Skip to content
Brand Logo
Buy Hosting
  1. Home
  2. NodeBB Development

NodeBB Development

Stay tuned here to hear more about new releases and features of NodeBB!

2.8k Topics 18.8k Posts

Subcategories

  • Posts from the NodeBB Development Blog
    96 Topics
    780 Posts
    kainosK
    Very good Vlad. I am Vladislav.

  • Found a bug? Why not make a bug report here?
    1k Topics
    7k Posts
    eeeeeE
    nothing happens on click

  • Focused discussion related to ActivityPub integration in NodeBB

    Forums and Threaded Discussions Task Force
    124 Topics
    2k Posts
    stevebate@socialhub.activitypub.rocksS
    silverpill1:... only location of a key matters. This is specified in FEP-fe34, and I just published a more detailed explanation of how it all works:After rereading that FEP, I think I understand better why we have different perspectives on this topic. First, "web origin" is not the same as the AP "same origin policy" described in the non-normativeAP authz/authn primer. These two kinds of "origins" are not computed with the "same algorithm" as claimed by the FEP (or at least it appears to me that this is the claim, it's not completely clear). In this thread, it seems to me that you are using "origin" in the "web origin" sense. If not, please clarify what you mean.The other issue is that the FEP doesn't appear to be consistent with the W3C SocialCG group report on HTTP Signatures. This document describes an algorithm for verifying an actor/key relationship that does not depend on (or require) either the same web origin for actors and keys or the AP same origin policy. The AP "same origin policy" appears to be described in an authorization policy context rather than for HTTP signature authentication.The inconsistency I see is that the FEP requires "embedded" objects to have same web (?) origin as the containing object. Keys may or may not be embedded as part of the serialized actor graph. They may only be referenced by URI (even Mastodon supports it), but if they happen to be embedded in the actor graph serialization, I know of no good reason to apply the FEP origin-related constraints to the URIs.What's important for verifying the actor/key relationship is the mutual references between the actor publicKey and the key's owner (or controller) property. The key itself could be served from a different web origin than the actor document. Furthermore, there's no guarantee that removing the key's URI fragment, if any, will lead to successfully verifying the actor/key relationship, even if the relationship is valid. For example:key URI: https://keyserver.example/bob/keychain#B54F15A0actor URI: https://server.example/bobAs long as, the document retrieved from https://server.example/bob has a publicKey property referring to the key URI and the key object has an owner or controller property referring to the actor URI, it's a valid relationship.In other words, removing or ignoring the key URI fragment will not generally work. In this example, dereferencing the key URI might result in a key chain object with several public keys having different fragment identifiers. Even more conventional AP actor documents might have multiple public keys with different fragment identifiers (mentioned in the SocialCG report). Ignoring key URI fragments will not work in this case either.

  • Help Translate NodeBB
  • barisB

    NodeBB 3.12.0

    5
    +2
    4 Votes
    5 Posts
    543 Views
    I
    @julian Hi, yes for sure. "Source" or "Location" are pretty common data points that add more granularity in organization/sorting/searching. An example of a non text field would be something like "beginning date" and "end date" that would need to be date or number. I'm admittedly new to nodebb, but I it would seem copy/pasting whatever was done to the users codebase and replacing the variables names would be perfect for both categories and topics.
  • barisB

    NodeBB 3.11.0

    5
    +5
    4 Votes
    5 Posts
    734 Views
    buskerB
    It's a very useful feature improvement.
  • julianJ

    A more standardised SSO implementation

    10
    2 Votes
    10 Posts
    1k Views
    jupiter_rowland@hub.netzgemeinde.euJ
    That's good. Hubzilla already has server-side and client-side OAuth2 support, so maybe this may come in handy.
  • barisB

    NodeBB 3.9.0

    11
    +8
    9 Votes
    11 Posts
    1k Views
    barisB
    @DownPW you can use below css to change the height of the window in a widget. [component="chat/widget"] [component="chat/message/window"] > div:nth-child(3) { height: 1000px!important; }
  • julianJ

    Native Push Notifications Support for NodeBB

    30
    +0
    13 Votes
    30 Posts
    2k Views
    phenomlabP
    @julian yes
  • julianJ

    NodeBB receives NLNet NGI0 Core Grant

    6
    9 Votes
    6 Posts
    1k Views
    W
    While this is very interesting would this be an opt-in system? Also how would integrating non ActivityPub users work
  • julianJ

    Improved Post Queue tooling

    7
    +1
    4 Votes
    7 Posts
    678 Views
    Tomáš Nesrovnal 0T
    We did this as well, but some of our moderators don't want to upvote posts that are not worth upvoting. They want to keep the value of their upvote
  • barisB

    Support for security vulnerabilities in 1.x and 2.x

    2
    5 Votes
    2 Posts
    1k Views
    barisB
    Just a heads up 1.x is no longer supported. 2.x will be supported for another 12 months up to August 2025.
  • julianJ

    Hidden Links now highlighted

    6
    5 Votes
    6 Posts
    434 Views
    blake@infosec.townB
    @julian Iceshrimp classic shows the link as https://community.nodebb.org//community.nodebb.org (and links to that) and assigns it "nofollow noopener". I think the page doesn't render unless you use JavaScript anyway so it shouldn't affect search rankings?
  • julianJ

    All about emails and how they're used in NodeBB

    11
    3 Votes
    11 Posts
    3k Views
    eeeeeE
    I'll admit the email verification flow is janky, but it's the best we've got if you want to support some form of out-of-band password reset. Ok, Ive given this password reset a lot of thought. I didn't know the term 'out-of-band' but this is an idea along lines of alternative method which doesnt rely on email So background, lets say my forum Contains no sensitive information, so not a terrible issue if a password recovery was hacked. So an easy reset password reset method wouldnt be a risk it has infrequent posters. The amount of password reset requests was huge. People were re-registering So solution could be Admins could allow users to opt into an easy click on picture reset (if they wanted the option) Method, you can try this a maximum of say, once per month Click your favourite: Film: Comedy, Horror, Drama, Historical, Nature, Crime Fruit: Apple, Banana, Pear, Orange, Coconut, Grape, Pineapple Color: Red, Blue, Green, yellow, brown, Black, White If the correct choices are clicked then you can reset password there and then Probability of random hack 1/7 ^ 3 so less than 0.3% Im sure there must be a name for this type of reset method, its a kind of variant of answering 3 memorable questions, but less to recall. if the words are accompanied by pictures most people remember the 3 items they chose
  • barisB

    NodeBB 3.8.0

    1
    +2
    6 Votes
    1 Posts
    745 Views
    barisB
    Hello Everyone ! Today we are releasing NodeBB 3.8.0. Please read below for all the changes in this release. Moderation Improvements We made some improvements on the user account info page. Namely: Unmutes and Unbans will show up in the user history. If the account is flagged it will show up in the "Latest Flags" section. Moderation notes are editable. Username & email history will show who made the change. [image: 1715787614661-cfe7c601-f49e-4f16-8341-00ca5dbd0b5e-image.png] User/Group filter on admin events page [image: 1715787701043-dd3b7804-33fd-4ecd-9087-73e26fca9f9e-image.png] Events in the admin page can be filtered by a single user or a group of users. Field selector for user export [image: 1715787757973-export-user-fields.png] Exporting a list of users in the acp now let's you select which fields to include in the export. Docker improvements Thanks to more work by @oplik0 we have more improvements to our docker setup, full PR https://github.com/NodeBB/NodeBB/pull/12335 Bug fixes & Misc As usual there are plenty of bug fixes in this release. Full list of closed issues. Let us know if you run into any issues in our support thread.
  • barisB

    NodeBB 3.7.1

    29
    +0
    11 Votes
    29 Posts
    3k Views
    crazycellsC
    @baris thanks we have emoji plugin 5.1.13 , but it looks like this version has the commit... hmm... interesting...
  • julianJ

    April Update on ActivityPub Development

    7
    +0
    10 Votes
    7 Posts
    846 Views
    crazycellsC
    @julian I am not sure but I guess so... when I clicked the link on the first post of this topic: https://community.nodebb.org/topic/cd43b9f3-c032-44cc-adc8-f32e7ee91901/our-next-meeting/ it takes me here but gives error: https://socialhub.activitypub.rocks/ap/object/1899f65c062200daec50a4c89ed76dc9
  • barisB

    Caches used in NodeBB

    7
    +0
    8 Votes
    7 Posts
    935 Views
    crazycellsC
    @baris thanks for these info So, this is how you implemented the fast loading of the total vote count of the topics? https://community.nodebb.org/post/98719
  • julianJ

    February Update on ActivityPub Development

    42
    19 Votes
    42 Posts
    8k Views
    jupiter_rowland@hub.netzgemeinde.euJ
    @julian @Totally with Ю :questified: Also because there's the difference between conversation-oriented projects (Friendica, Hubzilla, (streams), the Threadiverse, nodeBB) and Twitter-like micro-blogging projects that don't have a concept of conversations.The former are built around being able to follow conversations, the latter lack that feature completely.#FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta
  • barisB

    NodeBB 3.7.0

    3
    +4
    6 Votes
    3 Posts
    756 Views
    crazycellsC
    great job! thank you [image: cat-cute.gif]
  • barisB

    NodeBB 3.6.0

    8
    +4
    8 Votes
    8 Posts
    1k Views
    barisB
    @crazycells drag and drop on mobile is
  • julianJ

    January Update on ActivityPub Development

    13
    6 Votes
    13 Posts
    8k Views
    julianJ
    @The-SkyFoxx said in January Update on ActivityPub Development: I guess a plugin with the filter hook would allow admins to filter /world by hashtags, if they feel the need to. Practically it may be a little more involved, but I think we'd end up with something along those lines. There aren't any plugin hooks exposed in the AP logic at present but they can always be added as needed.
  • barisB

    NodeBB 3.6.0 minimum NodeJS version.

    11
    3 Votes
    11 Posts
    1k Views
    barisB
    Will downgrade sharp to 0.32.6 and release a new patch version since we received other reports of the sharp error.
  • barisB

    NodeBB 3.5.0

    32
    +7
    9 Votes
    32 Posts
    3k Views
    julianJ
    @crazycells sure, if you're paying them, then the base expectation is they don't delete your stuff with no warning
Copyright © 2024 NodeBB | Contributors