Commit Graph

54692 Commits

Author SHA1 Message Date
dependabot[bot]
14d1e82029
Build(deps-dev): Bump the embroider group with 3 updates (#27559)
Bumps the embroider group with 3 updates: [@embroider/compat](https://github.com/embroider-build/embroider/tree/HEAD/packages/compat), [@embroider/core](https://github.com/embroider-build/embroider/tree/HEAD/packages/core) and [@embroider/macros](https://github.com/embroider-build/embroider/tree/HEAD/packages/macros).


Updates `@embroider/compat` from 3.5.3 to 3.5.4
- [Release notes](https://github.com/embroider-build/embroider/releases)
- [Changelog](https://github.com/embroider-build/embroider/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/embroider/commits/HEAD/packages/compat)

Updates `@embroider/core` from 3.4.12 to 3.4.13
- [Release notes](https://github.com/embroider-build/embroider/releases)
- [Changelog](https://github.com/embroider-build/embroider/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/embroider/commits/HEAD/packages/core)

Updates `@embroider/macros` from 1.16.3 to 1.16.4
- [Release notes](https://github.com/embroider-build/embroider/releases)
- [Changelog](https://github.com/embroider-build/embroider/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/embroider/commits/HEAD/packages/macros)

---
updated-dependencies:
- dependency-name: "@embroider/compat"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: embroider
- dependency-name: "@embroider/core"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: embroider
- dependency-name: "@embroider/macros"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: embroider
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-23 12:02:24 +02:00
dependabot[bot]
7d36657094
Build(deps-dev): Bump selenium-webdriver from 4.21.1 to 4.22.0 (#27557)
Bumps [selenium-webdriver](https://github.com/SeleniumHQ/selenium) from 4.21.1 to 4.22.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES)
- [Commits](https://github.com/SeleniumHQ/selenium/commits/selenium-4.22.0)

---
updated-dependencies:
- dependency-name: selenium-webdriver
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-23 11:55:33 +02:00
dependabot[bot]
234eaeb350
Build(deps-dev): Bump selenium-devtools from 0.125.0 to 0.126.0 (#27558)
Bumps [selenium-devtools](https://github.com/SeleniumHQ/selenium) from 0.125.0 to 0.126.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES)
- [Commits](https://github.com/SeleniumHQ/selenium/commits)

---
updated-dependencies:
- dependency-name: selenium-devtools
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-23 11:53:12 +02:00
dependabot[bot]
234bea88fd
Build(deps): Bump pry-rails from 0.3.9 to 0.3.11 (#27562)
Bumps [pry-rails](https://github.com/rweng/pry-rails) from 0.3.9 to 0.3.11.
- [Commits](https://github.com/rweng/pry-rails/compare/v0.3.9...v0.3.11)

---
updated-dependencies:
- dependency-name: pry-rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-23 02:52:22 +02:00
dependabot[bot]
137094abe7
Build(deps-dev): Bump typescript from 5.4.5 to 5.5.2 (#27561)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.4.5 to 5.5.2.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v5.4.5...v5.5.2)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-23 02:51:49 +02:00
dependabot[bot]
d4077520de
Build(deps-dev): Bump lefthook from 1.6.16 to 1.6.17 (#27560)
Bumps [lefthook](https://github.com/evilmartians/lefthook) from 1.6.16 to 1.6.17.
- [Release notes](https://github.com/evilmartians/lefthook/releases)
- [Changelog](https://github.com/evilmartians/lefthook/blob/master/CHANGELOG.md)
- [Commits](https://github.com/evilmartians/lefthook/compare/v1.6.16...v1.6.17)

---
updated-dependencies:
- dependency-name: lefthook
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-23 02:51:12 +02:00
Penar Musaraj
f4108702c8
FIX: Regression in custom homepage modifier used in theme components (#27569) 2024-06-21 11:24:11 -04:00
chapoi
099bffe37a
UX: Increase spacing mobile menus (#27554)
* UX: increase sidebar row height on mobile

* UX: increase quick access panel row height
2024-06-21 17:05:19 +02:00
Ella E
da2e9ebd94
UX: Remove tertiary color from non-link elements (#27565) 2024-06-21 08:12:50 -06:00
Kris
f38bb5e3e4
UX: fix chat drawer z-index (#27568) 2024-06-21 10:09:05 -04:00
Loïc Guitaut
160011793a Revert "DEV: Upgrade Rails to version 7.1 (#27539)"
This reverts commit ca4af53be8.
2024-06-21 11:20:40 +02:00
Kelv
60d5170587
DEV: add validation on content_security_policy_script_src site setting (#27564)
* DEV: add validation on content_security_policy_script_src site setting
2024-06-21 17:00:22 +08:00
Loïc Guitaut
ca4af53be8 DEV: Upgrade Rails to version 7.1 (#27539)
* DEV: Upgrade Rails to 7.1

* FIX: Remove references to `Rails.logger.chained`

`Rails.logger.chained` was provided by Logster before Rails 7.1
introduced their broadcast logger. Now all the loggers are added to
`Rails.logger.broadcasts`.

Some code in our initializers was still using `chained` instead of
`broadcasts`.

* DEV: Make parameters optional to all FakeLogger methods

* FIX: Set `override_level` on Logster loggers (#27519)

A followup to f595d599dd

* FIX: Don’t duplicate Rack response

---------

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2024-06-21 09:44:06 +02:00
Martin Brennan
30fdd7738e
FEATURE: Smarter list editing in DEditor (#27563)
This commit introduces behaviour similar to sites
like GitHub, Notion, and others where, if you
are already typing a list and press enter in the composer,
we continue the list on the next line.

Then, if you press enter again on the next line with
an empty list item, we remove that item on that last line.

This works with the following list types:

* star bullet
- dash bullet
* [] star and dash bullet with checkbox
1. numbered

This also works if you are in the middle of a list, and
with indented sub-lists.

With the numbered lists, we continue with the next number
in the sequence, and if you start a new line in the middle
of the list, we renumber the rest of the list.
2024-06-21 15:27:03 +10:00
Régis Hanol
22128ff1ab
FIX: post revision serializer when tags is a string (#27499)
In some instances, the `modifications` of `tags` hasn't been properly serialized as a Ruby array but rather as a string (I've seen `""`, `"[]"`, and `"[\"\"]"`).

This generates an error when we try to `filter_tags` and remove `hidden_tags` (which is an array) from `tags` which might be a string.

Internal ref - t/131126

I wasn't able to figure out the root cause of this so I reverted the behavior that was introduced ~6 years ago in f2c060bdf2
2024-06-21 08:09:21 +10:00
chapoi
c1f477c1b6
UX: Remove or replace button transitions with variable (#27527) 2024-06-20 19:51:20 +02:00
Sérgio Saquetim
a67bb749a4
DEV: Enable admin notice for the Glimmer header warnings (#27479) 2024-06-20 14:22:05 -03:00
Penar Musaraj
ba7215b3c2
DEV: Remove deprecated DisableSidebar mixin (#26425) 2024-06-20 12:00:48 -04:00
Penar Musaraj
33de5abb6e
DEV: Extract theme resolution to a helper (#27426)
This ensures that the theme id is resolved as early as possible in the
request cycle. This is necessary for the custom homepage to skip
preloading the wrong data.
2024-06-20 11:33:46 -04:00
Sam
d29160131d
FEATURE: enable list keyboard shortcuts on filter route (#27551)
Previously filter route was not setting topic list, this meant that
keyboard navigation using "G" "J" was not functioning.

This amends it by ensuring the list is set after looking up the model.
2024-06-20 21:28:52 +10:00
Loïc Guitaut
982c005979 Revert "DEV: Upgrade Rails to version 7.1 (#27539)"
This reverts commit 2301dddcff.
2024-06-20 11:43:35 +02:00
Kelv
e46a5e5343
DEV: unsilence deprecate-implicit-route-model (#27550)
* DEV: unsilence ember deprecation id deprecate-implicit-route-model
2024-06-20 17:05:19 +08:00
Loïc Guitaut
2301dddcff
DEV: Upgrade Rails to version 7.1 (#27539)
* DEV: Upgrade Rails to 7.1

* FIX: Remove references to `Rails.logger.chained`

`Rails.logger.chained` was provided by Logster before Rails 7.1
introduced their broadcast logger. Now all the loggers are added to
`Rails.logger.broadcasts`.

Some code in our initializers was still using `chained` instead of
`broadcasts`.

* DEV: Make parameters optional to all FakeLogger methods

* FIX: Set `override_level` on Logster loggers (#27519)

A followup to f595d599dd

* FIX: Don’t duplicate Rack response

---------

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2024-06-20 10:33:01 +02:00
Ted Johansson
920aa2dfce
FIX: Prevent field type migration from poisoning AR cache (#27549)
We previously migrated field_type from a string to an integer backed enum. Part of this involved renaming a column in a post migration, swapping out field_type:string for field_type:integer. This borks the ActiveRecord cache since the application is already running. Rebooting fixes it, but we want to avoid having this happen in the first place.
2024-06-20 16:24:48 +08:00
Jarek Radosz
dd329d55a5
DEV: Convert topic-status to glimmer/gjs (#27536)
Now that discourse-moderator-attention is gone this is safe to change.
2024-06-20 10:17:29 +02:00
dependabot[bot]
d845d6febf
Build(deps-dev): Bump webpack from 5.92.0 to 5.92.1 (#27544)
Bumps [webpack](https://github.com/webpack/webpack) from 5.92.0 to 5.92.1.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.92.0...v5.92.1)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-20 09:58:31 +02:00
dependabot[bot]
abc6e1aa3a
Build(deps-dev): Bump glob from 10.4.1 to 10.4.2 (#27543)
Bumps [glob](https://github.com/isaacs/node-glob) from 10.4.1 to 10.4.2.
- [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md)
- [Commits](https://github.com/isaacs/node-glob/compare/v10.4.1...v10.4.2)

---
updated-dependencies:
- dependency-name: glob
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-20 14:35:24 +08:00
dependabot[bot]
d447779aa2
Build(deps-dev): Bump rspec-rails from 6.1.2 to 6.1.3 (#27546)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 6.1.2 to 6.1.3.
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v6.1.2...v6.1.3)

---
updated-dependencies:
- dependency-name: rspec-rails
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-20 14:35:11 +08:00
dependabot[bot]
bdec6c44c6
Build(deps): Bump minitest from 5.23.1 to 5.24.0 (#27545)
Bumps [minitest](https://github.com/minitest/minitest) from 5.23.1 to 5.24.0.
- [Changelog](https://github.com/minitest/minitest/blob/master/History.rdoc)
- [Commits](https://github.com/minitest/minitest/compare/v5.23.1...v5.24.0)

---
updated-dependencies:
- dependency-name: minitest
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-20 14:35:03 +08:00
Krzysztof Kotlarek
0e1102b332
FIX: do not force configure 2FA when OAuth and not enforced (#27547)
In this PR we introduced `enforce_second_factor_on_external_auth` setting https://github.com/discourse/discourse/pull/27506

When it is set to false and the user is authenticated via OAuth, then we should not enforce the 2fa configuration.
2024-06-20 11:49:46 +10:00
Sérgio Saquetim
4ced8f80ac
DEV: Add plugin outlets before and after the header content (#27530) 2024-06-19 20:45:54 -03:00
Rafael dos Santos Silva
b2a9676f0b
FEATURE: Support Spotify Onebox (#27540) 2024-06-19 13:27:27 -03:00
Jan Cernik
604ca4d46e
UX: Hide the error tooltip when focusing the topic title (#27531) 2024-06-19 11:55:29 -03:00
Jarek Radosz
e29dfe1380
FIX: Restore user-cards in composer preview (#27514)
The ability to display them was lost in 91456ad2cb
2024-06-19 14:41:32 +02:00
Ted Johansson
96a0781bc1
FIX: Avoid duplicating e-mail body in summary e-mail (#27535)
We recently fixed a problem where secure upload images weren't re-attached when sending the activity summary e-mail.

This fix contained a bug that would lead to n copies of the e-mail body being included, n being the number of duplicates. This is because #fix_parts_after_attachments! was called once per attachment, and adding more parts to the multipart e-mail.

This PR fixes that by:

Adding a failing test case for the above.
Moving the looping over multiple posts into #fix_parts_after_attachments! itself.
2024-06-19 20:11:47 +08:00
Jarek Radosz
251b3a5c47
DEV: Remove discourse-moderator-attention (#27537)
…from the official plugins list. It's archived now.
2024-06-19 13:26:57 +02:00
Bianca Nenciu
2ce83b4d2e
FIX: Do not extract links for hotlinked images (#27538)
When a post is cooked the links are extracted and `TopicLink` instances
are created for each of them. These links are used in various places,
including the topic view, user summary page, etc.

In previous commit 48e5d1a, hotlinked images from Oneboxes have been
ignored from the texts, but hotlinked images turned into Lightboxes
were still extracted.
2024-06-19 14:25:29 +03:00
Ted Johansson
9468e0c0f2
DEV: More robust referrer host parsing (#27534) 2024-06-19 16:30:40 +08:00
Ted Johansson
9cc030fe8d
DEV: Ensure digest e-mail secure image test uses actual digest e-mail (#27532)
The test that checks that securely uploaded images are re-attached to the digest e-mail wasn't rendering the actual digest e-mail template. This change fixes that.
2024-06-19 14:33:57 +08:00
Martin Brennan
83361b2fc5
FEATURE: Introduce site settings which require confirmation (#27315)
Many site settings can be distructive or have huge side-effects
for a site that the admin may not be aware of when changing it.

This commit introduces a `requires_confirmation` attribute that
can be added to any site setting. When it is true, a confirmation
dialog will open if that setting is changed in the admin UI,
optionally with a custom message that is defined in client.en.yml.

If the admin does not confirm, we reset the setting to its previous
clean value and do not save the new value.
2024-06-19 16:01:24 +10:00
Ted Johansson
3ff7ce78e7
FEATURE: Add hidden site setting to list 'unsafe-none' COOP referrers (#27510)
Some tooling may rely on an unsafe-none cross origin opener policy to work. This change adds a hidden site setting that can be used to list referrers where we add this header instead of the default one configured in cross_origin_opener_policy_header.
2024-06-19 11:11:35 +08:00
Natalie Tay
489aac3fdd
FIX: Disallow table cells to be weighted actual articles can be main content (#27508)
For Topic Embeds, we would prefer <article> to be the main article in a topic, rather than a table cell <td> with potentially a lot of data. However, in an example URL like here, the table cell (the very large code snippet) is seen as the Topic Embed's article due to the determined content weight by the Readability library we use.

In the newly released 0.7.1 cantino/ruby-readability#94, the library has a new option to exclude the library's default <td> element into content weighting. This is more in line with the original library where they only weighted <p>. So this PR excludes the td, as seen in the tests, to allow the actual article to be seen as the article. This PR also adds the details tag into the allow-list.
2024-06-19 09:50:49 +08:00
Martin Brennan
ebdbb199a5
FIX: Rejection email sent even if reject reason too long (#27529)
Followup 6b872c4c53

Even though we were showing a validation error for a reject
reason that was too long, we were still sending an email and
doing other operations on the user which we are rejecting.

This commit fixes this by validating the reviewable model
before attempting to do anything else after the reason is set.
2024-06-19 11:07:23 +10:00
Krzysztof Kotlarek
cc4c199680
FEATURE: optional 2FA enforcement (#27506)
A new admin setting called `enforce_second_factor_on_external_auth`. It allows users to authenticate using external providers even when 2FA is forced with `enforce_second_factor` site setting.
2024-06-19 09:32:30 +10:00
Jarek Radosz
9568a7e542
DEV: Remove repeated sign_in calls (#27521)
There's already a `before { sign_in }` in this spec file
2024-06-19 07:21:38 +08:00
dependabot[bot]
6b12bfe3a5
Build(deps-dev): Bump puppeteer-core from 22.11.1 to 22.11.2 (#27528)
Bumps [puppeteer-core](https://github.com/puppeteer/puppeteer) from 22.11.1 to 22.11.2.
- [Release notes](https://github.com/puppeteer/puppeteer/releases)
- [Changelog](https://github.com/puppeteer/puppeteer/blob/main/release-please-config.json)
- [Commits](https://github.com/puppeteer/puppeteer/compare/puppeteer-core-v22.11.1...puppeteer-core-v22.11.2)

---
updated-dependencies:
- dependency-name: puppeteer-core
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-19 00:54:56 +02:00
dependabot[bot]
3e54a1a6ad
Build(deps): Bump memory_profiler from 1.0.1 to 1.0.2 (#27526)
Bumps [memory_profiler](https://github.com/SamSaffron/memory_profiler) from 1.0.1 to 1.0.2.
- [Changelog](https://github.com/SamSaffron/memory_profiler/blob/master/CHANGELOG.md)
- [Commits](https://github.com/SamSaffron/memory_profiler/compare/v1.0.1...v1.0.2)

---
updated-dependencies:
- dependency-name: memory_profiler
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-19 00:42:27 +02:00
dependabot[bot]
818bbf7018
Build(deps): Bump jwt from 2.8.1 to 2.8.2 (#27524)
Bumps [jwt](https://github.com/jwt/ruby-jwt) from 2.8.1 to 2.8.2.
- [Release notes](https://github.com/jwt/ruby-jwt/releases)
- [Changelog](https://github.com/jwt/ruby-jwt/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jwt/ruby-jwt/compare/v2.8.1...v2.8.2)

---
updated-dependencies:
- dependency-name: jwt
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-19 00:41:26 +02:00
dependabot[bot]
c76da4cae4
Build(deps): Bump faraday from 2.9.1 to 2.9.2 (#27525)
Bumps [faraday](https://github.com/lostisland/faraday) from 2.9.1 to 2.9.2.
- [Release notes](https://github.com/lostisland/faraday/releases)
- [Changelog](https://github.com/lostisland/faraday/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lostisland/faraday/compare/v2.9.1...v2.9.2)

---
updated-dependencies:
- dependency-name: faraday
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-19 00:35:54 +02:00
JimmyJammyDodger
709509f8f5
UX: Add new preview links to Popular Themes (#27518)
* UX: Add new preview links to Popular Themes

Replace previews for 'Discourse' based ones

* prettier

---------

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2024-06-19 08:12:36 +10:00