blog

archives

Discourse 2.3 released!

Jeff Atwood June 17, 2019

Today we release Discourse 2.3, building on Discourse 2.2 from February. For post 2.0 releases we’ve chosen a new set of codenames based on the history of human communication; this release is Vinca.

Completely overhauled flag and review system

Arguably the the biggest change in this release is that we’ve completely overhauled and centralized our system for reviewing flags, posts, users, or anything else that needs to be reviewed or approved.

In older versions of Discourse there were multiple places you’d need to go to approve posts, topics, users, or flags. We’ve unified that into one simple queue for all so-called “reviewable” items.

Not only does this hopefully make life generally easier for Discourse moderators, it also opens the door to category specific moderators, who can now dip into the review queue for just the categories they’re in charge of.

Unicode usernames and translated Emoji names

Early in the life of Discourse we decided to copy the Twitter rules for usernames — which are rather short, strict and ASCII-centric. We’ve increased maximum username length already, and now we’ve introduced a site setting that allows the ultimate in flexibility: full unicode usernames.

Discourse 2.3 unicode usernames

(Please note that you’ll very likely want to whitelist just the allowable unicode ranges for your desired target language(s), as “full unicode” can be overwhelming and also exploitable.)

We’ve also added translation support for the long form text version of emoji codes, such as :smile:.

Staff Annotations / Notices

Sometimes you want to offer a bit of contextual staff commentary on a post, right there on the post, right as it happens. You can now do that with staff notices via the staff wrench on a post.

Additionally, new users and long absent users will have automatic, short staff notices on their initial posts that are only visible to trust level 2 and higher users.

Discourse 2.3 new user annotations

The hope is that these reminders will encourage your most engaged community members to give new and long absent returning users a special welcome.

Group Membership Requests

We continue to improve and refine our group support in Discourse. In this release, we’ve added a self-service hub for people to request membership to a group (if the group allows it), and group owners can approve or deny those requests.

Ignore

We’ve had a “mute” feature for a long time, which suppresses notifications and PMs from a target user. This has worked well enough, but in large communities sometimes certain users just can’t quite get along no matter what they try. In this release we’ve added an “ignore” feature which goes one step further than mute, and actively suppresses that user’s posts (and topics) from your display.

Discourse 2.3 Ignore user

If you are trust level 2, Ignore can be enabled via your user preferences, or via a drop-down selector on the target user’s profile page. We hope this reduces the need for moderator intervention in these rare cases, as users can now self medicate and take breaks from each other as needed.

Managing Assignments

Discourse isn’t just a place for discussion; it’s also a tool for getting things done! We’ve enhanced the Assign plugin to make it easier to manage your assigned topics, across both private PMs and public topics.

We’ve also added configurable assignment limits and reminder PMs that go out periodically to let you know how many assignments you have on your list and how to manage them.

Require 2FA for Staff

We believe deeply in being secure and safe by default with Discourse. You may remember in the past two or three releases we added the following security improvements:

  • Two factor authentication is supported, with printable backup codes.
  • Automatic invalidation of staff accounts that are dormant for more than six months.
  • CSP is on for all new installs.

In this release, we’ve made further strides toward Discourse being even more safe and secure out of the box:

  • You can now make two factor authentication mandatory for all staff.
  • Abandoned user accounts with no read time or posts for two years are automatically removed.

And More!

These are just the highlights of 2.3 — we didn’t even mention our search refinements (including search weights by category), wiki posts now notifying watchers of edits, handy composer image resizing, or friendlier indication of subcategory permission errors. View the release-notes tag to get a detailed account of changes in every beta leading up to this release, or see the full release notes.

Easy One Click Upgrade

If you are on our hosting, you’re already upgraded. Otherwise, upgrading is as easy as clicking the Update button linked from your Discourse dashboard.

Discourse Admin Dashboard, version upgrade notice

We have a public exploit bounty program at Hacker One as a part of our security policy. Being secure by default is a core value at Discourse, and we always follow up on any security concerns brought to us. There are several important security fixes in 2.3, so we urge everyone to upgrade to it as soon as possible.

If you don’t have a Discourse to upgrade, why not? Install it yourself in under 30 minutes, or start an absolutely free, no strings attached 14 day hosting trial!

Thank You

First, thanks to our customers. We’re able to build a better Discourse every single day with your direct financial support.

Second, it’s not open source without code contributions! Thanks for the pull request contributions in this release from:

khalilovcmded
venarius
sodevious
mrfinch
barreeeiroo
danielhollas
enebo
sau226
ignisf
melhosseiny
gmcgibbon
fantasticfears
spajus
YesThatAllen
alatja
doredesign
kimardenmiller
robbyoconnor
nisevi
rrooding
Mostafa Elshamy
neemiasvf
schungx
hosnas
alexmorten
asusac
dpetersen
siebertm
aiharak
gsmetal
akofink
yuya-takeyama
pavel
Taiki-San
ianks
yanokwa
deargle
massimog
itsbhanusharma
greedy
notstephen
Luis Pablo
aakarsh12345
JafethDC
thiagoarrais
gvergnaud
mabras
neotinker
iventura
olleolleolle
jlsjonas
peterlamber
pdavide
maulkin
tjumyk
LeoMcA
spacerest
angusmcleod
wryun
curiousdannii
SystemZ
johnsonm
crispygoth
jtsagata
imMMX
nahrivera7
orlando
elepedus
AhmadFCheema

Many thanks to the translators who generously contributed their time and effort translating Discourse into dozens of languages for this release. We make sure the top 10 most popular translations of Discourse get financial support direct from us to ensure excellent and timely translation of updated copy in each release.

As always, thanks to the greater Discourse community for posting support / bug request / feedback topics on meta.discourse and helping us improve Discourse. If you operate or support a Discourse community, come hang out with us!

We hope you find this release full of useful and interesting improvements. But we’re not done yet — not by a long shot! Visit the releases category to see what’s coming up for Discourse 2.4 and beyond.

Notable Replies

  1. Exciting changes. Still trying to understand the rules behind auto-hiding. Curious to know if it takes into consideration bad actors on flagging. We seem to have had challenges today with hide post sensitivity, as some malicious users started taking advantage of flagging to wreak havoc. And to undo the hiding, we have to go into every topic / post that was hidden. Look forward to learning more and it seems like there are important benefits to the long-term health of the community.

  2. Nothing really changed in that regard. Users could flag posts to threshold and hide them in previous releases, identically. The only thing that changed was the unified user interface for handling flags.

  3. Thx @codinghorror We had that threshold set to 25, so it was pretty hard to hit. But now it appears that posts were getting hidden with just one flag, and hide sensitivity set to medium or even low. Working with @tshenry to investigate further.

    Again, don’t want to take away from what seems to be a very feature rich release. Congrats.

  4. I think it’s because you’re up to date. There’s no use updating when it’s already in the latest version.

  5. I have upgraded using /admin/upgrade url. It works.

Continue the discussion meta.discourse.org

1 more reply

Participants