- Bans+Appeal form will now appear in the modal popup when js enabled, instead of a dodgy workaround which often caused posting bugs and broke over Tor.
- Global setting to show some popular threads from listed boards on the homepage, with adjustible limit (0=disabled) and threshold. (courtesy ptchan.org)
- Add testing framework. Allows to test individual code, simulated requests and check for regressions after changes. Will be made more comprehensive over time.
- Fix not properly skipping dnsbl with block bypass when configured to do so, give the better frame popup, and skip if already solved board captcha, etc.
- New "staff" page in board management, to add/remove/edit staff.
- The global "accounts" and board "staff" pages allow editing individual permissions.
- There is now more fine permission/access control system for global and board-level stuff.
- Users with permission to edit accounts can edit accounts on a global level and grant them permissions.
- Users with permission to edit board staff can do the same on a per-board level.
- Better continuity between pages like "news", "accounts", "custompages", "staff" and the associated editieng page. The manage/globalmaange navbar stays in place with the appropriate section highlighted.
- More linking between moderation interfaces e.g. globals board list will now show direct link to view the owners account.
- Made some board and page titles more consistent.
- From now on, versioning = major.minor.patch. significant changes = major, feature updates = minor, bugfixes/small stuff = patch.
- Update instructions about nginx changes when upgrading.
- Add an endpoint for getting the csrf token separately from html pages. See API docs for more details.
- Add post "marking" so moved/deleted posts info is sent over websocket. Frontend will handle them. Deleted threads and moved OPs will now also disconnect the socket and remove the post form.
- Block bypasses are now locked to where they were created (anonymizer or clearnet) to prevent some forms of 'smuggling'. This will be improved further in upcoming releases.
- Code highlighting now supports all highlight.js languages when explicitly specified. The whitelist now only applies to auto-detection, as originally intended.
- Quotes for post references in modlog now have the proper quote class, and will show when hovered like any other quote.
- API docs improvements, now includes csrf token, posting, post actions (and mod variants), and more. It should be enough documentation for somebody to write a mobile app integration.
- On android with termux, tapping the notification will open the post (in mod view) and the notification has new shortcut buttons to quickly delete, delete+ban or delete+global ban.