NodeBB Blog

Truth be told our latest release was published late last week in advance of “snowmageddon” burying much of the U.S. northeast and Canadian southeast. But everyone is well and we’ve mostly managed to dig our way out of our various home offices across the Greater Toronto Area. Hope you are keeping safe and warm, wherever […] Click here to see the full blog post

Thanks Julian for your wonderful work, it has been a pleasure for me to give my - very small - help in supporting what I believe is the safest form of authentication available on the web today. Two-Factor Authentication plugin new version is already updated on KEEB.it and it works like a charm

Merry Christmas & Happy New Year!

@julian Good to know. And kudos for the bounties as well. Let's keep the grey hats incentivized, eh?

Click here to see the full blog post

Thank you

It's not news to say 2020 has been... challenging. In Toronto, the home of NodeBB HQ, we've gone from a spring lockdown to a cautious summer reopening, to lockdown again — sigh. But the team has never stopped working, and have managed to squeeze out one last release before we thankfully turn over the calendar. Click here to see the full blog post

@joe-morris Yes, for simplicity, the guide does not cover setting up a dedicated user for MongoDB. Those specific instructions can be found in our more technical installation instructions here: https://docs.nodebb.org/installing/os/ubuntu/

A couple months back as part of our Roadmap to v2, I made the claim that one of the large features in that release would be the merging of the Write API plugin into core. The majority of the exploratory work had been completed in a development branch reserved for v2-only changes, but the need for a consistent RESTful API became more and more important, and we simply could not wait for v2 (which hadn't and still hasn't, a release date) to drop. So two months ago, I started pulling out this work to a separate branch based off of master, and set about to finishing the integration. I'm proud to say that the preliminary release of this API has been merged into core, and is available starting v1.15.0. Click here to see the full blog post

@crazycells @psychobunny is more well versed with this, but the only real functional difference is that it likely loads a bit faster now (at least, after the first load) because a lot of the pages are cached. Before, it would reload the page just like you were visiting in a browser. We don't support natively things like notifications yet, but it is a step in the right direction

The ongoing coronavirus pandemic has changed the way we view eLearning. With students preparing to go back to school, parents, teachers, and students alike are wondering how this year will shape up. I had the opportunity to talk to Don Pezet, CEO of ITProTV, about how they are handling the coronavirus pandemic, and asked him to share his thoughts on eLearning at large. Click here to see the full blog post

A bug in our validation logic made it possible to change the password of any user on a running NodeBB forum by sending a specially crafted socket.io call to the server. We have resolved this in the latest version of NodeBB, and the fix has already been rolled out as a patch on all of our hosted customers. For more information on the vulnerability as well as instructions on how to resolve this issue, please have a look here: https://github.com/NodeBB/NodeBB/security/advisories/GHSA-hr66-c8pg-5mg7 Click here to see the full blog post

Excellent stuff and I really dig those paintings. I always liked surrealism as a child, and a painting, especially this kind, can move you, here we are taken by surreal vignettes, folding different perspectives using different environments that make a frame within a frame, that takes you out of the world you are in by showing you one familiar but gently disjointed like a dream you can't quite believe but know it was real. Beautiful and Moving.

It's been several months since our Toronto team has convened in our downtown office, and we've blogged previously about how we are spending our free time during social distancing. But of course that DOES NOT mean the team hasn't been working hard. Version 1.14.0 includes expanded documentation and improved features, as well as streamlining and security fixes. Here are some highlights... Click here to see the full blog post

Good One

Hey Welcome

@crazycells said in NodeBB is Growing!: getting excited about NodeBB 2.0 Any timeline tips or gossips? As always, when people ask when a certain version or feature is landing, the official response is: In other words, we have no idea, and when it's done it'll be released.

That awesome, looking forward to using this.

It seems almost every day that a new library is created, a new javascript framework, or bundle of utility methods that promises to make developing software faster, easier, more enjoyable, etc. Heck, there's even a joke website about how often new frameworks pop up! What invariably happens is: We get stuck in to a new framework or library We quickly lose interest when we run into the first set of problems that require even a modicum of effort, and then We then move on to the next greatest framework/library that promises the world. How can we break this cycle? Click here to see the full blog post

@gotwf You are absolutely right. I certainly agree with you a dedicated tool instead of built-in with NodeBB will be better. What I argue is that the platform software community like NodeBB comes up with customization or a collection of recommendation of existing tool-sets that will get the deployment security to the certain level. For example, common mistakes of new admins of NodeBB: if you've uses NodeBB default password for the admin password, or turned on Sandbox feature that's not meant for production. And thank you for your list of tools. That's very helpful.