v4.6.2

Fixes & Enhancements

• Performance enhancement: Optimize user extraction during subscription operations #1817
• Fix language detection in IE11 and Edge #1810
• Remove Node Security Badge as NSP is being shut down #1813

v4.6.1

Fixes & Enhancements

• Support lowercased storage of metadata.displayName, which is used by external auth systems that support non-unique usernames, so that searching by Display Name returns the expected results (#1786)
• Send edited comments through the moderation flow again so that Talk's filters can catch toxic and/or spam edited comments (#1785)
• Fix bug with timing of scheduled account deletion (#1775)
• Updates to the docs

v4.6.0

Fixes and Enhancements

• Deprecate the services/users.findOrCreateExternalUser function (see documentation for changes) #1703
• Fixes a small bug with the username history that would have affected the views in the Admin #1764
• Fixes token handling bug reported in #1728; fixed in #1767
• Add documentation around upgrading from 3.x.x and troubleshooting tips, to address issues reported by some users
• Typo fixes in docs

Dev Support

• Add new index to Comments table #1740

i18n

• New Arabic translations - thanks to @memz!

v4.5.1

Fixes & Enhancements

• Adds support for metadata.displayName for Community > People searches
• Updates/fixes for docs and README
• Thanks to @davisshaver for fixing our Heroku one-click install (#1721)

v4.5.0

We are happy to announce the launch of our brand new website - check it out! https://coralproject.net 🥇

Features

• Add ability to Reject a Username directly from the Admin, without having to go through the Report Username flow
• Add markdown support for Stream Closed message
• Special thanks to @hellp for more German translations and general support for translating strings! 🇩🇪
• Change to 🔥icon for reaction counts in My Profile (thanks @hellp!)

Fixes & Enhancements

• Add support for Final Form with i18n helpers and better form validation (#1636)
• Updates to copy, docs, and code of conduct
• Translation fixes (#1668)
• Check if token is in localStorage before logout (#1528)
• GraphiQL fixes (#1671)
• Add scraper proxy support (#1674)
• Add better user info in User Drawer (#1678)
• Fixes a bug when changing your email address, the redirect URI is wrong (#1705)

Docs & Hosting Support

• Please note we have removed support for our one-click Heroku demo; this doesn't mean we don't welcome you to use Heroku to host Talk - happy hosting!
• We now have a Pre-Launch Checklist in our docs to help new organizations to prepare for their launch of Talk 🚢

v4.4.3

Fixes

• Fixed a bug with custom CSS order #1670

v4.4.2

Enhancements

• Show Karma Score in the User Detail drawer (and remove Report Reliability as there aren’t any actions associated with it right now) #1630
• Enable site-wide disabling of comments in the Admin>Config #1544 (thanks to @hellp!)
• Enable external sign-in for /admin login #1607
• Add missing translations
• Add CSP Support #1633 (disabled for now #1656)
• Upgrade Mongoose to support latest version of Mongo/Mongo Atlas #1627

Fixes

• Fix bug that was breaking Akismet plugin #1638
• Fix bug with Trust Thresholds not being set properly #1630
• Fix iOS bug causing Notification Dropdown to move the screen
• Fix issue Rich Text editor focus issues on iPads and some iPhones
• Fix bug with Locales not being set properly
• Rich Text bug fixes
• UI fixes
• Copy fixes

v4.4.1

Fixes & Enhancements

• Remove Moderator Queue counts, as they are causing performance issues with GDPR's new deleted_at filter, to prevent deleted comments from showing in queues (#1618)
• Added and improved database indexes to help with performance on the Admin (#1621)
• CLI fixes (#1600)
• Fix bug with CSS ordering (#1599)
• Fix bug with story link in My Profile (#1595)
• Set Akismet is_test to false as per Akismet docs (#1622)

GDPR Fixes & Enhancements

• Allow commenters to change their email back to their original email (#1601)
• Disable autofocus on IOS Safari, prevent zoom on narrow screens (#1606)
• Fix bug with adding an email address for external accounts (#1604)
• Fix bug with Confirm Email Dialog (#1616)
• Mobile improvements for GDPR features and modals
• Copy updates

v4.4.0: GDPR

🚨 IMPORTANT 🚨: This release adds an Organization Contact email to allow commenters to contact the newsroom about comment-specific issues or feedback. This MUST be set or it could break some of the other features in this release. It can be set in the Configure tab in the admin or via the CLI.

Features to help newsrooms with GDPR compliance 🇪🇺

• For GDPR, we introduced 2 new plugins:
  • talk-plugin-local-auth - to facilitate email changes and email association
  • talk-plugin-profile-data - to facilitate comments downloads and account deletion
• We also added GDPR support to our existing auth plugin:
  • talk-plugin-auth - to facilitate username and password changes
• If you have your own custom auth plugin you will need to update it to take advantage of these features
• Please refer to our technical docs for more information about using endpoints to add GDPR features to your custom auth integration: https://docs.coralproject.net/talk/integrating/gdpr/

New Plugins

talk-plugin-profile-data:

• Download my comment data
  • Commenters can request a download of their comments
  • They're sent an email with a link to download a CSV of their comments
  • Data included: comment text, article URL, comment URL, comment ID, timestamp
  • Includes rejected comments
  • Commenters can only request this once every 7 days, to prevent database overload and gaming of the moderation system

talk-plugin-local-auth:

• Delete my account
  • Commenters can request deletion of their account
  • Deleted account requests are pending for 24 hours to allow the user to download their comments, or to change their mind and reactivate their account before the expiry
  • Account deletions remove all their comments from the site, all their comments and actions from the database, and their account info from our system
  • Commenters can cancel this request anytime before the 24 hour period is over
  • Commenters are emailed to let them know of the deletion request/to confirm the request was canceled
• Add an email to an Oauth/external account
  • Commenters are now prompted to add an email to their non-Talk account that uses our auth plugin (Facebook, Google, external, etc) so that they can take advantage of these and other features requiring email communication (suspensions, bans, email notifications)

talk-plugin-auth:

• Change my username
  • Commenters can update their username
  • This is capped at once every 2 weeks to prevent abuse
  • Commenters are emailed to confirm the change
• Change my email
  • Commenters can change their email
  • This is not capped, commenters can change their email whenever they need to
  • Commenters are forced to enter the new email twice to prevent errors
• Change my password

Bug Fixes

• Taking action on a comment after clicking "Load More" in the user drawer/user history no longer jumps you back to the very top comment
• Fix schema errors with talk-plugin-facebook-auth and talk-plugin-google-auth
• Fixes for Settings
• Fix in notifications for commenters who haven't ignored any other commenters
• Copy and translation updates

v4.3.2

Fixes and Enhancements

• Fixes for storage access on restricted environments (cookies turned off or blocked, see #1520) #1525
• Permission fixes to prevent unneeded fields from public access #1518
• Documentation updates #1518
• Error refactor to include stack traces 🐛 #1517
• Removed some dead code #1516