AO3 News

Post Header

2021-07-27 16:15:19 -0400

This large batch of updates includes a rewrite that killed several tag saving bugs, new tools and fixes to prevent abuse and customize your Archive experience, and a generous helping of behind-the-scenes improvements.

Special thanks to agenderdanvers, hocestcorpus, korrien, and lethnie, who all submitted their first fix! (If you'd like to contribute to the Archive codebase as well, please refer to our Contributing Guidelines.)


  • Coders: agenderdanvers, Alix R, cosette, Enigel, hocestcorpus, korrien, lethnie, redsummernight, Sammie Louise, Sarken, ticking instant, tlee911
  • Code reviewers: Ariana, james_, redsummernight, Sarken, ticking instant
  • Testers: Alison Watson, Claire Baker, cosette, GoldenFalls, james_, Jocelin, Lady Oscar, lydia-theda, Nary, QED, Qem, Rebecca Sentance, redsummernight, runt, Sarken, Taylor Clossin, Teyke



Security fixes and visible user/work IDs to make hiding content easier, deployed on March 16th.

  • [AO3-5585] - We fixed a security risk concerning challenge assignments.
  • [AO3-6011] - We also made sure you can't claim a prompt pretending to be another user.
  • [AO3-6137] - When an admin changes a user's roles (e.g., makes them a tag wrangler), that change is supposed to be logged in the account's history. However, for the past ten years, it... hadn't been getting logged. We've fixed that now.
  • [AO3-5525] - We've added an option for our Policy & Abuse team to turn off password reset emails for users who report being harassed in this manner.
  • [AO3-6025] - Two of the emails related to work imports asked users to whitelist emails from the domain. We've updated the wording to "add email addresses from to your list of safe contacts" instead.
  • [AO3-6131] - We've added user and work IDs to work blurbs to allow hiding or highlighting via site skins. (For instructions on doing this, please check out our update on blocking and muting. We'll have a dedicated post once we've expanded this ability to bookmarks and series.)
  • [AO3-6135] - The list of servers we deploy to used to live in the Capistrano deploy scripts, which sounds reasonable -- deploy is in the name! -- but it was terribly inconvenient because it required a code change every time we changed our servers. We've moved that list somewhere else, where it's easier to change.


Search index improvements (part 1), deployed on March 22nd.

  • [AO3-6147] - To shift some data around in Elasticsearch, we had to add a task to update the mapping.


Search index improvements (part 2), deployed on April 1st.


Upgrade to Ruby 2.7.3 plus various bug fixes, deployed on May 9th.

  • [AO3-6155] - The preferences page previously referred to your History as your Viewing History. We never call it that, so we've corrected the phrasing.
  • [AO3-6145] - If you tried to add duplicate tags to a bookmark, e.g. both Angst and angst, it would give a 500 error. Now it saves the bookmark with just one of the tags, much like what happens if you try to add duplicate tags to a work.
  • [AO3-5740] - Editing a work to add a series, previewing your changes, and then cancelling used to result in your work still being added to the series. Now it respects your wishes and doesn't add the work to the series.
  • [AO3-5056] - Designated archivists can import works for others, e.g., when moving a whole collection of works to the AO3. The creators of those works receive an email about the import and can make some choices about having their works imported. Previously, those choices would not be properly saved under some circumstances; now they are.
  • [AO3-4008] - The Comments button on works now properly jumps you to the comments section, not the list of kudos.
  • [AO3-6157] - We've upgraded to Ruby 2.7.3, which also involved changing the gem we use to handle pseud and collection icons.
  • [AO3-6162] - We updated some broken FAQ links in the help pop-ups on the work posting form.
  • [AO3-6151] - Our Gemfile previously installed every AWS gem imaginable even though we only really needed one. We're rectified that.
  • [AO3-5910] - We've updated our repository's database schema and structure files to match the current state of the database on production.


Gem updates, deployed on June 2nd.

  • [AO3-6170] - We updated Rails due to a security vulnerability in actionpack.
  • [AO3-6173] - We updated nokogiri due to a security vulnerability.
  • [AO3-6169] - The Twitter widget would sometimes cause our tests to fail, so we stopped loading the Twitter widget in our tests.


Various bug fixes and infrastructure improvements, deployed on June 18th.

  • [AO3-6177] - Our automated tests for rate limiting sometimes failed even though the rate limiting code works just fine. We made it so the tests stop lying.
  • [AO3-6174] - Headings consisting of long, unbroken strings of characters would cause pages to scroll horizontally. Now we force the text to break so that doesn't happen.
  • [AO3-4936] - Occasionally, works are saved without fandom tags. It used to be that when this happened with multi-chapter works, you'd get a 500 error if you tried to access the work in Chapter by Chapter mode. Now the work will load.
  • [AO3-3498] - If you posted a work from a draft, sometimes the word count would just be blank. That won't happen anymore.
  • [AO3-6178] - Our CI will no longer mark builds as failing just because the process of uploading a coverage report failed.
  • [AO3-6072] - If you set up a new development environment, there wouldn't be any language options available on the pages for submitting support tickets or abuse reports. We've made it so there will always be a language available.
  • [AO3-5408] - We no longer store IP address from Support tickets in the database. Now we just hand them off to our spam checker when someone presses the "Submit" button.
  • [AO3-6180], [AO3-6179], [AO3-5437], [AO3-5431] - We removed some unused code. 🧹


Rewriting some of the code to ensure changes to tags aren't saved until the taggable item (e.g. the work) itself is saved knocked out several bugs at once. Deployed June 22nd.

  • [AO3-6043] - If you tried to edit a work to remove all of its warning tags, it would seem to save, but the tags would still be there. This was sort of good, since works need to have at least one warning, but not great because it didn't tell you there was a problem saving your work. Now it will give an error message.
  • [AO3-5978] - If you tried to edit a bookmark to add a tag that was over 100 characters long (the maximum length for tags), you'd get either a 422 error or a blank white page depending on your browser. Now you'll get redirected to the editing form with a note that your tag is too long.
  • [AO3-4932] - Removing a work's fandom and pressing Cancel on the resulting error page used to save the work without a fandom, which was terrible: all works need at least one fandom tag! We've made it so works without a fandom will definitely not be saved.
  • [AO3-3661] - If you wanted to remove all of the category tags from your work and you tried to preview your change, the tags wouldn't get removed upon saving. Now they will!
  • [AO3-3455] & [AO3-5041] - When editing the tags or language on your work, you wouldn't see the changes during preview. Now you can see your work's new info in all its glory right there on the preview page.


Post Header

2021-01-23 14:09:49 -0500

The latest release includes a tiny CSS change that ensures large images aren't cut off on small screens, as well as several bug fixes and behind-the-scenes improvements. Now that Flash is dead, we have also converted all works using Dewplayer for audio embeds to use the HTML audio tag instead.


  • Coders: Alix R, cosette, james_, Jeff Kingswood (Littlelines), redsummernight, Sarken, Stephen Burrows, ticking instant, tlee911, Tom Milligan, translatorzepp
  • Code reviewers: redsummernight, Sarken, ticking instant
  • Testers: CJ Record, Claire Baker, james_, lydia-theda, Nat, QED, Qem, redsummernight, Ridicully, Sammie Louise, Sarken, Taylor Clossin


Frontend improvements

  • [AO3-5791] - We tweaked the CSS so large images in works will no longer overflow their container and cause sideways scrolling. The "Upcoming changes to images" announcement has a bit more information.
  • [AO3-5822] - We've made it so HTML list items (<li>) and description details (<dd>) in right-to-left languages now have a margin on the right, not the left, as they should.
  • [AO3-6057] - Our code includes a list of right-to-left languages to make sure they display properly in the AO3 FAQ and news posts. In addition to Arabic and Hebrew, this list now includes Persian.
  • [AO3-6019] - Other users can add you as a co-creator to their works; however, you have to approve this request first. Those requests could be reached from a menu item called "Creator Invitations", which sounded like you could send invitations to your friends from this page. We have now renamed this to "Co-Creator Requests" to avoid confusion.
  • [AO3-6009] - We updated the banner new users are presented with when they log in for the first time. Now it helps folks find our FAQs and Support form in case they have trouble using the site, and our Policy & Abuse form in case they experience harassment or have questions about our Terms of Service.

Bug fixes

  • [AO3-3765] - When a tag had more than one page of tag comments, the notification email to the wrangler would include incorrect links (i.e. to the first page of comments instead of the comment in question). The links now lead to the correct places!
  • [AO3-5615] - It was previously possible to mark a tag as unwrangleable even if it hadn't been assigned to a fandom, making it essentially unfindable in the wrangling interface. Now you have to attach it to a fandom first.
  • [AO3-6091] - We've added an ownership check so you can't add yourself as a co-owner of another person's collection.
  • [AO3-6100] - Site admins with the Support role can now create news posts.
  • [AO3-4743] - We fixed the page listing all external works, which was returning errors for site admins.
  • [AO3-4744] - When you bookmark an external work, the form should recognize any URL that had previously been bookmarked and auto-fill creator, summary, tags, etc. for you, if those had previously been provided. However, this wasn't working. Now it does!
  • [AO3-6046] - If you saved an AO3 page using some browsers' "Save Page As" option, you'd be presented with the notice we automatically insert on AO3 proxy sites. That won't happen anymore!
  • [AO3-5909] - Skins couldn't be deleted if JavaScript was disabled. Now they can!
  • [AO3-5685] - If you accidentally visit the log out URL (e.g. because your browser's autocomplete helpfully added /users/logout when you typed, we made it so you would see a confirmation page and not actually get logged out.

Behind the scenes

  • [AO3-6096] - We have added a way for us to automatically convert new and existing works that use the Dewplayer audio player to use the HTML5 <audio> tag instead. (Find more details in our announcement post: What the death of Flash means for your audio and video embeds.)
  • [AO3-4879] - We fixed an issue with displaying an error message if we fail to update preferences for authors of works imported by Open Doors.
  • [AO3-6063], [AO3-6064], [AO3-6066] - We fixed indexing errors that would sometimes occur when deleting works, when deleting users, and when there's nothing to actually index.
  • [AO3-5958] - The way we test authentication and user permissions in our automated tests wasn't ideal, so we improved it.
  • [AO3-6086] - We laid the groundwork for moving collections data to Elasticsearch, which functions as a helpful layer between the database and the site to make browsing and filtering much faster! Stay tuned for further developments.
  • [AO3-6090] - After adding the option to disable anonymous comments on works, there was a little more code and database clean-up left to do. Now everything is tidy! \o/
  • [AO3-6098] - Since we've recently added, repurposed, and decommissioned quite a few servers, our deploy script had to be updated to reflect these changes.
  • [AO3-3582] - We've updated a JavaScript plugin that was long overdue for an update.
  • [AO3-6048] - We updated our Docker setup to include pwgen, which will make it easier for people using Docker to create admin accounts.
  • [AO3-6068] - Whenever a developer set up a local copy of the Archive code to work on, they'd have to manually set the default site skin, or else they'd be looking at a boring white page with black text and blue links. We've fixed it so the site style loads automatically now.


Post Header

2020-12-08 10:06:47 -0500

The last two deploys included a Rails upgrade and a variety of bug fixes and code cleanup. (Life has been turbulent enough, so we're keeping it very boring for us and our users. You're all welcome!)

A special thank you to our first-time contributors, ahiijny and translatorzepp!


  • Coders: ahiijny, Alix R, Cesy, cosette, Elz, Enigel, james_, redsummernight, Sarken, Stephen Burrows, ticking instant, tlee911, Tom Milligan, translatorzepp
  • Code reviewers: james_, redsummernight, Sarken, ticking instant, tlee911
  • Testers: Aline, bingeling, Claire, cosette, GoldenFalls, Harlow, james_, Jennifer D, lydia-theda, Matty, mumble, Nary, Nat, Paula, QED, Qem, redsummernight, Runt, Sammie Louise, Sarken, Taylor Clossin, tlee911



Upgrade to Rails 5.2, deployed on October 1st.

  • [AO3-5765] - In order to stay current with Rails, we had to upgrade from Rails 5.1 to 5.2. A lot of the work involved upgrades to associated gems and fixes for deprecated features that will be removed in Rails 6. A million thanks to everyone who helped out with testing almost every aspect of every single Archive feature (and there are a lot) to make sure everything was still working correctly! An extra special shoutout to Sarken, Nary, and lydia-theda, who went above and beyond to become the top 3 testers in our sprawling spreadsheet. <3!
  • [AO3-3908] - Trying to simultaneously reject and remove a work from a collection would give an Error 500. It's now possible to do both at the same time, as it should be.
  • [AO3-4829] - Changing the default skin (i.e. look of the Archive) would lead to a loss of all styling (i.e. a naked looking Archive) for all users. Now it's possible for admins to designate another skin as the AO3 default.
  • [AO3-4551] - Changes to parent skins would not update the child skin. This has been fixed!
  • [AO3-6033] - We upgraded our code coverage gem from version 0.1.14 to 0.2.0. (As you can see on our GitHub page, 90% of our codebase is currently covered by automated tests that are run whenever someone commits a fix or enhancement!)
  • [AO3-6049] - A few of our tests would sometimes fail for no reason. We fixed them so they should now reliably pass if there are no actual issues.
  • [AO3-6014] - We are now able to specify different robots.txt rules for different Archive installs depending on the full domain name associated with each, so nothing gets erroneously overwritten anymore.


Bug fixes and behind-the-scenes work, deployed on December 8th.

  • [AO3-6083] - We've started using HTML5 data-* attributes for our autocomplete code instead of some old invalid custom attributes.
  • [AO3-5833] - On iOS devices, the autocomplete didn't generally offer suggestions -- it usually just told you it was looking for some. We've tweaked it to make it more likely to provide help.
  • [AO3-5357] - If Creator A listed an anonymous work by Creator B as the inspiration for one of their works, when someone went to Creator B's Related Works page, they would see the anonymous work there... even though the point of anonymous works is to prevent folks from knowing who created them. To preserve anonymity, only Creator B will be able to see their anonymous works on their Related Works page.
  • [AO3-5861] - The "Works in Collections" button on any user's dashboard takes you, rather fittingly, to all of that user's works in collections (save for the anonymous ones, obviously). It's also a way to find all your own works in collections (including the anonymous ones). When accidentally trying to access this page for a nonexistent user, you are now greeted by a 404 page instead of an Error 500.
  • [AO3-6079] - By manipulating the HTML of the bookmark form, it was theoretically possible to change a work's tags. We've changed it so that's no longer possible.
  • [AO3-5168] - If you neglected to fill in a required field when bookmarking a new external work, the rating and category tags you selected would be cleared out and you'd have to reenter it. We've made sure it will be preserved.
  • [AO3-5924] - The Donate or Volunteer page had the browser page title "Donate Home", which didn't make a lot of sense. Now it is "Donate or Volunteer".
  • [AO3-6000] - We renamed the fields on the guest comment form to reduce the chances your browser will helpfully autofill the form with your non-fannish name.
  • [AO3-5925] - The guest comment form didn't mention that you can use HTML in comments, so we added some information about that to the form.
  • [AO3-6007] - Unlike a pseud's works and bookmarks pages, its series page didn't indicate which pseud it belonged to or how many series it contained. Now the header on the page will say "(#) Series by pseud (username)" instead of just "Series by username".
  • [AO3-6006] - Dashboards had a similar problem, in that they'd display only the pseud at the top of the page, but not the associated username. Now the Dashboard also follows the "pseud (username)" convention.
  • [AO3-5820] - When updating the status of items in your inbox, you have to tick a checkbox for the items you want to select. This checkbox was very small and could be hard to select, so we added a label to it to increase the area you can click or tap to tick the box.
  • [AO3-5952] - The text in table headers in right-to-left languages (e.g. Arabic) was left-aligned. We've made it right-aligned instead.
  • [AO3-5987] - The "Share" button on bookmark pages was set up so that all of the sharing options are rendered and embedded in the page, which meant that our servers were performing extra work and referrer information was being sent to Twitter and Tumblr each time a bookmark page was loaded. We've improved performance by not rendering share options until the "Share" button gets pressed, and we've improved privacy by using different buttons that don't track the user or load third party JavaScript.
  • [AO3-5950] - We tweaked the settings on the homepage Twitter widget to disable Twitter's tracking and to return it to its original size.
  • [AO3-6056] - The confirmation pop-up for prompt memes claims' "Drop Claim" option used wording that wasn't consistent with other confirmation pop-ups. We've adjusted it.
  • [AO3-6016] - Now that the option to disable comments has gone live, we removed an unnecessary database column and related code.
  • [AO3-6020] - Removed some other unused code.
  • [AO3-6021] - Removed even more unused code! 🧹
  • [AO3-6082] - One of the services we used for running automated tests began charging, and it would've cost a small fortune for us to keep using it. We've switched to GitHub's built-in option, which doesn't charge us anything (at least for now).


Post Header

2020-08-17 09:53:14 -0400

The last handful of releases included some shiny new features, such as the option to disable comments on works and the beginnings of a more robust system for managing Archive admins, as well as bug fixes and performance improvements.

We've also begun offering a Docker container image to make it even easier to contribute to the Archive's development. Thank you to tlee911, Tom Milligan, james_, Ariana, curtisxk38, elebow, and Z, who helped make this happen!

A special thank you to our first-time contributors, tlee911 and Tom Milligan!


  • Coders: Alix R, Cesy Avon, Elz, Enigel, james_, Jeff Kingswood (Littlelines), Matt Sears (Littlelines), redsummernight, Sarken, Stephen Burrows, Tal Hayon, teyla, ticking instant, tlee911, Tom Milligan, Tyme
  • Code reviewers: Ariana, curtisxk38, elebow, Enigel, james_, redsummernight, Sarken, ticking instant, Z
  • Testers: Adi M., Alison Watson, C. Ryan Smith, Chrome, Claudia, cosette, Ehryn, Hel, james_, Jessie, lydia-theda, Matty, Nary, Paula, QED, Qem, redsummernight, Relle, Runt, Sammie Louise, Sarken, ZoëRenee



Bug fixes and performance improvements, deployed on June 28.

  • [AO3-5007] - It used to be technically possible to create non-canonical Warning, Category, and Rating tags. We have now added checks to prevent this. (See the 0.9.293 deploy for an exciting update to this fix!)
  • [AO3-5878] - If you edited your gift exchange sign-up using the "Edit Prompt" option and your new offer didn't actually meet the challenge requirements, your changes wouldn't be applied, but you also wouldn't know why. You now get a helpful error message when you try to submit your changes.
  • [AO3-5969] - The "Update Tag Filters" troubleshooting option (available to admins) wasn't working for all tags, and now it does!
  • [AO3-5737] - The blockquotes within userstuff (which contains work as well as FAQ content) always had a border on the right side, which looked off for right-to-left languages. It now applies the border on the left for those languages.
  • [AO3-5882] - The page title for the "Marked for Later" page was "Saved for Later", creating a certain tension between the heading on the page and the title displayed in the browser window or tab. This has been marked as resolved. (Boom-tish!)
  • [AO3-5907] - The "Share" button on works was preparing all the sharing options if you merely opened a work, creating unnecessary server load and needlessly saying hello to Twitter and Tumblr. Now it gathers up the work blurb (for easy copy-pasting) and creates the social media buttons only when pushed. We also improved user privacy by limiting HTTP requests to those third-party sites from work pages.
  • [AO3-5930] - The code that shows information about works within a series used to load all the works' fields from the database. It is now only fetching the fields it strictly needs, which is a great load off its mind, and less error prone when we change or rename some work attributes.
  • [AO3-5957] - We've updated the Rack gem to 2.2.3.
  • [AO3-5974] - We added the recommended workaround for a gem that was giving off security warnings, so it's not bothering us until we're ready for an upgrade.
  • [AO3-5976] - We made updates to our deploy script to account for new servers! \o/ (And decommissioned servers, RIP.)


Bug fixes and behind-the-scenes work, deployed on July 1.

  • [AO3-5771] - We made the links for tags revealed via "Show warnings" and "Show additional tags" go to the appropriate works page instead of the page for the tag.
  • [AO3-5881] - On the "Edit Multiple Works" page, we had checkboxes for the visibility options ("Only show to registered users" and "Show to all") which you could both check, destroying the space-time continuum in the process. It's now a proper set of radio buttons.
  • [AO3-5973] - We added a new column to the works table to store whether the work has comments disabled, in preparation for an option that lets you, well, disable comments on your works.
  • [AO3-5947] - We added a bunch of rules to the tool that hounds us about style issues in our code changes.


Better control over permissions for site administrators, deployed on July 29.

  • [AO3-5518] - We are introducing separate roles for site admins, with different permissions for Policy & Abuse, Support, Tag Wrangling, Translation, and other volunteers who might need access to the Archive's administration interface. To roll this out in a workable manner, we're defining actions and settings that we want to limit access to, so we can then give the relevant permissions to each admin role.
  • [AO3-5519] - Restricts the ability to create and edit AO3 News posts (like this one!).
  • [AO3-5883] - Restricts access to the Settings panel, where we configure things like how many invitations from our automated queue are sent each day.
  • [AO3-5884] - Restricts the ability to search for users and update user information, such as their Fannish Next of Kin.
  • [AO3-5885] - Restricts the ability to delete, hide, or modify user creations (works, series, bookmarks, and external works).
  • [AO3-5886] - Restricts the ability to delete comments or mark comments as spam.
  • [AO3-5980] - We updated the script we use to create admin accounts. Now it allows us to set roles and easily update admins' email addresses.
  • [AO3-5623] - Said script included a link that started with http:// and we updated it to the proper HTTPS protocol while we were at it.
  • [AO3-5979] - We were enforcing uniqueness constraints for admin accounts and their associated email addresses in the code, but not at the database level. Now it's airtight!
  • [AO3-5992] - We fixed a bug preventing our Policy & Abuse volunteers from periodically receiving reports on spam accounts.
  • [AO3-5967] - We fixed an issue where it was possible to use the "Import New Work" form on URLs that are otherwise only visible to the Archive's internal network.
  • [AO3-4923] - We added more automated tests for bookmarks.
  • [AO3-5999] - We made comments created in our automated tests better resemble valid comments on the actual Archive.
  • [AO3-5983] - We added another bunch of rules to the hounding tool.
  • [AO3-5793] - We now support Docker for creating a development environment! 🥳


Adding the option to disable comments on works and cleaning up faulty warning tags, deployed on August 14.

  • [AO3-5897] - You can now choose to turn off comments on your works.
  • [AO3-4275] - After preventing users from adding new Warning tags to the database (in the 0.9.290 deploy), we needed to clean up any existing tags that didn't belong in our very small set of Archive Warnings. This is now also done.
  • [AO3-4634] - It used to be possible for all logged in users to access the "Unposted Claims" page of a prompt meme challenge. Now this list of all claims is restricted to the challenge mods.
  • [AO3-5975] - We have added a banner that will be automatically displayed on proxy sites run by third parties, advising users that if they log in to their Archive account on the proxy site, the site owner can see their password.
  • [AO3-4925] - We added more tests and removed some unused code involving tag wrangling.
  • [AO3-6012] - We started using MariaDB instead of MySQL for our Docker and automated test databases.


Post Header

2020-06-24 13:39:57 -0400

In this batch of fixes, we rewrote large parts of the code that updates work and bookmark listings when a tag is wrangled (e.g. made canonical or added as a synonym of another tag). Now the process is much less error-prone and we have some shiny new troubleshooting tools in case anything goes wrong. \o/ We also fixed several issues concerning hit counts and notification emails, improved our automated test suite, and generally tidied up a bit around the place.

Special thanks to new contributors J, Stephen Burrows, and Tyme!


  • Coders: Alix R, cosette, dlhardin, DreamSea, J, james_, redsummernight, Sarken, Stephen Burrows, teyla, ticking instant, Tyme
  • Code reviewers: bingeling, james_, redsummernight, Sarken, ticking instant
  • Testers: Alyndra, Booksarelife, C. Ryan Smith, Chelsea Eidbo, cosette, Danielle Strong, GoldenFalls, james_, lydia-theda, mumble, Paula, QED, Qem, Rebecca Sentance, redsummernight, Sammie Louise, Sarken, teyla, ticking instant



Focus on hit counts and automated tests, deployed on April 22.

  • [AO3-4622] - The hit count preferences hadn't been working properly for many years, so we removed them.
  • [AO3-5905] - We've rewritten the hit count code so we can count hits while caching works. Check out our post Guest hit counting is coming back for more information on hit counts.
  • [AO3-4750] - We added a link to work blurbs that will take you to a work's latest chapter.
  • [AO3-5757] - We've updated the gem that runs our feature tests.
  • [AO3-5338] - In many of our automated tests, we use factories to create test data. The most frequently used work factory turned out to be creating drafts, not posted works, which wasn't great: in most cases, we want to know how our code interacts with the latter. We've updated the factory and the tests to run on works unless we specifically need to test drafts.
  • [AO3-5921] - Some of our automated tests would occasionally fail due to timing issues, so we made some changes to make them less flaky.


Focus on tag wrangling and filtering, deployed on May 28.

The always wonderful ticking instant -- who you may remember as the coder responsible for the massive speed improvements for gift exchange matching in 2016 -- rewrote some of the code responsible for making sure works and bookmarks are included in the proper tag listings.

The previous version of the code was subject to race conditions, so sometimes (e.g. during periods of heavy load) changes to the way a tag was wrangled wouldn't affect which listings a work (or bookmark) with that tag was included in. ticking instant has rewritten the code so it won't be subject to those race conditions and provided new troubleshooting tools in case something else goes wrong.

  • [AO3-5617], [AO3-4965], [AO3-3830] - Works would sometimes not appear in the tag listings after synning a tag to canonical, or making a tag into a canonical. Now they do.
  • [AO3-5618] - When an admin syns a canonical to another canonical (decanonizing the first canonical in the process), all of the connections (e.g. fandoms) from the formerly canonical tag are supposed to move to the new canonical. They were just vanishing, though. Now they'll transfer correctly.
  • [AO3-3768] - When a wrangler makes a tag into a synonym, the syn is supposed to pick up information from the canonical tag (e.g. a synned fandom tag should acquire the canonical fandom's media tag). It wasn't always doing that, but now it should be.
  • [AO3-4077] - If a wrangler removed a subtag from a metatag that had its own metatag, the works from the subtag would still stick around in the work listing for the metatag's metatag. Now the works will disappear, since the relationship between the two tags no longer exists.
  • [AO3-5343] - Wranglers would get an error when adding a metatag to a tag that had two levels of subtags. Now they can do that.
  • [AO3-5432] - Decanonizing a tag without first removing its metatags would sometimes fail to remove the formerly canonical tag's works or bookmarks from the metatag's listings. Now the works are removed.
  • [AO3-5433] - In certain cases, if an admin attempted to edit an external work to simultaneously add and remove a tag, the external work's bookmarks would stay on in the listing for the old tag and not appear in the listing for the new one. Now the bookmarks go where they're supposed to.
  • [AO3-5507] - Imagine, if you will, a tag tree structured thusly: a metatag (e.g. Animals) with the direct subtags A and B (e.g. Cats and Dogs), and then another subtag of subtag A (e.g. Ragdoll Cats). Now imagine posting a work tagged with both Dogs and Ragdoll Cats, making it appear in the Animals tag. But then, one day, a wrangling change comes! We remove Ragdoll Cats as a subtag of Cats. And like magic, our work vanishes from the listings for the Animals tag. Except we don't want magic here: our work is still tagged with Dogs, which is still connected to our Animals metatag. We've put an end to these sorts of disappearing acts, and made any works affected by this bug reappear in their proper place.
  • [AO3-5508] - Let's say we have the metatag Foods with the two subtags Fruits and Vegetables, and the tag Tomatoes is subtagged to both Fruits and Vegetables. Then, one day, we decide vegetables are not food (just kidding, veggies, we love you! 🥦), and we remove the Vegetables subtag from the Foods metatag. Furthermore, we decide tomatoes are not vegetables, and we remove the Vegetables metatag from the Tomatoes subtag. During all this wrangling, we were losing the connection between the Tomatoes tag and the Foods tag, which would keep new works with the Tomatoes tag from appearing in the Foods tag. Now we've made sure that connection stays intact, so anything posted with the Tomatoes tag will -- in our hypothetical scenario -- appear in the Foods tag as well (because Tomatoes are still Fruits). We've also fixed the problem on any existing works.
  • [AO3-5945] - Systems updated some settings to make sure users who were browsing the insecure version of the Archive wouldn't get bumped to the secure version.
  • [AO3-5783] - We removed an old rake task.
  • [AO3-5943] - We've told the tool that informs us about code style violations that there are some things we'd like it not to complain about.
  • [AO3-5927] - Some of our automated tests for the autocomplete would occasionally fail because the animation effect took too long to fire, meaning the autocomplete options weren't fully expanded by the time the tests started looking for them. We've disabled the animations to prevent these failures.


Focus on miscellaneous bug fixes and infrastructure updates, deployed on June 17.

  • [AO3-4874] - We were stripping HTML and paragraph breaks out of summaries in subscription emails, which could make them hard to read. We've stopped doing that.
  • [AO3-5332] - If a co-creator who was added only to one or more chapters (and not as co-creator of the whole work) removed themselves from the last chapter they co-created, they would still be co-creator for the whole work, with editing permissions. That clearly needed to be fixed, so we did.
  • [AO3-5721] - It wasn't possible to delete a challenge from a collection unless you had JavaScript enabled. We've made it work if you have JavaScript disabled.
  • [AO3-5938] - In the line of stats (words, comments, kudos, etc.) in a bookmark blurb, the links had lost their bottom border, making it impossible to tell that they were links. We've added some room for the borders, making the numbers pop again.
  • [AO3-5736] - When you create an account and try to log in before you have confirmed your email address, you now receive a more helpful error message, i.e. "Please check your email for the confirmation link."
  • [AO3-5266] - We now enforce HTTPS for embeds from
  • [AO3-5940] - To prevent failures when sending out notifications, we are now making sure that all necessary information has been committed to the database (and not merely saved by the user, possibly needing a second to make its way into the system) before we put the email together and add it to the mailer queue.
  • [AO3-5965] - When a request comes in from a user with an expired session, we respond with an error, but we didn't do this for all possible request types. That caused errors on our end, especially due to the requests going to the hit counter. We're handling those in the proper manner now.
  • [AO3-5948] - All our cookies now last a maximum of one year.
  • [AO3-5828] - We have added the ability to safelist IP addresses so they won't be affected by restrictions (e.g. on the number of database requests per minute) that we impose through the Rack::Attack gem.
  • [AO3-5936] - On the actual Archive, we use a type of caching that we weren't using in our automated tests. Because we want our tests to resemble our actual set up as closely as possible, we've started using that sort of caching there as well.
  • [AO3-5960] - We updated the actionpack-page_caching gem to version 1.2.2.
  • [AO3-5971] - We updated the websocket-extensions gem to version 0.1.5.
  • [AO3-5422], [AO3-5423], [AO3-5425], [AO3-5426] - We removed unused code from a number of places. Yay, tidying!


Post Header

2020-04-14 15:39:56 -0400

In recent releases, we wrapped up changes to the kudos table and began caching works for logged out users. We've also made improvements to subscriptions, spam-checking, the Statistics page, and addressed issues with the Terms of Service prompt.

A special thank you to our first-time contributor teyla!


  • Coders: bird, james_, redsummernight, Sarken, Tal Hayon, teyla, ticking instant, Z
  • Code reviewers: james_, redsummernight, Sarken, ticking instant
  • Testers: bingeling, coaldustcanary, GoldenFalls, Irina, james_, Lady Oscar, lydia-theda, MagnusIsMyRock, nimadge, Paula, Ranowa, Rebecca Sentance, redsummernight, Sammie Louise, Sarken, teyla



  • [AO3-5162] - The site used to remember the name and email address that guests entered on the comment form, making it so they didn't have to reenter the information every time they left a comment. Unfortunately, we had to remove this code so we could begin caching work pages.
  • [AO3-5906] - As a side effect of our new caching measures, logged out users were being shown the adult content warning on every work rated Mature, Explicit, or Not Rated -- and when navigating between chapters of those works to boot. We've changed how we're setting the cookie that remembers you've already pressed the "Proceed" button on the warning and made a few tweaks to nginx, and now visitors should only see the adult content warning once per browser session.


  • [AO3-5040] - You'll now get subscription emails for any anonymous works you've subscribed to. (But you won't get an email if a creator you've subscribed to posts an anonymous work -- that would ruin their anonymity.)
  • [AO3-5708] - A long time ago, we added some code to cancel the delivery of emails in certain situations, e.g. if you were subscribed to a creator who added their brand new work to an anonymous collection after posting, but before the subscription email went out. Rails 5 lets us handle situations like that without extra code, so we've gotten rid of it.


  • [AO3-5497] - To comply with the GDPR, we present visitors with a prompt asking them to agree to the Terms of Service before using the site. When they agree to them, we set a cookie in their browser that is supposed to keep the prompt from reappearing for them. This wasn't working for some visitors, though, so we've decided to see if it works better if we switch to JavaScript's local storage feature.
  • [AO3-5915] - Our new approach to remembering whether visitors agreed to the Terms of Service didn't work in private mode in a few older browsers. So now we're checking if a visitor's browser supports local storage properly, and if not, using a cookie to remember whether we should show them the Terms of Service prompt.
  • [AO3-5917] - Some browsers didn't like our new approach to writing cookies or local storage items, particularly if you were in private mode, so we found yet another way to hide the TOS prompt once you've agreed to it.


  • [AO3-5859] - Kudos used to belong to pseuds, but we're updating them so they belong to users instead. As part of this process, we've updated the kudos list on works to always list kudos-givers by their usernames, instead of sometimes displaying "pseud (username)".
  • [AO3-5887] - We've gotten rid of the column that stored pseud IDs in the kudos table and removed any code or tests related to it. We are so glad to be done with this migration!


  • [AO3-5193] - Wranglers used to be able to turn a canonical tag into a synonym in one fell swoop just by entering the new canonical tag in the "Synonym of" field on the tag edit page. Because it was too easy to do this accidentally, we've made it so only admins have access to that field on canonical tags' edit pages.
  • [AO3-5821] - We've made a couple tweaks to the graph on users' Statistics pages: the vertical axis will never start at a number other than zero, and now the bars on the graph are a slightly faded Archive red rather than bright Google blue.
  • [AO3-5908] - Visiting a multi-chapter work on the insecure site would redirect you to the secure site, which was terribly inconvenient if you were using the insecure site because you can't access the secure site. (It's the only reason you should use it.) We've made it so you'll stay on the insecure site.
  • [AO3-4539] - Our spam blocker occasionally prevents legitimate support tickets and abuse reports from being submitted. Because reports and tickets from logged in users are generally not created by spam bots, we've stopped running the spam check for them.

Behind-the-scenes miscellany

  • [AO3-5895] - Our friendly gem-updating bot updated our JSON gem to version 2.3.0.
  • [AO3-5898] - There was a possible security issue with the way Rails handles some JavaScript code, which would normally be something we could resolve with a quick gem update. However, we're on Rails 5.1, and fixing it with a gem update was only an option for sites on Rails 5.2 or 6. Instead, we've added a monkey patch to hold us over until we update Rails. 🐒
  • [AO3-5893] - Every time our automated tests run, the tool we use to create PDF downloads gets downloaded and installed on our testing environment, allowing us to test downloads. The source for the tool moved to a new location, so we updated the test setup to reflect that.
  • [AO3-5896] - Because we run our tests a lot, we would occasionally get rate limited by GitHub and be unable to download our PDF generation software. We've moved it to our own servers so we won't have that problem.
  • [AO3-5892] - The randomly-generated text in our email tests sometimes includes characters that are not in the US-ASCII character set, such as ç. Whenever that happened, our email tests would fail because they were looking at the encoded email text. We've told the tests to check the decoded text from now on so they'll pass no matter what characters they contain.
  • [AO3-5911] - We've updated our automated tests to use version 6.8.8 of Elasticsearch so we can make sure everything works with it before we actually update the version running on our servers.
  • [AO3-5904] - Some of our automated tests related to orphaning would occasionally fail because that's a fun thing tests do sometimes if they're run too quickly. We added slight delays to them so they'll stop doing that.
  • [AO3-5900] - Our automated tests were actually submitting things to our spam checker, and since we do this repeatedly and frequently, the spam checker thought they were spam. This caused our tests to fail. We've started stubbing the results of the spam check so that doesn't happen.
  • [AO3-5899], [AO3-5902], [AO3-5914], [AO3-5916] - We've kept our deploy script up-to-date: removing two servers we've converted into firewalls, then three decommissioned servers, and adding a second front end server to our staging environment so our caching set up there more closely resembles our set up on production.


Post Header

2020-03-18 19:16:03 -0400

Our latest releases include improvements for new users, site admins, creators of anonymous or unrevealed works, and the kudos database table.

A special thank you to our first-time contributor Morrgani!


  • Coders: cosette, james_, Morrgani, redsummernight, Sarken, Tal Hayon, ticking instant
  • Code reviewers: Ariana, james_, redsummernight, Sarken, ticking instant
  • Testers: Arcadion, C. Ryan Smith, Capi, Danielle Strong, GoldenFalls, hel, james_, lydia-theda, MagnusIsMyRock, Matty, Paula, redsummernight, Sammie Louise, Sarken


User Accounts

  • [AO3-5723] - We've tweaked the text of the email you receive when you create a new account. It will now be more consistent with our usual way of wording things.
  • [AO3-5316] - When you first activate a new AO3 account, you're supposed to get a success message. That message wasn't working, which led users to follow the activation a second time, which also didn't display a message it was supposed to display. Both of those messages should turn up now, hopefully leading to less confusion and fewer Support tickets.


  • [AO3-5676] - The script that we use to handle GDPR data requests from users used to write to a file, which was slightly annoying to get to. We've made it write to standard output, a.k.a. the screen that the admin running the script is looking at.
  • [AO3-5863] - We also updated the GDPR data requests script to handle some changes we made when we moved the logging in process to Devise.
  • [AO3-3547] - Our Policy & Abuse team has always been able to add notes to user accounts when giving warnings or suspensions, but sometimes they wanted to make a note without doing either of those things. We've given them that ability.
  • [AO3-4205] - To help with spam and abuse, we let admins see the IP address of the user who posted a work. However, we forgot to record that information on works imported using the "Post without previewing" option, so there was nothing for admins to see. We've now corrected that oversight.


  • [AO3-5851] - In a previous release, we added a column to the kudos table to store the user (rather than the pseud) that left kudos. Now we've gone back and filled in this information for existing kudos.
  • [AO3-5869] - We have around 640 million kudos on the Archive, so the database table we keep them in was getting rather full. We moved them to a larger table that will be able to hold 9,223,372,036,854,775,807 kudos (yes, really!). The new table also has a uniqueness constraint that was missing from the old one, so now any duplicate kudos that sneak past our code will also be rejected by the database.
  • [AO3-5868] - When a logged in user leaves kudos on a work, we used to check to make sure the user's default pseud hadn't previously left kudos on the work. Now we check that the user hasn't left kudos on that work before.
  • [AO3-5873] - When we moved all the kudos to their new table, some works experienced a change in their kudos counts due to duplicate kudos being removed. We've made sure the kudos counts for those works are updated in our search engine.


  • [AO3-5874] - A few months ago, the hardware for our staging environment went belly up, so we began temporarily using a cloud service. While we were using this temporary setup, our heroic sysadmin james_ went and got the broken hardware from its facility, repaired it, drove it back to the facility, and plugged it back in. Shortly afterwards, we updated our configuration to put the newly repaired hardware back into service.
  • [AO3-5875] - In January, we started using a gem to password protect our staging site. We've switched to a different form of password protection and removed that gem.
  • [AO3-5872] - We've reorganized our automated tests to match the structure RSpec automatically assumes we're using. This will help make sure all of our tests are actually being run.


  • [AO3-5857] - We restored the default Dutch translations that got lost when we updated our translation tool.
  • [AO3-4139] - In Reversi, we've changed the color of the little footnotes on required fields to make them more readable. Goodbye, dark grey text on a slightly less dark grey background!
  • [AO3-4836] - In the unlikely scenario you were trying to approve all the moderated comments on a work you didn't own, you'd get a 500 error. Now you'll get redirected to the homepage with an error message.
  • [AO3-5028] - If you add your work to a collection and the moderators later make the work anonymous or unrevealed, you'll now receive an email letting you know about that change and reminding you how to remove your work from the collection if you're not okay with the change. (Please note that you'll get this email even if you have your preferences set to disallow emails from collections.)
  • [AO3-5879] - We -- or more accurately, the friendly bot who lets us know about security issues with gems -- upgraded the version of the nokogiri gem we're using.
  • [AO3-5807] - There was a column in the support ticket database table that we weren't using and thus wanted to get rid of. This worked out quite well because it let us test a method of modifying database tables that we wanted to use for our work on the kudos table.
  • [AO3-5888] - We got the new Elasticsearch servers we've been waiting for! 🎉 This allowed us to repurpose some old servers, which required us to update our deploy script.


Post Header

2020-02-10 08:59:20 -0500

In recent releases, our top priority has been to reduce Elasticsearch-related slowness. Along the way, we've fixed an eclectic selection of bugs related to skins, kudos, orphaning, embeds, and internationalization.

A special thank you to our new contributors, bird, Jen Rogers, and Z! Also to derenrich and ticking instant, who spotted two security issues!


  • Coders: Alix R, Ariana, bird, cosette, cyrilcee, derenrich, Elz, Enigel, james_, Jen Rogers, Nerine Luna Cyran, redsummernight, Sarken, Tal Hayon, ticking instant, Z
  • Code reviewers: Ariana, bingeling, cosette, james_, redsummernight, Sarken, ticking instant
  • Testers: C. Ryan Smith, captured_in_lspace, CJ Record, cosette, Frost The Fox, GoldenFalls, Lady Oscar, lydia-theda, MagnusIsMyRock, mumble, Nary, nimadge, james_, Rebecca Sentance, redsummernight, Sarken



  • [AO3-5832] - We added a new error page regarding our Elasticsearch-related slowness. (But our heroic sysadmins did a lot of work to make sure very few people would ever have the opportunity to be on the receiving end of that error!)
  • [AO3-5834] - We've made it so we can adjust the cache expiration in the work and bookmark controllers without a code deploy.
  • [AO3-5823] - To help lighten the load on our servers, we added rate limiting for searches (and pages powered by Elasticsearch, e.g. tag works pages).
  • [AO3-5841] - When we can't figure out the IP address of someone accessing the site, we use the site's internal IP address. Unfortunately, that meant some folks were getting rate limited when they shouldn't have been. We've made sure that won't happen.
  • [AO3-5848] - Rack::Attack -- our rate limiting tool -- does things in a certain order no matter what order the code is in. It's easy to be unaware of that, though, so we reordered our code to convey that to future coders.


  • [AO3-5184] - In certain versions of Safari, it wasn't possible to access the Advanced section of the skins form because the button toggling that section was missing. We've found it and put it back.
  • [AO3-4030] - For tag wranglers using the Reversi skin, some of the information on tag edit pages was unreadable. We've changed the text color to make it readable.
  • [AO3-4241] - In Reversi, it was difficult to read text you entered in the header search box if the box was currently selected. We've made it easier to read by changing the color.
  • [AO3-5796] - We've added two new media query options for skins: (prefers-color-scheme: dark) and (prefers-color-scheme: light). If your device supports it, you can use these options to create skins that are only applied when your device is set to dark or light mode.


  • [AO3-5806] - A long long time ago, we set up the tool our Translation team will be using to translate the Archive into other languages. This configuration no longer worked quite right, so we set it up again.
  • [AO3-5813] - Once we got our translation tool set up, we realized some of our email code needed tweaking to make the emails easier to translate... so we did that tweaking.
  • [AO3-5735] - We now automatically add HTML direction attributes to Arabic and Hebrew news posts, making text correctly flow right to left. Our translators no longer need to set them manually on every single post.


  • [AO3-5046] - If you wanted to orphan all the works by one of your pseuds, but one of those works happened to have more than one of your pseuds on it, one of two un-good things would happen, depending on when you encountered the bug: either you'd get a 500 error, or both of your pseuds would be removed from the work. We've fixed it so it doesn't error and only removes the pseud you specify.
  • [AO3-5854] - Previously, we didn't check that you owned the thing you were orphaning, so if you were clever and bad, you could've conceivably orphaned someone else's works. We check that now, so this should no longer be possible.


  • [AO3-5818] - We previously changed our referrer policy to limit information other sites could get if you followed a link there from a page on the Archive. Unfortunately, this caused some YouTube embeds to stop working, so we had to change the policy to something slightly more permissive. (If you're interested in the specifics, we're now using strict-origin-when-cross-origin instead of the previous same-origin.)
  • [AO3-5853] - It was possible to upload random HTML files to and embed them in works, so we have to specifically whitelist their media player.


  • [AO3-5844] - We added a new column to the kudos table that will allow us to store the user ID (rather than the default pseud ID) of the person who left kudos.
  • [AO3-5850] - We began storing user IDs in the aforementioned column when users leave new kudos.
  • [AO3-4934] - We increased test coverage of the kudos code (it's at 100% now, yay!) and fixed a bug that would occur in the unlikely event you had JavaScript disabled and were trying to leave kudos on a work the creator had deleted.

Buttons and text changes

  • [AO3-4991] - We've made things a bit more consistent by rearranging the buttons on series pages to better match the way buttons are ordered on work pages.
  • [AO3-5624] - Also on the "consistency is good" front, we made the order of the Reply, Delete, and Thread buttons on comments on the homepage match the order of the buttons in the comments section.
  • [AO3-5845] - Sometimes, particularly in Firefox and Chrome, the Twitter share button didn't show up on a work's or bookmark's share modal. We've made it more likely to show up.
  • [AO3-5738] - When you first create an AO3 account, you're taken to a page with some important information. We've updated the text to make that information a bit clearer.
  • [AO3-5113] - The error message you got when entering a different password and password confirmation (e.g. when creating an account) was a bit wrong. We've made it right.


  • [AO3-4194] - On the page for requesting invitations for friends, some of the form fields weren't quite up to accessibility standards. Now they are! (Unfortunately, you'll have to take our word for this: we had to turn off access to this page due to spammers.)
  • [AO3-5773] - If you bookmarked an external work with an ampersand (&) in the title, it would display as &amp;. We've made it appear as a regular old & now.
  • [AO3-5362] - We've tweaked the position of the background image on the left side of the login page so it overlaps a bit less with the text on the right side.
  • [AO3-3847] - If you renamed a series, the old name would stick around on the work header and blurb. Now the new name will show up, as one would reasonably expect it to.
  • [AO3-5233] - When admins searched for users by multiple emails, the number of results would be off if users have emails with different capitalization. We fixed such numbers.

Behind-the-scenes miscellany

  • [AO3-5759] - We've added password protection to our staging site. It's better if search engines cannot see our works in the "Testing" fandom that just repeat the word "test" 500 times.
  • [AO3-5762] - We sped up our tests by only setting up search indexes for tests that use them.
  • [AO3-5817] - Automated tests for emails would fail if the emails included certain characters, e.g. ç. We've fixed it so the tests will pass.
  • [AO3-5838] - We improved automated test coverage of the bookmarks page because our testing volunteers found a bug our tests didn't pick up. (This is why manual testing is important!)
  • [AO3-5839] - We increased test coverage for pseuds.
  • [AO3-5840] - We updated the Rack gem to version 2.0.8.
  • [AO3-5836], [AO3-5847], [AO3-5849] - We shuffled some servers around, so we updated our deploy script to make sure new code goes to the right place.


Pages Navigation