2017 Cloud Releases - HL Vanilla Community
<main> <article class="userContent"> <h2 data-id="release-notes">Release Notes</h2><p>Quarterly VIP releases contain all numbered releases within said quarter.</p><p>Sometimes bug fixes are backported to the current release, meaning they show up in production earlier than the date noted.</p><h3 data-id="vanilla-2.5.0.1-(wednesday-december-20)">Vanilla 2.5.0.1 (Wednesday, December 20)</h3><ul><li>Fix link to the last comment in a discussion (the timestamp link on the discussions table view).</li><li>Groups: Fix issue where clicking Quote could lead to a permission error in Group-related discussions.</li><li>Fix issue that could lead to the discussion title being omitted from notification email subject lines.</li></ul><h3 data-id="vanilla-2.5-(wednesday-december-6)">Vanilla 2.5 (Wednesday, December 6)</h3><p><strong>New Features:</strong></p><ul><li>Add a native API to Vanilla (“API version 2.0”) that conforms to industry standards.</li><li>API v2 adds per-user access token support.</li><li>API v2 currently covers: Users, Categories, Posting, Groups, and Reactions.</li><li>Add in-dashboard, tailored documentation for API v2 that recognizes enabled addons.</li><li>Add public API v2 documention to Vanilla’s documentation site.</li></ul><p><strong>New Addons:</strong></p><ul><li>Salesforce OAuth2 Single Sign-On.</li><li>Resolved v2: allow moderators to coordinate coverage for reviewing all new discussions.</li><li>CSS Class Whitelist: Allow admins to whitelist CSS classes for custom styling needs.</li></ul><p><strong>Changes & Additions:</strong></p><ul><li>Groups: Optionally expand leaders privileges to create events, edit comments and edit discussions.</li><li>Groups: Properly exclude moderators/admins from leaderboard.</li><li>Add icons to some addons that were missing one.</li><li>Change the email placeholder for deleted users to use the .invalid TLD.</li><li>Optimize category sorting in the dashboard to improve performance.</li><li>Improve how Vanilla handles redirects to enhance security and reliability.</li><li>Improve how Vanilla’s OAuth2 handling works to enable more custom workflow scenarios.</li><li>Change Vanilla’s cookies to use JWT.</li><li>Improve UX of creating new poll options.</li><li>Hide system-created tags in the sidebar Popular Tags module.</li><li>Improve load time of Participated Discussions addon by optimizing its data querying.</li><li>Make HtmlawedPlugin (our HTML filtering engine) part of core.</li><li>Add ability to filter category dropdowns by allowed discussion type.</li><li>Smarty templates now allow use of Vanilla’s categoryUrl, discussionUrl, userUrl, and commentUrl functions to build URLs.</li><li>Add <code class="code codeInline" spellcheck="false" tabindex="0">spellcheck="true"</code> to discussion title input box to enable browser-level spellchecking.</li><li>Logging: When deleting a user, store the old user name & which user did the deletion.</li><li>Format emojis and mentions links with full URLs to accommodate API v2.</li><li>Increase the complexity of email confirmation tokens.</li><li>Clear password reset info when updating password or email.</li><li>Add support for Get Satisfaction imports to the Redirector addon.</li><li>Updated a number of external dependencies.</li><li>Add ‘pptx’ as a default allowed file extension.</li><li>Add option to hide promoted content module if no results are found.</li><li>Allow table-related HTML elements to have classes in posts.</li><li>Improve styling for Close buttons in inform messages on mobile.</li><li>Add ability to force re-authentication for a sensitive action.</li><li>Customize Theme: Remove link to open source documentation.</li><li>Begin tracking the date & time an invitation is accepted.</li><li>Allow quoting usernames with dots.</li><li>Improved UI for Warnings & Notes settings page.</li><li>Remove quotes in the promoted content module.</li></ul><p><strong>Accessibility improvements:</strong></p><ul><li>Removed tabindexes from forms to keep natural tab order.</li><li>Made various accessibility improvements to Reactions.</li><li>Improve accessibility of MeBox (the main icon-based dropdown menus by your avatar).</li><li>Improve accessibility of other flyout menus.</li></ul><p><strong>Reliability improvements:</strong></p><ul><li>API v2 is fully unit tested.</li><li>Add conflict support to addons (addons can now declare other addons they conflict with to disallow dual use of know problem combinations).</li><li>Use dependency injection to instantiate addons.</li><li>Add ability for addons to include unit tests.</li><li>Implement independent schema validation.</li></ul><p><strong>General Fixes:</strong></p><ul><li>Fix marking a registration in the spam queue as “not spam” skipping the applicants queue when that registration method is enabled.</li><li>Fix guests’ inability to switch to full site from mobile theme.</li><li>Fix muted categories when using Mixed layout.</li><li>Fix addons inability to affect permissions checks before a notification is sent.</li><li>Fix max recipient check on private messaging.</li><li>Fix translations for guests in Who’s Online addon.</li><li>Fix several translations to accommodate gendered translation.</li><li>Fix inserting images on mobile.</li><li>Fix alignment issues in BBCode.</li><li>Fix double encoding of BBCode code block contents.</li><li>Fix ability to require email confirmation when no unconfirmed role exists.</li><li>Add permission check to /settings/tagging to resolve blank view if a guest found it.</li><li>Fix Tag.Tag and Discussion.DateLastComment errors when recalculating counters (support tool). Fix deleting a revision on a popular discussion also deleting the original record.</li><li>Embedded forums: Fix the URL for discussions’ notifications.</li><li>VanillaPop: Notify only roles that have permission to view the target category.</li><li>Twitter: Bind OAuth token to the user requesting it.</li><li>Fix typo in Twitter Emoji Set.</li><li>Fix @mentions in Internet Explorer 11.</li><li>Prevent discussions from being truncated when inserted in the log table.</li><li>Fix error caused by using editor in embedded site under iOS.</li><li>Fix “delete draft” text to use a symbol instead and sidestep translation needs.</li><li>Fix configuring cookie persistence options (in code).</li><li>Fix scenario where Vanilla would ignore query parameters on the homepage.</li><li>ZenDesk: Fix HTML rendering on the body of text sent over the API.</li><li>Q&A: Fix default tag text.</li><li>Q&A: Fix to work with per-category point tracking.</li><li>User Point Booster: Fix to work with per-category point tracking.</li><li>SAML: Do not set missing fields when connecting.</li><li>Badges: Fix “Give Badge” textarea height.</li><li>Various other security enhancements and bug fixes.</li></ul><h3 data-id="q2-release-6-(thursday-june-29)">Q2 release 6 (Thursday, June 29)</h3><ul><li>Improve load time of Vanilla Statistics dashboard summaries.</li><li>Triple-A theme: Added missing icons for Reactions.</li><li>Dashboard: Font tweaks for right panel.</li><li>Dashboard: Fix inaccurate toggle position for embedding URLs in Posting Settings.</li><li>Dashboard: Fix ‘Badge Requests’ menu showing users in wrong section.</li><li>Dashboard: Fix username disappearing from the dashboard user edit form on failed save.</li><li>Wysiwyg: Fix doubly encoding code blocks.</li><li>Posting: Fix alignment issues in BBCode.</li><li>Posting: Fix magic Vanilla formatting in BBCode code tags.</li><li>Posting: Fix embedding Twitch video.</li><li>Posting: Fix plural vs singular translation for minimum post length error message.</li><li>Embed: Fix forum scrolling position issues & disable auto-scroll.</li><li>Signatures: Fix settings validation in Dashboard.</li><li>Signatures: Fix translation of error message for images.</li><li>Role Titles: Fix addon not loading when enabled.</li><li>Drafts: Fix drafts being assigned to the Root category by default.</li><li>Civil Tongue: Add filtering to activity & notifications.</li><li>OAuth2 SSO: Add support for refresh tokens.</li><li>Q&A: Adding question link to accepted answer notification</li><li>Zendesk: Fix miscellaneous connection issues.</li><li>Editor: Fix image URL prompt on posts being clipped on mobile</li><li>Private messages: Fix recipient being added a second time to the same conversation.</li><li>Users: Replace deleted users mail placeholder to use ‘invalid’ TLD.</li><li>Analytics: Remove contributors from active users count to show an accurate participation rate.</li><li>Addons: Show a notification if turning on one addon forcibly enables another addon as a dependency.</li><li>Addons: Added icons for a number of addons that lacked one.</li><li>Polls: Fix redirect when the spam filter is triggered.</li><li>Subcommunities: Fix URL generation for discussions and comments for external use, as in emails and breadcrumbs. They were sometimes non-canonical.</li><li>Banning: Fix ban rule counters, which were incorrectly including admins and moderators in their count, even though they were blocked from being banned.</li><li>Improve how redirects are handled in Vanilla to be safer and more consistent.</li></ul><p><em>Q2 release 5 was skipped.</em></p><h3 data-id="q2-release-4-(wednesday-may-24)">Q2 release 4 (Wednesday, May 24)</h3><ul><li>Add Apple touch icon support as a core feature.</li><li>Add link to docs from Customize Theme page in Dashboard.</li><li>Fix minor translation issues in Advanced Search and Signatures addons.</li><li>Fix categories with custom permissions created with the API not having file uploads by default.</li><li>Fix toolbar staying hidden after previewing comment.</li><li>Fix multiple minor text parsing issues introduced by fixing the formatters in 2017-Q2-2.</li><li>Fix double spacing in Wysiwyg posts when embedding is allowed.</li><li>Add translations for “leaving the forum” warning.</li><li>Fix new post count not being displayed on Participated Discussions page.</li><li>Skip flood control checks for editing.</li><li>Fix Advanced Search autocomplete on sites in a subdirectory.</li><li>Fix non-ASCII items not being added to menus (we only allowed English word characters in some menus).</li><li>Fix a category’s latest post not being updated when moving or deleting a discussion.</li><li>Fix Spoof permission check on manual spoof page.</li><li>Fix redirect problem when toggling from mobile to full site and back.</li><li>Stop page from scrolling when selecting an avatar with Avatar Stock.</li><li>Allow admins to not set “Remember Me” by default over SSO.</li><li>Allow addons to declare a docs page and show a link to it on the Addons list.</li></ul><p><em>Q2 release 3 was skipped.</em></p><h3 data-id="q2-release-2-(wednesday-apr-26)">Q2 release 2 (Wednesday, Apr 26)</h3><ul><li>Multiple menus in the Dashboard’s Settings tab were renamed or reorganized.</li><li>Banner → Branding</li><li>Homepage → Layout</li><li>Advanced → Posting</li><li>Created “Security” menu group.</li><li>Re-grouped several pages under different headings.</li><li>Tagging addon was removed. Its features are now a part of our core offering. No user-facing functionality was changed.</li><li>Removed our use of Google’s CDN for jQuery and a Dashboard font.</li><li>Improved our ability to translate the word “Vote” in its various contexts (noun vs. verb).</li><li>Exempt moderators and admins from the new flood control checking on private messages.</li><li>Improve handling for mentions on usernames with underscores.</li><li>Improve our text parsing pipeline to be more consistent in the order we process elements (mentions, filtering, etc) for different formatters (Markdown, BBCode, etc).</li><li>SAML: Improve handling of <code class="code codeInline" spellcheck="false" tabindex="0">Target</code> parameter for redirects to follow the SAML spec.</li><li>Fix page title translations for “Quotes” and “Online” profile settings pages.</li><li>Fix category syncing issue in Hub/Node setups.</li><li>Fix an issue preventing the deletion of groups.</li><li>Fix the counter of items awaiting moderation to also include “pending” (premorderation) items.</li></ul><p><em>Q2 release 1 was skipped.</em></p><h3 data-id="q1-release-6-(thursday-mar-30)">Q1 release 6 (Thursday, Mar 30)</h3><p><em>This is the cutoff for the spring release for VIPs. All Q1 changes below are included in it.</em></p><ul><li>Customize Theme: Create a CSS-only saving mode to avoid template overwrites whenever possible.</li><li>Reporting: Use the Reactions.Flag.Add permission to know if we can report a post.</li><li>Categories: Fix setting default category on a new discussion when categories are disabled.</li><li>Categories: Fix issues with last post calculations that arose from recent optimizations.</li><li>Comments: Prevent use of embedded comments if embedding is not enabled globally.</li><li>Profiles: Fix user comment and discussion counts not being updated when posts restored.</li><li>Profiles: Remove inline styles on upload picture button.</li><li>SSO: Fix connections that trigger spam filters to be handled correctly on our side.</li><li>Subcommunities: Ensure that cannonical URLs respect the default subcommunity.</li><li>Subcommunities: Fixed interaction with Sitemap addon so that sitemap indexes are built correctly (1 per each subcommunity).</li><li>Mentions: Fix possible HTML conflicts.</li><li>MeModule: Fix arrow and alerts in settings dropdown.</li><li>Messages: Fix Message toggle not removing/adding message immediately.</li><li>Ideation: Make ideas restore from queues correctly.</li><li>Formatting: Stop adding target=”_blank” to links by default. Previously it was done inconsistently depending on formatter and other conditions. We have an addon available if this is something you want to enforce (Link Types).</li><li>Formatting: Update htmLawed (the HTML purifier library) to 1.2.</li><li>Formatting: Add option to send users to “Leaving” page when clicking external links.</li><li>Avatar Pool: Add option to name avatars.</li><li>Zendesk: Update API endpoint usage. This fixes several potential issues with the integration as the old API was deprecated.</li><li>VanillaPop: Collapse newlines in comment emails.</li><li>Profile Extender: Fix potential user duplication in CSV exports.</li><li>Warnings: Add tooltip to the Warning link.</li><li>Disqus: Remove redirect_uri to comply with their new security rules. This may mean some users do not return to exactly the page they started on after signing in.</li><li>Trusted Domains: Add optionally explicit wildcard matching for subdomains.</li><li>Private Communities: Make login error messages purposefully obscure to prevent sniffing of usernames. There is a reasonable expectation of privacy when an entire community is set to “Private” mode that does not otherwise exist.</li><li>Advanced Stats: Add deprecated warning in dashboard. Our Analytics system replaced this old addon a while ago. It will go away completely after June 1.</li><li>Tagging: Reworked as a core feature because other addons rely on it. The addon now only toggles “discussion tagging” for users.</li><li>Themes: Improve filtering of themes in the Dashboard to avoid showing unwanted themes.</li><li>Install: Generate updated default discussions on a fresh forum. We rewrote all our stub content and added more to help new forum owners.</li><li>Install: Use utf8mb4 encoding by default (native emoji-ready!) on a fresh forum. Existing forums will not get this update at this time.</li><li>Framework: Rework the event manager, schema & routing objects, and added dependency injection for API v2.</li><li>Framework: Clear the addon cache automatically.</li><li>Framework: Finish migration of all dependencies to Composer.</li><li>Framework: Add missed translation on notFoundException.</li><li>Security: Fix scenario where a seamless, embedded SSO connection with jsConnect could be compromised.</li><li>Security: Make multiple, low-priority enhancements identified via secure audits.</li></ul><p><em>Q1 release 5 was skipped.</em></p><h3 data-id="q1-release-4-(wednesday-mar-1)">Q1 release 4 (Wednesday, Mar 1)</h3><ul><li>Categories: Add category filtering to settings page.</li><li>Categories: Remove “Track points separately” from category options unless Reactions has been configured to support it.</li><li>Reactions: Adds settings page to configure per-category point tracking.</li><li>Reporting: Use permission Reactions.Flag.Add to allow restriction of reporting to certain users. If you are not already using Reactions, it will default to all users, which was how it previously worked.</li><li>Dashboard: Hide version number because it is not relevant (and misleading) to cloud customers.</li><li>Pockets: Add easier enable/disable toggles.</li><li>Addons: Improve error reporting for easier troubleshooting.</li><li>Categories: Fix issue where child categories could be redundantly displayed in certain theme views. (#5195)</li><li>Comments module: Add discussion titles. (This module is not used on most forums).</li><li>Pockets/Customize Theme: Fix errors in code editor.</li><li>Framework: Remove OAuth 1.0 library from core.</li><li>Minor security fixes. (Minor means they were technically flaws, but to our knowledge no useful exploit could be derived from them.)</li><li>API: architectural updates to facilitate upcoming v2.</li></ul><h3 data-id="q1-release-3-(thursday-feb-16)">Q1 release 3 (Thursday, Feb 16)</h3><ul><li>Roles: Fix linked user count on roles page. It was not correctly leading to a list of users filtered by that role.</li><li>Discussions: Fix permission check in discussion count getting.</li><li>Settings: Allow empty value for color picker in forms.</li><li>Logging: Update category discussion and comment counts when restoring a record from logs.</li><li>Logging: Display IP address on blocked registrations.</li><li>Profiles: Fix issue where JSON is not rendered at API endpoint when <code class="code codeInline" spellcheck="false" tabindex="0">ShowActivities</code> is false.</li><li>Dashboard: Hide images in the feed on dashboard homepage.</li><li>Dashboard: Add datepicker dashboard homepage stats (VanillaStats addon).</li><li>Comments: Add a recent comments module. It can be used with custom theming.</li><li>Users: Improve password requirement message.</li><li>Users: Validate password constraints on the reset password form. Previously, password requirements were only checked at registration.</li><li>Categories: Modify how permissions are evaluated to allow more granular changes in the future.</li><li>Subcommunities: Use canonical discussion and comment URLs on search and profiles.</li><li>Discussion Excerpt: Add excerpts to discussion lists everywhere.</li><li>Badges: Add badge request count to MeModule settings dropdown.</li><li>Badges: Ignore users who already have badge when giving to a list of users.</li><li>Q&A: Add translation for accepted answer activity.</li><li>Polls: Tighten voting permissions to only those who can comment.</li><li>Groups: Remove group association from discussions when moving them to another category so a permission issue is not triggered.</li><li>Groups: Delete group’s discussions and comments when a group is deleted.</li><li>Framework: Improve how our third-party Markdown library is used (unfork, use Composer).</li><li>Framework: Add EventManager, ArrayContainer, and other preliminary work for API v2.</li><li>Framework: Improve addon error reporting.</li></ul><h3 data-id="q1-release-2-(tuesday-jan-31)">Q1 release 2 (Tuesday, Jan 31)</h3><ul><li>Civil Tongue: Censor discussion titles in Recent Discussions list.</li><li>Conversations: Tighten maximum recipients allowed: 5 for new users, 50 for verified users, and unlimited for moderators.</li><li>Dashboard: Add settings and improve help text on the “Avatars” dashboard settings page.</li><li>Avatar Pool: Settings are now on the “Avatars” page.</li><li>Online: Fix issue where Online module could cache and display in the wrong language.</li><li>Editor: Close editor dropdowns when the user clicks outside of a dropdown.</li><li>Editor: Add spoiler and code styles to WYSIWYG preview.</li><li>Editor: Mentions auto-complete now quotes all usernames that need it automatically.</li><li>Editor: Fix Markdown list parsing that caused a minor styling glitch.</li><li>Q&A: Fix point-awarding interactions with Reactions. Accepting and declining answers could previously have unexpected results.</li><li>API: Allow JSON access to profile when Profile.ShowActivity is disabled.</li><li>Categories: Add a <code class="code codeInline" spellcheck="false" tabindex="0">CanDelete</code> flag to categories (prevents Social Group category deletion which breaks Groups).</li><li>Categories: Fix issue where subcategories could be orphaned when their parent was deleted.</li><li>Categories: Make the category deletion process clearer about what content will be removed and how.</li><li>Login: Improve password requirements message.</li><li>Logs: Add week day, time, and timezone to the moderation logs.</li><li>Logs: Do not spam-check owner account.</li><li>Addons: Add “Configured” messages to addons media view to denote whether an addon was been fully configured on their settings page.</li><li>Addons: Added icons for 3 addons.</li><li>Addons: Fix issue where an addon incorrectly registering permissions could break other permissions.</li><li>Mobile: Fix too-large images in mobile theme settings page.</li><li>Analytics: Hide the category dropdown where not relevant.</li><li>SAML: Allow admins to create a data map for SAML responses.</li><li>Subcommunities: Fix canonical URLs on discussion and category pages.</li><li>Maintenance: Improve maintenance mode so it can be automatically used during future database updates.</li><li>Maintenance: Moved media handling and tagging from addons into core.</li><li>Maintenance: Moved several library dependencies out of core (deleted 35,000 lines of code).</li></ul><h3 data-id="q1-release-1-(tuesday-jan-17)">Q1 release 1 (Tuesday, Jan 17)</h3><ul><li>Categories: Better sync modern category view to be the same as the table view. This insures “Display As” settings are used consistently between different layout options.</li><li>Banning: Prevent user’s visit information from being updated if banned. This is an enhancement to banned behavior.</li><li>Logging: Add logged events for failed logins, password requests, and password reset failures. This is for advanced logging only.</li><li>Quotes: Fix the Quote button not appearing in some cases. This was a user-facing bug.</li><li>Themes: Give themes ability to set their layout options in their “about” info. This is for theme developers.</li><li>Drafts: Fix “Incorrect integer value” error on draft save when no category selected. This was a regression bug in drafts.</li><li>Search: Fix search not returning results from categories with “Hide from recent discussions” selected.</li><li>JWT SSO: Improve support and fix minor issues in some connections.</li><li>Reactions: Fix inaccuracies in voting UI when user exceeds 1000 votes.</li><li>Facebook: Add support for Facebook’s “state” token during SSO. This is a security enhancement.</li><li>Groups: Add groups and events support to Keyword Blocker. The plugin can now send these items to the Moderation Queue for approval.</li><li>Badges: Fix issue where recently manually created badges could not be requested.</li><li>Ideation: Make notifications clearer.</li><li>Dozens of low-level bug fixes.</li></ul><p><br></p> </article> </main>