At the last ForumWG meeting, we discussed at length about Article vs. Note, and whether there was a desire to expand usage of as:Article. You can review those minutes here.

One of the action items that came out was to collate the state of current implementations. Unfortunately, outside of implementations that federate non-textual content (e.g. Pixelfed Stories, Mobilizon Events, etc.), the majority of implementors just use as:Note, which is not surprising given Mastodon's treatment of non-Note objects.

You can see the results of the summary here.

What is less clear is whether there is pent-up demand for use of a different data type for more richly forrmatted content. @[email protected] and @[email protected] provided some very illuminating history behind previous attempts to use as:Article, but importantly it seems that Mastodon (via @[email protected]) may be open to supporting this in some form as well.

While Mastodon has every reason to display as:Note as it sees fit, I'd like to hopefully address the undue influence towards using it especially in instances where as:Article were more appropriate. Mike (upthread) suggested a compromise:

that as:Note be reserved for content with attachments (images or otherwise), perhaps with a limited subset of html and as:Article be used for content with a richer set of html (e.g. tables), and including the ability to display inline images

I explicitly did not specify that Note was for shorter content and Article for longer, because there exist plenty of examples of the reverse.

Does anybody see potential complications from such an arrangement?

I may regret creating this topic but here goes.

If you experience a bug or other unexpected behavior while using NodeBB and its related ActivityPub integration, please post it here so it can be tracked and resolved.

No formal process as of yet, and we're still at pre-alpha so expect many things to be broken or unavailable 😅

My post from a couple weeks back indicated that NodeBB started following part of FEP-7888: Demystifying the context property.

Our implementation is an endorsement of @[email protected]'s proposal that the context property be given additional formalization.

During the last ForumWG call, they intentionally (or perhaps unintentionally) summarized their desire that implementors should "just use collections", and that that would be a good starting point for future iteration.

With the current state of context being "there is no coordinated usage of context", this topic aims to provide a snapshot of implementors' use of that property (or lack thereof), and to stimulate further discussion on potential use cases.

Note that this is not the first time the question has been raised. trwnh's discussion topic contained one such summary of current implementations.

As per that topic:

Mastodon — does not use context, but provides an ostatus:conversation property Pleroma/Akkoma — uses context, but the url provided is unresolvable, likely used similarly to Mastodon Streams (@[email protected]) — uses context, resolves to an OrderedCollection containing all activities encontered (Creates, Updates, etc.)

My hope is that a provided context resolving to a Collection (or subtype thereof) would allow for proactive topic backfill, instead of relying on reply chain traversal, which while workable, has some rather specific downsides.

As mentioned per the above linked announcement that NodeBB was following FEP-7888:

We attach context to all Note objects (NodeBB posts), and it resolves to an OrderedCollection that contains the uris to the other objects in the context (the NodeBB topic).

Hello! 🔆

Please upgrade this plugin https://github.com/NodeBB/nodebb-plugin-topic-ratings for the NodeBB v3.0.0

I'm add this code in my theme:
https://github.com/NodeBB/nodebb-plugin-topic-ratings/blob/master/static/templates/partials/ratings.tpl

When I click on the rating button (star), the rating is not added and nothing happens.

I am using AWS SES and when I do a test email it works without issues, however when a new user registers they don't get the email validation and when I try resending it doesn't work either.

Hi, i sent test email in local dev environment (nodebb1.1.0 + mac + nginx + mongodb + LAN), and i can receive the testing email.

But in another dev environment (nodebb1.1.0 + centos6.5 + nginx + mongodb + WAN), i do the SEND TEST EMAIL in ACP - SETTING - EMAIL, prompting Success， but i can not receive any email.

Have anybody met this problem before ? and how to make it work ?

Many thanks~~ 😺

What is this error please?
Im trying to loggin in as admin with the correct password
Has been happening often recently
Error is invalid csrf token
cantlogin.png

For some reasons, the "Reply" button doesn't work at all. Users cannot respond to posts. I tried uninstall and re-installed the composer plugin but still nothing worked. Please help! Thanks in advance

We've been seeing a steady flow of inquiries regarding how NodeBB handles emails. I will try to head off these inquiries and at the same time, provide a central point of support for people who have questions regarding how email addresses work in NodeBB.

I'll start by stating upfront that I will divide this post into two parts — a high-level review of email handling changes, and a more technical half that details how these changes affect developers on the back end.

Secondly, I will also note that these changes have been in v1.18.0, so there is nothing new here for v3.x.

High Level Overview

NodeBB makes several assumptions:

An email is not an integral part of the user account NodeBB by default will ask you for an email, but it is optional. You can put a fake email in, or even nothing at all. However — an email is not truly associated with a user until the user has confirmed their email by clicking on the unique URL in the welcome/confirmation email. Likewise, if an account's email is changed, it is merely a request to change the email. The old email remains until the new email is confirmed. Email is not integral to the user; you can put in any email address if prompted

We wanted the flexibility of not requiring an email address for a user account.

Part of that is because validating the format of an email is tricky. If you use even a slightly obscure email, you'll have run up against issues registering on some sites that use an incomplete format check.

The second part of it is that if someone really wanted to not put their email down, they would just put something fake in, e.g. [email protected]. If this happens, the best case scenario is you get emails bounced back. Worse case scenario, the fake email entered actually belongs to someone else and they mark the sender (e.g. you) as spam; which leads me to the third part.

The third part is far too many websites let users register, and allow users put in whatever email they want, even if it belongs to someone else. I refuse to allow NodeBB to become part of this unintentional spam.

The only checking we will ever do on the entered email is to make sure that it contains an @ symbol. All emails contain the @ symbol.

Aside: I have a rather common email, and I receive many emails from other people named Julian Lam, from around the world. I suppose if I ever go to Planet Fitness in the United States, I have a membership, or I can provide proof that I've ridden the bus in Cardiff, Wales. I'm also on the mailing list for a BMW dealership in Hong Kong, and haven't been able to get off of it. All the same, I'd rather not get these emails 😄

An email is not truly part of the user until it is confirmed

This is the sticking point that gets people confused — just because a user put in an email address, doesn't mean it's their email address. NodeBB will only make this assumption if explicitly instructed to (see technical overview). Otherwise, it will send out a validation email and add the email to the user account only when properly confirmed via unique code/link.

Until then, the existing email is still active, or if there is no email, then the user account continues with no email associated with that user.

Remember, the only way to ensure that an email you have is a real email... is to send it an email, and have the user physically confirm it. Full stop.

What if I want to restrict access to my content to verified users only?

We've introduced two new system groups to complement the original registered-users group. The three relevant groups now are:

registered-users — contains all users irregardless of email confirmed state verified-users — users whose email has been confirmed unverified-users — users who have no email, or whose email has not yet been confirmed

By default, a new category will allow topics and replies from the registered-users group. Remove those privileges and apply them to the verified-users group as necessary. If you want a category specifically for unconfirmed users, then apply them to the unverified-users group.

What if I know the user's email is correct, or want to add an email to a user?

If you are an administrator, editing the user's email via their profile will bypass the confirmation request and automatically validate their email. With great power comes great responsibility.

Technical Overview NodeBB no longer trusts the email property in the user hash, and hasn't since v1.18.0. it is now purely informative. email:uid is the source of truth for what email belongs to which user. When user.create is called (either via code or by API), if email is a passed-in property, then NodeBB will try to send a confirmation email, just as if it were a regular registration. There are two relevant code paths: Confirmation email is sent, and the unique link is clicked. User is sent to /confirm/:code and user.email.confirmByCode is executed, followed by user.email.confirmByUid The user email is confirmed without a code; only user.email.confirmByUid is executed (see below). If you want to create a user with a confirmed email, but don't want a welcome/confirmation email sent, you will need to manually set the email into the user, and run user.email.confirmByUid:const emailToSet = '[email protected]'; await user.setUserField(uid, 'email', emailToSet); await user.email.confirmByUid(uid); To my knowledge, there is a single case where a user may have their email set in the user hash, but not be confirmed: Users created before v1.18.0 will have an email set that may or may not be confirmed, as that was the behaviour prior to this change. I recommend you either remove the user's email, or confirm it. There are no ill effects to having a user account set up like this, although they may not show up in user searches if the query is an email address.

Hi,

I am looking for a feature to handle moderation notes separately from user posts. Currently, admins/mods edit posts in their own way to include moderation messages, but I prefer a dedicated feature for this.

Details:

Separate Moderation Section:

A distinct section for moderation notes, appended but clearly separate from the user's content. Example: A box or highlighted area at the top or bottom of the post or in the signature

Distinct Styling:

Formatting options to make moderation notes stand out (different font, color, borders).

Admin Tools:

Easy access for moderators to add, edit, or remove notes via a simple interface.

Possible benefits:

Maintains original post integrity. Provides clear communication on moderation actions. Enhances user experience and transparency.

Thank you for considering this request.

Best regards
dave

I searched to find out if there is a way to completely remove the user header/image, replacing that with an embedded iframe.
The search results say that this is a bad idea, could cause security issues, could make the site unstable and other problems.
The security issues appear to be related to using https/http mixes and other things which could be insecure but can be mitigated using correctly built headers.
Plus, in my case, all of the hosts would be internal, on the LAN and even if between DC's, packets flowing across secured links.

Therefore, I find what I've read hard to believe so thought I should ask here.

Without using a plugin, is there a way to replace the header/user image with an iframe in a way that would survive upgrades too because there's nothing worse than having to constantly re-edit your files after upgrades like I had to when using phpbb and others.

Hi guys! I’ve recently migrated my forum from phpBB to NodeBB, including all users, topics, and posts. Users should be able to access the new NodeBB forum from my website via the session-sharing plugin. I've configured the plugin to accept ID, username, and email in the payload. Users can only access the forum through a redirect from the website as the JWT cookies work correctly (i think):

Screenshot 2024-05-14 at 3.30.40 PM.png

Here’s the issue: when existing users access the forum, their information and accounts are mismatched, leading to account duplication.

For example, an existing user with the details:
{ id: 204533, username: MyUsernameIsVeryLong, email: [email protected] }

When this user signs in and accesses the forum, a new account is created with:
{ uid: 26, username: MyUsernameIsVeryLong 0, (no email) }

Screenshot 2024-05-14 at 3.34.18 PM.png

This results in duplicate accounts while the actual account remains unmapped. If I delete the duplicated account from MongoDB and the NodeBB Admin Panel, and log in again, the same username issue ("MyUsernameIsVeryLong 0") persists, but the email might get mapped to another existing user’s email.

I’m not sure if this problem is related to session sharing or if there's something I need to configure or adjust before migrating the data into NodeBB. Any advice or suggestions would be greatly appreciated! Thank you very much in advance!

I'm confused about a particular aspect of Inbox Forwarding as detailed in the ActivityPub spec:

... the server needs to forward these to recipients that the origin was unable to deliver them to. To do this, the server MUST target and deliver to the values of to, cc, and/or audience...

... The server MUST only target the values of to, cc, and/or audience on the original object being forwarded, and not pick up any new addressees whilst recursing through the linked objects (in case these addressees were purposefully amended by or via the client).

Emphasis mine.

My reading suggests that only the values of to, cc, and audience on the referenced object should be used, and not those values on the activity itself.

But doing so would preclude the use of Inbox Forwarding in scenarios where the Activity wrapper contains additional addressees that the underlying object does not have.

e.g. A Note by A contains a single addressee: as:Public. It is then Announced by B and C. Later, A updates the Note, and their server sends out Update(Note) with the following addressees: as:Public, B, B/followers, C, C/followers, but the object referenced still contains a single addressee: as:Public.

In that case, when received by B and C, should they forward the activity to their followers?

If you have problems upgrading to 3.8.0 you can ask for help here.

Hello Everyone 👋!

Today we are releasing NodeBB 3.8.0. Please read below for all the changes in this release.

Moderation Improvements 🔨

We made some improvements on the user account info page. Namely:

Unmutes and Unbans will show up in the user history. If the account is flagged it will show up in the "Latest Flags" section. Moderation notes are editable. Username & email history will show who made the change.

cfe7c601-f49e-4f16-8341-00ca5dbd0b5e-image.png

User/Group filter on admin events page 📅

dd3b7804-33fd-4ecd-9087-73e26fca9f9e-image.png

Events in the admin page can be filtered by a single user or a group of users.

Field selector for user export 👥

export-user-fields.png

Exporting a list of users in the acp now let's you select which fields to include in the export.

Docker improvements 🐋

Thanks to more work by @oplik0 we have more improvements to our docker setup, full PR https://github.com/NodeBB/NodeBB/pull/12335

Bug fixes & Misc 🐛

As usual there are plenty of bug fixes in this release.

Full list of closed issues.

Let us know if you run into any issues in our support thread.

Link Preview Image Ubuntu (Recommended) - NodeBB Documentation

favicon

(docs.nodebb.org)

I am following the NodeBB documentation(link attached above) to setup nodeBB locally on my machine - However, I am stuck at "Installing nodeBB" step with the below error.

$ ./nodebb start /home/pravallika/nodebb/node_modules/commander/lib/command.js:380 enableOrNameAndArgs = enableOrNameAndArgs ?? 'help [command]'; ^ SyntaxError: Unexpected token ? at Module._compile (internal/modules/cjs/loader.js:723:23) at Object.Module._extensions..js (internal/modules/cjs/loader.js:789:10) at Module.load (internal/modules/cjs/loader.js:653:32) at tryModuleLoad (internal/modules/cjs/loader.js:593:12) at Function.Module._load (internal/modules/cjs/loader.js:585:3) at Module.require (internal/modules/cjs/loader.js:692:17) at require (internal/modules/cjs/helpers.js:25:18) at Object.<anonymous> (/home/pravallika/nodebb/node_modules/commander/index.js:2:21) at Module._compile (internal/modules/cjs/loader.js:778:30) at Object.Module._extensions..js (internal/modules/cjs/loader.js:789:10)

Browsed for solutions, I have seen suggestions related to version of nodeJS so I checked it too,I don't think that's the issue. Not sure of how to proceed.

Specs & installations:

$ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 20.04.6 LTS Release: 20.04 Codename: focal $ node -v v10.19.0 $ npm -v 6.14.4

Hi all,

New to NodeBB, currently trying to change fonts across my website.

I understand I can do this easily by editing the CSS, indicating which component and then which font to use:

[component="post"] {
font-family: "garamond";
}

My question is: if I want to edit the category titles in my Categories page, which "component" should I refer to?

Is there a list of values "component" can take? Would be good to have that because it would make me easier to edit say topic titles/comments/body etc.

Thanks,
Joao

Does the NodeBB PWA app send push notifications? We hope to have this feature for our new forum.

We are thinking about topics a lot lately, so I have some questions how the #threadiverse is handling/supportinh it atm. For WordPress we currently support one Group (topic) yet and that is the Blog-Author (@[email protected] for example), but we plan to have more Groups (topics) in the future, like for example Categories and Tags. Is that supported by nodeBB, Lemmy or Discourse? /cc @angus @devnull @nutomic

Hello, I'm encountering an issue with my project on NodeBB v1.18.5. The problem arises when a user attempts to respond to a topic, and their response contains a double degree in the name (e.g., Johndoe S.H., M.Kn), wherein the M.Kn is automatically transformed into a hyperlink, as seen in this question.

I've attempted to address this by implementing an edit in the admin panel. Specifically, while the post is still in the queue awaiting approval, the admin would manually edit any instances of double degrees by replacing the period with a special character &#46; (e.g., M.Kn).

However, the client prefers a simpler solution. Therefore, I'm exploring the possibility of creating a function within NodeBB to automatically handle this issue. Is there an alternative approach to resolving this problem?

or its possible when the user make post/topic and the description has a function to convert period into special character &#46; ?