Skip to content

NodeBB Development

Stay tuned here to hear more about new releases and features of NodeBB!

2.8k Topics 18.5k Posts

Subcategories


  • Posts from the NodeBB Development Blog
    96 Topics
    780 Posts
    kainosK
    Very good Vlad. I am Vladislav.
  • Found a bug? Why not make a bug report here?
    1k Topics
    7k Posts
    julianJ
    @elkd Running ./nodebb build is an interactive command that outputs the build state in real-time. Can you paste the log output from running that command?
  • Focused discussion related to ActivityPub integration in NodeBB

    110 Topics
    2k Posts
    scott@loves.techS
    @Marcus Rohrmoser Some platforms, like Hubzilla, actually tell you that the thread (conversation) you are commenting on is from a forum. It helps provide context and also lets you know your post will be distributed to forum members in addition to your own followers.
  • Help Translate NodeBB
  • What's next after v3?

    49
    9 Votes
    49 Posts
    9k Views
    crazycellsC
    @julian said in What's next after v3?: @crazycells wait until TD decides to start sending SMS codes to your phone number. I use a VoIP number, I'll let you guess how that's going. Also... You're Canadian? lol I can feel your pain. There are TD Bank branches in NY. However due to their lack of convenience, I had to close my checking account with them, but I still have a credit card. On a side note, I always use my real phone number with financial institutions, but use Google Voice number for anything else. Aren't VOIP numbers easier to hack?
  • NodeBB 3.4.0

    53
    8 Votes
    53 Posts
    7k Views
    omegaO
    @baris I suppose this is it, in profile setting these were not ticked: Watch Watch topics you create Watch topics that you reply to I've since enabled these - they appear to be the behaviour I assumed would occur - surely something like this would be default user settings?
  • 3 Votes
    9 Posts
    832 Views
    omegaO
    I've opened up this can o'worms again, click below! https://community.nodebb.org/topic/17655/timeline-navigator-fruit-machine-concept
  • Standardised language keys

    7
    4 Votes
    7 Posts
    659 Views
    barisB
    @brazzerstop Thanks for reporting fixed in https://github.com/NodeBB/NodeBB/commit/bda37ac27f11ba5dfba4e78d08144c1031696f61
  • Security Vulnerability Notifications

    2
    4 Votes
    2 Posts
    1k Views
    julianJ
    Additionally, a note about how our disclosures are reported. As outlined in our security policy, we maintain a bug bounty program. We use this as a central point of contact for reported vulnerabilities so that they do not get unintentionally exposed for exploit, and to keep better track of them over time. BUG BOUNTY HOMEPAGE/RULES Included in that bug bounty page is a Hall of Fame, a list of users who have claimed credit for discovering bugs. It also provides a rough history of awarded bounties and vulnerabilities as well.
  • NodeBB 3.3.0

    39
    10 Votes
    39 Posts
    5k Views
    inspiringI
    Now we have special settings for the notification of each chat, can you provide this feature for groups as well? that each user can set himself which group he is a member of to receive notifications?
  • NodeBB 2.8.17 & 3.3.5 Security Releases

    16
    1 Votes
    16 Posts
    1k Views
    FrankMF
    I somehow got it to v3.3.5 now. Please do not ask how I'm thinking about reinstalling to start cleanly.
  • 3 Votes
    16 Posts
    2k Views
    phenomlabP
    @tankerkiller125 I too opt for /recent as I prefer to see all activity rather than categories
  • Introducing public group chats

    25
    9 Votes
    25 Posts
    3k Views
    B
    @baris
  • 2023 Roadmap Update

    7
    8 Votes
    7 Posts
    3k Views
    julianJ
    @phenomlab very true. A lot of talented people have done some surprisingly cool things with just the custom css panel.
  • NodeBB 3.2.0

    8
    7 Votes
    8 Posts
    956 Views
    omegaO
    @baris All good, after I ran some system updates, then did another build and this time, no error!
  • [RFC] Change to the quick-reply `toPid` value?

    Moved
    11
    1 Votes
    11 Posts
    1k Views
    B
    @julian said in [RFC] Change to the quick-reply `toPid` value?: While it is true that you can know at-a-glance whether a post has replies, I'd want to know what specific value it provides to you as an end user, besides the tautological one (i.e. it provides value when showing a post has replies, because it shows it has replies). For me one of the primary values of that information is found in picking up the thread of a conversation between two or more users. Traditionally forums have only had back-links, and the only way to read a conversation was to start at the very end and follow the reply-links through to the beginning, perhaps opening each post in a new tab so they could then be read sequentially once you find the beginning. The replies dropdown allows me to start at the beginning and follow the conversation as it bobs and weaves randomly through the thread. The broader point is consistency of expectation. If users aren't reading each post of the thread and they want to do what I just described, they could train themselves to <first check to see if there is a replies dropdown; if not, check to see if the next post is a reply; if both of these conditions fail then I am at the end of the conversation>. But more consistency makes it easier to accomplish this use case, as well as the simpler use case of gaining information about whether a post has received replies. (Just my $0.02. I am coming from long-form discussion forums where it can be hard to follow a conversation from post to post, where users generally do not read each post in a thread, and where time zone differences tend to place gaps between responses.)
  • [RFC] Non-privileged bumping

    Moved
    10
    2 Votes
    10 Posts
    950 Views
    omegaO
    FWIW I think there was a bug in a version of Discourse (or it was intentional I have no idea) but if a post was edited or other non-contributory actions (lie moderation) were done, it would bump the topic, again think it experience of it for too long. It caused a lot of confusion and sometimes in strained circumstances, people would interpret it in a negative way and lose the head. Rare, but it did happen once or twice. Obviously this was more random than the proposition above. I've never used a bump feature ever, other than old school "bump" which is sometimes a humorous affair and clearly signals the bump. I rather create and see created topics that will stand the time and value that need regular updating., constant maintaining because they are hot or timelessly useful. I also would think about more editorial management than allowing social management of information, because the "social" is over done IMHO and now Ai can be just as "social" as the next bot.
  • NodeBB v3.0.0 — it's here!

    15
    8 Votes
    15 Posts
    5k Views
    julianJ
    We will look into it
  • New features in 3.1.0

    19
    15 Votes
    19 Posts
    2k Views
    phenomlabP
    @baris Perfect. Thanks
  • Harmony & Persona language files

    12
    4 Votes
    12 Posts
    1k Views
    J
    @julian Thanks, now working I translated a string and was able to pull it right away!
  • NodeBB 2.8.13 & 3.1.3 Security Releases

    1
    4 Votes
    1 Posts
    307 Views
    barisB
    A bug in our socket.io authentication code can result in Cross-Site WebSocket Hijacking (CSWSH) Affected versions <2.8.13 & <3.1.3 We have resolved this in the latest version of NodeBB(2.8.13 & 3.1.3), and the fix has already been rolled out as a patch on all of our hosted customers. The fix is included in the latest 2.8.13 & 3.1.3 releases https://github.com/NodeBB/NodeBB/releases/tag/v2.8.13 https://github.com/NodeBB/NodeBB/releases/tag/v3.1.3
  • 1 Votes
    2 Posts
    582 Views
    Gliding9426G
    @julian said in Now publishing images to GitHub Container Registry + Registry migration FAQ: ghcr.io/NodeBB/NodeBB (case insensitive) thanks, just changed the repository, but i got error from docker compose, it told me it must be all lowercase (not case insensitive)
  • Stricter behaviour for email address requirement config

    3
    1 Votes
    3 Posts
    439 Views
    julianJ
    Hi @Redbeanw44602! Thanks for voicing your concerns. In this particular change, the behaviour is only applied if explicitly enabled by the site admin. The default behaviour is unchanged: guests and regular users without email confirmed are able to browse the forum equally. In the case where an admin wants to gate content behind email verification, they can also opt to use the verified-users privilege group.
  • Technical Debt — the ever-tantalizing side quest.

    1
    0 Votes
    1 Posts
    544 Views
    julianJ
    Yesterday, I wrote a teaser about technical debt in NodeBB: In our specific case, there are other factors that also cause technical debt to incur outside of trying to "move fast and break things". Technologies change, design patterns shift, user expectations are adjusted, or scope is expanded after-the-fact. All of these could cause even a well-designed system to incur some form of technical debt simply due to the fact that you don't know how a given feature will evolve over time. Our experience with technical debt is similar to others' in many ways, although I feel lucky in that we're able to approach it a lot more differently than others. Specifically, many definitions speak of technical debt as something incurred in the pursuit of faster results. A trade-off that makes sense at the time due to time constraints. In our case, technical debt builds most often because we have a single vision for what a feature could be, but do not have the additional context to realize just how that feature could be used in the future. A contrived example — user groups A good example of technical debt is the user groups system. When initially conceived, a user group was akin to a Facebook group. A way for users to gather together under a common banner. We later expanded this with the formation of the group badge, which is still in NodeBB today. What we quickly came to realize was that there were tons of benefits that could be realized with a common user grouping system. Gamification could be tied to user groups, tagging groups of users made sense, and most importantly, privileges could be tied to user groups. Whenever we ended up in a situation where user groupings made sense, we made use of the pre-existing user groups system. It ended up simplifying a lot of things because we had that groups system that we knew would work predictably. It meant that separate, contained systems need not be re-invented every time you needed to segregate users apart. The debt? User groups as per the initial design no numeric identifiers. A user has a uid, a topic has a tid, a category has a cid, a post has a pid, you get the idea. So when it came time to create groups, I gave it some thought and decided that group IDs were unnecessary, as the primary identifier would be the group name itself. After all, why would a forum want two groups named the same thing? Madness! In hindsight, of course, a group ID system would make a lot more sense. It'd make even more sense given that the Write API works almost exclusively on those IDs (groups are the one exception). We're lucky in that while the debt exists, its impact on day-to-day development is fairly minimal. Other examples of debt are more impactful, but I can't easily think of any because we've addressed a lot of them already! A hidden benefit of O/SS A neat little side-benefit of the fact that NodeBB is open-source is that we can choose our priorities more freely as developers. While NodeBB Inc. itself pursues paid contract work and paid support, we often do have time in between paid work to spend time on the core product itself. While the draw is always there to develop new and exciting features, we have fostered an internal developer culture to address technical debt over time, as we consider any ease of maintenance burden is a win that is compounded over time. Likewise, any impactful technical debt often hinders development, and continuing to hack away around technical debt just makes it harder to resolve altogether. The other part of it is that our source code is open. If we are lazy and take shortcuts, someone will eventually call us out on it.