Discourse Version 1.8

Focus

  • :white_check_mark: Improve usability and design of password reset page.

  • :white_check_mark: “Get a room” reminder sent once per topic, to any user who replies to the same user in that topic 3 times in a row.

  • :white_check_mark: Much more secure cookie and token rotation scheme and database storage, upgrading to 1.8 is critical for improved db / cookie security

  • :white_check_mark: Improve usability and design of invite accept page.

  • :white_check_mark: Include Narrative Bot as new default for welcome PMs

  • :white_check_mark: Add new subcategory style options and move subcategory settings to category edit (versus oddball global site setting)

  • :white_check_mark: Congratulations emails (and badge) to new users who get a number of likes by established users

  • :white_check_mark: Generalized topic timer support for close, open (close temporarily), delete, publishing, and reminder

  • :white_check_mark: require email confirm for admin db download and admin grants

  • :white_check_mark: Rebuild theming system for easier theming. Let users select local color theme to taste (dark, light, etc)

  • :white_check_mark: Allow new signups to change their email address as well as resend confirmation, in case they typoed their signup email

  • :white_check_mark: “Private email mode” site setting ensures that no content is leaked to the outside via emails when the site’s content is sensitive.

  • :white_check_mark: Rebuild user prefs page to use subtabs

Codename

  • Aeschines v1.1
  • Andocides v1.2
  • Antiphon v1.3
  • Demosthenes v1.4
  • Dinarchus v1.5
  • Hypereides v1.6
  • Isaeus v1.7
  • Isocrates v1.8
  • Lycurgus
  • Lysias

Start date

January 7, 2017

Planned release date

May 31, 2017

54 Likes

NEW FEATURES

  • New ‘max_image_megapixels’ site setting
  • Log admin action when readonly mode is changed
  • Better error message when incoming e-mail is missing a Date: header
  • Let plugins register themes easily
  • Update omniauth twitter as prep for Ruby 2.4 support
  • Remap group mentions when group name has been changed
  • Group avatar flair shows on topic participants list, and participant avatars can have custom styles
  • Posts:remap task now supports removing all occurences of a word
  • Add explicit confirmation button to accept the invite
  • New rake task to delete a word/string from all the posts
  • Add user-main-nav plugin outlet
  • Reply as new message to the same recipients
  • Make discourse remap optionally do regex_rep
  • Redesign the change password page to use javascript and validations
  • Warn a user when they’re replying to the same user too much
  • Per client user tokens
  • Add user title to SSO payload
  • Improve search so it searches sub categories by default
  • Include most popular tag in page title for webcrawlers of tagged uncategorized topics
  • Passwords must have a minimum number of unique characters, configurable with a new setting
  • Allow user search API to restrict to group
  • Allow registrations of custom small action icons via plugins
  • Add hidden setting for verbose auth token logging
  • Allow plugins to preload data in topic list
  • Allow plugins to register custom topic list filters
  • Allow client side of topic list to accept custom params
  • New invite acceptance page, where username can be chosen and password can be set
  • Reset active record cache in sidekiq if needed
  • Links that can’t have onebox can be used as featured topic links
  • Primary group class on avatars in topic list
  • Search should default scope to current category or user
  • Linked topics should be rendered under posts for crawlers
  • Add a button on admin user page that links to action log
  • Make show_subcategory_list a per-category setting
  • Replace emoji with unicode in title and description meta tags
  • Add support for same site cookies
  • Add immutable cache for assets that do not update
  • Add immutable caching to rails site of things
  • New site setting for max logins per ip per hour/minute
  • Log all username and name changes
  • Add order logic to admin users controller
  • Move_to_inbox and archive_message events
  • Append tags bulk action for topics
  • Clean up tags extensibility
  • Autocomplete support on advanced search
  • AddUserMenuGlyph extensibility point
  • Further restrict downloading of backups
  • Each category can control how many topics to show on categories page
  • Greek language support, thanks to Vasilis Vlachokyriakos
  • Add outlet for messages nave extension
  • Make list controller a bit more extensible
  • Add user name in search results
  • Add :all filter for messages
  • Add before topic list filter
  • Subcategories can be discovered by web crawlers on page 1 of the parent category topics list
  • Add bumped_before query param for topic list
  • New category setting for whether to show latest topics or top topics by default
  • Allow for empty description in list
  • Plugin can now extend list of classes for topic-post
  • Allow checking the raw response of a bounced email
  • Autocomplete support on search
  • Allow plugins to transform, the transformed post
  • Search can be scoped to posts that the current user has seen/unseen
  • Add seen/unseen filters to advanced search UI.
  • Anonymized site statistics
  • Add support for SIGTSTP which stops sidekiqs
  • New template parameters for notification emails that can be used in links: topic_title_url_encoded and site_title_url_encoded
  • Log reason staff auto blocks a user
  • RSS feed for top page period filters
  • Stop escaping special chars in title prettify
  • Box-style rendering of sub-categories
  • Make admin user list sortable
  • Redirect to groups page after login/registration flow
  • Allow easier customization to the web hook event serialization
  • Track views on user profile card as profile views
  • Subcategory list style: boxes with featured topics
  • Socialcast Importer: Set category and tags based on group
  • Add hook and asset path variable
  • Add support for backup asset path post precompile
  • Fallback asset path for multi host setups
  • Add user profile fields in user list export
  • Make summary as first tab on user page
  • Category setting for default top period
  • Include email in User webhook
  • Mobile support for row and box category styles
  • Send anonymized usage statistics to Discourse if Discourse Hub can’t reach the site
  • Allow admin to auto reopen a topic
  • Pause a topic instead of permanently closing when flag threshold is reached
  • Allow admins to schedule a topic to be published in the future
  • Change name from admin page
  • Let users update their emails before confirming
  • Add og tags to metadata in individual badges page
  • Add “Show tracked topics” to User Prefs
  • Add option for ExcerptParser to keep onebox source
  • Add AWS S3 EU (London) “eu-west-2” region
  • Native theme support
  • Auto focus text editor when editing themes
  • Upgrade sprockets to latest stable
  • Try adding some preload hints for chrome
  • Allow themes to share color schemes
  • Allow copying of color schemes to clipboard
  • Add hamburger extensibility
  • Show a paintbrush for color schemes
  • Only show overridden option for theme css
  • Added error messages for bad theme CSS / JS
  • Default notification level for group messages
  • Add normal as a preference for topic subscription state when replying to a topic
  • Basic implementation of stats socket
  • Set UNICORN_STATS_SOCKET_DIR for status socket
  • Use image gallery functionality in magnific
  • In vim dev you can focus on spec line in autospec
  • Add support for bootsnap in dev
  • Convert incoming emails in HTML to markdown
  • Secure_email site setting to prevent data going out in email
  • Provide more details when performing a bulk add to group
  • Disable minimum post length check when in PM with non human users
  • Rebuild user preferences page to use tabs
  • Allow users to resend/update email from confirmation page
  • Out-of-the-box dark/light user selectable themes
  • Add .admin-interface class to BODY when in admin
  • Setting to poll feeds more frequently
  • Bulk relist
  • Support uploads for themes
  • Ask for confirmation before resending all invites
  • Set a timer to delete a topic
  • Theme selection is now global per-user
  • Allow users to select theme on single device
  • Use fancy title in notifications
  • Remove table wrapping posts in notification emails
  • Staff can set a timer to remind them about a topic
  • Require spec helpers for plugins
  • A site setting to prevent crawling on private IP blocks
  • Rate limit how often we’ll crawl a destination IP
  • Use ‘l’ as a shorthand for order:latest
  • Add custom User-Agent to Discourse Oneboxes
  • Require name when accepting invite if ‘full name required’ setting is enabled
  • Dropdown to filter staff action logs
6 Likes

BUG FIXES

  • Can’t add categories when creating a new web hook.
  • Respect site setting to hide username in mailing list summary.
  • Login modal on mobile does not submit on enter.
  • Add validation to disallow censored words in topic title.
  • An image can be shown twice in summary emails
  • Don’t allow formatting in titles when quoting other topics
  • Perform emoji unescape for topic titles in quotes.
  • Only allow CSV file to be uploaded for bulk invite
  • Add noopener to website field in user profile
  • Don’t onebox to IP addresses
  • Mailing list mode digest emails included whispers
  • RSS Language should use a dash/hypen instead of underscore
  • Do not update user stats like counts for private messages.
  • Same user record being saved twice causing validation to fail.
  • Live updates for polls was broken.
  • Votes lost when editing a poll option with votes.
  • Sort is destructive and that is not what we want.
  • Deleting a user was not deleting their directory items
  • [object Object] when hovering over view count
  • Topic Status should display on categories and topic view
  • Log backups download/destroy staff action
  • Pressing enter when searchContext is enabled should just trigger a search.
  • Don’t close search menu on link clicked when context is enabled.
  • Long titles need a max-width in composer when replying on desktop view
  • Don’t change automatic group name if localized name has been taken.
  • Better standardizing on username
  • Use the username scrubber when generating the emails
  • Sso_overrides_avatar should override previously set avatar
  • In the case of a blank name, use a SHA1
  • When blocking a user results in hiding their posts, only hide posts made in the last 24 hours
  • Toggling post’s wiki status should not create a new version.
  • Handle img src starting with “//” in pull_hotlinked_images job
  • Support removing all occurences of a word/string
  • Embedded Youtube videos lacking margin at bottom
  • Incorrect parameter being passed to component.
  • Toggling a post’s wiki status should not skip revision.
  • Don’t skip callbacks when rebaking posts.
  • Forced trailing slash on messageBus.baseUrl
  • Edit category modal throws EmberError when allowed tag groups is set
  • Bulk change tags works with category tag settings
  • Reply buttons and tooltips untranslated in all languages
  • Set max value for purge_unactivated_users_grace_period_days setting
  • Add max value validation for settings containing days
  • Don’t route to a weird blank page when public profiles are disabled
  • Topic links were getting dropped when post is rebaked
  • Prevent huge custom emojis in emails
  • Escape regexp chars in SiteSetting.censored_words.
  • Escape escape regexp characters.
  • Public polls should not make a request per option.
  • Silence and quiet logger not thread safe
  • Can’t use an internal name here if SiteSetting.convert_pasted_images_to_hq_jpg is false.
  • Log message when revoking email with too many bounces
  • Hover text was showing incorrect number
  • Stop stripping local onebox links from tracker
  • Mail threading wasn’t working properly in Mac Mail
  • Eslint was broken
  • Don’t configure Redis connector if Redis slave config is not set.
  • Incorrect title on admin reports
  • Reports for time to first reply and topics without replies were counting whispers and moderator actions
  • Search menu widget breaks when context type is null.
  • Group owners don’t see group owner functions when navigating from user page.
  • Allow existing users to be invited to topic/message when must_approve_users is enabled
  • Incorrect instructions when inviting user to forum
  • Sane error message when inviting an existing user
  • Add /tags routes to robots.txt
  • If you make a new banner, clear the old dismissed values
  • Bounce webhooks should also use recipient address
  • Wasn’t extracting links to quoted posts
  • Tags shouldn’t be listed as breadcrumbs in web crawler view
  • Don’t put attachments on the CDN when ‘prevent anons from downloading files’ is enabled
  • Crawler view of paginated content should have link elements in head for next and previous pages
  • Composer should only feature links to external sites
  • Find replied-to post even when incoming email doesn’t have a reply key
  • Twitter onebox styling was poor on mobile
  • Show groups that user is owner of on groups page.
  • Don’t clear the login hint when the system user is saved
  • Password validator was being too strict
  • Race condition when marking tokens as seen
  • Token rotation not accounting for overlapping tokens correctly
  • Admin dashboard shouldn’t complain when using IAM profile for S3 access
  • Plugin outlets in navigation bar need to be li elements instead of div and span
  • Invited users and new TL1 users will see their first notification highlighted
  • Support multiple embeddable host records with the same host
  • Don’t raise DownloadTooLarge, just do nothing
  • Remove errors when running phantomjs
  • Silence DOMException errors when running phantomjs
  • Silence CSS errors in Safari
  • Don’t try to load avatars in test mode
  • Users page wasn’t loading more on mobile
  • Get a room wasn’t enforcing sequential properly
  • Should not be able to rename a system badge
  • Add Content-Disposition and Content-Type headers when downloading attachments
  • Tag link in breadcrumbs on subfolder installs
  • Refresh header if message bus updates topic
  • Admin dashboard posts count should not include system posts and whispers
  • Allow staff members to send PMs when enable_private_messages is disabled
  • Show all staff events related to the target user
  • Do not refresh staff action logs every time the page is loaded
  • N+1 in topic_list
  • Allow some auth token misses prior to clearing cookie
  • JsLocaleHelper#output_locale was muting cached translations hashes
  • ExtraLocalesController.show’s spec which was randomly failing
  • JsLocaleHelper#output_locale was not properly handling multiple translations
  • ExtraLocalesController.show was not properly handling multiple translations
  • Client’s translation overrides were not working when the current locale was missing a key
  • Eradicate I18n fallback issues :bomb:
  • Ensure localized yamls are compatible with english
  • Check all .yml files in the project for integrity
  • I18n integrity specs
  • Attempt to handle ios edge case where token is seen but unsaved
  • Mobile topic timeline broken on Chrome 56.
  • Typo in a routes.rb comment
  • Search menu results does not refresh when search context is changed.
  • Embedding was broken with non-english URLs and ports
  • From field of emails should be including email_site_title or site title settings
  • Do not log duplicate username changes
  • Correct path for LocaleFileWalker
  • Hamburger shouldn’t show subcategories if show_subcategory_list is enabled on the parent
  • Query parameters were not being cleared when changing filtering.
  • Import scripts were failing to load onebox sanitize config
  • Locale fallback with pluralized strings
  • On initial token issue stop unmarking token as unseen
  • Last seen date erroneously updated when browser in background
  • Back button was broken after clicking flags in hamburger
  • Polls permanently broken if post requires approval.
  • Handle new user when logging name change
  • Allow for empty translated strings
  • Using enter to complete autocomplete doesn’t automatically send you to full page search
  • Populate Category when query/search term is updated
  • Collapsing/Expanding Advanced Search doesn’t wipe out Advanced Search Terms from search query.
  • Autocomplete positioning
  • Render custom tag extensions even when tags disabled
  • Typo in rate_limiter edit_post message
  • Subcategories need the num featured topics setting too
  • Start sidekiq process for all queues in docker dev
  • Add thor to Gemfile. We need it for our CLI tool.
  • Don’t mark user as active if verified email is different.
  • Make it a tad bit harder to accidentally redirect to full page search while autocomplete is open
  • Flag action buttons are missing when visiting flags from the hamburger menu
  • Can’t recover a post when its user has been deleted.
  • Posts in a deleted topic couldn’t be moved.
  • Ensure that we only move posts that belong to the original topic.
  • Group#name is case insensitive.
  • Grant trust level when bulk adding users to group
  • Put back the back button fix again.
  • CORS middleware needs to happen earlier than AnonymousCache middleware
  • Add Discourse-Visible to CORS allowed headers for sites that use a proxy
  • Extra-nav-item outlet no longer adds a DIV to UL
  • Also add Discourse-Visible to allowed headers for message bus
  • Do not trigger fullpage search when selecting autocomplete term with enter.
  • Approve invited user
  • More errors with non-ascii URLs
  • Tags created in secured categories should not be forbidden outside those categories
  • Improve token rotation and increase logging
  • Surround the FROM alias with " in order to support the @ character
  • Allow user to remove bookmark from posts as long as bookmark is present.
  • Do not show about page to anonymous users for private forums
  • Always send critical emails even when bounce score threshold has been reached
  • Do not show faq/guidelines page to anonymous users for private forums
  • Reply to topic keyboard shortcut raises an error on non-topic routes.
  • Latest-version tag is shown by git-describe
  • Should not try to send digest to users who reached the bounce threshold
  • Custom CSS/HTML files were not getting downloaded on Chrome
  • Category autocomplete breaks when search menu widget rerenders.
  • Allow user to remove bookmark from posts as long as bookmark is …
  • Email customizations now apply to both html and text parts
  • Latest + category not respecting homepage category suppression
  • Include children categories when searching a category
  • Store user’s id instead for sending activation email.
  • Only group admins can see group edit page.
  • Restore was not redirecting to logs route.
  • Store custom emojis as uploads.
  • Encoded characters shown in category boxes
  • Category logo preview in settings shouldn’t render it like a background image
  • Leave group membership button not updating.
  • User created web hook being enqueued before record has been saved.
  • Allow ports for embed host IPs
  • Add route for user TL3 requirements page
  • Don’t migrate custom emojis that are no longer valid.
  • Don’t use backticks that take in inputs.
  • Admin user page should show count of all posts, including private messages, so admins can delete them. This bug was making it impossible to delete users.
  • Publish notification state in after_commit hook.
  • Sync user’s notification channel before preloaded current user data.
  • Enqueue activation email for invited user that has password set
  • Links in category description inside subcategory boxes have too much padding
  • Show lock icons for secured categories in boxes views
  • Send activation email if user have unconfirmed email
  • Send activation email if user have unconfirmed email address
  • Site Settings weirdness with back button
  • Better error message when invited user already exists
  • Use email prefix only in subject
  • Sso provider require return_sso_url
  • Replace site_name in email subject with site title
  • Issue with double title showing up
  • Links in hamburger menu on subfolder installs
  • Clciking the home logo wasn’t refreshing categories views
  • Admin locales were not getting converted to message format
  • Update topic fancy title when updating category name
  • JQuery include was incorrect for finish-installation
  • Error when calculating geometric mean of 0 for read timings
  • Use consistent heading style in the category box styles
  • Email Previewing was not showing in Firefox
  • Clear sessionStorage between click track tests
  • Do not add user to group based on email domain unless email is confirmed
  • Topic title wasn’t showing properly when entering lower in topics
  • Clicking on the title was doubling up the title
  • Suggested username should not be more than setting max_username_length
  • Tags and topic links rendered outside of page header
  • Show stats of the last 30 days be default for admin reports.
  • Check if post exists in topic
  • On long browsers, you could get a double title
  • Class names should be dasherized, not underscored
  • Callback undefined error when topic has been deleted.
  • Broekn translation on topic-status-info component.
  • Use enum values for trust level settings
  • Safeguard to not award NewUserOfTheMonth if it hasn’t been a month
  • Nested quotes weren’t rendered properly with BBCode
  • Selections getting deselected on FireFox.
  • Skip validations when updating group mentions.
  • Don’t raise an error if TopicStatusUpdate has been deleted.
  • Return JSON errors for by-external if JSON requested
  • Poll builder validation was incorrect
  • Do not add order param to user list unless required
  • Do not show User Cannot See Mention dialog when crafting a new topic or a new message
  • Improve checks for non-human users.
  • Copy post actions when moving a topic.
  • Translate badge metadata title
  • Add onceoff job to remove old auto close topic sidekiq jobs.
  • Web crawlers getting 404 on category pages
  • Publish topic to a category should unlist it as well.
  • Incorrect title for custom_invite_forum_mailer
  • Ensure username param is valid in NotificationsController.
  • Allow replaceState to run on iOS.
  • Topic Timeline was impossible to close if you used the back button
  • Don’t update cooked when a like is received.
  • Don’t insert topic status messages unless the status changes
  • Convert emoji to unicode in topic titles in emails
  • Render emoji in title tag on topic page
  • Grant first reply by email job was brokenated
  • Censored_pattern with group capturing wasn’t working
  • Topic status update not being deleted once it has been executed.
  • Handle cases where alt and title tag is blank when parsing excerpt.
  • Quotes should be ignored when parsing for onebox source.
  • Private message can be set to publish in the future.
  • Update timestamp when resending invite
  • Disable browser autocomplete for change-owner modal
  • Rtl locale support for category box style
  • Add web hook DiscourseEvents in initializer.
  • Changing notification level in topic footer buttons was not updating timeline.
  • Render unicode emoji in topic title
  • Render emoji in topic title
  • Topic.similar_to error when Search is not loaded
  • Pasting link into composer with a topic template will onebox the link after the template
  • Handle expanding quotes from deleted posts by rendering a trash icon
  • Check for reserved usernames before hitting DB.
  • Don’t enqueue topic status update job if topic is deleted.
  • Don’t show category options for reports that can’t be scoped to a category.
  • Confirm email token for user created via social login
  • Improve dark theme styling in header for tags
  • Order child themes by name
  • Path wizard showing with no style
  • Clicking on themes while editing left a blank screen
  • Blanking theme field was not properly removing it
  • In some case bundle exec fails from spawn
  • Embedding comments was broken
  • Add minimum value for invites_per_page setting
  • Allow CSS precompilation to access newly manifested assets
  • Don’t precompile if we have no themes table
  • Display custom sections with default theme
  • Update auto_notification to also update the subscription state when replying if the current state is less than the state being requested
  • Stop double compiling all hbs files
  • Corrects typo to avoid error 500 on theme change
  • Onebox’s dependencies were not updated.
  • Send activation email when accepting invite if password is set
  • Increase host_must_be_valid regex for .technology TLD
  • Ignore loose .es6 files during precompile
  • Better error handling for theme import
  • User website allows new TLDs
  • Always send password reset email when accepting invite if password is not set
  • Ctx parameter is optional
  • Add more consistent gutter to ace editor
  • Sort theme by lower case theme name
  • Add white space in discourse-tags so tags can wrap
  • Show topic status on category view
  • Show solved status on category with featured topics view too
  • Correct behavior of auto-notification state updating to exclude when the topic already has a state of normal/muted
  • Correct behavior of auto-notification state updating to exclude …
  • Destroying color scheme could remove wrong item from UI
  • New implementation of the “notify about flag after” setting. Only notify about new flags since the last notification. Send a private message to staff. Mention the 3 most active moderators in the message so they get notification emails.
  • Redirect to login page for anonymous user when profiles are hidden
  • Embedded comments not working when theme is missing
  • Colors picker not working with CDN
  • Do not explicitly show email of flagger / flagged user
  • Detection of error changed, so you can clear errors
  • On create you could not add a theme component
  • All basic integer settings should have max value validation
  • Topic title should be included in post webhook payload.
  • User Admin screen on mobile style was off
  • Handle invite error in wizard
  • All basic integer settings should have min & max value validation
  • Do not impose default min/max validation on hidden site setting
  • Processing incoming email should be done in a background job.
  • Without suggested topics jumping to a post had the wrong offset
  • Remove duplicate route warning, it’s just a noop now
  • Scrolling to the bottom was still a bit weird with no suggested
  • Sane max value for max_image_size_kb & max_attachment_size_kb setting
  • Make TopicEmbed trashable
  • JIVE API Importer
  • Properly initialize hashes
  • Add route for ‘/admin/users/list’
  • Clean up unused staged users job not completing.
  • Force the right encoding when handling email.
  • Raise right response when post_action does not exist.
  • Messed up i18n key
  • Forgot to clear out a topic excerpt
  • Scrolling offset was broken when entering some topics
  • Missing link in unsubscribe text of summary emails
  • Theme preview from preferences wasn’t working
  • Properly support HTML document when converting to markdown
  • Incorrect label for top topics dropdown on mobile when filtering
  • ‘read’ filter in top menu showing new topics
  • The dates for retroactive anniversary badges were wrong
  • Case sensitive unconditional add of exact match in user search
  • Pending flags message should go to moderators group, not staff
  • Quoting an expanded first post would force it to reload the cooked
  • Missing image-url helper
  • Rescue specific errors on invite failure
  • Don’t apply max emails per day per user to forgot password
  • Don’t apply max_emails_per_day_per_user on critical emails
  • HtmlToMarkdown should not convert empty/bad <a> tags
  • BBCode converter in bulk importers
  • Redirect away from account-created if you’re logged in
  • Properly trim whitespaces (including those pesky   html entities)
  • HtmlToMarkdown should not convert empty/bad <img> tags
  • Jumping to a post that doesn’t exist should jump to closest
  • Skip hidden nodes when converting from HTML to Markdown
  • If you have a badge, filter to you when clicking on it
  • Skip hidden <img> (no tracking for you)
  • Emails should use default theme colors
  • Filter badges to user on their badges page too
  • The user might be anonymous
  • Show share popup only for valid buttons.
  • Invalid creation of Theme in wizard builder.
  • Badge filtering was always to the currentUser
  • If badges are disabled don’t show “Top Badges” on summary view
  • Quiet server side errors for requesting json for account-created
  • If we can’t proxy to a CDN due to HTTP error, render blank
  • If the host can’t be extracted don’t raise an error
  • Regression when clicking on post date
  • Properly clean up related color schemes on delete
  • Return a 404 if the auth session is not present
  • Catch broken pipe errors
  • CustomEmoji may contain an invalid upload_id.
  • Some changes in composer affect all visible text editors
  • Importing a theme via file was broken
  • Page scroll lock not clearing properly on chrome
  • Don’t notify or return flags on system users
  • Possible 500 error if category saved incorrectly
  • Don’t raise an error when the img attribute cannot be found
  • Don’t let users edit wiki posts unless they can reply
  • Sanitize bulk invite error log
  • Base sql vanishes after badge creation
  • Extract div tags within spans
  • Handle BOM in bulk import CSV file
  • Dismiss all button was not updating the UI
  • Support updating the google+ key
  • There are still jobs enqueued for CloseTopic
  • The keyboard shortcut to bookmark the first post wasn’t refreshing
  • Better error message for when your bookmark rate limit is exceeded
  • Select2 retina icons were broken
  • Invalid html in notification emails when template has been customized
  • Correctly invalidate theme css cache on scheme change
  • Maximize css editor not working
  • Allow uploading of category logo and background
  • These should not have been class variables
  • Can’t quote last paragraph.
  • Don’t redirect for users/account-created path
  • users_account_created_path should point to /u/
  • Don’t send system message for new user of the month if disabled
  • When searching PMs also search group PMs
  • Videos were missing from expanded quotes
  • Users can’t request to join group due to alias level restriction.
  • Delete topic timer after completion.
  • Don’t warn users about duplicate links for:
  • Hide theme selector if only 1 theme
  • Collapse mobile nav on outside click
  • Include new onebox fixes
  • Latest onebox adds more attributes to links for security
  • Don’t warn if the link is in the post you are editing
  • Quote button broken on windows.
  • Unescape emoji in pretty title
  • Don’t count likes from system users in the new user of the month
  • Forgot to lock gem
  • Use bundle exec for bundle-audit
  • Only mark all as rendered after everything is rendered
  • We can download protocol relative urls
  • Resize events for ace were not triggered correctly
  • If you refresh New, clear the incoming topics text
  • Use latest docker image for dev
  • When entering topics “tracking” would not be set
  • Admins could never remove self from messages
  • Require re-activation if SSO changes email and updates it
  • Don’t memoize the currentUser in case some plugins use it too early
  • Only trigger notification level change if it actually changes
  • Broken back button on account URLs
  • Don’t search for plugins in nested subdirectories
  • Use observer to rerender widget instead.
  • Supports bare <li> when converting html to markdown
  • Sometimes the topic timeline wasn’t docking
  • Admin groups editor was showing extra page when exactly 50 records
  • If there’s an error downloading, don’t raise it
  • Saving invisible primary group field that you don’t belong to
  • Bump mini profiler to support sub folders
  • Allow images to be uploaded in wizard
  • Don’t process the same incoming email more than once
  • Allow pasting links into title field that are longer than the max title length
  • Layout of buttons and modals on mobile
  • Label positioning on mobile forms
  • Don’t incluide a trailing <br> in the bio excerpt
  • Mobile modal close button position, mobile layout of radio buttons and checkboxes
  • Better uploads error page
  • User can’t remove bookmark from a deleted post.
  • New topics alert wasn’t covering the entire topic list column headings
  • Regular users shouldn’t be able to invite to PMs if disabled
  • Don’t crawl non-http/s links
  • Don’t hardcode text in smoke test.
  • TopicTimestampChanger should not allow timestamps in the future.
  • N+1 query in suggested topics list.
  • Topic Crawling should only crawl HTTP/S urls
  • Fill date input with default date range
  • CDN wasn’t properly applied to category background images when using S3
  • Possible data leaking from one site to another in multisite in PendingFlagsReminder
  • Remove memoized values in jobs
  • Other content types like images are fine
  • Onebox will do a HEAD request first for redirects
  • Another onebox head request
  • Remove memoization on class method used in a job
  • Reset the WebMock after before every test
  • Use Excon to do its own stubbing
  • Wizard was not showing up if more than 1 system user
  • Use same code path for downloading images
  • Roll back file_helper changes, relative URLs were broken
  • Always allow downloads from CDN
  • Allow advanced tutorial to be started if badges are disabled.
  • Order:latest not working for search within topic
  • Fixes to grant new user of the month badge
  • Missing to_i which breaks selector component for anon
  • Incorrect margins on buttons in modals on mobile
  • Ensure we clean up socket servers.
  • Don’t raise an error when the upload can’t be retrieved
  • Don’t rate limit gravatar downloads
  • Sometimes the duplicate link text made no sense
  • If login is required, redirect to the /login route instead of root
  • Keep the flash when redirecting for login_required
  • Don’t show “resend email” option when user approval is on
  • If the error is 401 unauthorized or such, just do nothing
  • Allow users to rename discobot without having to rebuild.
  • Don’t do anything if avatar url returns an invalid status code.
  • Mutex to avoid race condition with double notify
  • Docking position of topic progress at bottom of topic on mobile
  • Add discourse-narrative-bot locales path
  • Rerender posts when selecting replies
  • Posts weren’t cloaking properly
  • Inherit topic auto close when changing topic’s category.
  • Be smart about refreshing the topic title when editing the OP
5 Likes

UX CHANGES

  • Observe changes to plugin to hide/show plugin admin link without refresh.
  • Display large numbers with delimiters.
  • Truncate topic link title/URL on desktop to prevent overflow.
  • Make it easier for plugins to add stuff before topics on the list
  • Don’t show search and hamburger menus to anon visitors on login-required sites
  • Display wiki icon on post edits indicator.
  • Red notification of flags or pending approvals opens hamburger menu instead of linking to flags page
  • Only display the words that fails censored words validations.
  • Highlight user’s vote in polls.
  • Remove ‘no thanks’ from remind tomorrow CTA
  • Show edit button on post revision modal as long as user can edit.
  • Change default filename for images that have been pasted.
  • Less restrictive selector to allow for plugin outlets
  • CSS for pdf onebox
  • Include the username and link of the user for get_a_room
  • Top referrers headings are not numbers
  • Prevent post submission when uploading
  • “See more” on not found page should redirect to /top.
  • Show expand button on internal topic onebox
  • Display text & html parts alongside raw email in incoming email modal
  • Display button to add a group when no group has been selected.
  • Add client-side rate limit on click counters
  • Add data-category-url to make targetting a category li element in the hamburger menu easier
  • Add subcategory class to hamburger menu items that are subcategories
  • ‘Join Group’ button position moved to group header
  • Banner enabled/disabled posts should be small posts, not full-size posts
  • Clear the header when navigating to a new topic
  • Be more optimistic about showing topic titles while entering topics
  • Add a link to bulk invite howto
  • Order custom emojis by name.
  • Copy changes for auto topic status update.
  • Update copy to remove a topic status update.
  • Update copy for topic status update UI.
  • Improve .modal-header style on mobile.
  • Remove width on .auto-update-input.
  • Don’t try to figure out root domain.
  • Remove copy that is no longer valid.
  • Publish topic changes when topic is published.
  • Allow topic to be published to the same category when unlisted.
  • Show check mark glyph on ‘Dismiss New’ button on mobile
  • Add href to badge title
  • Make abondon post confirmation button red.
  • Improve the way users set timers for TopicStatusUpdate.
  • Change banner close button to be floated to the right
  • Change timestamp button on mobile was hidden behind date selector
  • Display translated group name for automatic groups.
  • Simplify delete gap style
  • Wrap really long titles on user stream pages
  • Tweak explanations for multiple_grant and allow_title
  • Better looking bulk actions modal
  • Move delete button to end and mark it as dangerous
  • Fix improper aspect ratio for xkcd oneboxes
  • Take header height into account when positioning the timeline
  • Show short flag descriptions in the flag modal on mobile
  • Flag custom message description is too close to textarea on mobile
  • Headings in banners had no margins
  • H1, h2, etc css reset should give them a bottom margin
  • Improved layout of flag handling UI on mobile
  • Remove restrictions on advanced user track.
  • Add link to the user’s preferences page next to the avatar

SECURITY CHANGES

  • Disallow csv as default upload file type
  • Prevent large onebox downloads, better timeout support
  • Correctly validate input when admin searches for screened ips
  • Inactive/suspended accounts should be banned from api
  • Ensure that user has been authenticated.
  • Ensure oAuth authenticated email is the same as created user’s email.
  • Only allow users to resend activation email with a valid session.
  • Always allow staff to resend activation mails
  • Don’t use backticks for exporting your archive
  • Disallow symlinks when restoring uploads.
  • CSRF vulnerabilities in Admin::BackupsController.
  • Confirm new administrator accounts via email
  • Do not send push notifications to suspended users
  • Prefer render plain/html to render text where possible
  • XSS issue in share popup if invalid link is passed in.
  • Validate the entity when downloading a CSV
  • Never crawl by IP

PERFORMANCE

  • Remove N+1 query when saving a user.
  • Create a REGEXP_TAGS_REPLACE regex to remove a chained .replace call
  • Extract autocomplete initialization to a function
  • Add index to speed up DirectoryItem.refresh_period! query.
  • User mini racer to uglify assets
  • Avoid looking globals from providers after first call
  • Much faster Badge.ensure_consistency
  • Faster Group.refresh_automatic_group & Group.ensure_consistency
  • Don’t load all replies in memory when moving posts
  • Don’t load User object in memory when we only need to know if it exists
  • Don’t allocate extra array.
  • Reduce allocated memory when generating mailing list email.
  • Allow memory to be freed instead of fetching all the objects into memory at once.
  • Dirty checking was broken and re-rendering too often
  • Bypass wizard check after 15 topics are created
  • Avoid query as admin
  • We do not need to ship down the total number of unread
  • Improve performance of unread queries
  • Limit new messages in suggested for PMs
  • N+1 query when searching with tags enabled.
  • N+1 query in search when plugin loads custom fields in TopicListItemSerializer.
10 Likes