NodeBB - Package Updates

girish

This update took a while because we ran into some packaging issues . https://community.nodebb.org/topic/14919/maintaining-package-json-across-updates if you want to follow what the issue is.

EDIT: https://github.com/NodeBB/NodeBB/issues/8547

girish

[1.15.1]

• Update NodeBB to 1.14.3
• Full changelog
• This release contains a security fix and is based off of NodeBB stable (v1.14.x).

girish

[1.16.0]

• Update NodeBB to 1.15.0
• Full changelog

girish

[1.16.1]

• Update NodeBB to 1.15.1
• Full changelog
• #8864, add action:events.log (9c5c32d)
• show db info side by side (62c0454)
• add language keys for admin-settings-api (d32e4e0)
• #8824, cache refactor (#8851) (f1f9b22)
• move mkdirp to beforeBuild so it doesnt get called twice (6255874)
• group exists API call in write api (d263192)
• user exist route in write api (1446cec)
• new shorthand route /api/v3/users/bySlug/:userslug (60e1e99)
• allow passwords with length > 73 characters (#8818) (512f6de)
• #8821, allow guest topic views (9e3eb5d)

girish

[1.16.2]

• Update NodeBB to 1.15.2
• Full changelog
• #8475, allow flagging self posts (a6afcfd)
• #7550, show message if post is queued when js is disabled (120999b)
• #8171, add oldCategory if topic is moved (35f932c)
• #8204, separate notification type for group chats (b44ddec)
• invites regardless of registration type, invite privilege, groups to join on acceptance (#8786) (3ccebf1)
• allow groups to specify which cids to show member posts from (#8875) (8518404)

nebulon

[1.16.3]

• Update NodeBB to 1.15.3
• Full changelog

nebulon

[1.16.4]

• Update NodeBB to 1.15.4
• Full changelog

nebulon

[1.16.5]

• Update NodeBB to 1.15.5
• add socket connect/disconnect action hooks (fcb10eb)
• allow modifiying browser title on ajaxify (698718f)
• sso redirect on /login & /api/login (5d00b08)
• use file lib instead of directly accessing fs (for Assert.path) (3ea66f8)
• check uid as well (ef6c3b0)
• #7597, fix progress bar of cover/profile uploads (7e867cf)
• deps: update dependency nodebb-plugin-spam-be-gone to v0.7.7 (#9039) (c7f2640)

nebulon

[1.17.0]

• Update NodeBB to 1.16.0
• Full changelog

nebulon

[1.17.1]

• Update NodeBB to 1.16.2
• Full changelog

girish

[1.18.0]

• Update base image to v3
• Fix bug where plugins where installed on every restart

nebulon

[1.18.1]

• Update NodeBB to 1.17.0
• Full changelog

nebulon

[1.18.2]

• Update NodeBB to 1.17.1
• Full changelog

nebulon

[1.18.3]

• Update NodeBB to 1.17.2
• Full changelog

nebulon

[1.19.0]

• Update NodeBB to 1.18.0
• Full changelog

nebulon

[1.19.1]

• Update NodeBB to 1.18.1
• Full changelog
• create folders in ACP uploads #9638 (#9750) (3df79683)
• column based view on wide priv. tables (#9699) (61f02f17)
• als (#9749) (e59d3575)
• add quick reply key (e9314842)
• add new lang key for no best posts (6e73d8c9)

nebulon

[1.19.2]

• Update NodeBB to 1.18.2
• Full changelog
• a slightly less ugly rewards panel (bf0c02a7)

girish

[1.19.3]

• Update NodeBB to 1.18.3
• Full changelog
• move filter:topic.post hook to top of method (f194809)
• add client-side static hook to fire immediately before any topic action (hint: delete action to stop default behaviour) (66eaae4)
• allow removing multiple items from list (397835a)
• add uid to filter:user.saveSettings (7f48edc)

girish

[1.19.4]

• Update NodeBB to 1.18.4
• Full changelog
• use unread icon in mobile (27e53b4)
• cli user management commands (#9848) (d1ff3d6)
• #9855, allow uid for post queue notifications (5aea6c6)
• add userData to static:user.delete (f24b630)
• closes #9845, sort by views (6399b42)
• duplicate requireEmailAddress settings block to Settings > User (a964547)
• mongodb driver 4.x (#9832) (07adb49)
• a useless hover effect because raisins (1a61ffc)

girish

[1.19.5]

• Update NodeBB to 1.18.5
• Full changelog
• new ACP option emailPrompt ... which allows administrators to disable the client-side prompt to encourage users to enter or confirm their email addresses (80ea12c)
• show popular searches (f4cf482)
• new plugin hook to allow plugins to reject email address on new registration or email change (6b4f35c)
• utilities login API route now starts an actual login session, if requested (806a1e5)
• add method name to deprecation message (b91ae08)
• quote tooltip (66fca4e)
• additional quality options for jpeg uploads, added quality and compression settings for png uploads (d22b076)
• #8053, biweekly digest option (f7967bd)

girish

[1.19.6]

• Update NodeBB to 1.18.6
• Full changelog
• #9992, hooks.one (96f13e4)
• use auto-generated meta and link tags in ACP, closes #9991 (1719bff)
• #9967, allow dropdowns in navigation (2e623dd)
• show number of events per type in acp (b916e42)
• show posts previews if enabled on mouse over (8c67031)

girish

[1.19.7]

• Update NodeBB to 1.18.7
• Full changelog

nebulon

[1.19.8]

• Update NodeBB to 1.19.0
• Full changelog

nebulon

[1.19.9]

• Update NodeBB to 1.19.1
• Full changelog

nebulon

[1.19.10]

• Update NodeBB to 1.19.2
• Full changelog

girish

[1.20.0]

• Use yarn instead of npm to manage packages

girish

[1.20.1]

• Update NodeBB to 1.19.4
• Full changelog
• add hook filter:posts.getUserInfoForPosts (df46ab4)
• add translateKeys (e841d59)
• post auto flagging on downvotes #10029 (#10367) (62187ca)
• closes #10324, show recently online users as well (eac9cd0)
• resolve paths for staticDirs as well (e0b1c37)
• ability to go through your posts in a topic (b517b37)

girish

There is a bug in 1.19.5 which I have reported here - https://community.nodebb.org/topic/16415/plugins-not-listed-in-1-19-5/

girish

[1.20.2]

• Update NodeBB to 1.19.6
• Full changelog
• #10460, add cutoff to suggested topics (799e94e)
• add response:helpers.notAllowed (e8058ca)
• add filter:image.stripEXIF (b8765df)
• add confirm to reject, closes #10427 (538ad9e)
• allow client-side hook registration chaining (b88bb3c)
• delete flagId field from post/user on flag purge (3125128)

girish

[1.20.3]

• Update NodeBB to 1.19.7
• Full changelog
• #10443, regression where sorted-list items did not render into the DOM in the predicted order [breaking] (46fbe15)
• make it simpler to use redis sentinels (8238946)
• closes #10501, minimum reputation to chat (b28f9f7)

girish

[1.21.0]

• Update NodeBB to 2.0.0
• Full changelog
• show number of selected posts in reject confirm (012860a)
• post queue bulk actions closes #10520, fix #10555, (2317511)
• output canonical URL as last line on NodeBB boot (e4a9c07)

nebulon

[1.22.0]

• Update NodeBB to 2.1.0
• Full changelog
• add clipboard to runtime modules (39d6106)
• buildBreadcrumbs naively prepending relative path even if absolute paths are passed in (a356426)
• more generic copy for notif/chat button labels (f6a7582)
• #10642, fix order of dom ready events (2bfccac)

girish

[1.23.0]

• Update NodeBB to 2.1.1
• Full changelog

girish

[1.24.0]

• Update NodeBB to 2.2.0
• Full changelog
• new cronjob and ACP option to delete orphans after configurable number of days, closes #10659 (88aee43)
• allowed plugins to modify email verification details prior to db saving or email send/plugin fire (b9d4724)
• pass absolute url to post into post tools response, #10566 (ece733e)

girish

[1.24.1]

• Update NodeBB to 2.2.1
• Full changelog
• cross origin opener policy options

nebulon

[1.24.2]

• Update NodeBB to 2.2.2
• Full changelog
• improper handling of single vs. multiple inputs for hidePrivateData (f38b2a73)
• observe user-specific and ACP-specific hiding rules for fullname (ecf0e8ce)

nebulon

[1.24.3]

• Update NodeBB to 2.2.3
• Full changelog
• move call to ajaxify.parseData out to root level (b778e38c)
• move ajaxify.parseData back out to DOMContentLoaded (2582cb53)
• rewrite ajaxify.parseData in vanilla (165b804d)

nebulon

[1.24.4]

• Update NodeBB to 2.2.4
• Full changelog
• deps: update dependency diff to v5.1.0 (452e5bf)
• #10733, extraneous apostrophes in plugin upgrader (3c41ae0)
• get version from install/package.json instead (6011421)
• #10739, always re-add theme to active plugins, on theme set (8d701ec)

nebulon

[1.24.5]

• Update NodeBB to 2.2.5
• Full changelog
• expire email validation tokens on password change (c93bd010)
• remove extraneous console.log (0d58e8a6)

nebulon

[1.25.0]

• Update NodeBB to 2.3.0
• Full changelog
• add client side filter:chat.send, closes #10729 (b2da02d6)
• UI changes for ACP > Manage > Categories (#10782) (820bc994)
• show an informative message when no plugins are found after filtering (6840a742)
• Allow defining active plugins in config (#10767) (23cb67a1)
• allow plugins to toggle whether IPs are shown in the users CSV export (a6af47da)
• fire hook to allow plugins to filter the pids returned in a user profile (c26be43a)
• closes #10719, don't trim children if category is marked section (7e80cc10)

nebulon

[1.25.1]

• Update NodeBB to 2.3.1
• Full changelog
• add emoji to startup logs, because procrastination. (5176fb15)
• #10798, logic error in COEP header; helmet config (89173f17)
• #10795, early return for selection tooltip based on calling user privilege (847d2b91)
• deps: update persona to v12.0.14 (9f225e70)

nebulon

[1.26.0]

• Update NodeBB to 2.4.0
• Full changelog
• support packageManager property in package.json (b3a37a7)
• automatically enable the SMTP transport option if the SMTP service is changed (4055e3b)
• present a password challenge on email update flow (7fcee42)
• add client side filter:chat.send, closes #10729 (cb084cb)
• fire hook to allow plugins to filter the pids returned in a user profile (17e44ff)
• closes #10719, don't trim children if category is marked section (be917e8)
• closes #10719, don't trim children if category is marked section (0bec52b)
• adapt to breaking change in commander (38bf30c)
• move panel-offset setting code back to theme header (d0255fc)
• #10808; tweak copy for gmail app passwords support (7082291)
• don't require password challenge if no password is set in user account (9d27e90)
• do not throw if password passed into isPasswordCorrect is invalid, just return false (287f4c2)
• don't crash if req.body.username is not string (7e8ad78)
• don't crash if target/user is undefined (55c5588)
• race condition causing undefined ajaxify.data (4586f68)
• #10809, test runner to only run tests for plugins included in test_plugins (1ca09b6)
• #10805, hide unconfirmed emails from user data retrieval methods (cba9047)
• use different emoji on NodeBB Ready — again because procrastination (3e062a7)
• unnecessary escape (cd438b3)
• remove socket.io cluster adapter (#10742) (456b879)
• #10783, do not purge files without a timestamp prefix (dc3a6a2)

girish

[1.26.1]

• Update NodeBB to 2.4.1
• Full changelog
• return at least one in sizeCalculation

nebulon

[1.26.2]

• Update NodeBB to 2.4.3
• Full changelog
• #10845, disallow inline viewing of uploaded html files (4dc7fa05)
• #10841, incorrect conditional in email interstitial partial (ec048a01)
• don't crash if post is undefined (4a3e36a7)

nebulon

[1.26.3]

• Update NodeBB to 2.4.4
• Full changelog
• missing req, closes #10847 (489fb3a3)

nebulon

[1.26.4]

• Update NodeBB to 2.4.5
• Full changelog
• wrap passport.authenticate to pass in keepSessionInfo if not already set (9b96c33d)
• parseInt caller.uid closes #10849 (bc37a5c5)

nebulon

[1.27.0]

• Update NodeBB to 2.5.2
• Full changelog
• reduce nodebb.min.js size by around 800kb (b7addffc)
• remove visibilityjs (#10870) (1920732)
• introduce ACP defined option to rescind notif or do nothing on flag resolve/reject (15b1561)
• allow v3 api to handle 202 and 204 response codes as well. (0cda5aa)
• don't show signatures again in pagination mode in same topic (0a6900f)
• setting to show signatures only once in topics, closes #10071 (aba420a)
• add event type to topic event component (bcb94ed)
• allow plugins to add to admin cache list (#10833) (a9bbb58)
• empty thread tools container on open (a088eb1)
• add dropup handler to thread tools menu, updated how post tools menu adds dropup handler (c1936e8)
• empty thread tools container on open (df36d96)
• add dropup handler to thread tools menu, updated how post tools menu adds dropup handler (3dd3cd8)
• removing duplicate session rerolling code (as it is in passport@^0.6 now) (65b3996)
• don't crash if post is undefined (e06e526)
• return at least one in sizeCalculation (#10832) (3975fa2)
• missing escape on ACP category backgroundImage property (67cb7035)
• deps: temporarily add back old textcomplete dependencies so emoji plugin can import them (61d1e9e0)
• registration regression, closes #10875 (f6f37dc1)
• fix lint error (b45e2413)

nebulon

[1.27.1]

• Update NodeBB to 2.5.3
• Full changelog
• store topic title and tags in diffs (#10900) (b5dd89e1)
• #10906, allow middleware.checkAccountPermissions to be called with either uid or userslug in params (cf4f544)
• #10896, unescape / in taskbar (8e2129f)
• add back timeago to post history modal (d3e38df)
• deps: bump composer-default to v9.1.1 (1d80a07)

nebulon

[1.27.2]

• Fix bug to be able to export the user profile data

nebulon

[1.27.3]

• Update NodeBB to 2.5.5
• Full changelog
• add minimum GitHub token permissions for workflows Signed-off-by: Ashish Kurmi akurmi@stepsecurity.io (fe0020fb)
• EEXISTS error on linux if plugin/theme overrides core js file (ebd5dcc6)
• category ordering add test (177d9048)
• crash in category drag, closes #10932 (989b55d0)
• broken flag history on flag update (803398e9)
• scroll to post if theme doesn't have top navbar (aad0a618)
• add lru-cache to checked packages, to fix upgrade issue with lru-cache (14515f60)
• up plugins (b91ef6dd)

nebulon

[1.27.4]

• Update NodeBB to 2.5.6
• Full changelog
• use admin:groups priv for groups (#10960) (b879b6a0)
• https://github.com/NodeBB/NodeBB/issues/10525 (e35b0a86)

nebulon

[1.27.5]

• Update NodeBB to 2.5.7
• Full changelog
• speed up build (dd4e9cce)

girish

[1.27.6]

• Fix issue where single quote in email display name was causing app to crash

girish

[1.27.7]

• Update NodeBB to 2.5.8
• Full changelog
• new search hooks (b5d38bc)
• add search data to filter:search.inContent (e3f2156)
• pass csrf_token into calls to /register/abort, #11017 (2f9d8c3)
• check for csrf token on /register/abort, + theme changes for v2.x branches of themes (55a197a)
• upgrade script to work from 0.x to 2.x (a31ba82)
• #10519, image height in emails (673261f)

nebulon

[1.28.0]

• Update NodeBB to 2.6.0
• Full changelog
• add permissions-policy header (864fe0f)
• allow groups to be exempt from maintenance mode (3c85b94)
• add search data to filter:search.inContent (be92be4)
• add relevant topic events to post objects (a584dae)
• client-side hooks for navigator scroll action (135fe55)
• j and k hotkeys in topic to navigate through it quickly (aeb94c3)
• a couple utility methods in navigator module to get and set count and index (9f9a835)
• paginate recentposts.rss and (ebd7c05)
• add quiet to action:settings.set (665f36b)

nebulon

[1.28.1]

• Update NodeBB to 2.6.1
• Full changelog
• prototype vulnerability in socket.io onMessage (48d14392)
• #11066, fix custom privilege/path in routePrefixMap (0e495f9e)
• not deprecated on 2.x (91c2e5ac)

nebulon

This post is deleted!

nebulon

[1.29.1]

• Update NodeBB to 2.7.0
• Full changelog
• update transifex config (for use with new cli) (f11094c)
• integrating basic client-side form validity checking in settings v1 and v2 (dadbcd7)
• add ./nodebb install <plugin_name> (4efc19d)
• relax selectors for client-side form validation so that all form elements are checked (43e7c98)
• change hsts-maxage back to numeric input type, change API token uid input to numeric text type (db8d3a9)
• replace input type number with text/pattern (45ae31f)
• categories.js not showing custom privileges (#10856) (8c4d6bb)
• #11077, add admin uploads paths to priv mapping (07a0212)

nebulon

[1.30.0]

• Update NodeBB to 2.8.0
• Full changelog
• add force flag to plugin install in cli (#11089) (de31cb1)
• integrating basic client-side form validity checking in settings v1 and v2 (33af2d9)
• change hsts-maxage back to numeric input type, change API token uid input to numeric text type (896493d)
• replace input type number with text/pattern (2bc23a9)
• flag states so that they are not hardcoded, allow plugins to add additional states, deprecated filter:flags.getFilters hook, closes #11065 (9f531f9)
• remove debug log closes #11090 (06f4801)

nebulon

[1.30.1]

• Update NodeBB to 2.8.1
• Full changelog
• vulnerability in socket.io nested namespaces (#11117) (586eed1)
• lock post/reply similar to user.create (1ea9481)