ character
  • Allow user to remove bookmark from posts as long as bookmark is present.
  • Do not show about page to anonymous users for private forums
  • Always send critical emails even when bounce score threshold has been reached
  • Do not show faq/guidelines page to anonymous users for private forums
  • Reply to topic keyboard shortcut raises an error on non-topic routes.
  • Latest-version tag is shown by git-describe
  • Should not try to send digest to users who reached the bounce threshold
  • Custom CSS/HTML files were not getting downloaded on Chrome
  • Category autocomplete breaks when search menu widget rerenders.
  • Allow user to remove bookmark from posts as long as bookmark is …
  • Email customizations now apply to both html and text parts
  • Latest + category not respecting homepage category suppression
  • Include children categories when searching a category
  • Store user’s id instead for sending activation email.
  • Only group admins can see group edit page.
  • Restore was not redirecting to logs route.
  • Store custom emojis as uploads.
  • Encoded characters shown in category boxes
  • Category logo preview in settings shouldn’t render it like a background image
  • Leave group membership button not updating.
  • User created web hook being enqueued before record has been saved.
  • Allow ports for embed host IPs
  • Add route for user TL3 requirements page
  • Don’t migrate custom emojis that are no longer valid.
  • Don’t use backticks that take in inputs.
  • Admin user page should show count of all posts, including private messages, so admins can delete them. This bug was making it impossible to delete users.
  • Publish notification state in after_commit hook.
  • Sync user’s notification channel before preloaded current user data.
  • Enqueue activation email for invited user that has password set
  • Links in category description inside subcategory boxes have too much padding
  • Show lock icons for secured categories in boxes views
  • Send activation email if user have unconfirmed email
  • Send activation email if user have unconfirmed email address
  • Site Settings weirdness with back button
  • Better error message when invited user already exists
  • Use email prefix only in subject
  • Sso provider require return_sso_url
  • Replace site_name in email subject with site title
  • Issue with double title showing up
  • Links in hamburger menu on subfolder installs
  • Clciking the home logo wasn’t refreshing categories views
  • Admin locales were not getting converted to message format
  • Update topic fancy title when updating category name
  • JQuery include was incorrect for finish-installation
  • Error when calculating geometric mean of 0 for read timings
  • Use consistent heading style in the category box styles
  • Email Previewing was not showing in Firefox
  • Clear sessionStorage between click track tests
  • Do not add user to group based on email domain unless email is confirmed
  • Topic title wasn’t showing properly when entering lower in topics
  • Clicking on the title was doubling up the title
  • Suggested username should not be more than setting max_username_length
  • Tags and topic links rendered outside of page header
  • Show stats of the last 30 days be default for admin reports.
  • Check if post exists in topic
  • On long browsers, you could get a double title
  • Class names should be dasherized, not underscored
  • Callback undefined error when topic has been deleted.
  • Broekn translation on topic-status-info component.
  • Use enum values for trust level settings
  • Safeguard to not award NewUserOfTheMonth if it hasn’t been a month
  • Nested quotes weren’t rendered properly with BBCode
  • Selections getting deselected on FireFox.
  • Skip validations when updating group mentions.
  • Don’t raise an error if TopicStatusUpdate has been deleted.
  • Return JSON errors for by-external if JSON requested
  • Poll builder validation was incorrect
  • Do not add order param to user list unless required
  • Do not show User Cannot See Mention dialog when crafting a new topic or a new message
  • Improve checks for non-human users.
  • Copy post actions when moving a topic.
  • Translate badge metadata title
  • Add onceoff job to remove old auto close topic sidekiq jobs.
  • Web crawlers getting 404 on category pages
  • Publish topic to a category should unlist it as well.
  • Incorrect title for custom_invite_forum_mailer
  • Ensure username param is valid in NotificationsController.
  • Allow replaceState to run on iOS.
  • Topic Timeline was impossible to close if you used the back button
  • Don’t update cooked when a like is received.
  • Don’t insert topic status messages unless the status changes
  • Convert emoji to unicode in topic titles in emails
  • Render emoji in title tag on topic page
  • Grant first reply by email job was brokenated
  • Censored_pattern with group capturing wasn’t working
  • Topic status update not being deleted once it has been executed.
  • Handle cases where alt and title tag is blank when parsing excerpt.
  • Quotes should be ignored when parsing for onebox source.
  • Private message can be set to publish in the future.
  • Update timestamp when resending invite
  • Disable browser autocomplete for change-owner modal
  • Rtl locale support for category box style
  • Add web hook DiscourseEvents in initializer.
  • Changing notification level in topic footer buttons was not updating timeline.
  • Render unicode emoji in topic title
  • Render emoji in topic title
  • Topic.similar_to error when Search is not loaded
  • Pasting link into composer with a topic template will onebox the link after the template
  • Handle expanding quotes from deleted posts by rendering a trash icon
  • Check for reserved usernames before hitting DB.
  • Don’t enqueue topic status update job if topic is deleted.
  • Don’t show category options for reports that can’t be scoped to a category.
  • Confirm email token for user created via social login
  • Improve dark theme styling in header for tags
  • Order child themes by name
  • Path wizard showing with no style
  • Clicking on themes while editing left a blank screen
  • Blanking theme field was not properly removing it
  • In some case bundle exec fails from spawn
  • Embedding comments was broken
  • Add minimum value for invites_per_page setting
  • Allow CSS precompilation to access newly manifested assets
  • Don’t precompile if we have no themes table
  • Display custom sections with default theme
  • Update auto_notification to also update the subscription state when replying if the current state is less than the state being requested
  • Stop double compiling all hbs files
  • Corrects typo to avoid error 500 on theme change
  • Onebox’s dependencies were not updated.
  • Send activation email when accepting invite if password is set
  • Increase host_must_be_valid regex for .technology TLD
  • Ignore loose .es6 files during precompile
  • Better error handling for theme import
  • User website allows new TLDs
  • Always send password reset email when accepting invite if password is not set
  • Ctx parameter is optional
  • Add more consistent gutter to ace editor
  • Sort theme by lower case theme name
  • Add white space in discourse-tags so tags can wrap
  • Show topic status on category view
  • Show solved status on category with featured topics view too
  • Correct behavior of auto-notification state updating to exclude when the topic already has a state of normal/muted
  • Correct behavior of auto-notification state updating to exclude …
  • Destroying color scheme could remove wrong item from UI
  • New implementation of the “notify about flag after” setting. Only notify about new flags since the last notification. Send a private message to staff. Mention the 3 most active moderators in the message so they get notification emails.
  • Redirect to login page for anonymous user when profiles are hidden
  • Embedded comments not working when theme is missing
  • Colors picker not working with CDN
  • Do not explicitly show email of flagger / flagged user
  • Detection of error changed, so you can clear errors
  • On create you could not add a theme component
  • All basic integer settings should have max value validation
  • Topic title should be included in post webhook payload.
  • User Admin screen on mobile style was off
  • Handle invite error in wizard
  • All basic integer settings should have min & max value validation
  • Do not impose default min/max validation on hidden site setting
  • Processing incoming email should be done in a background job.
  • Without suggested topics jumping to a post had the wrong offset
  • Remove duplicate route warning, it’s just a noop now
  • Scrolling to the bottom was still a bit weird with no suggested
  • Sane max value for max_image_size_kb & max_attachment_size_kb setting
  • Make TopicEmbed trashable
  • JIVE API Importer
  • Properly initialize hashes
  • Add route for ‘/admin/users/list’
  • Clean up unused staged users job not completing.
  • Force the right encoding when handling email.
  • Raise right response when post_action does not exist.
  • Messed up i18n key
  • Forgot to clear out a topic excerpt
  • Scrolling offset was broken when entering some topics
  • Missing link in unsubscribe text of summary emails
  • Theme preview from preferences wasn’t working
  • Properly support HTML document when converting to markdown
  • Incorrect label for top topics dropdown on mobile when filtering
  • ‘read’ filter in top menu showing new topics
  • The dates for retroactive anniversary badges were wrong
  • Case sensitive unconditional add of exact match in user search
  • Pending flags message should go to moderators group, not staff
  • Quoting an expanded first post would force it to reload the cooked
  • Missing image-url helper
  • Rescue specific errors on invite failure
  • Don’t apply max emails per day per user to forgot password
  • Don’t apply max_emails_per_day_per_user on critical emails
  • HtmlToMarkdown should not convert empty/bad <a> tags
  • BBCode converter in bulk importers
  • Redirect away from account-created if you’re logged in
  • Properly trim whitespaces (including those pesky   html entities)
  • HtmlToMarkdown should not convert empty/bad <img> tags
  • Jumping to a post that doesn’t exist should jump to closest
  • Skip hidden nodes when converting from HTML to Markdown
  • If you have a badge, filter to you when clicking on it
  • Skip hidden <img> (no tracking for you)
  • Emails should use default theme colors
  • Filter badges to user on their badges page too
  • The user might be anonymous
  • Show share popup only for valid buttons.
  • Invalid creation of Theme in wizard builder.
  • Badge filtering was always to the currentUser
  • If badges are disabled don’t show “Top Badges” on summary view
  • Quiet server side errors for requesting json for account-created
  • If we can’t proxy to a CDN due to HTTP error, render blank
  • If the host can’t be extracted don’t raise an error
  • Regression when clicking on post date
  • Properly clean up related color schemes on delete
  • Return a 404 if the auth session is not present
  • Catch broken pipe errors
  • CustomEmoji may contain an invalid upload_id.
  • Some changes in composer affect all visible text editors
  • Importing a theme via file was broken
  • Page scroll lock not clearing properly on chrome
  • Don’t notify or return flags on system users
  • Possible 500 error if category saved incorrectly
  • Don’t raise an error when the img attribute cannot be found
  • Don’t let users edit wiki posts unless they can reply
  • Sanitize bulk invite error log
  • Base sql vanishes after badge creation
  • Extract div tags within spans
  • Handle BOM in bulk import CSV file
  • Dismiss all button was not updating the UI
  • Support updating the google+ key
  • There are still jobs enqueued for CloseTopic
  • The keyboard shortcut to bookmark the first post wasn’t refreshing
  • Better error message for when your bookmark rate limit is exceeded
  • Select2 retina icons were broken
  • Invalid html in notification emails when template has been customized
  • Correctly invalidate theme css cache on scheme change
  • Maximize css editor not working
  • Allow uploading of category logo and background
  • These should not have been class variables
  • Can’t quote last paragraph.
  • Don’t redirect for users/account-created path
  • users_account_created_path should point to /u/
  • Don’t send system message for new user of the month if disabled
  • When searching PMs also search group PMs
  • Videos were missing from expanded quotes
  • Users can’t request to join group due to alias level restriction.
  • Delete topic timer after completion.
  • Don’t warn users about duplicate links for:
  • Hide theme selector if only 1 theme
  • Collapse mobile nav on outside click
  • Include new onebox fixes
  • Latest onebox adds more attributes to links for security
  • Don’t warn if the link is in the post you are editing
  • Quote button broken on windows.
  • Unescape emoji in pretty title
  • Don’t count likes from system users in the new user of the month
  • Forgot to lock gem
  • Use bundle exec for bundle-audit
  • Only mark all as rendered after everything is rendered
  • We can download protocol relative urls
  • Resize events for ace were not triggered correctly
  • If you refresh New, clear the incoming topics text
  • Use latest docker image for dev
  • When entering topics “tracking” would not be set
  • Admins could never remove self from messages
  • Require re-activation if SSO changes email and updates it
  • Don’t memoize the currentUser in case some plugins use it too early
  • Only trigger notification level change if it actually changes
  • Broken back button on account URLs
  • Don’t search for plugins in nested subdirectories
  • Use observer to rerender widget instead.
  • Supports bare <li> when converting html to markdown
  • Sometimes the topic timeline wasn’t docking
  • Admin groups editor was showing extra page when exactly 50 records
  • If there’s an error downloading, don’t raise it
  • Saving invisible primary group field that you don’t belong to
  • Bump mini profiler to support sub folders
  • Allow images to be uploaded in wizard
  • Don’t process the same incoming email more than once
  • Allow pasting links into title field that are longer than the max title length
  • Layout of buttons and modals on mobile
  • Label positioning on mobile forms
  • Don’t incluide a trailing <br> in the bio excerpt
  • Mobile modal close button position, mobile layout of radio buttons and checkboxes
  • Better uploads error page
  • User can’t remove bookmark from a deleted post.
  • New topics alert wasn’t covering the entire topic list column headings
  • Regular users shouldn’t be able to invite to PMs if disabled
  • Don’t crawl non-http/s links
  • Don’t hardcode text in smoke test.
  • TopicTimestampChanger should not allow timestamps in the future.
  • N+1 query in suggested topics list.
  • Topic Crawling should only crawl HTTP/S urls
  • Fill date input with default date range
  • CDN wasn’t properly applied to category background images when using S3
  • Possible data leaking from one site to another in multisite in PendingFlagsReminder
  • Remove memoized values in jobs
  • Other content types like images are fine
  • Onebox will do a HEAD request first for redirects
  • Another onebox head request
  • Remove memoization on class method used in a job
  • Reset the WebMock after before every test
  • Use Excon to do its own stubbing
  • Wizard was not showing up if more than 1 system user
  • Use same code path for downloading images
  • Roll back file_helper changes, relative URLs were broken
  • Always allow downloads from CDN
  • Allow advanced tutorial to be started if badges are disabled.
  • Order:latest not working for search within topic
  • Fixes to grant new user of the month badge
  • Missing to_i which breaks selector component for anon
  • Incorrect margins on buttons in modals on mobile
  • Ensure we clean up socket servers.
  • Don’t raise an error when the upload can’t be retrieved
  • Don’t rate limit gravatar downloads
  • Sometimes the duplicate link text made no sense
  • If login is required, redirect to the /login route instead of root
  • Keep the flash when redirecting for login_required
  • Don’t show “resend email” option when user approval is on
  • If the error is 401 unauthorized or such, just do nothing
  • Allow users to rename discobot without having to rebuild.
  • Don’t do anything if avatar url returns an invalid status code.
  • Mutex to avoid race condition with double notify
  • Docking position of topic progress at bottom of topic on mobile
  • Add discourse-narrative-bot locales path
  • Rerender posts when selecting replies
  • Posts weren’t cloaking properly
  • Inherit topic auto close when changing topic’s category.
  • Be smart about refreshing the topic title when editing the OP

(Neil Lalonde) #4

UX CHANGES

  • Observe changes to plugin to hide/show plugin admin link without refresh.
  • Display large numbers with delimiters.
  • Truncate topic link title/URL on desktop to prevent overflow.
  • Make it easier for plugins to add stuff before topics on the list
  • Don’t show search and hamburger menus to anon visitors on login-required sites
  • Display wiki icon on post edits indicator.
  • Red notification of flags or pending approvals opens hamburger menu instead of linking to flags page
  • Only display the words that fails censored words validations.
  • Highlight user’s vote in polls.
  • Remove ‘no thanks’ from remind tomorrow CTA
  • Show edit button on post revision modal as long as user can edit.
  • Change default filename for images that have been pasted.
  • Less restrictive selector to allow for plugin outlets
  • CSS for pdf onebox
  • Include the username and link of the user for get_a_room
  • Top referrers headings are not numbers
  • Prevent post submission when uploading
  • “See more” on not found page should redirect to /top.
  • Show expand button on internal topic onebox
  • Display text & html parts alongside raw email in incoming email modal
  • Display button to add a group when no group has been selected.
  • Add client-side rate limit on click counters
  • Add data-category-url to make targetting a category li element in the hamburger menu easier
  • Add subcategory class to hamburger menu items that are subcategories
  • ‘Join Group’ button position moved to group header
  • Banner enabled/disabled posts should be small posts, not full-size posts
  • Clear the header when navigating to a new topic
  • Be more optimistic about showing topic titles while entering topics
  • Add a link to bulk invite howto
  • Order custom emojis by name.
  • Copy changes for auto topic status update.
  • Update copy to remove a topic status update.
  • Update copy for topic status update UI.
  • Improve .modal-header style on mobile.
  • Remove width on .auto-update-input.
  • Don’t try to figure out root domain.
  • Remove copy that is no longer valid.
  • Publish topic changes when topic is published.
  • Allow topic to be published to the same category when unlisted.
  • Show check mark glyph on ‘Dismiss New’ button on mobile
  • Add href to badge title
  • Make abondon post confirmation button red.
  • Improve the way users set timers for TopicStatusUpdate.
  • Change banner close button to be floated to the right
  • Change timestamp button on mobile was hidden behind date selector
  • Display translated group name for automatic groups.
  • Simplify delete gap style
  • Wrap really long titles on user stream pages
  • Tweak explanations for multiple_grant and allow_title
  • Better looking bulk actions modal
  • Move delete button to end and mark it as dangerous
  • Fix improper aspect ratio for xkcd oneboxes
  • Take header height into account when positioning the timeline
  • Show short flag descriptions in the flag modal on mobile
  • Flag custom message description is too close to textarea on mobile
  • Headings in banners had no margins
  • H1, h2, etc css reset should give them a bottom margin
  • Improved layout of flag handling UI on mobile
  • Remove restrictions on advanced user track.
  • Add link to the user’s preferences page next to the avatar

SECURITY CHANGES

  • Disallow csv as default upload file type
  • Prevent large onebox downloads, better timeout support
  • Correctly validate input when admin searches for screened ips
  • Inactive/suspended accounts should be banned from api
  • Ensure that user has been authenticated.
  • Ensure oAuth authenticated email is the same as created user’s email.
  • Only allow users to resend activation email with a valid session.
  • Always allow staff to resend activation mails
  • Don’t use backticks for exporting your archive
  • Disallow symlinks when restoring uploads.
  • CSRF vulnerabilities in Admin::BackupsController.
  • Confirm new administrator accounts via email
  • Do not send push notifications to suspended users
  • Prefer render plain/html to render text where possible
  • XSS issue in share popup if invalid link is passed in.
  • Validate the entity when downloading a CSV
  • Never crawl by IP

PERFORMANCE

  • Remove N+1 query when saving a user.
  • Create a REGEXP_TAGS_REPLACE regex to remove a chained .replace call
  • Extract autocomplete initialization to a function
  • Add index to speed up DirectoryItem.refresh_period! query.
  • User mini racer to uglify assets
  • Avoid looking globals from providers after first call
  • Much faster Badge.ensure_consistency
  • Faster Group.refresh_automatic_group & Group.ensure_consistency
  • Don’t load all replies in memory when moving posts
  • Don’t load User object in memory when we only need to know if it exists
  • Don’t allocate extra array.
  • Reduce allocated memory when generating mailing list email.
  • Allow memory to be freed instead of fetching all the objects into memory at once.
  • Dirty checking was broken and re-rendering too often
  • Bypass wizard check after 15 topics are created
  • Avoid query as admin
  • We do not need to ship down the total number of unread
  • Improve performance of unread queries
  • Limit new messages in suggested for PMs
  • N+1 query when searching with tags enabled.
  • N+1 query in search when plugin loads custom fields in TopicListItemSerializer.

(Jeff Atwood) #5