Releases: flarum/framework
Releases · flarum/framework
v1.1.1
v1.1.0
Added
- Info command now displays MySQL version, queue driver, mail driver (#2991)
- Use organization Prettier config (#2967)
- Support for global typings in extensions (#2992)
- Typings for class component state attribute (#2995)
- Custom colorising with CSS custom properties (#3001)
- Theme Extender to allow overriding LESS files (#3008)
- Update lastSeenAt when authenticating via API (#3058)
- NoJs Admin View (#3059)
- Preload FontAwesome, JS and CSS, and add
preloadextender (#3057)
Changed
- Move Day.js plugin types import to global typings (#2954)
- Avoid resolving excluded middleware on each middleware items
- Allow extra attrs provided to
<Select>to be passed through to the DOM element (#2959) - Limit height of code blocks (#3012)
- Update normalize.css from v3.0.2 to v8.0.1 (#3015)
- Permission Grid: stick the headers to handle a lot of tags (#2887)
- Use
ItemListforDiscussionPagecontent (#3004) - Move email confirmation to POST request (#3038)
- Minor CSS code cleanup (#3026)
- Replace username with display name in more places (#3040)
- Rewrite Button to Typescript (#2984)
- Rewrite AdminPage abstract component into Typescript (#2996)
- Allow adding page parameters to PaginatedListState (#2935)
- Pass filter params to getApiDocument (#3037)
- Use author filter instead of gambit to get a user's discussions (#3068)
- [A11Y] Accessibility improvements for the Search component (#3017)
- Add determinsm to extension order resolution (#3076)
- Add cache control headers to the admin area (#3097)
Fixed
- HLJS 11 new styles resulting in double padding (#2909)
- Internal API client attempting to load an uninstantiated session
- Empty post footer taking visual space (#2926)
- Unrecognized component class custom attribute typings (#2962)
- User edit groups permission not visually depending on view hidden groups permission (#2880)
- Event post excerpt preview triggers error (#2964)
- Missing settings defaults for display name driver and User slug driver (#2971)
- [A11Y] Icons not hidden from screenreaders (#3027)
- [A11Y] Checkboxes not focusable (#3014)
- Uploading ICO favicons resulting in server errors (#2949)
- Missing proper validation for large avatar upload payload (#3042)
- [A11Y] Missing focus rings in control elements (#3016)
- Unsanitised integer query parameters (#3064)
Code Contributors
@lhsazevedo, @Ornanovitch, @pierres, @the-turk, @iPurpl3x
Issue Reporters
@uamv, @dannyuk1982, @BurnNoticeSpy, @haarp, @PeopleInside, @matteocontrini
Contributors
haarp, pierres, and 9 other contributors
Assets 2
v1.0.4
v1.0.3
Changed
- Removed [forum] prefix from Request Password and Email Confirmation emails (a4a81c0)
- Adopt huntr.dev for handling our security vulnerability reports (#2918)
- Maintenance handler can now be replaced through the service container (ioc) (4acff91)
- The colors on the auto generated avatars are now based on the Display Name of the user (#2873)
Fixed
v1.0.2
Fixed
- Critical XSS vulnerability (GHSA-5qjq-69w6-fg57 / CVE-2021-32671)
v1.0.1
v1.0.0
Added
- Task scheduling
load()method onApiControllerextender to allow eager loading of relations (#2724)- Installation supports enabling a set of extensions (#2757)
- RequestUtil helper class added to abstract the logic of the actor, session, locale and route name from the request (#2449)
- Code scanning action with GitHub CodeQL (#2744)
- The Formatter extender now has an
unparsemethod to allow extensions to hook into the unparsing of content (#2780) - A Filesystem extender allows direct modification and addition of filesystem disks (#2732)
- A slug driver based on the User ID was introduced (#2787)
- An extensible users list was added to the admin area (#2626)
- Headers hardened by adding Referer Policy, Xss Protection and Content type (#2721)
- Tooltip component (#2843)
- Moved
insertTextandstyleSelectedTextfrom markdown to core (#2826) - A squashed database schema install dump to speed up new installs (#2842)
- Pagination in the canonical URL for discussion pages (#2853)
- PaginatedListState for the DiscussionList and to support paginated lists in the frontend (#2781)
- Introduce the new webpack config and flarum-tsconfig for typehinting (#2856)
Changed
- Now tracking bundle sizes to keep an eye on web performance (#2695)
- Eager load relations on ListPostsController to improve performance (#2717)
- Replace classList with clsx library (#2760)
- Replaced the javascript based loading spinner with a pure CSS version (#2764)
- Route names now have to be unique (#2771)
- ActorReference is now available from the error handler middleware (#2410)
- The
migrationstable now has an Auto Increment ID (#2794) - Assets and avatars are now managed using Laravel filesystem disks (#2729)
- Extracted asset publishing (
php flarum assets:publish) from migrating (#2731) - Assets were compiled in the format
<asset>-<revision>.<js|css>, this is now<asset>.<js|css>?v=<revision>(#2805) - The powered by header can now be configured in the config under
headers(#2777) - Switched to the ICU format for translation files (#2759)
- Allow extend and override to apply to multiple methods in one call
- Notifications dropdown and list refactored (#2822)
- Updated validation locale strings based on Laravel 8 changes (#2829)
- Caching of permissions is now taken care of centrally, reducing code duplication (#2832)
- Replaced lodash-es by throttle-debounce to reduce bundle size (#2827)
- Internal API requests are now executed through middleware (#2783)
- Permission changes:
viewDiscussionstoviewForumandviewUserListtosearchUsers(#2854)
Fixes
- Javascript is shown when editing the title of a discussion (#2693)
- Canonical url logic uses request object which causes wrong URL's when a different page is default (#2674)
- Dropdown toggle has no aria label (#2668)
- Nav drawer is focusable when off-screen on small viewports (#2666)
- Search input has no aria-label and no role (#2669)
- Code duplication exists between SendConfirmationEmailController and AccountActivationMailer (#2493)
- When setting tags as homepage default, visiting a tag will show all posts (#2754)
- Locale cache is cleared twice when cache clearing (#2738)
- When cache clearing fails an exception can be thrown due to a partial flush (#2756)
- Database migrations rely on MyISAM even though the eventual migrated database does not use it (#2442)
- Discussion search result is not sorted by relevance by default (#2773)
- Extensions cannot register custom searcher classes (#2755)
- Searching discussion titles is not possible (#2698)
- Boot errors due to failing extenders throw a generic error (#2740)
- Required argument to
Component.$()isn't really required (#2844) - Component does not allows use of all mithril lifecycle functionality (#2847)
Removed
v0.1.0-beta.16
Added
- Allow event subscribers (#2535)
- Allow Settings extender to have a default value (#2495)
- Allow hooking into the sending of notifications before being send (#2533)
- PHP 8 support (#2507)
- Search extender (#2483)
- User badges to post preview (#2555)
- Optional extension dependencies allow a booting order (#2579)
- Auth extender (#2176)
X-Powered-Byheader added to allow indexers easier data aggregation of Flarum adoption (#2618)
Changed
- Run integration tests in transaction (#2304)
- Allow policies to return a boolean for simplified allow/deny (#2534)
- Converted highlight helper to typescript (#2532)
- Add accessibility attributes to Mark as Read button (#2564)
- Dismiss errors on change email modal upon a new request (00913d5)
- Disabled extensions now are marked with a red circle instead of a red dot (#2562)
- Extension dependency errors now show the extension title instead of the ID (#2563)
- Change
mutatemethod on ApiSerializer extender toattributes(#2578) - Moved locale files to the core from the language pack (#2408)
- AdminPage extensibility and generic improvements (#2593)
- Remove entry of authors, link to https://flarum.org/team (#2625)
- Search and filtering are split (#2454)
- Move IP identification into a middleware (#2624)
- Editor Driver abstraction introduced (#2594)
- Allow overriding routes (#2577)
- Split user edit permissions into permissions for editing of user credentials, username, groups and suspending (#2620)
- Reduced number of admin extension categories (#2604)
- Move search related classes to a dedicated Query namespace (#2645)
- Rewrite common helpers into typescript (#2541)
TextEditoris moved to the common namespace for use in the admin frontend (#2649)- Update Laravel/Illuminate components to 8 (#2576)
- Eager load relations in discussion listing to improve performance (#2639)
- Adopt flarum/testing package (#2545)
- Replace
usergambit withauthorgambit (612a57c) - Posts page of on user profile loads posts using username instead of id (30017ee)
Fixed
- Transform css breaks iOS scroll functionality (#2527)
- Composer header is hidden on mobile devices (#2279)
- Cannot delete a post or discussion of a deleted user (#2521)
- DiscussionListPane jumps around not keeping the scroll position (#2402)
- Infinite scroll on notifications dropdown broken (#2524)
- The show language selector switch remains toggled on (9347b12)
- Model Visibility extender throws exception on extensions that aren't installed or enabled (#2580)
- Extensions are marked as enabled when enabling fails to unmet extension dependencies (#2558)
- Routes to admin extension pages without a valid ID break the admin page (#2584)
- Disabled fieldset use an incorrect CSS property
disallowed(#2585) - Scrolling to a post that is already loaded the Load More button shows and does not trigger (#2388)
- Opening discussions on some mobile devices require a double tap (#2607)
- iOS devices show erratic behavior in the post stream while updating (#2548)
- Small mobile screens partially hides the composer when the keyboard is open (#2631)
- Clearing cache does not clear the template cache in storage/views (#2648)
- Boot errors show critical information (#2633)
- List user endpoint discloses last online even if user choose against it (#2634)
- Group gambit disclosed hidden groups (#2657)
- Search results on small windows not fully visible (#2650)
- Composer goes off screen on Safari when starting to type (#2660)
- A search that has no results shows the search results dropdown (b88a7cb)
- The composer modal moves around when typing on Safari (a64c398)
Removed
- Deprecated CSRF wildcard path match
- Deprecated policy and visibility scoping events
- Deprecated post types event
- Deprecated validation events
- Deprecated notification events
- Deprecated floodgate
- Deprecated user preferences event
- Deprecated formatting events
- Deprecated api events
- Deprecated bootstrap.php support
- PHP 7.2 support (#2507)
- Bidi attribute in the rendered HTML (#2602)
AccessToken::find, useAccessToken::findValidinstead (#2651)
Deprecated
GetModelIsPrivateevent (#2587)CheckingPasswordevent (#2176)event()helper (#2608)AccessToken::generateargument$lifetime(#2651)Rememberer::rememberargument$tokenshould receive an instance ofRememberAccessTokenwithAccessTokenbeing deprecated (#2651)Rememberer::rememberUser(#2651)SessionAuthenticator::logInargument$userId, should be replaced withAccessToken(#2651)TextEditorhas been moved tocommon(#2649)UserFilter(91e8b56)
v0.1.0-beta.15
Added
- Slug drivers support (#2456).
- Notification type extender (#2424).
- Validation extender (#2102).
- Post extender (#2101).
- Notification channel extender (#2432).
- Service provider extender (#2437).
- API serializer extender (#2438).
- User preferences extender (#2463).
- Settings extender (#2452).
- ApiController extender (#2451).
- Model visibility extender (#2460).
- Policy extender (#2461).
Changed
- Time helpers converted to Typescript (#2391).
- Improved the formatter extender (#2098).
- Improve wording on installer when facing file permission issues (#2435).
- Background color of checkbox toggles improved for better usability (#2443).
- Route resolving refactored (#2425).
- Administration panel UX refactored (#2409).
- Floodgate moved to middleware and extender added (#2170).
- DRY up image uploading logic (#2477).
- Process isolation on testing (984f751).
- Forum and admin javascript exports namespaced (#2488).
Fixed
- Web updater does not take into account subfolder installations (#2426).
- Callables handling in extenders failed (#2423).
- Scrolling on mobile from PostSteam changes didn't work correctly (#2385).
- Side pane covers part of the discussion page due to
app.discussionsbeing empty (102e76b). - Change email modal keeps showing the previous error message even on success (#2467).
- Comment count not updated when discussions are deleted (#2472).
goToIndexin PostStream does not trigger an xhr to retrieve new data (09e2736).- On refresh the post number is reduced by one (#2476).
- Queue worker would instantiate a new Queue factory, not the bound one (#2481).
- Header accidentally has a border bottom (#2489).
- Namespace mentioned in docblock is incorrect (#2494).
- Scrolling inside longer discussions (especially Firefox) skips posts (210a6b3).
- Uploading avatars that are jpg/jpeg fails with a validation error (#2497).
Removed
- MomentJS alias (#2428).
- Deprecated user events
GetDisplayNameandPrepareUserGroups(#2428). - AssertPermissionTrait (#2428).
- Path related helpers and methods in Application (#2428).
- Backward compatibility layers from the frontend rewrite (#2428).
Deprecated
CheckingForFlooding(8e25bcb).
v0.1.0-beta.14
Cairns Birdwing
Added
- Check dependencies before enabling / disabling extensions (#2188)
- Set up temporary infrastructure for TypeScript in core (#2206)
- Better UI for request error modals (#1929)
- Display name extender, tests, frontend UI (#2174)
- Scroll to post or show alert when editing a post from another page (#2108)
- Feature to test email config by sending an email to the current user (#2023)
- Allow searching users by group ID using the group gambit (#2192)
- Use
liveHumanTimeshelper to update times without reload/rerender (#2208) - View extender, tests (#2134)
- User extender to replace
PrepareUserGroups(#2110) - Increase extensibility of skeleton PHP (#2308, #2318)
- Pass a translator instance to
getEmailSubjectinMailableInterface(#2244) - Force LF line endings on windows (#2321)
- Add a
Linkcomponent for internal and external links (#2315) ConfirmDocumentUnloadcomponent- Error handler middleware can now be manipulated by the middleware extender
Changed
- Update to Mithril 2 (#2255)
- Stop storing component instances (#1821, #2144)
- Update to Laravel 6.x (#2055)
Flarum\Foundation\Applicationno longer implementsIlluminate\Contracts\Foundation\Application(#2142)Flarum\Foundation\Applicationno longer inheritsIlluminate\Container\Container(#2142)pathshave been split off fromFlarum\Foundation\ApplicationintoFlarum\Foundation\Paths, which can be injected where needed (#2142)Flarum\User\Gateno longer implementsIlluminate\Contracts\Auth\Access\Gate(#2181)- Improve Group Gambit performance (#2192)
- Switch to
dayjsfrommomentjs(#2219) - Don't create a
biocolumn inusersfor new installations (#2215) - Start converting core JS to TypeScript (#2207)
- Make Carbon an explicit dependency (3b39c21)
- Use Symfony's translator interface instead of Laravel's (#2243)
- Use newer versions of fontawesome (#2274)
- Use URL generator instead of
app()->url()where possible (#2302) - Move config from
config.phpinto an injectable helper class (#2271) - Use reserved TLD for bogus and test urls (6860b24)
- Replace
m.streamwithflarum/utils/Stream(#2316) - Replace
affixedSidebarutil withAffixedSidebarcomponent - Replace
m.withAttrwithflarum/utils/withAttr - Scroll Listener is now passive, performance improvement (#2387)
Fixed
generate:migrationcommand for extensions (443949f)- Container config for
UninstalledSite(ecdce44) - Tooltip glitch on page chang (#2118)
- Using multiple extenders in tests (c4f4f21)
- Header glitch when opening modals (#2131)
- Ensure
SameSiteis explicitly set for cookies (#2159) - Ensure
Flarum\User\Event\AvatarChangedevent is properly dispatched (#2197) - Show correct error message on wrong password when changing email (#2171)
- Discussion unreadCount could be higher than commentCount if posts deleted (#2195)
- Don't show page title on the default route (#2047)
- Add page title to
All Discussionspage when it isn't the default route (#2047) - Accept
'0'asfalseforflarum/components/Checkbox(#2210) - Fix PostStreamScrubber background (#2222)
- Test port on BaseUrl tests (#2226)
UrlGeneratorcan now generate urls with optional parameters (#2246)- Allow
lessto be compiled independently of Flarum (#2252) - Use correct number abbreviation (#2261)
- Ensure avatar html uses alt tags for accessibility (#2269)
- Escape regex when searching (#2273)
- Remove unneeded semicolons inserted during JS compilation (#2280)
- Don't require a username/password for SMTP (#2287)
- Allow uppercase entries for SMTP encryption validation (#2289)
- Ensure that the right number of posts is returned from list posts API (#2291)
- Fix a variety of PostStream bugs (#2160, #2160)
- Sliding discussion glitch on mobile (#2324)
- Sliding discussion button in wrong place (#2330, #2383)
- Sliding discussion glitch on mobile (#2381)
- Fix PostStream for posts with top margins, and scrubber position when scrolling below posts (#2369)
Removed
Flarum\Event\AbstractConfigureRoutesevent classFlarum\Event\ConfigureApiRoutesevent classFlarum\Event\ConfigureForumRoutesevent classFlarum\Console\Event\Configuringevent classFlarum\Event\ConfigureModelDatesevent classFlarum\Event\ConfigureLocalesevent classFlarum\Event\ConfigureModelDefaultAttributesevent classFlarum\Event\GetModelRelationshipevent classFlarum\User\Event\BioChangedevent classFlarum\Database\MigrationServiceProvidermoved intoFlarum\Database\DatabaseServiceProvider- Unused
admin/components/Widgetcomponent (admin/component/DashboardWidgetshould be used instead) - Mandrill mail driver (bca833d)