AO3 News

Releases 0.9.336 - 0.9.338: Change Log

Post Header

Published:
2023-03-31 22:31:42 UTC
Tags:

We covered a lot of ground in these three releases, ranging from built-in user muting to a Rails update to a new preference requiring users to opt in to having their works invited to collections.

We'd like to extend a special thank you to our five new contributors: GoodGithubAccount, Hunter Ada Smith, Isabel Nunes, juro, and pinkpurpleblue!

Credits

  • Coders: agenderdanvers, Bilka, Brian Austin, Ceithir, Cesium-Ice, EchoEkhi, ellieyhc, GoodGithubAccount, Hunter Ada Smith, irrationalpie, Isabel Nunes, juro, Potpotkettle, redsummernight, salt, Sarken, ticking instant, warlockmel, weeklies
  • Code reviewers: Bilka, Brian Austin, EchoEkhi, james_, redsummernight, Sarken, ticking instant
  • Testers: Brian Austin, lydia-theda, Maine, makepeacelovejoy, mumble, Nat, petricores, Priscilla, redsummernight, Rhine, Runt, Sammie Louise, Sarken, Teyke

Details

0.9.336

The February 8 release included a mute button for users and password changes for site admins.

  • [AO3-6365] - We've added a handy button for muting users. You can get all the details in the muting announcement.
  • [AO3-6440] - Previously, when our database admins created accounts for site admins, they would set up a password for the account and then pass it along. Now admins are required to set their own passwords and allowed to reset them as well. Additionally, it's now easier for database admins to revoke and restore site admins' access.
  • [AO3-6422] - We've limited the number of accounts a user can block to 2,000. (The same limit applies to muting.)
  • [AO3-6451], [AO3-6463], [AO3-6468] - The httparty, Rack, and Global ID gems had security updates, so we updated them.

0.9.337

On February 19, we deployed an update to Rails.

  • [AO3-6469] - We updated from Rails 6 to Rails 6.1. Now onward to Rails 7!
  • [AO3-6477] - It was the Sanitize gem's turn for some security updates, so we bumped the version we're using from 6.0.0 to 6.0.1.

0.9.338

Our March 31 release added a new preference requiring users to opt-in if they'd like to allow collection moderators to invite their works to collections. It also added support for ruby annotations and the details HTML tag and included a whole lot of other bug fixes and enhancements.

Collection invitation preference

[AO3-6118] - Previously, a collection moderator could invite any work on the Archive to their collection, which would send an email to the creator asking them to approve or reject the invitation. Work creators could also choose to bypass the invitation process and allow mods to add their works to collections without needing to approve individual invitations.

This system was prone to abuse, so we have now removed the "Automatically agree to your work being collected by others in the Archive" preference and replaced it with a way to opt into or out of having your works invited to collections.

By default, no one will be allowed to invite your work to their collection. If you'd like to change this, please go to your preferences page and choose "Allow others to invite my works to collections."

If you enable this preference, you'll receive an email for each new invitation, and your work won't be added to the collection unless you approve the invitation. You can always add your own work to collections or remove your work from collections at any time, regardless of whether you enable this preference. If you're a collection moderator and you'd like to add a work whose creator hasn't enabled this preference, you can still bookmark the work and add the bookmark to your collection instead.

General enhancements
  • [AO3-6183] - Live validation error messages on forms can now be read by screen readers.
  • [AO3-6318] - Enabling the "Hide my work from search engines" preference will now also do its best to hide your series pages.
  • [AO3-6475] - To minimize the number of trips we make to the database when a page is loaded, we've added code that will let us use the includes method on pages that use Elasticsearch.
  • [AO3-5666] - We've clarified the error message you get if the username you enter is formatted incorrectly when you're creating an account or changing your username.
Changes to allowed HTML and CSS
  • [AO3-6279] - We've stopped allowing video embeds from one defunct site (Metacafe) and two that no longer host fanvids (Ning and Dailymotion).
  • [AO3-6319] - You can now use HSLA colors in skins.
  • [AO3-6464] - You can now use the ruby, rt, and rp tags to include annotated text wherever HTML is allowed.
  • [AO3-6466] - Got spoilers? Now you can hide them using the details and summary tags anywhere you can use HTML.
Bug fixes
  • [AO3-6387] - If a tag wrangler created a noncanonical tag with the same name as an existing canonical tag, the existing tag would get decanonized. Now they'll get a nice error message telling them the tag already exists instead.
  • [AO3-2187], [AO3-3585] - On certain forms, the submit button is disabled and replaced with a "Please wait..." message once it's pressed. Unfortunately, this made it impossible to resubmit the form if there were errors in fields validated using JavaScript: even after the errors were corrected, the submit button remained disabled. Now the button will be reenabled once all errors have been corrected, and the page will automatically scroll to the topmost error to help you find and fix any problems.
  • [AO3-6428] - If you deleted all the posted chapters in your work, leaving only a draft chapter behind, deleting or downloading the work would lead to a 500 error. This happened because the code for downloads and attachments of deleted works expected that every work would have at least one posted chapter. Now downloads of zero-chapter works will produce files containing metadata but no chapter content, and attachments that are sent to a deleted work's creators will include draft chapters as well as posted ones.
Clean up on aisle five
  • [AO3-5837] - We removed some unused code from the bookmarks controller.
  • [AO3-6368] - We also removed some unused code known as the EmailValidator. (We have other ways of validating your email!)
  • [AO3-6420] - Oh, hey, what's that? An unused view for gifts? Well, let's remove that, too.
  • [AO3-6435] - It's not just unused code we've been removing -- we've also dropped an unused column (prompt_restriction_id) from two database tables.
Some real gems
  • [AO3-6481] - We replaced a broken link on our DMCA Policy page.
  • [AO3-6495] - We updated the Rack gem due to some security alerts.
  • [AO3-6485] - The gem we previously used for uploading information about our test coverage to Codecov has been deprecated, so we've started using GitHub Actions for this instead.
Improving volunteer tools
  • [AO3-6140] - We've restricted which admins can edit locales and languages and removed an unused role previously planned for users on our translation team.
  • [AO3-6425] - We limit how many abuse reports we'll accept for a given work, but sometimes those limits weren't being applied due to missing information in the reported URL. We've tweaked the code so these URLs can no longer sneak past this restriction.
  • [AO3-6432] - The account we use for orphaned works can no longer be suspended or banned. Yeah, don't ask.
  • [AO3-5521] - To help combat abuse, we now temporarily store information about the creators of recently orphaned works.
  • [AO3-6482] - We cache certain skins for performance reasons, and we have to create new versions of the cached files each time we deploy changes to the default site CSS. Sometimes this process would fail in a particular way that meant we couldn't just rerun it because it would no longer know which skins it needed to cache. We've changed how we specify the skins it applies to so we can rerun it more easily.