Flarum
{{Short description|Internet forum software written primarily in PHP}}
{{COI|date=January 2022}}
{{Infobox software
| title = Flarum
| screenshot = Flarum Discuss screenshot.png
| logo = Flarum Logo, white on gradient orange.svg
| logo size = 72px
| logo alt = Orange gradient background with a digital paper-like white speech bubble overlaid.
| caption = Screenshot of Flarum's official forums, named Discuss.
| released = {{Start date and age|2021|05|27}}{{Cite web|url=https://discuss.flarum.org/d/27394-flarum-100-released|title=Flarum 1.0.0 Released - Flarum Community}}
| ver layout = simple
| latest release version = v1.8.10
| latest release date = {{Start date and age|2025|03|12}}
| repo = {{URL|https://github.com/flarum/framework}}
| programming language = PHP, JavaScript and TypeScript{{Cite web|url=https://github.com/flarum/framework|title=Flarum/Framework|website=GitHub|date=31 March 2022}}
| genre = Internet forum
| license = MIT License
| website = {{URL|https://flarum.org/}}
}}
Flarum is Internet forum software written primarily in PHP,{{cite web |title=flarum Languages is PHP 100% |url=https://github.com/flarum/flarum |website=GitHub |publisher=Flarum |access-date=15 July 2024 |date=14 July 2024}} and a combination of JavaScript and TypeScript for its user interface. It was created as part of a merger of two existing forum software,{{cite web |title=About Flarum : Flarum Documentation |url=https://docs.flarum.org/#goals |website=docs.flarum.org |access-date=18 July 2024}} FluxBB{{cite web| title=Future development - FluxBB |url=https://web.archive.org/web/20220702181704/https://fluxbb.org/about/future.html |website=Internet Archive |access-date=18 July 2024 |date=2 July 2022}} and esoTalk,{{cite web| title=GitHub - esotalk |url=https://github.com/esotalk/esoTalk |website=GitHub |access-date=18 July 2024}} and their two main developers, Franz Liedke and Toby Zerner.
Flarum is designed to be minimal forum software with high extensibility. Most common features in other forum software are extensions to Flarum's core software, such as locking threads, private messaging, flagging posts, and assigning tags (categories) to discussions.
History
Flarum's history dates back long before the merger of FluxBB and esoTalk. Flarum's philosophy was conceptualised in 2010 by Toby Zerner,{{Cite web|title=Flarum 1.0.0 Released - Flarum Community|url=https://discuss.flarum.org/d/27394-flarum-100-released|access-date=2021-12-23|website=discuss.flarum.org}} with initial designs and prototypes being created as early as 2012,{{Cite web|title=Flarum: The Year Ahead – Toby Zerner|url=http://tobyzerner.com/flarum.html|access-date=2021-12-23|website=tobyzerner.com|language=en}} and he entered Flarum into the University of Adelaide's eChallenge programme, winning the 2nd place prize with the project's idea.{{Cite web|last=Rooney|first=Kleo|title=Energy from Waste wins the ECIC e-Challenge 2013 First Prize|url=https://blogs.adelaide.edu.au/ecic/2013/11/27/energy-from-waste-wins-the-ecic-e-challenge-2013-first-prize/|access-date=2021-12-23|website=News and Events from the ECIC|language=en}}
In October 2014, Toby Zerner and his friend Stephen Grace launched a Kickstarter crowdfunding campaign to help fund Flarum's development at a time when Toby was studying medicine. The funds raised were planned to allow him to take a year out of his medical training in order to develop Flarum full-time, along with launching a paid cloud hosting service alongside Flarum. However, approximately two weeks after the Kickstarter launch, the campaign was cancelled, instead favoring an open-source and public approach to project development. The prototype code was published to GitHub in December 2014.{{Cite web|title=GitHub - flarum/core at 74db323f83116087e773d23c3b547bc6627c1956|url=https://github.com/flarum/core|access-date=2021-12-23|website=GitHub|language=en}}
The original Flarum prototypes were created in PHP and JavaScript, using Laravel as a backend framework and Ember.js as a frontend framework. In April 2015, Ember.js was replaced with Mithril.js,{{Cite web|title=Replace Ember app with Mithril app · flarum/core@b68a471|url=https://github.com/flarum/core/commit/b68a4711dceb303dfc9b9b47cf9ae45b18d470b5|access-date=2021-12-23|website=GitHub|language=en}} which is still used in the latest releases of Flarum.
On August 27, 2015, the first beta version of Flarum was released to the public.{{Cite web|title=Release 0.1.0-beta · flarum/core|url=https://github.com/flarum/core/releases/tag/v0.1.0-beta|access-date=2021-12-23|website=GitHub|language=en}}
On July 4, 2019, Toby Zerner announced he would be leaving the Flarum project to focus on his own premium forum software, leaving Franz Liedke and Daniël Klabbers to lead the project into the future.{{Cite web|title=Farewell and What's Next For Flarum - Flarum Community|url=https://discuss.flarum.org/d/20590-farewell-and-what-s-next-for-flarum|access-date=2021-12-23|website=discuss.flarum.org}} Following Toby's departure, the remaining members of the Flarum team proceeded to found the non-profit Flarum Foundation (Dutch: Stichting Flarum) to be the legal owner of the Flarum open-source project, and its registered trademark.{{Cite web|title=Flarum Foundation, 1: the why and who - Flarum Community|url=https://discuss.flarum.org/d/20818-flarum-foundation-1-the-why-and-who|access-date=2021-12-23|website=discuss.flarum.org}}
In February 2021, Franz Liedke announced that he would also be leaving the Flarum project, due to being unable to consistently dedicate time to the project, leaving Daniël Klabbers to lead Flarum.{{Cite web|title=Leaving the project - Flarum Community|url=https://discuss.flarum.org/d/26175-leaving-the-project|access-date=2021-12-23|website=discuss.flarum.org}}
In May 2021, the first stable version of Flarum was released, after a total of 11 years in development.
In June 2021, a critical security vulnerability was found in Flarum's initial stable release allowing for cross-site scripting attacks against other users through clicking a URL. This was fixed with a patch release as version 1.0.2.
Controversy
Shortly after Flarum's initial stable release, a cross-site scripting vulnerability was found in the search field which could allow users to execute arbitrary JavaScript code without a user's permission. This vulnerability was patched in version 1.0.2.{{Cite web|title=Critical security update to Flarum core, with new incident write-up (v1.0.2) - Flarum Community|url=https://discuss.flarum.org/d/27558-critical-security-update-to-flarum-core-with-new-incident-write-up-v102|access-date=2021-12-23|website=discuss.flarum.org}}{{Cite web|title=Build software better, together|url=https://github.com/|access-date=2021-12-23|website=GitHub|language=en}}{{Cite web|title=CVE - CVE-2021-32671|url=https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32671|access-date=2021-12-23|website=cve.mitre.org}} Following this vulnerability, the Flarum team opted to partner with open-source security reporting website [https://huntr.dev Huntr.dev] to allow for a more streamlined way to report issues, as well as providing a bounty for reports and fixes without costing the open-source project money.{{Cite web|title=huntr.dev as first point for security vuln (#2918) · flarum/core@5ee5f82|url=https://github.com/flarum/core/commit/5ee5f82e3d54ac0dc49ff6bd93382e768976dbdd|access-date=2021-12-23|website=GitHub|language=en}}
See also
{{Portal|Free and open-source software}}
References
{{Reflist|30em}}
External links
- {{Official website|https://flarum.org/}}
- {{URL|https://discuss.flarum.org|Flarum's official discussion forum - Flarum Discuss}}
- {{GitHub|flarum}}
Category:Free Internet forum software
Category:Free software programmed in PHP