Demo Overview: 2018-03-28
Here's an overview of what R&D is planning for the next demo.
Hot
- Groups
- Editor
- Server Render Editor Blocks - View this issue on GitHub
- Hook up Embed UI to API and editor
- Dynamic Icon for Paragraph (Pilcro) menu
Fresh
- Make Rich Editor keyboard events more consistent
- Accessibility
- GDN_Log table needs pruning
- Enums on items are not documented in API docs
- Add persist and setCookie option to AuthenticateApiController::post()
- Authenticator
- Create AuthenticatorsApiController Phase 1
- Update VanillaConnect to use state parameter
- Update VanillaConnect cookie nonce so that it can only be used from a specific browser
- Update UserModel::expandUsers to be extensible
- Add an archived parameter to /api/v2/categories
- Pagination with rel=“next” and rel=“prev”
- Remove ability to mute a category
Fixes
- @mentions in editor
- Docs link injection
- When marking a post as 'resolved' the post is also marked (inadvertently) as 'edited'
- Creating an event in a group without joining it
- Improve UX of joining a group when user has no permissions or is a member already.
- Hide image cropper on Media Query
- Users can comment on a private group discussion without joining it
- Creating a discussion in a group without joining it
- Creating an event in a group without joining it
- Groups CSRF on event participation
- User personal info disclosure through dashboard/activity manipulation
- Extremely bad query in Leaderboard addon when excluding moderators
- Trusted providers should not override AutoConnect in SSOModel
- CSRF on notifications alert
- Persistent XSS via Content-Type in Comment / Discussion / PM
- Liked Plugin: allows reflected XSS on /discussion/comment
- Analytics returning erroneous set-cookie calls
- Categories DisplayAs "Default" value
- Addons Directory uploads fail due to incorrect path parsing
- Remove group notification settings
Hot: new and exiting, Fresh: new and less-exciting, Fixes: bug-fix and security patches
0
Comments
-
1