Jump to content
Forum²

[DISCOURSE] - 3.4.0.beta2: Better pageview metrics, multiple category moderator groups, watch chat threads, and more


Recommended Posts

  • Forum² Admin
Posted

New features in 3.4.0.beta2

Better pageview metrics with the new site traffic report

We’ve added a new “site traffic” report on the admin dashboard that highlights pageviews from users and hides traffic from crawlers and other sources like bots by default. This now give you a far more accurate gauge of traffic to your site from logged in members to anonymous visitors. Learn more…

Ability to watch chat threads

You can now choose to get notified of all replies to a chat thread by watching the thread. People who are watching a thread will see a green indicator on the chat icon when there are new unread messages, an item in their list of notifications, along with other helpful indicators in the channel list and on the thread itself in the channel where it resides.



Ability to add multiple groups as moderators for a category

We’ve added the ability to configure multiple groups as moderators for a given category. Learn more…

New setting to exclude groups from /about page

Sites can now hide particular users from the admins and moderators section on the /about page by adding them to a group included in the “about page hidden groups” site setting. This allows sites to better highlight which admins are active in the community by hiding admins who are primarily assisting in a more technical role. Learn more…

image

New location for AI helper in the composer

The AI helper has been moved to the composer toolbar, for greater consistency with other composer options and to avoid interrupting a user’s writing and editing experience.

Option to use full names in chat direct message titles

In chat direct message channel titles, full names are now used instead of usernames for sites that have configured the existing preferences to do so elsewhere. Where a full name is unavailable, titles will still fall back to using the username Learn more…

Ability to dismiss admin notices

Admins can now dismiss notices shown on the admin dashboard.

This is a screenshot of a webpage with settings related to a software update or configuration.  (Captioned by AI)

As we’ve begun to surface more minor problems here that deserve some attention, we’ve also discovered a need to allow admins to dismiss things that they may not be able to address right away.

Security Updates

This release includes fixes for these security issues reported by our community and HackerOne.

  • DoS by the absence of restrictions on replies to posts (CVE-2024-43789)
  • Bypass of email address validation via encoded email addresses (CVE-2024-45051)
  • Prevent topic list filtering by hidden tags for unauthorized users (CVE-2024-45297)
  • XSS via chat excerpts when CSP disabled (CVE-2024-47772)
  • Anonymous cache poisoning via XHR requests (CVE-2024-47773)

2 posts - 2 participants

Read full topic

Guest
This topic is now closed to further replies.
×
×
  • Create New...