- Joined
- Oct 27, 2025
- Messages
- 352
Some of the changes in XF 2.3.8 include:
The following public templates have had changes:
- Fix an issue where EXIF orientation would be set when already adjusted client-side
- Fix some issues with entity type hinting
- Allow underscore word boundaries in read-only method names
- Fix empty user authorized applications list container
- Ensure language state is always restored in between generating activity summary emails
- Fix filter JS query parameter concatenation
- Allow passkey creation on local hosts
- Fix cleanUpInvalidRecords type hint
- Always coerce parse_less_color template function to hex for non-variable values
- Fix duplicate result-set hydration queries
- Return an error early when search keyword lengths are too long
- Use strict type checks when processing search input
- Only search and display posts on the profile postings tab
- Use post content filter and thread type sub-filter for member thread search
- Avoid converting SVGs to rasterised images
- Skip void method return in XF\Cli\Command\AbstractCommand::initialize
- Ensure invalid page numbers are handled correctly when viewing the watched threads list
- Add handling for null status message values when resuming jobs
- Ensure passkeys are deleted when the associated user is deleted
- Fix missing support for some webhook actions
- Add missing defaultname to xf:avatar and xf:username tags in the report_view template
- Support HTML for the summary_of_what_you_missed_recently phrase in the activity_summary email template
- Fix DKIM signing preventing List-Unsubscribe headers from being added to emails
- Require re-authentication before allowing passkey additions or modifications
- Support rebuilding unfurls when rebuilding metadata for supported content types
- Fix not being able to setup TOTP on Firefox via QR code if privacy.resistFingerprinting is enabled
- Add missing template annotation to EmbedResolver/AbstractHandler
- Update docblock hint on \XF\Repository\UserAlertRepository::fastDeleteAlertsForContent to include array of ints
- Improve add-on manager performance when coercing add-on IDs with a significant number installed
- When checking the replication status of a read server, make sure the query is properly sent to the read connection
- Support the "listitemclass" attribute when rendering checkboxes
- Try to preserve post ordering when there's an unexpected time sync issue
- Include a cache buster on direct attachment URLs
- Fix issue preventing "Handle report" button on an assigned report not revealing the save button
- Skip deleting style variation preference cookie on logout
- Throw an error if trying to rebuild search index with an invalid type
- Cache user online counts in the same request to reduce query usage
- Ensure _cascadeSave is cleared out when Entity::_saveCleanUp is called
- Guard against Request::getIp not returning a valid IP in some cases.
- Do not resolve attachment cover images for guests with no attachment permissions
- Pass criteria object to criteria_template_data event listeners
- Skip non-existent attachments when deleting from the control panel
- Set up search entity after searches have been executed
- Add JSDoc to XF.createElement
- Fix some issues with the quote plugin
- Correct some lingering links to twitter.com
- Hide additional contact heading from control panel user edit page when there are no contact user fields
- Remove pattern attribute from number inputs
- Fix DKIM signing in XF 2.3
- Fix missing trailing slash when linking to cookies explainer from privacy policy
- Workaround issue where Sign in with Apple might not return an email (#1199)
- Validate signature counter when using a passkey (#1198)
- Throw a clearer error when the current host and board URL do not match when creating or authenticating with passkeys (#1200)
- Log users in to the public forum when authenticating with passkeys via the admin panel (#1201)
- Inhibit sending push notifications to permanently removed Chrome subscriptions
- Ensure failed passkey logins count towards failed login attempts limit (#1207)
- Process Gmail inactive inbox bounce messages as a hard bounce (#1208)
- Make it easier to override PayPalRest plan parameters (#1209)
- Set tfa_trust cookie when logging in with a passkey (#1210)
- Create Finder directory if one does not exist when generating finder classes (#1211)
- Update PHPDoc for asVisitor function to better infer return types
- Reduce notification enqueuing delay when submitting posts
- Refactor delete clean up process to ensure rename and delete happens in one process
- Skip caching local URLs when using the image proxy
- Workaround potential race condition when saving bookmark labels
- Support using passkeys in place of password confirmations
- Support passing extra spam check data in the user registration service
- Add base webhook criteria classes
- Support accessing notification data in Notifier classes
- Add additional array functions to the templater
- Strip HTML tags when using the description as a title for an import from an RSS feed (#1214)
- Move XF\BbCodeRenderer\Html::getValidUrl functionality to a utility function (#1215)
- Throw an error if attempting to run an import step that does not exist (#1216)
- Include random string with DKIM selector (#1217)
- Check for case-mismatches when creating add-ons (#1218)
- Fix TypeError when non-array JSON input is submitted (#1223)
- Don't block image upload if EXIF processing fails (#1224)
- Fix issue where XF.phrase function was not able to handle repeated replacements
- Fix display of signatures set to falsey values
- Fix pagination scrolling behaviour for reactions received page
- Fix quick reply scroll-to-post behaviour
- Fix inverted logic in canResize method check
- Made add-on archive validator more robust by eliminating double extraction and adding proper JSON validation
- Finder::getCollectionFromResults doesn't check hydrateFromGrouped's return result is not null
- Ensure option values are cast to their proper data types when retrieved
- Incorrect operator precedence in template expressions
- Release builder fails with symlinked add-on directories
- Email bounce parser now handles multi-digit status codes (#1240)
- API routes generate invalid development output
- Improve delivery efficiency of CSS when using a cache
- Avoid unnecessary write of original avatar when only crop changes
- Reserve some memory for error reporting
- Pull protocol and host from board URL in CLI contexts
- Add support for AbstractCollection when using the Templater's array_* functions (#2182)
- Refactor lightbox sidebar toggle handling and ensure proper initialization
The following public templates have had changes:
- _help_page_privacy_policy
- account_reactions
- account_visitor_menu
- attachment_macros
- bb_code_tag_attach
- core.less
- core_action_bar.less
- embed_resolver_thread
- helper_attach_upload
- lightbox.less
- login_password_confirm
- member_about
- member_macros
- member_recent_content
- member_tooltip.less
- message.less
- message_macros
- news_feed_attached_images
- passkeys_macros
- report_view
- setup.less
- share_page_macros
- tag_macros
- tag_search
- two_step_totp
