This adds the Silence Reason column to silenced user lists.
This feature helps combat large spam attacks cause you can quickly see
why a user was silenced and then bulk act on all the silenced users
Meta topic: https://meta.discourse.org/t/full-name-at-sign-up-went-missing/345662/17?u=osama
The preloaded `site` object for anons on login-required sites is a stripped down version of the full object with just a specific set of attributes and doesn't use the site serializer. This results in the `full_name_required_for_signup` and `full_name_visible_in_signup` attributes not making it to the client app when a login-required site is accessed by an anon, causing the name field in the signup form to not be rendered, even when it's required.
This commit includes those attributes in the stripped down version of the `site` object that's used for anons on login-required sites.
This commit introduces a workaround for a behavior observed in Safari for iOS / iPadOS where the feedback message wasn't being displayed after clicking on the copy button in the Glimmer post menu
This test is flaky, sometimes it fails with the hamburger menu blocking the click on the emoji, other times it just doesn't return the list of emojis when the search term is there.
Other similar emoji tests are skipped. Stopping the bleed, but we still need to figure out a more reliable testing strategy here.
Will revisit after #28277 is merged.
ref /t/-/145212
Nokogiri/libxml is now more strict in terms of params it receives.
It uses kwargs vs options object (I fixed an issue there in #30545) doesn't accept nil/blank html (fixed here) and most importantly handles encoding in a different way. It seems to require explicitly specifying UTF8.
* Build(deps): Bump nokogiri from 1.16.8 to 1.18.1
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.16.8 to 1.18.1.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.16.8...v1.18.1)
---
updated-dependencies:
- dependency-name: nokogiri
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* FIX: Wizard improvements post-merge part 1
Followup 3135f472e2
Fixes the following:
* On mobile, the Styling step was very narrow
* When clicking Next on the Styling step after previously
selecting Hot, we got an error
Also makes the following UX improvements for the preview:
* Use different topic titles for Latest and Hot
* Also make Hot view and reply numbers higher
This helps differentiate the two previews.
* DEV: Review fixes
Followup c2282439b3
Make the Files and Other config pages reached from the sidebar
use our consistent site setting page rules.
Also slightly improves AdminAreaSettings so we don't show
"Settings not found" when still loading settings.
When inserting anything from the chat composer dropdown, any popups opened weren't properly focussed.
This was due to the default behaviour of the dropdown menu closing, which tries to return the focus to the original triggering element. This would normally be the correct behaviour, but here we want the menu to close in the background, handing focus off to the popup, instead.
Create a basic config page that only contains Onebox-related settings, to replace the "onebox" category view linked to from "Onebox" in the admin sidebar.
Create a basic config page that only contains user API-related settings, to replace the "user_api" category view linked to from "User API" in the admin sidebar.
Create a basic config page that only contains rate limiting-related settings, to replace the "rate_limits" category view linked to from "Rate limits" in the admin sidebar.
Create a basic config page that only contains developer-related settings, to replace the "developer" category view linked to from "Developer" in the admin sidebar.
Create a basic config page that only contains security-related settings, to replace the "security" category view linked to from "Security settings" in the admin sidebar.
Followup 3187606d34
Fix full_name_requirement INSERT by adding ON CONFLICT DO NOTHING,
on sites that already have this setting this migration will fail.
Create a basic config page that only contains security-related settings, to replace the "security" category view linked to from "Security settings" in the admin sidebar.
Back then in 31e31ef, we added the Content-Disposition headers so that SVGs get downloaded instead of get run in the browser. Inadvertently, this also causes other attachments like pdfs and videos to be downloaded instead of heeding the "Open in new tab" option that users choose in the browser.
When the header is removed, the default value is "inline", this allows the browser to perform as requested. This also applies to other file types like pdfs, allowing users to "Open in new tab" and view them in the browser instead of always downloading them.
Existing tests (#10205) already do check that SVGs remain downloaded. Some existing tests written for PDFs have been modified to cater for SVGs instead, when there was a bug in defining the filenames per #10108
Experimental "What's new?" feature feed items previously calculated
a boolean for experimentEnabled on the client based on the siteSettings
service, and this would control the initial state of the experiment
toggle.
However this requires the person who creates the site setting for the
experiment to remember to set it to `client: true`. This commit removes
that manual step by calculating whether the experiment is enabled
server-side, where we have access to all the site settings.
* UX: Admin setting page consistency - Group permissions (#30528)
Followup c2282439b3 and
21470e4afd
Adds a new "Group permissions" page and group_permissions site
setting area, which shows every single group-based site setting
in the app and core plugins.
Also adds a "trust_levels" area to show on the already moved
admin "Trust level" settings page, since that previously was
showing a mix of trust level settings and allowed group settings.
* DEV: Review fixes
The `faker` gem, which is a dependency for the `*:populate` rake tasks, isn't installed in the production environment, so we should only load files/classes related to those rake tasks in non-production environments.
This version number is a technical detail that controls
what items show up on certain sites, most admins don't
need this level of detail. Remove it here, maybe we can
add it back in some hidden way later if needed.
Related to 5a55c9062a
The chat plugin now makes use of the plugin API that was added in the linked commit for extending the reviewables:populate rake task.
* UX: Update email and security sidebar link copy
Followup b3fa335c7d
Changes these sidebar links to better reflect
what these pages contain:
* (Email) Server setup → Server setup & logs
* (Security) Staff action logs → Logs & screening
* DEV: Test fix