Code Name Jessica

I second that! I have noticed it and just saved then re-opened the editor. It is kind of annoying.

OH YEAH!!! I saw that message too, which started me down the whole rabbit holw there... I had to do this which my scripts: def post_to_forum(title, content): """Posts a job listing to the Invision forum as a new topic.""" api_url = f"{IPS_API_URL}?key={IPS_API_KEY}" payload = { "forum": IPS_FORUM_ID, "title": title, "post": content, "author": 1, "author_name": "Jessica Brown", } logging.info(f"Sending POST request for job: {title}") try: response = requests.post(api_url, data=payload) response.raise_for_status() post_url = response.json().get("url", "URL not found") logging.info(f"Post created successfully: {post_url}") return True except requests.RequestException as e: logging.error(f"Failed to create post for {title}: {e}") return FalseNot sure if you are a Python developer or not but let me explain... The API URL needs your API KEY in the URL so IPS can process it. POST https://codenamejessica.com/api/?key=abcdef1234567890 Content-Type: application/x-www-form-urlencoded forum=42 title=New Job Posting post=We are hiring a Linux Administrator! author=1 author_name=Jessica Brown

Check your Apache or nGinX configuration. I had this issue since I was using nGinX. The config that worked for me was: location /api/ { # Pass the Authorization header to PHP set $http_authorization $http_authorization; proxy_set_header Authorization $http_authorization; # Serve existing files or route to index.php try_files $uri $uri/ /api/index.php; # PHP processing for the API location ~ \.php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/var/run/php/php8.3-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; # Pass the HTTP_AUTHORIZATION header to PHP fastcgi_param HTTP_AUTHORIZATION $http_authorization; include fastcgi_params; } }I spent WAY too long to figure that out, don't ask... Just played until it worked.

Found the issue, it was Zapier having bad HTML in a few articles with an open <br> tag right after a <small> tag. I now have a python script to sanitize the HTML before posting. Thanks for the point in the direction to look! Maybe if IPS wants to implement this into Invision Board, let me know, I can convert this to a PHP script to verify HTML before posting

Thanks, looked into that already, it is only on that page, all others work fine, and that setting is for global, I did already try changing that just in case it was page specific, I will dig into it, just confirming it wasn't a bug. Since this is articles being pulled into with Zapier from Its F.O.S.S. I am going to start digging into each article and see if there is something not being closed.

Thanks @Jim M, You gave me a hint to where it could be, I remember when I first installed v5, I want to have gradient top 1px bar above each of the boxes, when doing so, I was debugging with an overflow: hidden; in the css. /* Pseudo-element for the top gradient border */ .ipsWidget:not(.ipsWidget--transparent)::before { content: ''; position: absolute; top: 0; left: 0; height: 1px; /* Adjust thickness here if needed */ width: 100%; background: linear-gradient(to right, hsl(22, 100%, 40%), hsl(215, 18%, 26%), hsl(22, 100%, 40%) ); border-top-left-radius: inherit; /* Inherit the same border-radius */ border-top-right-radius: inherit; /* Inherit the same border-radius */ z-index: 1; /* Ensures it stays on top of other elements */ } .ipsBox, .ipsEntry, .ipsLayout__primary-column > .ipsForm[action$="do=edit"] > .ipsForm, .ipsWizard:not(.ipsBox *) { position: relative; background-color: var(--i-box--ba-co); border-radius: var(--i-box--bo-ra); box-shadow: var(--i-box--bo-sh); border-width: var(--i-box--bo-wi); border-style: var(--i-box--bo-st); border-color: var(--i-box--bo-co); /* THIS WAS THE PROBLEM -> overflow: hidden; */ } /* Pseudo-element for top gradient border */ .ipsBox::before, .ipsEntry::before, .ipsLayout__primary-column > .ipsForm[action$="do=edit"] > .ipsForm::before, .ipsWizard:not(.ipsBox *)::before { content: ''; position: absolute; top: 0; left: 0; height: 1px; /* Adjust thickness here */ width: 100%; background: linear-gradient(to right, hsl(22, 100%, 40%), hsl(215, 18%, 26%), hsl(22, 100%, 40%) ); border-top-left-radius: inherit; /* Inherit the same border-radius */ border-top-right-radius: inherit; /* Inherit the same border-radius */ z-index: 1; /* Ensures it stays on top of other elements */ } /* Pseudo-element for the top gradient border */By commenting the: overflow: hidden; in the .ipsBox, .ipsEntry, .ipsLayout__primary-column > .ipsForm[action$="do=edit"] > .ipsForm, .ipsWizard:not(.ipsBox *) selectors, this resolved the problem. my mistake for calling in the calvary.

I was able to get it to work (kind of), by writing this into the console for debugging purposes: window.addEventListener("scroll", function () { const toolbar = document.querySelector(".ipsEditor__toolbar--main"); if (window.scrollY > 450) { toolbar.style.position = "fixed"; toolbar.style.top = "0px"; toolbar.style.display = "flex"; // Preserve flexbox layout toolbar.style.flexWrap = "wrap"; toolbar.style.width = "100%"; // Ensure full width when fixed } else { toolbar.style.position = "sticky"; toolbar.style.top = "var(--i-sticky-offset, 0px)"; } });I am not sure exactly why I have to force it to add the sticky after scrolling 450px, I did try clearing the forum's cache, and my browsers cache as well.

When I am posting a log topic, I have to continuously scroll back up to the top of the page to use the menu bar in the editor? This just recently changed over the last 5.x updates: When I type on this forum, the menu bar is still there.

My site is so lonely that I don't even have 2 avatars on one topic... 🎶 One is the loneliness number that you'll ever do. Two can be as bad as one It's the loneliest number since the number one 🎵

In English, "they" can be used as a singular, gender-neutral pronoun when the person's gender is unknown or unspecified. Since the forum doesn't ask for gender identifiable items, "THEY" would be correct. For example: "They left their car keys on my desk." Here, "they" and "their" are appropriate because we don’t know if the person is male or female. However, if you have information that identifies the person’s gender, such as a key chain that says "William", you would use the corresponding pronouns: "William left his car keys. I wonder if he will be back for them." In this case, "his" and "he" are used because we know William is male. The word "them" refers to the car keys as a plural noun, not to William.

☝ DO NOT MOVE TO WINDOWS, I BEGGITH OF YOU. WINDOWS BAD

In my opinion MariaDB is better. They are both RDBMS (Rational Database Systems) that share the common origin. MySQL is owned by Oracle, whereas MariaDB came from the original creator of MySQL (I think I read that somewhere). MySQL has proprietary (yes thank you spell check, I suck)... items that require a commercial license. Although MariaDB does not have the proprietary stuff in it. MariaDB offers multiple storage engines like Aria, TokuDB, XtraDB, and ColumnStore and Thread Pooling, Parallel Replication, and Query Optimization at no cost, whereas MySQL only InnoDB as the default storage area. I think others can be used as well as Thread Pooling for a cost. I can go on and on, but overall, I choose MariaDB. I forgot to mention the security side of it... (Thank god my boss can't see this post!) SecurityMySQL is native SSL/TLS, and Native Data-at-Rest Encryption (at a cost) MariaDB includes Data-at-Rest (no cost), RBAC (Role Based), and User Account Locking and Dynamic Privileges for granular control.

I think you missed this part:

...and you are correct about this tangent, so this will be the last thing I say just so you know I know what I am talking about. Most external-facing systems for banks, such as their web and app interfaces, do utilize Content Delivery Networks (CDNs) to optimize performance with a caveat. CDNs help serve static assets like JavaScript, CSS, and images closer to the end-user, reducing latency and ensuring faster load times. This offloads traffic from the origin servers, enhancing both speed and reliability without compromising security. There are fallback situations in the event of failure to these CDNs for locally hosted options. However, internal systems, especially those dealing with sensitive operations like core banking systems or transaction processing, (I want to say typically, but...) do not rely on CDNs, as they are usually hosted within tightly controlled air gap environments for security and compliance reasons. Hence the PCI-DSS (Payment Card Industry Data Security Standard). So, your statement is mostly accurate if you're referring to the distinction between external web/app interfaces but also consider their fallback methods which are internally hosted, this leaves safety for failures.

One thing I can speak on is banks, government agencies, ambulance, and enforcement dispatch. None of those facilities have CDNs in any way shape or form. I know, 26 years Air Force as Security Compliance Officer for Linux System Administrations. Now 4 years with Global Banking administration and Trust Services. About 70% of North America's banking.

I can’t fully agree or disagree with that statement because I don’t manage those services. However, it’s important to recognize that companies like Netflix, Disney+, and Amazon operate on a scale far beyond most organizations. They own massive data centers and have contracts with external providers like AWS to support their infrastructure. Even if we consider a guess of the top 1% of your customer base, those with financial resources comparable to Netflix, Disney+, or Amazon, it’s understandable that managing microservices through an upstream provider wouldn’t pose much of a challenge for them. However, for the vast majority, if I had to guess, around 95% of your customer base, they likely don’t have the same resources. Most don’t have dedicated Cybersecurity, Server, or Development departments, nor do they have layers of management to oversee such complex operations. While this approach might work for large-scale enterprises, it’s not necessarily practical or feasible for smaller organizations with limited infrastructure and staff. I make a very comfortable living working for a global company where my sole focus is Linux security and administration. We deal with extremely sensitive data, and while I’m sure most of your customers don’t, including my own personal website, security is more than just a "what if." I’m sure Invision has more resources than many of your clients, and microservices likely work well for your company. But I can only speak for myself, and frankly, the $500 price tag on the software alone gave me serious pause (and possibly a small stroke). I welcome change, evolution, and enhancements, but I want changes that don’t compromise security, safety, or compliance. Everything else is noise, so I have to change how people log in, or I have to change my page layouts, whatever. Someone in another post mentioned, "You had since 2022 to bring up these concerns." Well, this is me ringing the bell now before it’s 2028, IPS v6 is out, and AWS has its own CrowdStrike moment. Just my two cents. And yes, I know where the door is if it comes to that.

If you’re referring to CDNS as CDNs (Content Delivery Networks), I would strongly advise against using them for production servers. All of my production servers, both professional and personal, are restricted or entirely blocked from accessing external web sources due to significant security risks. For example, on CodeNameJessica.com, I allow inbound HTTPS traffic (port 443) to serve content securely. However, all outbound traffic is blocked to prevent the server from fetching or sending data to external sources. All necessary assets (e.g., JavaScript libraries, CSS files) are hosted locally, ensuring full control over the server environment and eliminating the risk of supply chain attacks or unexpected third-party failures. All servers that I manage have explicitly has iptables rejecting outbound connections before going live: sudo iptables -A OUTPUT -p tcp --dport 80 -j REJECT && sudo iptables -A OUTPUT -p tcp --dport 443 -j REJECT As Invision Community evolves, I strongly advocate for continued (or even enhanced) support for self-hosting all required resources. This approach aligns with best security practices and aids in maintaining compliance with standards like PCI-DSS and ISO 27001, both of which recommend minimizing unnecessary external connections. Regarding SQS (Simple Queue Service), I find it puzzling that a commercial software solution with a significant price tag would rely directly on third-party services like this. While AWS is robust and its downtime may seem improbable, history shows that even the most trusted providers (e.g., CrowdStrike, Microsoft) have faced significant outages. Dependence on third-party SaaS or PaaS can introduce unnecessary points of failure, which, in my view, isn't in the best interest of Invision Community. As for NodeJS and ReactJS, I’m a developer experienced with both, and they’re straightforward to install, maintain, and use. In fact, my previous forum software, NodeBB, is built entirely on NodeJS. I understand the concern might stem from users on budget-friendly shared hosting environments (e.g., $2/month plans), which often have limitations. However, for those using affordable VPS solutions (like my $15/month VPS for CodeNameJessica.com), these technologies run perfectly without issue. For context, I run: A Splunk Agent for log management, A NetData Agent for real-time monitoring, Fail2Ban for real time blocking Custom PHP, Python, and BASH scripts to maintain server A 94% OSSEC score for intrusion detection, And Invision Community securely without performance issues. I’d love to hear how others manage this, particularly in environments where security and compliance are top priorities.

☝ THIS!!! Exactly me... No income from site, hosted price out of my budget, knowledge and skill set! Get out of my head! I get a VPS for $15/mo., I have total control, and I can install anything, with 26 years' experience as a developer and system administrator for the USAF.

But… are they? You're travelling through another dimension, a dimension not only of sight and sound but of mind; a journey into a wondrous land whose boundaries are that of imagination - Next stop, the Twilight Zone!

Ok, I probably should have said SOFT RELEASE, because clearly, that’s the hill to die on here. -- Whatever, what I was trying to say "Is there a difference between v5B14.2 and v5.0.0?" I think we all possess the mental faculties to grasp the point, but I deeply appreciate you swooping in to correct the phrasing of the exact release name and type. Truly, where would we be without that?

Is there a change log for this RC1?

"I want to say it...", "No don't say it...", "I gotta say it....", "NO! don't say it....", "I HAVE TO SAY IT....", "JESSICA, DAMN IT, DON'T EVEN THINK ABOUT SAYING IT", "ok, I won't....". "Cars are messy too... They leave carbon...", ---- "JESSICA!!!! I SAID DON'T SAY IT!"---- "....ummm never mind"

Seriously though... I should probably put in a bug report... {2 months later} IPS Version 5 Beta 574 now live! I am just kidding you devs/testers/managers are doing amazing.