2019 - Vanilla 2.8

Note: Many of the following items were incorporated into releases spanning from September 20, 2018 - January 30th 2019 (2.8.dev.1, 2.8.dev.2, 2.8.dev.3, 2.8.dev.4, 2.8.dev.5, 2.8.dev.6). Due to a staggered nature of releases for different clients, all release notes from this time have been condensed into this 1 document.

Rich Editor

Rich Editor is now the default editor for Vanilla.


The Rich Text Editor features a number of significant upgrades:

  • Embedded link previews. When you paste a link, you will see the site’s title, description, and a thumbnail image if one is available.
  • Better user mentioning experience (All unicode characters supported).
  • Pure WYSIWYG. No need to “Preview” your posts because they are always 100% accurate.
  • Toolbars that stay with you and only show when you need them. No need to scroll up to find your menus when composing a long post.
  • Seamless mobile experience that is just as rich as desktop.
  • Enhanced accessibility including full keyboard-based interactions.
  • Built-in native emoji support.
  • Drag-and-drop image embedding and file attachments.
  • Code formatting is now built-in (no other addon needed).
  • When you edit old posts, it will continue to use Advanced Editor. We do not yet support the automatic conversion of old posts to the new format.

Read more abot the rich editor in it’s documentation or it’s introductory blog post

New Default Theme (Keystone)

Vanilla 2.8 ships with a new, fully responsive theme Keystone.

Keystone ships as the default desktop and mobile themes on new installations and can be enabled on existing installations through the themes page.

Theme Options Keystone ships with 6 preset theme options. Covering a different variety of stylistic choices and colour palettes.


Features & Fixes


  • Add ability to get info for the current user to Users API v2 endpoint GET /api/v2/users/me.
  • Make Categories default to allowdiscussions=1.
  • Fix APIv2 ignoring Rank based permissions on user accounts
  • Remove Garden.AllowJSONP from config
  • Fix limit parameter not being properly validated on APIv2 endpoints.
  • Fix permissions updates overwriting all saved permissions for a category in API V2 roles.

Category Following

  • Display ‘Unfollow’ option when filtering by followed categories.

Posting - Fix inability to reference HTML tags in discussion titles - Add warning for trying to set the maximum post length beyond current limits - Move ability to set post formatting from the Advanced Editor to the /vanilla/settings/posting page. - Q&A: Add user option to disable/enable Q&A notifications. - Hub Sync: Allow badges to opt out of syncing to allow for site specific changes


  • Bootstrap 3: Fix Flag flyout menu being cut off in activity
  • Add category following to categories page in Lithe Mobile theme


  • Start new messages auto-enabled.

Groups - Show newest group applicants & invites first so they can still be seen when the list exceeds the current limit (20). - Fix permission check when adding a member to a group using the groups API.


  • Fix orphaning of UserRole records after the deletion of a role.
  • Refresh page after adding/deleting bans.
  • Refresh page after adding/deleting messages.
  • Fix ban rules fatal error on search.


  • Fix formatting ticket body before passing to Zendesk.
  • Fix cases where content post could be processed incorrectly when being formatted for ZenDesk.

Akismet - Fix potentially overwriting another plugin’s spam detection results.


  • Fix accepting answer giving external link warning.

Groups - Fixed security issue related to Groups search.

Advanced Editor

  • Fix error message handling when uploading a duplicated file


  • Fix permission for accessing the Event Log for Administrators
  • Fix emails not being saved when editing a user profile
  • Removed the cooldown period before re-prompting for password when changing email address in Vanilla.
  • Critical security fixes.
  • Fix various accessibility issues.
  • Improve performance across the application.
  • Fix IP ban rules not getting properly applied on user login
  • Fix the display of IPv6 when viewing the Event Log.
  • Fix search count on the User page in the dashboard when searching by IPv6.
  • Fix post counters on profile pages exceeding allotted area.
  • Fix duplicated language element in multiple RSS feeds.
  • Fix Twitter callback URL for profile connections.
  • Fix reactions menu items not redirecting to user profile.
  • Fix comment and discussion count displaying as blank when the user hasn’t posted any comment or discussion.
  • Fix leaving page links that are double encoded.
  • Fix Profile page shows a thread as un-viewed to guest.
  • Fix various UI issues and race conditions.
  • Fix Checking for duplicate discussion foreignIds (for embed comments) when a user comments in 2 tabs without refreshing the page.
  • Add nofollow attribute for social reactions (Facebook, twitter).

Developer Notes

  • Add support for converting Garden Schema exceptions to Gdn_Validation. ) 8191
  • Add extra CSS class for remember password.
  • Add a class to @mention inside user content.
  • Fix search API not joining all rows when requested limit exceeds resource limit defaults.
  • Add CSS class to comments with same author as the discussion.

Fix limit parameter not being properly validated on APIv2 endpoints:

This is a rather minor fix on our end, but it may have an impact on your set up if you are using API V2 anywhere on your side and you have a call set up with a limit parameter set higher than 100.

This has always been our suggested limit; however, we were not properly validating that limit parameter. This meant that you could use an API call with a higher limit parameter, and your calls would be successful. The call would only start to return errors once the community had grown to a point where these API calls they set up would then start pulling so may records that it would exacerbate the API and return an error with little to no helpful information.

Vanilla has implemented proper validation of the parameter so that we can return a valid error explaining that the limit should be lower than 100.

Cloud Hosting

We believe that online communities should be intuitive, engaging and true to your brand. Vanilla allows you to create a customized community that rewards positive participation, automatically curates content and lets members drive moderation.

Learn More …