Skip to content

Latest commit

 

History

History
603 lines (520 loc) · 43.6 KB

CHANGELOG.md

File metadata and controls

603 lines (520 loc) · 43.6 KB
Raw

Changelog

1.1.0

Added

  • Info command now displays MySQL version, queue driver, mail driver (flarum#2991)
  • Use organization Prettier config (flarum#2967)
  • Support for global typings in extensions (flarum#2992)
  • Typings for class component state attribute (flarum#2995)
  • Custom colorising with CSS custom properties (flarum#3001)
  • Theme Extender to allow overriding LESS files (flarum#3008)
  • Update lastSeenAt when authenticating via API (flarum#3058)
  • NoJs Admin View (flarum#3059)
  • Preload FontAwesome, JS and CSS, and add preload extender (flarum#3057)

Changed

  • Move Day.js plugin types import to global typings (flarum#2954)
  • Avoid resolving excluded middleware on each middleware items
  • Allow extra attrs provided to <Select> to be passed through to the DOM element (flarum#2959)
  • Limit height of code blocks (flarum#3012)
  • Update normalize.css from v3.0.2 to v8.0.1 (flarum#3015)
  • Permission Grid: stick the headers to handle a lot of tags (flarum#2887)
  • Use ItemList for DiscussionPage content (flarum#3004)
  • Move email confirmation to POST request (flarum#3038)
  • Minor CSS code cleanup (flarum#3026)
  • Replace username with display name in more places (flarum#3040)
  • Rewrite Button to Typescript (flarum#2984)
  • Rewrite AdminPage abstract component into Typescript (flarum#2996)
  • Allow adding page parameters to PaginatedListState (flarum#2935)
  • Pass filter params to getApiDocument (flarum#3037)
  • Use author filter instead of gambit to get a user's discussions (flarum#3068)
  • [A11Y] Accessibility improvements for the Search component (flarum#3017)
  • Add determinsm to extension order resolution (flarum#3076)
  • Add cache control headers to the admin area (flarum#3097)

Fixed

  • HLJS 11 new styles resulting in double padding (flarum#2909)
  • Internal API client attempting to load an uninstantiated session
  • Empty post footer taking visual space (flarum#2926)
  • Unrecognized component class custom attribute typings (flarum#2962)
  • User edit groups permission not visually depending on view hidden groups permission (flarum#2880)
  • Event post excerpt preview triggers error (flarum#2964)
  • Missing settings defaults for display name driver and User slug driver (flarum#2971)
  • [A11Y] Icons not hidden from screenreaders (flarum#3027)
  • [A11Y] Checkboxes not focusable (flarum#3014)
  • Uploading ICO favicons resulting in server errors (flarum#2949)
  • Missing proper validation for large avatar upload payload (flarum#3042)
  • [A11Y] Missing focus rings in control elements (flarum#3016)
  • Unsanitised integer query parameters (flarum#3064)
Code Contributors

@lhsazevedo, @Ornanovitch, @pierres, @the-turk, @iPurpl3x

Issue Reporters

@uamv, @dannyuk1982, @BurnNoticeSpy, @haarp, @peopleinside, @matteocontrini

1.0.4

Fixed

  • Upgrade to v1.0 resets the "view" permission on all tags (flarum#2941)

1.0.3

Changed

  • Removed [forum] prefix from Request Password and Email Confirmation emails (a4a81c0)
  • Adopt huntr.dev for handling our security vulnerability reports (flarum#2918)
  • Maintenance handler can now be replaced through the service container (ioc) (4acff91)
  • The colors on the auto generated avatars are now based on the Display Name of the user (flarum#2873)

Fixed

  • Avatar in notifications list are incorrectly aligned (flarum#2906)
  • FilesystemManager is not compatible with upstream Laravel implementation (flarum#2936)

1.0.2

Fixed

  • Critical XSS vulnerability

1.0.1

Fixed

  • Installation fails on environments without proc_* functions enabled or mysql client binary (flarum#2890)

1.0.0

Added

  • Task scheduling
  • load() method on ApiController extender to allow eager loading of relations (flarum#2724)
  • Installation supports enabling a set of extensions (flarum#2757)
  • RequestUtil helper class added to abstract the logic of the actor, session, locale and route name from the request (flarum#2449)
  • Code scanning action with GitHub CodeQL (flarum#2744)
  • The Formatter extender now has an unparse method to allow extensions to hook into the unparsing of content (flarum#2780)
  • A Filesystem extender allows direct modification and addition of filesystem disks (flarum#2732)
  • A slug driver based on the User ID was introduced (flarum#2787)
  • An extensible users list was added to the admin area (flarum#2626)
  • Headers hardened by adding Referer Policy, Xss Protection and Content type (flarum#2721)
  • Tooltip component (flarum#2843)
  • Moved insertText and styleSelectedText from markdown to core (flarum#2826)
  • A squashed database schema install dump to speed up new installs (flarum#2842)
  • Pagination in the canonical URL for discussion pages (flarum#2853)
  • PaginatedListState for the DiscussionList and to support paginated lists in the frontend (flarum#2781)
  • Introduce the new webpack config and flarum-tsconfig for typehinting (flarum#2856)

Changed

  • Now tracking bundle sizes to keep an eye on web performance (flarum#2695)
  • Eager load relations on ListPostsController to improve performance (flarum#2717)
  • Replace classList with clsx library (flarum#2760)
  • Replaced the javascript based loading spinner with a pure CSS version (flarum#2764)
  • Route names now have to be unique (flarum#2771)
  • ActorReference is now available from the error handler middleware (flarum#2410)
  • The migrations table now has an Auto Increment ID (flarum#2794)
  • Assets and avatars are now managed using Laravel filesystem disks (flarum#2729)
  • Extracted asset publishing (php flarum assets:publish) from migrating (flarum#2731)
  • Assets were compiled in the format <asset>-<revision>.<js|css>, this is now <asset>.<js|css>?v=<revision> (flarum#2805)
  • The powered by header can now be configured in the config under headers (flarum#2777)
  • Switched to the ICU format for translation files (flarum#2759)
  • Allow extend and override to apply to multiple methods in one call
  • Notifications dropdown and list refactored (flarum#2822)
  • Updated validation locale strings based on Laravel 8 changes (flarum#2829)
  • Caching of permissions is now taken care of centrally, reducing code duplication (flarum#2832)
  • Replaced lodash-es by throttle-debounce to reduce bundle size (flarum#2827)
  • Internal API requests are now executed through middleware (flarum#2783)
  • Permission changes: viewDiscussions to viewForum and viewUserList to searchUsers (flarum#2854)

Fixes

  • Javascript is shown when editing the title of a discussion (flarum#2693)
  • Canonical url logic uses request object which causes wrong URL's when a different page is default (flarum#2674)
  • Dropdown toggle has no aria label (flarum#2668)
  • Nav drawer is focusable when off-screen on small viewports (flarum#2666)
  • Search input has no aria-label and no role (flarum#2669)
  • Code duplication exists between SendConfirmationEmailController and AccountActivationMailer (flarum#2493)
  • When setting tags as homepage default, visiting a tag will show all posts (flarum#2754)
  • Locale cache is cleared twice when cache clearing (flarum#2738)
  • When cache clearing fails an exception can be thrown due to a partial flush (flarum#2756)
  • Database migrations rely on MyISAM even though the eventual migrated database does not use it (flarum#2442)
  • Discussion search result is not sorted by relevance by default (flarum#2773)
  • Extensions cannot register custom searcher classes (flarum#2755)
  • Searching discussion titles is not possible (flarum#2698)
  • Boot errors due to failing extenders throw a generic error (flarum#2740)
  • Required argument to Component.$() isn't really required (flarum#2844)
  • Component does not allows use of all mithril lifecycle functionality (flarum#2847)

Removed

  • The make:migration command has been removed (flarum#2686)
  • Background fade on the header has been removed (flarum#2685)
  • Remove vendor prefixes in less (flarum#2766)
  • The session is no longer available from the User class (flarum#2790)
  • The mail key is removed from the laravel related config (flarum#2796)

0.1.0-beta.16

Added

Changed

  • Run integration tests in transaction (flarum#2304)
  • Allow policies to return a boolean for simplified allow/deny (flarum#2534)
  • Converted highlight helper to typescript (flarum#2532)
  • Add accessibility attributes to Mark as Read button (flarum#2564)
  • Dismiss errors on change email modal upon a new request (00913d5)
  • Disabled extensions now are marked with a red circle instead of a red dot (flarum#2562)
  • Extension dependency errors now show the extension title instead of the ID (flarum#2563)
  • Change mutate method on ApiSerializer extender to attributes (flarum#2578)
  • Moved locale files to the core from the language pack (flarum#2408)
  • AdminPage extensibility and generic improvements (flarum#2593)
  • Remove entry of authors, link to https://flarum.org/team (flarum#2625)
  • Search and filtering are split (flarum#2454)
  • Move IP identification into a middleware (flarum#2624)
  • Editor Driver abstraction introduced (flarum#2594)
  • Allow overriding routes (flarum#2577)
  • Split user edit permissions into permissions for editing of user credentials, username, groups and suspending (flarum#2620)
  • Reduced number of admin extension categories (flarum#2604)
  • Move search related classes to a dedicated Query namespace (flarum#2645)
  • Rewrite common helpers into typescript (flarum#2541)
  • TextEditor is moved to the common namespace for use in the admin frontend (flarum#2649)
  • Update Laravel/Illuminate components to 8 (flarum#2576)
  • Eager load relations in discussion listing to improve performance (flarum#2639)
  • Adopt flarum/testing package (flarum#2545)
  • Replace user gambit with author gambit (612a57c)
  • Posts page of on user profile loads posts using username instead of id (30017ee)

Fixed

  • Transform css breaks iOS scroll functionality (flarum#2527)
  • Composer header is hidden on mobile devices (flarum#2279)
  • Cannot delete a post or discussion of a deleted user (flarum#2521)
  • DiscussionListPane jumps around not keeping the scroll position (flarum#2402)
  • Infinite scroll on notifications dropdown broken (flarum#2524)
  • The show language selector switch remains toggled on (9347b12)
  • Model Visibility extender throws exception on extensions that aren't installed or enabled (flarum#2580)
  • Extensions are marked as enabled when enabling fails to unmet extension dependencies (flarum#2558)
  • Routes to admin extension pages without a valid ID break the admin page (flarum#2584)
  • Disabled fieldset use an incorrect CSS property disallowed (flarum#2585)
  • Scrolling to a post that is already loaded the Load More button shows and does not trigger (flarum#2388)
  • Opening discussions on some mobile devices require a double tap (flarum#2607)
  • iOS devices show erratic behavior in the post stream while updating (flarum#2548)
  • Small mobile screens partially hides the composer when the keyboard is open (flarum#2631)
  • Clearing cache does not clear the template cache in storage/views (flarum#2648)
  • Boot errors show critical information (flarum#2633)
  • List user endpoint discloses last online even if user choose against it (flarum#2634)
  • Group gambit disclosed hidden groups (flarum#2657)
  • Search results on small windows not fully visible (flarum#2650)
  • Composer goes off screen on Safari when starting to type (flarum#2660)
  • A search that has no results shows the search results dropdown (b88a7cb)
  • The composer modal moves around when typing on Safari (a64c398)

Removed

  • Deprecated CSRF wildcard path match
  • Deprecated policy and visibility scoping events
  • Deprecated post types event
  • Deprecated validation events
  • Deprecated notification events
  • Deprecated floodgate
  • Deprecated user preferences event
  • Deprecated formatting events
  • Deprecated api events
  • Deprecated bootstrap.php support
  • PHP 7.2 support (flarum#2507)
  • Bidi attribute in the rendered HTML (flarum#2602)
  • AccessToken::find, use AccessToken::findValid instead (flarum#2651)

Deprecated

  • GetModelIsPrivate event (flarum#2587)
  • CheckingPassword event (flarum#2176)
  • event() helper (flarum#2608)
  • AccessToken::generate argument $lifetime (flarum#2651)
  • Rememberer::remember argument $token should receive an instance of RememberAccessToken with AccessToken being deprecated (flarum#2651)
  • Rememberer::rememberUser (flarum#2651)
  • SessionAuthenticator::logIn argument $userId, should be replaced with AccessToken (flarum#2651)
  • TextEditor has been moved to common (flarum#2649)
  • UserFilter (91e8b56)

0.1.0-beta.15

Added

Changed

Fixed

Removed

  • MomentJS alias (flarum#2428).
  • Deprecated user events GetDisplayName and PrepareUserGroups (flarum#2428).
  • AssertPermissionTrait (flarum#2428).
  • Path related helpers and methods in Application (flarum#2428).
  • Backward compatibility layers from the frontend rewrite (flarum#2428).

Deprecated

0.1.0-beta.14.1

Fixed

  • SuperTextarea component is not exported.
  • Symfony dependencies do not match those depended on by Laravel (flarum#2407).
  • Scripts from textformatter aren't executed (flarum#2415)
  • Sub path installations have no page title.
  • Losing focus of Composer area when coming from fullscreen.

0.1.0-beta.14

Added

  • Check dependencies before enabling / disabling extensions (flarum#2188)
  • Set up temporary infrastructure for TypeScript in core (flarum#2206)
  • Better UI for request error modals (flarum#1929)
  • Display name extender, tests, frontend UI (flarum#2174)
  • Scroll to post or show alert when editing a post from another page (flarum#2108)
  • Feature to test email config by sending an email to the current user (flarum#2023)
  • Allow searching users by group ID using the group gambit (flarum#2192)
  • Use liveHumanTimes helper to update times without reload/rerender (flarum#2208)
  • View extender, tests (flarum#2134)
  • User extender to replace PrepareUserGroups (flarum#2110)
  • Increase extensibility of skeleton PHP (flarum#2308, flarum#2318)
  • Pass a translator instance to getEmailSubject in MailableInterface (flarum#2244)
  • Force LF line endings on windows (flarum#2321)
  • Add a Link component for internal and external links (flarum#2315)
  • ConfirmDocumentUnload component
  • Error handler middleware can now be manipulated by the middleware extender

Changed

Fixed

Removed

  • Flarum\Event\AbstractConfigureRoutes event class
  • Flarum\Event\ConfigureApiRoutes event class
  • Flarum\Event\ConfigureForumRoutes event class
  • Flarum\Console\Event\Configuring event class
  • Flarum\Event\ConfigureModelDates event class
  • Flarum\Event\ConfigureLocales event class
  • Flarum\Event\ConfigureModelDefaultAttributes event class
  • Flarum\Event\GetModelRelationship event class
  • Flarum\User\Event\BioChanged event class
  • Flarum\Database\MigrationServiceProvider moved into Flarum\Database\DatabaseServiceProvider
  • Unused admin/components/Widget component (admin/component/DashboardWidget should be used instead)
  • Mandrill mail driver (https://github.com/flarum/core/commit/bca833d3f1c34d45d95bf905902368a2753b8908)

Deprecated

  • Flarum\User\Event\GetDisplayName event class
  • Global path helpers, Flarum\Foundation\Application path methods (flarum#2155)
  • Flarum\User\AssertPermissionTrait (flarum#2044)

0.1.0-beta.13

Added

  • Console extender (#2057)
  • CSRF extender (#2095)
  • Event extender (#2097)
  • Mail extender (#2012)
  • Model extender (#2100)
  • Posts by users that started a discussion now have the CSS class .Post--by-start-user
  • PHPUnit 8 compatibility
  • Composer 2 compatibility
  • Permission groups can now be hidden (#2129)
  • Confirmation popup when hiding or deleting posts (#2135)

Changed

  • Updated less.php dependency version to 3.0
  • Updated JS dependencies
  • All notifications and other emails now processed through the queue, if enabled (#978, #1928, #1931, #2096)
  • Simplified uploads, removing need to store intermediate files (#2117)
  • Improved date handling for dates older than 1 year (#2034)
  • Linting and automatic formatting for JS (#2099)
  • Translation files from Language Packs are only loaded for extensions that are enabled (#2020)
  • PHP extenders' properties are now private instead of protected, intentionally making it harder to extend these classes (#1958)
  • Preparation for upgrading Laravel components to 5.8 and then 6.0 (#2055, #2117)
  • Allowed permission checks based on model classes in addition to instances (#1977)

Fixed

  • Users can no longer restore discussions hidden by admins (#2037)
  • Issues of the Modal not showing or auto hiding (#1504, #1813, #2080)
  • Columnar layout on admin extensions page was broken in Firefox (#2029, #2111)
  • Non-dismissible modals could still be dismissed using the ESC key (#1917)
  • New discussions were added to the discussion list above unread sticky posts (#1751, #1868)
  • New discussions not visible to users when using Pusher (#2076, #2077)
  • Permission icons were aligned unevenly in admin permissions list (#2016, #2018)
  • Notification bubble not inversed on mobile with colored header (#1983, #2109)
  • Post stream scrubber clicks jumped back to first post (#1945)
  • Loading state of Switch toggle component was hard to see (#2039, #1491)
  • Flarum\Extend\Middleware: The methods insertBefore() and insertAfter() did not work as described (#2063, #2084)

Removed

  • Support for PHP 7.1 (#2014)
  • Zend compatibility bridge (#2010)
  • SES mail support (#2011)
  • Backward compatibility layer for Flarum\Mail\DriverInterface, new methods from beta.12 are now required
  • Flarum\Util\Str helper class
  • Flarum\Event\ConfigureMiddleware event

Deprecated

  • Flarum\Event\AbstractConfigureRoutes event class
  • Flarum\Event\ConfigureApiRoutes event class
  • Flarum\Event\ConfigureForumRoutes event class
  • Flarum\Event\ConfigureLocales event class

0.1.0-beta.12

Added

  • Full support for PHP 7.4 (#1980)
  • Mail settings: Configure region for the Mailgun driver (#1834, #1850)
  • Mail settings: Alert admins about incomplete settings (#1763, #1921)
  • New permission that allows users to post without throttling (#1255, #1938)
  • Basic transliteration of discussion "slugs" / pretty URLs (#194, #1975)
  • User profiles: Render basic content on server side (#1901)
  • New extender for configuring middleware (#1919, #1952, #1957, #1971)
  • New extender for configuring error handling (#1781, #1970)
  • Automated tests for PHP extenders to guarantee their backwards compatibility

Changed

  • Profile URLs for non-existing users properly return HTTP 404 (#1846, #1901)
  • Confirmation email subject no longer contains the forum title (#1613)
  • Improved error handling during Flarum's early boot phase (#1607)
  • Updated deprecated "Zend" libraries to their new "Laminas" equivalents (#1963)

Fixed

  • Update page did not work when installed in subdirectories (#1947)
  • Avatar upload did not work in IE11 / Edge (#1125, #1570)
  • Translation fallback was ignored for client-rendered pages (#1774, #1961)
  • The success alert when posting replies was invisible (#1976)

0.1.0-beta.11.1

Fixed

  • Saving custom css in admin failed (#1946)

0.1.0-beta.11

Added

  • Comments have an additional class Post--by-actor when posted by the user (#1927)

Changed

  • Improved support for URL identification during installation (#1861)
  • KeyboardNavigatable now has a callback ability (#1922)
  • Links are no longer opened with target _blank but in the same window (#859)
  • Links now have nofollow ugc by default as their rel attribute (#859, #1884)
  • Improved performance of the full text gambit when searching for users (#1877)
  • The Queue implementation is now available under its Illuminate contract

Fixed

  • No error handling was possible in the console/cli (#1789)
  • Enable scrollbars in log in modals so it fits for GitHub (#1716)
  • Reduce log in modal for SSO so it fits for Facebook (#1727)
  • Deleting discussions permanently did not delete its posts (#1909)
  • Fixed the queue:restart command (#1932)
  • Deleted posts were visible to all visitors (#1827)
  • Old avatars weren't being deleted when replaced (#1918)
  • The search performance regression was reverted (#1764)
  • No profile background could be set for remote images (#445)
  • Back button sends to home even though it could actually go back (#1942)
  • Debug button no longer visible (#1687)
  • Modals on smaller screens use the whole width of the page

0.1.0-beta.10

Added

  • Initial queue support: Infrastructure for offloading long-running tasks (e.g. email sending) to background workers (#1773)
  • Notifications can now be marked as read without visiting a discussion (#151)
  • SEO: The discussion list now has a rel="canonical" meta tag, preventing duplicate content (#1134, #1814)
  • The "Edit User" permission can now be edited in the UI (#1845)
  • New status message and redirect after user deletion (#1750, #1777)
  • Errors in Flarum's boot process are now presented with more detailed information (#1607)

Changed

  • Better, more detailed and extensible error handling (#1641, #1843)
  • Error pages in debug mode now return the same HTTP status codes as in production (#1648)
  • Tweak HTTP status codes for authentication / authorization errors (#1854)
  • Already-used links from account activation emails now show a better error message (#1337)

Fixed

  • Security vulnerabilities in dependencies
  • Performance: High CPU usage when scrolling in a discussion (#1222)
  • Special characters crashed the search (#1498)
  • Missing declarations for language and text direction in HTML output (#1772)
  • Private messages were counted in user post counts (#1695)
  • Extensions could not change the forum's default page (#1819)
  • API requests authenticated using access tokens needed to provide a CSRF token (#1828)
  • Accessibility: Screenreaders did not read the "Back to discussion list" link (#1835)

0.1.0-beta.9

Added

  • New hasPermission() helper method for Group objects (9684fbc)
  • Expose supported mail drivers in IoC container (208bad3)
  • More test for some API endpoints (1670590)
  • The Formatter\Rendering event now receives the HTTP request instance as well (0ab9fac)
  • More and better validation in installer UIs
  • Check and enforce minimum MariaDB (7ff9a90)
  • Revert publication of assets when installation fails (ed9591c)
  • Benefit from Laravel's database reconnection logic in long-running tasks (e0becd0)
  • The "vendor path" (where Composer dependencies can be found) can now be configured (5e1680c)

Changed

  • Performance: Actually cache translations on disk (0d16fac)
  • Allow per-site extenders to override extension extenders (ba594de)
  • Do not resolve objects from the IoC container (in service providers and extenders) until they are actually used
  • Replace event subscribers (that resolve objects from the IoC container) with listeners (that resolve lazily)
  • Use custom service provider for Mail component (ac5e26a)
  • Update to Laravel 5.7, revert custom logic for building database index names
  • Refactored installer, extracted Installation class and pipeline for reuse in CLI and web installers (790d5be)
  • Use whitelist for enabling pre-installed extensions during installation (4585f03)
  • Update minimum MySQL version (7ff9a90)

Fixed

  • Signing up via OAuth providers was broken (67f9375)
  • Group badges were overlapping (16eb1fa)
  • API: Endpoint for uninstalling extensions returned an error (c761802)
  • Documentation links in installer were outdated (b58380e)
  • Event posts where counted when aggregating user posts (671fdec)
  • Admins could not reset user passwords (c67fb2d)
  • Several down migrations were invalid
  • Validation errors on reset password page resulted in HTTP 404 (4611abe)
  • is:unread gambit generated an invalid query (e17bb0b)
  • Entire forum was breaking when the custom_less setting was missing from the database (bf2c5a5)
  • Dropdown icon was not showing in user card when on user page (12fdfc9)
  • Requests were missing the original* attributes, which broke installations in subfolders (56fde28)
  • Special characters such as % and _ could return incorrect results (ee3640e)
  • FontAwesome component package changed paths in version 5.9.0 (5eb69e1)
  • Some server environments had problems accessing the system-wide tmp path for storing JS file maps (54660eb)
  • Content length of posts.content was not migrated to mediumText in 2017 (590b311)
  • An error occurred when going to the previous route if there was no previous route found (985b87da)

Removed

  • php flarum install --defaults - this was meant to be used in our old development VM (44c9109)
  • Obsolete id attributes in JSON-API responses (ecc3b5e and 7a44086)

0.1.0-beta.8.1

Fixed

  • Fix live output in migrate:reset command (f591585)
  • Fix search with database prefix (7705a2b)
  • Fix invalid join time of admin user created by installer (57f73c9)
  • Ensure InnoDB engine is used for all tables (fb6b51b, 6370f7e)
  • Fix dropping foreign keys in down migrations (57d5846)
  • Fix discussion list scroll position not being maintained when hero is not visible (40dc6ac)
  • Fix empty meta description tag (88e43cc)
  • Remove empty attributes on <html> tag (796b577)