v1.7.2
We are excited to announce the release of Mbin v1.7.2! This version is packed with important bug fixes and performance improvements, focused on bug fixes rather than new features.
The main improvements are (in random order):
- Fixing many PHP undefined, null or other errors that admins might see in their production logs.
- Resolving several templating null issues.
- Removing CSRF tokens from public forms (when user isn't logged-in), reduce unnecessary large amount of sessions.
- Migrating Symfony sessions from Redis to PostgreSQL to avoid race conditions.
- Increase session & cookies duration to 4 months (so people stay logged-in).
- Adding a down-vote mode in
.env. - Add stricter requirements on the routes configuration (reducing invalid requests are making it to the controller).
- Introducing a scheduler for removing deleted user messages & pruning the dead letter queue in RabbitMQ.
- Various other bug fixes and updating package dependencies and translation improvements.
For more details see below the "What's Changed" section.
Comparison to previous stable version 1.7.1:
| DB migrations | New ENV vars | Admin guide changes | Suggest cache clearing | New dependencies |
|---|---|---|---|---|
| ☑️ | ❌ | ❌ | ☑️ | ❌ |
What's Changed
- Translations update from Hosted Weblate by @weblate in #1099
- Fix update actor failing because of a serializer error by @BentiGorlich in #1098
- Check whether the author is blocked before notifying by @BentiGorlich in #1100
- Implement downvote modes by @BentiGorlich in #1022
- Add the downvotes mode to the .env.example by @BentiGorlich in #1104
- Translations update from Hosted Weblate by @weblate in #1103
- docs(contributor): contributors readme action update by @github-actions in #1106
- Bump twig/twig from 3.11.0 to 3.11.1 in the composer group by @dependabot in #1107
- Fix the downvote error by @BentiGorlich in #1110
- Clean-up push controller js by @melroy89 in #1105
- Clean up push controller js even more by @melroy89 in #1111
- Add spoiler to markdown editor by @melroy89 in #1108
- Fix some npm vulnerabilities by @BentiGorlich in #1112
- Translations update from Hosted Weblate by @weblate in #1113
- Also check if filePath is not null by @melroy89 in #1114
- Null error on reported post comment notifications by @BentiGorlich in #1118
- Fix 3rd miscellaneous bug by @BentiGorlich in #1120
- Fix 4th miscellaneous bug by @BentiGorlich in #1121
- Fix 7th miscellaneous bug by @BentiGorlich in #1123
- Fix 2nd miscellaneous bug by @BentiGorlich in #1124
- Fix 6th miscellaneous bug by @BentiGorlich in #1125
- Fix 9th miscellaneous bug by @BentiGorlich in #1122
- Fix null error when an instance does not have a nodeinfo endpoint by @BentiGorlich in #1117
- Update composer PHP depedencies by @melroy89 in #1101
- Disable badges for now by @melroy89 in #1116
- Check on empty/null filePath image by @melroy89 in #1128
- Check if EntryComment is defined and not null by @melroy89 in #1129
- Improve invalid CSRF token logging + add explicit dependency by @melroy89 in #1130
- Make CSRF tokens better named by @melroy89 in #1131
- Add new command: "Remove failed messages command" by @melroy89 in #1132
- Update docs with failed messages remove command by @melroy89 in #1133
- Don't log full html pages (stop error log pollution) by @melroy89 in #1134
- Add explicit require dep phpseclib/phpseclib. Update minor releases o… by @melroy89 in #1135
- Translations update from Hosted Weblate by @weblate in #1137
- Remove dead messages + docs update by @melroy89 in #1139
- Disable CSRF checks on some most-used forms by @melroy89 in #1136
- Translations update from Hosted Weblate by @weblate in #1143
- Translations update from Hosted Weblate by @weblate in #1144
- Reduce error pollution even more on post request failures by @melroy89 in #1140
- Translations update from Hosted Weblate by @weblate in #1146
- add new develop branch for gh trigger by @melroy89 in #1147
- Store sessions in DB + improve cookies/sessions by @melroy89 in #1145
- Translations update from Hosted Weblate by @weblate in #1149
- Add stricter requirements to existing routes by @melroy89 in #1150
- Translations update from Hosted Weblate by @weblate in #1151
- Increase the interval for fetch_user_notifications by @melroy89 in #1152
- Translations update from Hosted Weblate by @weblate in #1154
- Adding Valkey to docs by @melroy89 in #1153
- Introducing dependabot for npm & composer by @melroy89 in #1141
- Bump symfony/http-client from 7.1.4 to 7.1.5 by @dependabot in #1155
- Bump symfony/uid from 7.1.4 to 7.1.5 by @dependabot in #1158
- Bump symfony/translation from 7.1.3 to 7.1.5 by @dependabot in #1156
- Bump symfony/webpack-encore-bundle from 2.1.1 to 2.2.0 by @dependabot in #1159
- Translations update from Hosted Weblate by @weblate in #1160
- Fix the docker build error due to an old symfon/cache version by @BentiGorlich in #1165
- Make the body not required while editing by @BentiGorlich in #1168
- Fix wrong title showing while editing a thread by @BentiGorlich in #1169
- Bump phpunit/phpunit from 11.3.6 to 11.4.0 by @dependabot in #1162
- Translations update from Hosted Weblate by @weblate in #1170
- Bump symfony/ux-chartjs from 2.19.3 to 2.20.0 by @dependabot in #1164
- Bump symfony/console from 7.1.4 to 7.1.5 by @dependabot in #1161
- docs(contributor): contributors readme action update by @github-actions in #1172
- Check if the openssl_sign went OK by @melroy89 in #1102
- Fix scheduler not running by @BentiGorlich in #1166
- Bump to 1.7.2 release now by @melroy89 in #1176
Full Changelog: v1.7.1...v1.7.2
Contributors
melroy89, weblate, and 2 other contributors