Releases: flarum/framework
Releases · flarum/framework
v0.1.0-beta.11
Redback Spider
Added
- Comments have an additional class
Post--by-actor
when posted by the user (#1927)
Changed
- Improved support for URL identification during installation (#1861)
- KeyboardNavigatable now has a callback ability (#1922)
- Links are no longer opened with target
_blank
but in the same window (#859) - Links now have
nofollow ugc
by default as theirrel
attribute (#859, #1884) - Improved performance of the full text gambit when searching for users (#1877)
- The Queue implementation is now available under its Illuminate contract
Fixed
- No error handling was possible in the console/cli (#1789)
- Enable scrollbars in log in modals so it fits for GitHub (#1716)
- Reduce log in modal for SSO so it fits for Facebook (#1727)
- Deleting discussions permanently did not delete its posts (#1909)
- Fixed the queue:restart command (#1932)
- Deleted posts were visible to all visitors (#1827)
- Old avatars weren't being deleted when replaced (#1918)
- The search performance regression was reverted (#1764)
- No profile background could be set for remote images (#445)
- Back button sends to home even though it could actually go back (#1942)
- Debug button no longer visible (#1687)
- Modals on smaller screens use the whole width of the page
v.0.1.0-beta.10
New Holland
Added
- Initial queue support: Infrastructure for offloading long-running tasks (e.g. email sending) to background workers (#1773)
- Notifications can now be marked as read without visiting a discussion (#151)
- SEO: The discussion list now has a
rel="canonical"
meta tag, preventing duplicate content (#1134, #1814) - The "Edit User" permission can now be edited in the UI (#1845)
- New status message and redirect after user deletion (#1750, #1777)
- Errors in Flarum's boot process are now presented with more detailed information (#1607)
Changed
- Better, more detailed and extensible error handling (#1641, #1843)
- Error pages in debug mode now return the same HTTP status codes as in production (#1648)
- Tweak HTTP status codes for authentication / authorization errors (#1854)
- Already-used links from account activation emails now show a better error message (#1337)
Fixed
- Security vulnerabilities in dependencies
- Performance: High CPU usage when scrolling in a discussion (#1222)
- Special characters crashed the search (#1498)
- Missing declarations for language and text direction in HTML output (#1772)
- Private messages were counted in user post counts (#1695)
- Extensions could not change the forum's default page (#1819)
- API requests authenticated using access tokens needed to provide a CSRF token (#1828)
- Accessibility: Screenreaders did not read the "Back to discussion list" link (#1835)
v0.1.0-beta.9
Leafy Seadragon
See the release announcement.
Added
- New
hasPermission()
helper method forGroup
objects (9684fbc) - Expose supported mail drivers in IoC container (208bad3)
- More test for some API endpoints (1670590)
- The
Formatter\Rendering
event now receives the HTTP request instance as well (0ab9fac) - More and better validation in installer UIs
- Check and enforce minimum MariaDB (7ff9a90)
- Revert publication of assets when installation fails (ed9591c)
- Benefit from Laravel's database reconnection logic in long-running tasks (e0becd0)
- The "vendor path" (where Composer dependencies can be found) can now be configured (5e1680c)
Changed
- Performance: Actually cache translations on disk (0d16fac)
- Allow per-site extenders to override extension extenders (ba594de)
- Do not resolve objects from the IoC container (in service providers and extenders) until they are actually used
- Replace event subscribers (that resolve objects from the IoC container) with listeners (that resolve lazily)
- Use custom service provider for Mail component (ac5e26a)
- Update to Laravel 5.7, revert custom logic for building database index names
- Refactored installer, extracted Installation class and pipeline for reuse in CLI and web installers (790d5be)
- Use whitelist for enabling pre-installed extensions during installation (4585f03)
- Update minimum MySQL version (7ff9a90)
Fixed
- Signing up via OAuth providers was broken (67f9375)
- Group badges were overlapping (16eb1fa)
- API: Endpoint for uninstalling extensions returned an error (c761802)
- Documentation links in installer were outdated (b58380e)
- Event posts where counted when aggregating user posts (671fdec)
- Admins could not reset user passwords (c67fb2d)
- Several down migrations were invalid
- Validation errors on reset password page resulted in HTTP 404 (4611abe)
is:unread
gambit generated an invalid query (e17bb0b)- Entire forum was breaking when the
custom_less
setting was missing from the database (bf2c5a5) - Dropdown icon was not showing in user card when on user page (12fdfc9)
- Requests were missing the
original*
attributes, which broke installations in subfolders (56fde28) - Special characters such as
%
and_
could return incorrect results (ee3640e) - FontAwesome component package changed paths in version 5.9.0 (5eb69e1)
- Some server environments had problems accessing the system-wide tmp path for storing JS file maps (54660eb)
- Content length of posts.content was not migrated to mediumText in 2017 (590b311)
- An error occurred when going to the previous route if there was no previous route found (985b87da)
Removed
v0.1.0-beta.8.2
Fixed
- Installation / update problems due to FontAwesome upgrade (more details)
v0.1.0-beta.8.1
Stability fixes for the beta.8 line
Fixed
- InnoDB is now specified as the default table type to prevent SQL errors on foreign keys
- Setting a meta description in the admin Basics tab will no longer generate an empty tag
- If Likes fail to load properly, a discussion page will still function and not crash
- Pusher is now functional again when creating new discussions
- Admin users created by installation will have a valid join date
- Searching the text inside posts will now work even with a database prefix
php flarum migrate:reset
commands will now run without warnings
See https://discuss.flarum.org/d/17745-flarum-0-1-0-beta-8-released/128.
v0.1.0-beta.8
See the release announcement.
Added
- PHP Extender API (docs)
- Add
ItemList#isEmpty
method (#1218) - Allow setting the raw content of a
CommentPost
(084f749) - Allow full URLs to be used as the avatar path (c31c1ea)
- Add user display names API (#1246)
- Add
apiKey
request attribute (096e552) - Allow configuring cookie attributes (87bf84e)
- Add LESS variable to configure expansion of
sideNav
dropdowns (2754a8c) - Add drag and drop avatar uploading (#1261)
- New design for Reset Password page (9392e1b)
- Add log out confirmation if CSRF token is invalid (e8a4e5e)
- New design for error pages (b7c1cc5)
- Basic implementation of admin dashboard widgets (1ef9217)
- Add infinite scrolling in the notifications list (77c25ab)
- Add custom footer HTML setting (#1315)
- Automatically load an
extend.php
file at the forum root (#1559) - Add console configuration event (#1349)
- Improve search performance and design (#1339, 7e95b80)
- Allow notification methods to be extended (#1361)
- Add
flarum migrate:reset
command (#1363) - Add message to exceptions thrown in
DispatchRoute
middleware (#1376) - Warn about debug mode in
flarum info
command (0cf351e, 5374f8a) - JS Extender API foundation (#1468)
- Add support for JS sourcemaps (#1471)
- Add canonical URL to discussion HTML (551ca23)
- Add event to override floodgate behaviour (#1411)
- Use
ItemList
for signup and login modals (#1420) - Display extensions in a table in
flarum info
command (#1562) - Add
oldUsername
parameter toUser\Event\Renamed
(#1563) - Live output of migrator notes in console (9e487b4)
- Use
ItemList
for edit group modal (#1625) - Use
ItemList
for edit user modal (#1593) - Track API key last activity and allow keys to reference specific users (#1622)
- Add a toolbar area to the
TextEditor
component (c13dfa2) - Add a tooltip to the Preview button (bf3934d)
- Add database indices (#1577)
- Log errors that occur in the API stack (222e3c3)
- Add "clear cache" button to admin dashboard (2ef66ac)
- New extensions page layout (#1496)
Changed
- Upgrade to Laravel 5.5 (#1252)
- PHP namespace restructure (#1308)
- Performance: Don't include post content in the "basic" serializer (37cf95f)
- Only apply custom CSS and header HTML on forum frontend, not admin (40ebc13)
- Performance: Load only basic information about terminal/relevant posts (dedcbae)
- Performance: Load only basic information about post discussion/users (3c80612)
- Organise views into directories (479e44d)
- Use more sensible installation default data (b760d11)
- Manage
Composer
height with overridable methods (#1272) - Rename
AbstractPolicy::after
tocan
to reflect removal of event priorities (ae2e07e) - Overhaul model visibility scoping (#1342)
- Remove
-
separator in discussion URL if there is no slug (#1351) - API: Provide forum info under
/
(f0cea11) - Upgrade to Font Awesome 5 (#1372)
- Upgrade to zend-stratigility v2.2 (9d30be1)
- Use Illuminate
Session
component instead of Symfony (#1366) - Use PSR-15 middleware standard (#1441, #1443)
- Simplify interface of migration-related classes (#1445)
- Rename
Api\Controller\TokenController
toCreateTokenController
(#1451) - Replace
gulp
withwebpack
andnpm
scripts for JS compilation (#1367) - Rename database columns and JSON-API attributes (#1344)
- Refactor frontend code (#1471, edaca31)
- Remove need for page reload if JS application will not boot (#1471)
- Split permission for editing and deleting posts (#1466)
- Upgrade to TextFormatter 1.2 (#1457)
- Require PHP 7.1 (0278d52)
- Rename extension
bootstrap.php
toextend.php
(#1556) - Use default system font instead of Open Sans (07298e1)
- Change composer submit button icon to paper plane (bf3934d)
- New heading styles in posts (6fadc0b)
Removed
- Remove user bio feature (#1214)
- Remove FastClick (a8826dc)
- Remove server-side JavaScript minification, because it is done by Webpack (#1471)
- Remove the "debug" button from request error alerts (64686ef)
- Remove
fileinfo
dependency (105dd09)
Fixed
- Fix dropdown menu icon width (7ec9281)
- Fix user online indicator spacing (57f828b)
- Remove faulty default value for forum description (a2e0dae)
- Fix scrubber icon alignment (287085d)
- Don't hardcode admin URL (c037658)
- Update zend-diactoros to v1.6 to fix
Content-Length
problems (1e8399c) - Security: Remove execute permissions from
.php
/.less
files (#1338) - Fix post
contentHtml
sometimes breaking script par...
v0.1.0-beta.7.2
Security
- Fix leak of private information when updating users. (more details)
v0.1.0-beta.7.1
Security
- Fixed a vulnerability that allows an attacker to bypass the email verification step during registration. (@clarkwinkelmann) (more details)
v0.1.0-beta.7
Added
- Add "remember me" checkbox in login from.
- Update notification count when discussion list refresh button is clicked. (@datitisev)
- Add event to allow custom user password validation.
- Support module prefixing of locale resources.
- Allow accessing the session via the actor.
- Add group gambit to support search user by group name. (@liji)
- Ability to manually activate users. (@renyuneyun)
- Add
dir
andlang
attribute in app.blade.php. (@datitisev) - Prevent crawlers from indexing nojs pages.
- Add option to hide the language selector. (@datitisev)
- Add link() and setCanonicalUrl() methods to the WebAppView.
- Add viewUserList permission. (@datitisev)
- Allow JSON config to be used for command-line installation. (@dav-is)
- Add API for extensions to mark discussions and posts as private. (@luceos)
- Improve password reset validation/error handling.
- Added a migration helper for adding default permissions.
- Turn Rename Discussion dialog into a modal. (@datitisev)
Fixed
- Prevent deletion of default locale. (@dav-is)
- Prevent overwriting of user attributes on authenticated registration. (@dav-is)
- Prevent notice if bootstrapping app in command line environment.
- Make Add Extension modal's title translatable. (@milescellaro)
- Fix asset path when unpublishing. (@clarkwinkelmann)
- Update affix sidebars when window is resized.
- Fix login remember in MS EDGE.
- Prevent reverting editable user bio on click.
- Fix API sorting of users by post count.
- Support PNG avatars with transparent backgrounds and fix EXIF rotation. (@oanhnn, @Zeokat)
- Fix /api/posts returning 500. (@datitisev)
- Make extension event attributes public.
- Prevent admins from demoting themselves through the API. (@datitisev)
- Fix incorrect migration notes for extensions without any migrations.
Changed
- Upgrade
s9e\TextFormatter
to 0.8.1. (@JoshyPHP) - Upgrade
zendframework/zend-stratigility
to 1.3. - Update minimum required PHP version to 5.6.
- Add specific error message for username validation.
- Remove fa-fw class from all icons. Manually apply the fa-fw class or other styles if needed.
- Simplify global back button behaviour and appearance.
Also see the release notes for: approval flags lock mentions sticky suspend tags
v0.1.0-beta.6
Added
- Allow separation of public and base directories. (@bmalex88)
- Introduce superficial permission dependency tree to make UI more intuitive.
- Add specific error message when an email address is not found in forgot password modal. (@datitisev)
- Pull in FontAwesome as a Composer dependency, and update to 4.6.
- Add ability to view the IP address for a post in its meta dropdown. (@dav-is)
- Show an upload icon instead of a user's default avatar on their own profile. (@datitisev)
- Add admin pane to configure SMTP settings. (@datitisev)
- Add ability to upload forum logo and favicon.
- Add ability to add custom HTML above the Flarum header.
- Log exceptions in error handler middleware.
- Add CLI installer option to write the config file to a different path.
- Allow extensions to add default model attributes.
- Add Server
extend
API to allow skeleton to customise the Application instance. - Automatically support basic HTML tags in translations.
- Add
cache:clear
CLI command.
Changed
- Updated s9e\TextFormatter to 0.5.0. (@JoshyPHP)
- Improve inline code styling. (@datitisev)
- Use group ID instead of name in generated class names.
- Scroll to reply preview immediately when opening composer.
- Change post edited icon into text. (@datitisev)
- Clean up discussion renamed posts to only show the new title.
- Extract list keyboard navigation code from search into a reusable class.
- Improve text contrast, especially in dark mode.
- Change permission logic priorities; change policy catch-all method from
before
toafter
. - Simplify deleted post toggle CSS.
- Refactor web app bootstrapping code.
Deprecated
- Deprecated
ConfigureClientView
event; useConfigureWebApp
instead.
Removed
- Removed
AbstractPolicy@before
method; useafter
instead. - Removed broken extension generator CLI command.
Fixed
- Prevent scrubber post count from exceeding maximum value. (@augiwan)
- Validate password when resetting. (@poush)
- Only check for reply permission for actual replies.
- Fix post controls not being clickable in some circumstances.
- Don't show username/email fields when editing own account.
- Prevent images from loading when generating excerpt post content. (@dav-is)
- Fix avatar upload on Windows servers. (@KazeFlame)
- Prevent humanTime helper from generating future times.
- Fix settings not automatically showing when an extension is enabled.
- Fix post header items sometimes getting out of order.
- Remove temporary file after avatar upload failure.
- Make search dropdown filtering case-insensitive.
- Automatically focus on composer textarea when tapped on iOS.
- Prevent page zoom on input focus in iOS 10.
Also see the 0.1.0-beta.6 release notes for: akismet approval auth-facebook auth-github auth-twitter bbcode emoji english flags likes lock markdown mentions pusher sticky subscriptions suspend tags