blog

archives

Discourse 2.3 released!

Jeff Atwood June 17, 2019

Today we release Discourse 2.3, building on Discourse 2.2 from February. For post 2.0 releases we’ve chosen a new set of codenames based on the history of human communication; this release is Vinca.

Completely overhauled flag and review system

Arguably the the biggest change in this release is that we’ve completely overhauled and centralized our system for reviewing flags, posts, users, or anything else that needs to be reviewed or approved.

In older versions of Discourse there were multiple places you’d need to go to approve posts, topics, users, or flags. We’ve unified that into one simple queue for all so-called “reviewable” items.

Not only does this hopefully make life generally easier for Discourse moderators, it also opens the door to category specific moderators, who can now dip into the review queue for just the categories they’re in charge of.

Unicode usernames and translated Emoji names

Early in the life of Discourse we decided to copy the Twitter rules for usernames — which are rather short, strict and ASCII-centric. We’ve increased maximum username length already, and now we’ve introduced a site setting that allows the ultimate in flexibility: full unicode usernames.

Discourse 2.3 unicode usernames

(Please note that you’ll very likely want to whitelist just the allowable unicode ranges for your desired target language(s), as “full unicode” can be overwhelming and also exploitable.)

We’ve also added translation support for the long form text version of emoji codes, such as :smile:.

Staff Annotations / Notices

Sometimes you want to offer a bit of contextual staff commentary on a post, right there on the post, right as it happens. You can now do that with staff notices via the staff wrench on a post.

Additionally, new users and long absent users will have automatic, short staff notices on their initial posts that are only visible to trust level 2 and higher users.

Discourse 2.3 new user annotations

The hope is that these reminders will encourage your most engaged community members to give new and long absent returning users a special welcome.

Group Membership Requests

We continue to improve and refine our group support in Discourse. In this release, we’ve added a self-service hub for people to request membership to a group (if the group allows it), and group owners can approve or deny those requests.

Ignore

We’ve had a “mute” feature for a long time, which suppresses notifications and PMs from a target user. This has worked well enough, but in large communities sometimes certain users just can’t quite get along no matter what they try. In this release we’ve added an “ignore” feature which goes one step further than mute, and actively suppresses that user’s posts (and topics) from your display.

Discourse 2.3 Ignore user

If you are trust level 2, Ignore can be enabled via your user preferences, or via a drop-down selector on the target user’s profile page. We hope this reduces the need for moderator intervention in these rare cases, as users can now self medicate and take breaks from each other as needed.

Managing Assignments

Discourse isn’t just a place for discussion; it’s also a tool for getting things done! We’ve enhanced the Assign plugin to make it easier to manage your assigned topics, across both private PMs and public topics.

We’ve also added configurable assignment limits and reminder PMs that go out periodically to let you know how many assignments you have on your list and how to manage them.

Require 2FA for Staff

We believe deeply in being secure and safe by default with Discourse. You may remember in the past two or three releases we added the following security improvements:

  • Two factor authentication is supported, with printable backup codes.
  • Automatic invalidation of staff accounts that are dormant for more than six months.
  • CSP is on for all new installs.

In this release, we’ve made further strides toward Discourse being even more safe and secure out of the box:

  • You can now make two factor authentication mandatory for all staff.
  • Abandoned user accounts with no read time or posts for two years are automatically removed.

And More!

These are just the highlights of 2.3 — we didn’t even mention our search refinements (including search weights by category), wiki posts now notifying watchers of edits, handy composer image resizing, or friendlier indication of subcategory permission errors. View the release-notes tag to get a detailed account of changes in every beta leading up to this release, or see the full release notes.

Easy One Click Upgrade

If you are on our hosting, you’re already upgraded. Otherwise, upgrading is as easy as clicking the Update button linked from your Discourse dashboard.

Discourse Admin Dashboard, version upgrade notice

We have a public exploit bounty program at Hacker One as a part of our security policy. Being secure by default is a core value at Discourse, and we always follow up on any security concerns brought to us. There are several important security fixes in 2.3, so we urge everyone to upgrade to it as soon as possible.

If you don’t have a Discourse to upgrade, why not? Install it yourself in under 30 minutes, or start an absolutely free, no strings attached 14 day hosting trial!

Thank You

First, thanks to our customers. We’re able to build a better Discourse every single day with your direct financial support.

Second, it’s not open source without code contributions! Thanks for the pull request contributions in this release from:

khalilovcmded
venarius
sodevious
mrfinch
barreeeiroo
danielhollas
enebo
sau226
ignisf
melhosseiny
gmcgibbon
fantasticfears
spajus
YesThatAllen
alatja
doredesign
kimardenmiller
robbyoconnor
nisevi
rrooding
Mostafa Elshamy
neemiasvf
schungx
hosnas
alexmorten
asusac
dpetersen
siebertm
aiharak
gsmetal
akofink
yuya-takeyama
pavel
Taiki-San
ianks
yanokwa
deargle
massimog
itsbhanusharma
greedy
notstephen
Luis Pablo
aakarsh12345
JafethDC
thiagoarrais
gvergnaud
mabras
neotinker
iventura
olleolleolle
jlsjonas
peterlamber
pdavide
maulkin
tjumyk
LeoMcA
spacerest
angusmcleod
wryun
curiousdannii
SystemZ
johnsonm
crispygoth
jtsagata
imMMX
nahrivera7
orlando
elepedus
AhmadFCheema

Many thanks to the translators who generously contributed their time and effort translating Discourse into dozens of languages for this release. We make sure the top 10 most popular translations of Discourse get financial support direct from us to ensure excellent and timely translation of updated copy in each release.

As always, thanks to the greater Discourse community for posting support / bug request / feedback topics on meta.discourse and helping us improve Discourse. If you operate or support a Discourse community, come hang out with us!

We hope you find this release full of useful and interesting improvements. But we’re not done yet — not by a long shot! Visit the releases category to see what’s coming up for Discourse 2.4 and beyond.

7 comments

Discourse 2.2 released!

Jeff Atwood February 1, 2019

Today we release Discourse 2.2, building on Discourse 2.1 from September 2018.

For post 2.0 releases we’ve chosen a new set of codenames based on the history of human communication; this release is La Pasiega.

UI refinements

For consistency with mobile and to free up horizontal space for multi-column layouts, we’ve moved the category badge under the post title in topics, increased the default font size from 14px to 15px, and made the drop-downs for category (and tags, if enabled) look a bit less like grey buttons.

We’ve also improved our inline search layout to better show user, tag, and category matches alongside the expected topic and post matches.

improved search layout in Discourse 2.2

On mobile, we’ve added full-size slide out panels for notifications and the menus. Also, the topic title, category, and tags will now appear while you’re scrolling down and reading a topic. Simply scroll upward to get back to the traditional top bar. We’ve embiggened all the mobile tap targets in the topic list to make things a bit easier for fingers, as well.

We’ve also fully converted to SVG icons instead of relying on a font icon. This is more efficient than shipping a giant and mostly unused icon font. Plus, it’s now much easier to switch any visible icon in Discourse with something else, even a completely custom one-off glyph that you created.

using SVG glyphs to replace icons in Discourse 2.2

Prefer to use your custom logo instead of the default like heart? Make it so!

Lazy Image Loading

We’ve significantly enhanced our image support in this release!

Your images will now look better than ever before, especially on high resolution devices, because we take advantage of the new HTML5 srcset attribute to offer multiple resolutions of image thumbnails appropriate to the viewing device. Even better, those pretty thumbnails will now only be loaded when they actually scroll into view. We’ll initially show a very low resolution image placeholder until they’ve had time to load. This can save huge amounts of bandwidth on image heavy topics, so we’re not burning through anyone’s mobile plan data limits.

Recent Devices and Locations

You may recall in the last release we added two factor authentication, and printed backup codes, both of which are fundamental to user privacy and security. In this release, we’re proud to continue enhancing security for everyone using Discourse — by showing recently active locations and devices on your account.

If you ever see any devices or locations that don’t look familiar to you on your user profile, it’s time to change your password!

Furthermore, for staff only, we will alert you via email if we detect logins from two very distant locations in a brief time interval. We may expand support for this in the future, but right now we want to make sure it’s working well and alert only the highest privilege accounts for any unusual login scenarios.

Discourse warning, staff login location far away

Full CSP support

Discourse is now fully CSP compliant! This means a huge increase in default security for you, since the most common type of webapp exploit, cross-site scripting (XSS), is no longer possible under CSP. Use Discourse with total confidence, knowing that no bad actors have inserted malicious scripts on the page to intercept your data.

Discourse 2.2 CSP diagram

Please note that in this version CSP is only on by default if you are on our hosting, or if you’ve installed Discourse after 2.2 was released today. We’ll work with other Discourse hosting companies to make sure they’ve turned on CSP for their clients. CSP will probably be forced on by default for all existing Discourse installations in future releases.

Move Posts to a Message

We’ve cleaned up the post moving interface so you can move posts to a new personal message in addition to the existing options of splitting posts to a new topic, or combining posts with an existing topic.

Move posts to a new topic, existing topic, or a new personal message in Discourse 2.2

Totally Revamped Theming

Our theming support takes a giant leap forward in Discourse 2.2! Visit Admin, Customize, Themes and check out our much easier to use and cleaner looking theming interface.

Theming UI improvements in Discourse 2.0

We continue to expand the scope of what’s possible in theme customizations; what previously required a full blown plugin is often possible in a simpler theme customization now. We’ll be working with several designers to build full demonstration themes in the coming months. Expect many improvements in theming over the next few releases.

And More!

These are just the highlights of 2.2 — we didn’t even mention our upgrade to Ember 3.0, text size options per device, auto-closing polls, ambient notifications when you’re editing a post at the same time as someone else, or the new wiki editor badge. View the release-notes tag to get a detailed account of changes in every beta leading up to this release, or see the full release notes for complete details.

Easy One Click Upgrade

If you are on our hosting, you’re already upgraded. Otherwise, upgrading is as easy as clicking the Update button linked from your Discourse dashboard.

Discourse Admin Dashboard, version upgrade notice

We have a public exploit bounty program at Hacker One as a part of our security policy. Being secure by default is a core value at Discourse, and we always follow up on any security concerns brought to us. There are several important security fixes in 2.2, so we urge everyone to upgrade to it as soon as possible.

If you don’t have a Discourse to upgrade, why not? Install it yourself in under 30 minutes, or start an absolutely free, no strings attached 14 day hosting trial!

Thank You

As always, we must first thank our customers for their direct financial support. We work hard to make Discourse a little bit better for you every day.

The true strength of any open source project can be measured in outside code contributions. Thanks for the pull request contributions in this release from:

mrfinch
angusmcleod
notstephen
doredesign
danielhollas
caugner
sau226
jstern
ignisf
dinomite
pfaffman
drewish
hakusaro
prssanna
mwcampbell
dtheodor
notriddle
Aqualon
ahmader
fantasticfears
Doc1337
bf4
hlcfan
khannurien
eduardopoleo
harveyico
danielvlopes
ko1
Arkshine
cebe
CheshireVillageSoftware
rizka10
ptrippett
greysteil
k4rtik
penguinstampede
crispygoth
pdavide
gutofoletto
tekamoment
dkess
brianhelba
LeoMcA
kemitchell
cfitz
jwflory
zjwhitehead
fheidenreich
danielbachhuber
itsbhanusharma
mrded
mbowen
terlar
onemanstartup
rickenharp
oestrich
bpaquet
smasry
mbugowski
tgr
timcraft
ohbarye
DevAndArtist
SidVal
messense
Nottt
g5pw
coderberry
hopsoft
bschlagel
fuzzykiller
muhlisbc

We had a remarkable number of translators who contributed their time and effort translating Discourse into dozens of languages for this release. It’s because of you that so many people around the world can benefit from great free, open source discussion software, and we appreciate your hard work.

In this and all future releases, we will be making a special effort to ensure the top 10 most used translations of Discourse get financial support to ensure excellent and timely translation of any updated copy or new features.

Thanks to the greater Discourse community for posting support / bug request / feedback topics on meta.discourse — we’re listening! Your feedback makes Discourse better, not only for your community, but all of us together.

As our team grows we can do more and more in each release, and this is a huge release with lots of foundational improvements in Discourse … but there’s so much more we want to do! Check out the releases category to see what’s coming up on our roadmap for Discourse 2.3 and beyond.

4 comments

Free hosting for Patreon creators

Erlend Sogge Heggen December 6, 2018

Nearly two years ago we started very carefully experimenting with free hosting of open source projects. We recently rolled out the v2 of this program for open source projects, and today we’re extending the same offer for Patreon creators.

Free Discourse Hosting For Your Patreon Project

Are you a creator on Patreon? Then you might be eligible for a free, hosted Discourse + SSL. Our tight integration with Patreon automates badges and user groups for your patrons. For some excellent examples of how Discourse can increase your patron count read the stories of MCrider and The Bitcoin Pub.

Minimum Requirements

  • Minimum of $50 in monthly patronage
  • Your project has a clear need for discussions (see FAQ below)
  • Please understand that approval is ultimately at our discretion as we work out the details of this program.

Basic Terms

  • You will get a sub-domain of your choosing on the *.discourse.group domain, e.g. myproject.discourse.group.
  • You will get free SSL, courtesy of Let’s Encrypt.
  • There is a bandwidth limit of 50k monthly page views, equivalent to half of our Standard hosting plan.
  • We do not support imports. See the FAQ for more.
  • If you exceed our bandwidth limit (for several consecutive months) you have two options:
    1. We’ll help you move to self-hosting, either on your own server or any Docker compatible cloud (a $20/month Digital Ocean droplet should suffice).
    2. Upgrade to our Standard hosting plan at 50% off.
  • Absolutely zero lock-in! You are free to download a complete Discourse export and migrate away from our free hosting at any time.
  • If your site sees no activity (for several consecutive months) we’ll get in touch about shutting down the site for everyone’s benefit. Of course, you’d be welcome to start again when you’re confident about generating enough traction for a forum to make sense!

Apply Now!

Head over to free.discourse.group and click Apply on the “Crowdfunded” form. Fill out the details on it and we’ll get back to you as soon as we can.

Since we’re still doing some of this manually it might take us a few days to get back to you. Having troubles with the form? Reach out to us at team@discourse.org and we’ll help you out.

FAQ

What do you mean by “clear need for discussions”?

Discourse is, first and foremost, a tool to host discussion at scale. Not all creators need large scale discussions to prosper. Know your project, and consider whether or not it’s the type of project that would benefit from Discourse’s discussion model. Some signs to look for:

  • Your ephemeral communication channels (like Chatrooms) are failing to store and distribute important knowledge items.
  • Your existing discussion channel is being crowded with help requests and “bikeshed discussions”.
  • Users of your project seek out advice from other users.
  • Your project encourages new projects built on top of it that can be shared and talked about.

Building communities is difficult; nobody wants to launch a ghost town, and it takes more than great software to make a community. Be sure to read Building a Discourse Community for tips and ideas.

We already have a mailing list/forum. Will you help us migrate?

If you need to import existing community content of any kind we unfortunately can’t help you. For small communities we recommend simply copy & pasting in your top 20+ topics to seed your new forum with your most important content.

If you absolutely need to do a proper import we highly recommend self-hosting. Our install guide works with many reputable cloud hosting providers starting at $5/month. For the vast majority of community platforms we have import guides and open source scripts to boot.

0 comments

For more blog posts, visit the archives