github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-02 08:33:41 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
53,887 Commits 214 Branches 500 Tags 960 MiB
0003599754
Commit Graph

53887 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Isaac Janzen
2d4ed7d020
Bump version to v3.1.4 2024-01-08 11:56:18 -07:00
Bianca Nenciu
c62d1197b9
FEATURE: Add loading spinner on categories page (#25171) 
The list of categories is loaded async when lazy_load_categories is
enabled, but there is no visual indication that the list of categories
is being loaded.
 2024-01-08 20:28:57 +02:00
Kris
007a5fd99e
UX: fix review queue category and tag alignment, whitespace (#25166) 2024-01-08 12:55:39 -05:00
Penar Musaraj
d795a59fab
Bump version to v3.2.0.beta5-dev 2024-01-08 12:41:52 -05:00
Penar Musaraj
f953d9b113
Bump version to v3.2.0.beta4 2024-01-08 12:41:51 -05:00
dependabot[bot]
e913055c50
Build(deps): Bump puma from 6.4.1 to 6.4.2 (#25165) 
Bumps [puma](https://github.com/puma/puma) from 6.4.1 to 6.4.2.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v6.4.1...v6.4.2)

---
updated-dependencies:
- dependency-name: puma
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-08 18:38:48 +01:00
Isaac Janzen
e463bc9a67
Revert "DEV: Version bumps for main: v3.2.0.beta4, v3.2.0.beta5-dev (#25168)" (#25169) 
This reverts commit ab0fea3f42.
 2024-01-08 10:24:04 -07:00
Isaac Janzen
ab0fea3f42
DEV: Version bumps for main: v3.2.0.beta4, v3.2.0.beta5-dev (#25168) 
* Bump version to v3.2.0.beta4
* Bump version to v3.2.0.beta5-dev
 2024-01-08 10:07:33 -07:00
Ted Johansson
edb2630131
SECURITY: Prevent guest users from accessing secure uploads when login required 2024-01-08 09:53:32 -07:00
Daniel Waterworth
f213ba7c1f
SECURITY: Store custom field values according to their registered type 2024-01-08 09:53:30 -07:00
Daniel Waterworth
23a4b58ba1
SECURITY: Run custom field validations with save_custom_fields 2024-01-08 09:53:28 -07:00
Joffrey JAFFEUX
22c3cac131
SECURITY: ensures mentioned_users is limited 
Prior to this fix the number of users rendered by mentioned_users could equal the number of members in a channel which would be slow but could in more extreme case crash the page and/or server.
 2024-01-08 09:53:25 -07:00
Jarek Radosz
c9d9bdfbd1
FIX: Remove all noscript elements, not just the first one (#25145) 
Regressed in 6c5522d
 2024-01-08 17:15:36 +01:00
Mark VanLandingham
af937581e9
DEV: Pass dismissButtonClick to panel-body-bottom outlet (#25163) 2024-01-08 10:12:52 -06:00
Ted Johansson
1b28823638
SECURITY: Prevent guest users from accessing secure uploads when login required 2024-01-08 08:02:19 -07:00
Daniel Waterworth
50911b2579
add tests 2024-01-08 08:02:18 -07:00
Daniel Waterworth
75c645453d
SECURITY: Store custom field values according to their registered type 2024-01-08 08:02:17 -07:00
Daniel Waterworth
4494d62531
SECURITY: Run custom field validations with save_custom_fields 2024-01-08 08:02:16 -07:00
Joffrey JAFFEUX
fd4ff92892
SECURITY: ensures mentioned_users is limited 
Prior to this fix the number of users rendered by mentioned_users could equal the number of members in a channel which would be slow but could in more extreme case crash the page and/or server.
 2024-01-08 08:02:13 -07:00
Jarek Radosz
fe10a3feab
DEV: Use html-rewriter-wasm/lol_html instead of JSDOM (#25144) 
Parsing html, modifying it, and then serializing had some negative side-effects (namely, it was losing html entity escaping in some cases)

Drops jsdom dependency
 2024-01-08 12:51:23 +01:00
Alan Guo Xiang Tan
d9affeca0a
Revert "Build(deps): Bump regexp_parser from 2.8.3 to 2.9.0 (#25149)" (#25158) 
This reverts commit 50be3b887d.

2.9.0 seems to have been yanked because bundler is complaining that it
can't find it.
 2024-01-08 09:32:20 +08:00
Alan Guo Xiang Tan
3e03d19c90
DEV: Update bundler (#25125) 
Why this change?

We have been using an older version of bundler that was released on 9
May 2023.
 2024-01-08 09:26:37 +08:00
Martin Brennan
51016e56dd
FEATURE: Add copy quote button to post selection menu (#25139) 
Merges the design experiment at
https://meta.discourse.org/t/post-quote-copy-to-clipboard-button-feedback/285376
into core.

This adds a new button by default to the menu that pops up when text is
selected in a post.

The normal Quote button that is shown when selecting text within a post
will open the composer with the quote markdown prefilled.

This new "Copy Quote" button copies the quote markdown directly to the
user’s clipboard. This is useful for when you want to copy the quote
elsewhere – to another topic or a chat message for instance – without
having to manually copy from the opened composer, which then has to be
dismissed afterwards. An example of quote markdown:

```
[quote="someuser, post:7, topic:285376"]
In this moment, I am euphoric.
[/quote]
```
 2024-01-08 10:38:14 +10:00
dependabot[bot]
a720bdc72b
Build(deps-dev): Bump jsdom from 23.0.1 to 23.2.0 in /app/assets/javascripts (#25156) 
* Build(deps-dev): Bump jsdom in /app/assets/javascripts

Bumps [jsdom](https://github.com/jsdom/jsdom) from 23.0.1 to 23.2.0.
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Changelog](https://github.com/jsdom/jsdom/blob/main/Changelog.md)
- [Commits](https://github.com/jsdom/jsdom/compare/23.0.1...23.2.0)

---
updated-dependencies:
- dependency-name: jsdom
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
 2024-01-08 08:13:13 +08:00
dependabot[bot]
0d1b6512c7
Build(deps): Bump net-smtp from 0.4.0 to 0.4.0.1 (#25147) 
Bumps [net-smtp](https://github.com/ruby/net-smtp) from 0.4.0 to 0.4.0.1.
- [Release notes](https://github.com/ruby/net-smtp/releases)
- [Changelog](https://github.com/ruby/net-smtp/blob/master/NEWS.md)
- [Commits](https://github.com/ruby/net-smtp/compare/v0.4.0...v0.4.0.1)

---
updated-dependencies:
- dependency-name: net-smtp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-08 08:12:53 +08:00
dependabot[bot]
50be3b887d
Build(deps): Bump regexp_parser from 2.8.3 to 2.9.0 (#25149) 
Bumps [regexp_parser](https://github.com/ammar/regexp_parser) from 2.8.3 to 2.9.0.
- [Changelog](https://github.com/ammar/regexp_parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ammar/regexp_parser/compare/v2.8.3...v2.9.0)

---
updated-dependencies:
- dependency-name: regexp_parser
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-08 08:12:19 +08:00
dependabot[bot]
5f158cd187
Build(deps-dev): Bump bullet from 7.1.4 to 7.1.5 (#25151) 
Bumps [bullet](https://github.com/flyerhzm/bullet) from 7.1.4 to 7.1.5.
- [Changelog](https://github.com/flyerhzm/bullet/blob/main/CHANGELOG.md)
- [Commits](https://github.com/flyerhzm/bullet/compare/7.1.4...7.1.5)

---
updated-dependencies:
- dependency-name: bullet
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-08 08:11:40 +08:00
dependabot[bot]
0291fec77e
Build(deps-dev): Bump rubocop-rspec from 2.26.0 to 2.26.1 (#25152) 
Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec) from 2.26.0 to 2.26.1.
- [Release notes](https://github.com/rubocop/rubocop-rspec/releases)
- [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-rspec/compare/v2.26.0...v2.26.1)

---
updated-dependencies:
- dependency-name: rubocop-rspec
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-08 08:11:30 +08:00
dependabot[bot]
f69bb26a31
Build(deps): Bump net-imap from 0.4.9 to 0.4.9.1 (#25153) 
Bumps [net-imap](https://github.com/ruby/net-imap) from 0.4.9 to 0.4.9.1.
- [Release notes](https://github.com/ruby/net-imap/releases)
- [Commits](https://github.com/ruby/net-imap/compare/v0.4.9...v0.4.9.1)

---
updated-dependencies:
- dependency-name: net-imap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-08 08:11:19 +08:00
dependabot[bot]
847adfce1f
Build(deps): Bump net-http from 0.4.0 to 0.4.1 (#25155) 
Bumps [net-http](https://github.com/ruby/net-http) from 0.4.0 to 0.4.1.
- [Release notes](https://github.com/ruby/net-http/releases)
- [Commits](https://github.com/ruby/net-http/compare/v0.4.0...v0.4.1)

---
updated-dependencies:
- dependency-name: net-http
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-08 08:11:08 +08:00
dependabot[bot]
7cdd5250c2
Build(deps-dev): Bump @floating-ui/dom from 1.5.3 to 1.5.4 in /app/assets/javascripts (#25157) 
* Build(deps-dev): Bump @floating-ui/dom in /app/assets/javascripts

Bumps [@floating-ui/dom](https://github.com/floating-ui/floating-ui/tree/HEAD/packages/dom) from 1.5.3 to 1.5.4.
- [Release notes](https://github.com/floating-ui/floating-ui/releases)
- [Changelog](https://github.com/floating-ui/floating-ui/blob/master/packages/dom/CHANGELOG.md)
- [Commits](https://github.com/floating-ui/floating-ui/commits/@floating-ui/dom@1.5.4/packages/dom)

---
updated-dependencies:
- dependency-name: "@floating-ui/dom"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
 2024-01-08 08:10:49 +08:00
dependabot[bot]
c902ea0f47
Build(deps-dev): Bump ruby-prof from 1.6.3 to 1.7.0 (#25154) 
Bumps [ruby-prof](https://github.com/ruby-prof/ruby-prof) from 1.6.3 to 1.7.0.
- [Changelog](https://github.com/ruby-prof/ruby-prof/blob/master/CHANGES)
- [Commits](https://github.com/ruby-prof/ruby-prof/commits)

---
updated-dependencies:
- dependency-name: ruby-prof
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-08 08:10:31 +08:00
Martin Brennan
628873de24
FIX: Sort plugins by their setting category name (#25128) 
Some plugins have names (e.g. discourse-x-yz) that
are totally different from what they are actually called,
and that causes issues when showing them in a sorted way
in the admin plugin list.

Now, we should use the setting category name from client.en.yml
if it exists, otherwise fall back to the name, for sorting.
This is what we do on the client to determine what text to
show for the plugin name as well.
 2024-01-08 09:57:25 +10:00
Kris
0472d3e122
UX: add missing button class to bulk-select (#24758) 2024-01-05 17:27:59 -05:00
Kris
ec0e802d34
DEV: less generic SVG ids to avoid clash (#25003) 2024-01-05 17:08:31 -05:00
Daniel Waterworth
497d5b4ca0 DEV: Concerns can use class_methods (#24875) 2024-01-05 14:16:08 -06:00
Daniel Waterworth
92882d1cc3 FIX: Validate each value in an array custom field separately (#24659) 2024-01-05 14:16:08 -06:00
Daniel Waterworth
7fbbefe363 FIX: Allow setting an array custom field to a singleton value (#24636) 
Also, validation happens per item in an array field.
 2024-01-05 14:16:08 -06:00
Daniel Waterworth
7f3edcbdc6 DEV: Allow setting max_length for field types using the plugin API (#24635) 2024-01-05 14:16:08 -06:00
Daniel Waterworth
473b7d9a4f DEV: Allow setting different custom field length limits by key (#24505) 2024-01-05 14:16:08 -06:00
Daniel Waterworth
34fe4dfe7c DEV: Refactor save_custom_fields methods (#24495) 
Operate a key at a time, to make it clearer what's going on.

This also fixes a bug where array integer fields would get re-written
even when there wasn't a change.
 2024-01-05 14:16:08 -06:00
Daniel Waterworth
0404abfe8d DEV: Deprecate array custom fields (#24492) 
Array custom fields use separate rows for each value, but whenever we
update an array, we have always destroy the existing rows and create new
ones. Therefore, there's no benefit over using the json type.
 2024-01-05 14:16:08 -06:00
Daniel Waterworth
8fd86fbdf7 FIX: Preserve custom field array order (#24491) 2024-01-05 14:16:08 -06:00
Daniel Waterworth
1f69e806a0 DEV: Don't define methods in an included block (#24433) 2024-01-05 14:16:08 -06:00
Daniel Waterworth
0d80290079 DEV: Remove custom field regexes (#24390) 
As far as I can tell, this isn't used
 2024-01-05 14:16:08 -06:00
Bianca Nenciu
62e570afe2
FIX: Ensure that categories array is not undefined (#25141) 
With lazy_load_categories enabled, the categories array can be undefined
because it is not loaded yet (it is populated on demand).
 2024-01-05 20:45:21 +02:00
Rafael dos Santos Silva
0fe11ef337
FIX: Stop optimizing WEBPs into JPGs (#25140) 
This rarely results in better compression, and there are many uses of animated WEBPs too
 2024-01-05 12:18:48 -03:00
Rafael dos Santos Silva
13735f35fb
FEATURE: Cache embed contents in the database (#25133) 
* FEATURE: Cache embed contents in the database

This will be useful for features that rely on the semantic content of topics, like the many AI features



Co-authored-by: Roman Rizzi <rizziromanalejandro@gmail.com>
 2024-01-05 10:09:31 -03:00
Ted Johansson
ac4d90b3a6
Revert "DEV: Skip MinioRunner until min.io renews their cert (#25137)" (#25138) 
This reverts commit 2594f7a5a3.
 2024-01-05 14:08:27 +08:00
Ted Johansson
a5f0935307
DEV: Convert min_trust_level_to_create_tag to groups (#24899) 
We're changing the implementation of trust levels to use groups. Part of this is to have site settings that reference trust levels use groups instead. It converts the min_trust_level_to_create_tag  site setting to create_tag_allowed_groups.

This PR maintains backwards compatibility until we can update plugins and themes using this.
 2024-01-05 10:19:43 +08:00