Commit Graph

53340 Commits

Author SHA1 Message Date
dependabot[bot]
70748cf276
Build(deps-dev): Bump xss from 1.0.14 to 1.0.15 (#26001)
Bumps [xss](https://github.com/leizongmin/js-xss) from 1.0.14 to 1.0.15.
- [Changelog](https://github.com/leizongmin/js-xss/blob/master/CHANGELOG.md)
- [Commits](https://github.com/leizongmin/js-xss/compare/v1.0.14...v1.0.15)

---
updated-dependencies:
- dependency-name: xss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-04 09:04:07 +08:00
Krzysztof Kotlarek
41f78b31a9
FIX: down downgrade trust level if all requirements are met. (#25953)
Currently, the trust level method  is calculating trust level based on maximum value from:
- locked trust level
- group automatic trust level
- previously granted trust level by admin

https://github.com/discourse/discourse/blob/main/lib/trust_level.rb#L33

Let's say the user belongs to groups with automatic trust level 1 and in the meantime meets all criteria to get trust level 2.

Each time, a user is removed from a group with automatic trust_level 1, they will be downgraded to trust_level 1 and promoted to trust_level 2

120a2f70a9/lib/promotion.rb (L142)

This will cause duplicated promotion messages.

Therefore, we have to check if the user meets the criteria, before downgrading.
2024-03-04 09:30:30 +11:00
Lilly
b5199eac80
Update a typographer markdown settings text on server.en.yml (#25996)
Remove (c) from enable_markdown_typographer_settings text
2024-03-03 02:48:44 -08:00
Kris
e408f4ff95
DEV: remove various unused CSS (#25994) 2024-03-01 16:51:26 -05:00
Kris
653b2e4678
DEV: remove unneeded buttons mobile CSS (#25992) 2024-03-01 16:42:02 -05:00
Kris
9421997866
DEV: remove old bootstrap alert CSS (#25991) 2024-03-01 16:03:34 -05:00
Kris
84882ad25f
UX: disable the image preview controls while invisible (#25990) 2024-03-01 15:06:43 -05:00
dependabot[bot]
0f32e496bc
Build(deps-dev): Bump yard from 0.9.35 to 0.9.36 (#25988)
Bumps [yard](https://github.com/lsegal/yard) from 0.9.35 to 0.9.36.
- [Release notes](https://github.com/lsegal/yard/releases)
- [Changelog](https://github.com/lsegal/yard/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lsegal/yard/compare/v0.9.35...v0.9.36)

---
updated-dependencies:
- dependency-name: yard
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-01 20:15:22 +01:00
Régis Hanol
5fcb7c262d
FIX: prevents duplicate attachments in incoming emails (#25986)
## What?

Depending on the email software used, when you reply to an email that has some attachments, they will be sent along, since they're part of the embedded (replied to) email.

When Discourse processes the reply as an incoming email, it will automatically add all the (valid) attachments at the end of the post. Including those that were sent as part of the "embedded reply".

This generates posts in Discourse with duplicate attachments 🙁

## How?

When processing attachments of an incoming email, before we add it to the bottom of the post, we check it against all the previous uploads in the same topic. If there already is an `Upload` record, it means that it's a duplicate and it is _therefore_ skipped.

All the inline attachments are left untouched since they're more likely new attachments added by the sender.
2024-03-01 18:38:49 +01:00
Kris
ccf0fdaa81
UX: improve group email setting wrap, cleanup styles (#25985) 2024-03-01 12:34:55 -05:00
Jarek Radosz
5dc95eaacc
DEV: Update ExpandingTextArea component (#25890) 2024-03-01 17:20:15 +01:00
Joffrey JAFFEUX
3200e276b7
DEV: attempts to fix flakey spec (#25984) 2024-03-01 10:08:24 +01:00
Martin Brennan
0b60086ff8
DEV: Hide min_trust_level_to_allow_profile_background setting (#25980)
Followup to a57280cb17,
it was an oversight
2024-03-01 13:32:19 +10:00
Kelv
29458c436c
FIX: return missing href attribute for topic map participants avatars (#25981) 2024-03-01 11:14:57 +08:00
Martin Brennan
6bcbe56116
DEV: Use freeze_time_safe in more places (#25949)
Followup to 120a2f70a9,
uses new method to avoid time-based spec flakiness
2024-03-01 10:07:35 +10:00
Kris
8503d3afe1
UX: improve advanced search wrapping, remove mobile stylesheet (#25975) 2024-02-29 18:07:18 -05:00
Blake Erickson
2d890d73a2
FEATURE: Add recover api scopes (#25978)
This commit adds two new api scopes. One for recovering topics, and the
other for recovering posts.
2024-02-29 15:49:29 -07:00
Joffrey JAFFEUX
0b778697ff
FIX: instantly removes group message when leaving (#25961)
Prior to this fix clicking <kbd>x</kdb> on a channel row would effectively leave the channel on server side, but it wouldn't disappear from the screen before a page refresh.
2024-02-29 23:49:01 +01:00
Kris
40eea40d69
UX: clean up tag info styles, remove mobile stylesheet (#25973) 2024-02-29 17:48:47 -05:00
dependabot[bot]
721fa86b24
Build(deps): Bump actionview_precompiler from 0.3.0 to 0.4.0 (#25977)
Bumps [actionview_precompiler](https://github.com/jhawthorn/actionview_precompiler) from 0.3.0 to 0.4.0.
- [Commits](https://github.com/jhawthorn/actionview_precompiler/compare/v0.3.0...v0.4.0)

---
updated-dependencies:
- dependency-name: actionview_precompiler
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-29 23:34:00 +01:00
dependabot[bot]
1e666ddfd7
Build(deps-dev): Bump express from 4.18.2 to 4.18.3 (#25974)
Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.18.3.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.18.2...4.18.3)

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-29 22:53:08 +01:00
Kris
db2f5ae51b
UX: simplify styles for image uploader (#25970) 2024-02-29 14:39:00 -05:00
Kris
47b8e98cf7
UX: enable badge title on mobile, style cleanup (#25968) 2024-02-29 13:55:13 -05:00
Gerhard Schlager
6847ed5be6
FIX: import:rebake_uncooked_* jobs couldn't be run in parallel (#25969)
If those jobs were started multiple times each process would have rebaked the same posts.
2024-02-29 19:54:19 +01:00
Isaac Janzen
841b353d38
DEV: Close user menu after clicking view-all notifications (#25966)
We needed to call closeUserMenu after navigating to the show all notifications url.
2024-02-29 11:52:51 -07:00
Mark VanLandingham
6c2c690479
DEV: Add push notification filtering to MessageBus alerts (#25965) 2024-02-29 12:49:46 -06:00
Daniel Waterworth
f0baa0ddfe
DEV: Prefer defer_get_set over get/set on DistributedCache (#25967) 2024-02-29 11:10:24 -06:00
Andrei Prigorshnev
7aa3e15440
DEV: Deprecate FoundUserWithStatusSerializer (#25883)
A followup to b3a11994.
2024-02-29 20:20:48 +04:00
Mark VanLandingham
0a58b18970
DEV: Move DiscourseEvent trigger in PostAlerter#push_notification (#25931) 2024-02-29 08:33:38 -06:00
Jarek Radosz
03de0421af
DEV: Convert share-source to gjs (#25964) 2024-02-29 15:12:17 +01:00
dependabot[bot]
f087234ff7
Build(deps-dev): Bump rubocop from 1.60.2 to 1.61.0 (#25958)
* Build(deps-dev): Bump rubocop from 1.60.2 to 1.61.0

Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.60.2 to 1.61.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.60.2...v1.61.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix the issue

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2024-02-29 14:09:49 +01:00
Joffrey JAFFEUX
11400bca1a
DEV: attempts to make last spec non flakey (#25962) 2024-02-29 13:15:00 +01:00
dependabot[bot]
7043512b8d
Build(deps): Bump jwt from 2.8.0 to 2.8.1 (#25959)
Bumps [jwt](https://github.com/jwt/ruby-jwt) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/jwt/ruby-jwt/releases)
- [Changelog](https://github.com/jwt/ruby-jwt/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jwt/ruby-jwt/compare/v2.8.0...v2.8.1)

---
updated-dependencies:
- dependency-name: jwt
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-29 13:03:38 +01:00
dependabot[bot]
25bba3fbda
Build(deps-dev): Bump rubocop-ast from 1.30.0 to 1.31.0 (#25960)
Bumps [rubocop-ast](https://github.com/rubocop/rubocop-ast) from 1.30.0 to 1.31.0.
- [Release notes](https://github.com/rubocop/rubocop-ast/releases)
- [Changelog](https://github.com/rubocop/rubocop-ast/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-ast/compare/v1.30.0...v1.31.0)

---
updated-dependencies:
- dependency-name: rubocop-ast
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-29 12:58:18 +01:00
Bianca Nenciu
e74a9efee1
FIX: Show "no category" in category-chooser (#25917)
CategoryChooser component usually displays just categories, but
sometimes it can show two none values: a "no category" or Uncategorized.
This commit makes sure that these are rendered correctly.

The problem was that the "none" item was automatically inserted in the
list of options, but that should not always happen. Toggling option
`autoInsertNoneItem` requires setting `none` too.
2024-02-29 13:48:20 +02:00
Joffrey JAFFEUX
0bb492c6b6
FIX: live updates threads from my threads page (#25955)
Prior to this fix if a user was answering to one of the listed screen it wouldn't update while you look at the list.
2024-02-29 12:31:20 +01:00
Jarek Radosz
49e67d32fb
DEV: Convert second-factor-input to gjs (#25946) 2024-02-29 12:27:12 +01:00
Jarek Radosz
5c54fbfdb1
DEV: Fix random typos (#25957)
February 2024 edition
2024-02-29 12:24:37 +01:00
Jarek Radosz
8e4affec54
DEV: Update aws gems (#25956)
bundler hygiene 😉
2024-02-29 12:23:21 +01:00
Kris
8c22831672
UX: update appropriate btn-flat instances to btn-transparent (#25945)
With the adjustments of `btn-transparent` in https://github.com/discourse/discourse/pull/24666, there are more buttons that could use this class instead of `btn-flat`. This mostly relates to `x` close buttons, but also includes composer and chat toggles.

The primary difference between these styles is that `btn-transparent` never has a background, where `btn-flat` may have a hover or focus background.
2024-02-29 11:47:07 +01:00
David Battersby
88f833418f
FIX: channel member status live updates (#25925) 2024-02-29 17:49:18 +08:00
Osama Sayegh
8bec0ca083
FEATURE: Support boolean, enum and integer fields for schema theme settings (#25933)
Continue from https://github.com/discourse/discourse/pull/25673 and https://github.com/discourse/discourse/pull/25811.

This commit adds support for boolean, integer and enum types for schema theme settings.
2024-02-29 11:11:32 +03:00
Natalie Tay
ef292d1fed
DEV: Shorten a condition (#25951) 2024-02-29 12:57:53 +08:00
Martin Brennan
5f119c57e8
DEV: Suppress verbose command failure output in plugin:turbo_spec (#25952)
Before this change, if the "Plugins backend" task on GitHub CI
failed, we would get a huge amount of extra output at the end
just to show the command that rake ran which failed (the bin/turbo_rspec
command). This is useless and just makes it hard to see the failing
specs. If you need the full command, it's already output at the
top of the "Plugins backend" task in the GitHub CI.
2024-02-29 14:35:31 +10:00
Alan Guo Xiang Tan
f562da3150
PERF: Reduce ActiveRecord allocations in CategoryList#find_relevant_topics (#25950)
Why this change?

Prior to this change, the `CategoryList#find_relevant_topics` method was
loading and allocating all `CategoryFeaturedTopic` records in the
database to eventually only just use its `category_id` and `topic_id`
column. On a site with many `CategoryFeaturedTopic` records, the loading
of the ActiveRecord objects is a source of bottleneck.

The other problem with the `CategoryList#find_relevant_topics` method is
that it is unconditionally loading all records from the database even if
the user does not have access to the category. This again is wasteful.

What does this change do?

This commit makes it such that `CategoryList#find_relevant_topics` is
called only after `CategoryList#find_categories` in the `CategoryList#initialize`
method so that we can filter featured topics against categories that the
user has access to.

The second change is that Instead of loading `CategoryFeaturedTopic` records, we make an
inner join agains the `topics` table instead and skip any allocation of
`CatgoryFeaturedTopic` ActiveRecord objects.
2024-02-29 12:19:04 +08:00
Martin Brennan
120a2f70a9
DEV: Fix hot topic flaky spec (#25948)
It's February 29th, you know what that means...date-based flaky specs! If today is
February 29th 2024:

```
freeze_time(1.year.ago) -> Tue, 28 Feb 2023 01:38:42.732875000 UTC +00:00
```

Then

```
freeze_time(1.year.from_now) -> Wed, 28 Feb 2024 01:38:42.732875000 UTC +00:00
```

So then our "now" for the insert query ends up being "yesterday"

```
WHERE topic_hot_scores.topic_id IS NULL
  AND topics.deleted_at IS NULL
  AND topics.archetype <> :private_message
  AND topics.created_at <= :now
```
2024-02-29 11:54:36 +10:00
David Taylor
53069fcb8e
DEV: Silence header upgrade deprecations for now (#25947)
We'll unsilence once we've published a clear upgrade path.
2024-02-29 00:36:23 +00:00
dependabot[bot]
9acb4f55f2
Build(deps): Bump the babel group with 2 updates (#25939)
* Build(deps): Bump the babel group with 2 updates

Bumps the babel group with 2 updates: [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) and [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone).


Updates `@babel/core` from 7.23.9 to 7.24.0
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.24.0/packages/babel-core)

Updates `@babel/standalone` from 7.23.10 to 7.24.0
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.24.0/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: babel
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: babel
...

Signed-off-by: dependabot[bot] <support@github.com>

* Clean up accidentally duplicated deps

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2024-02-29 00:27:17 +01:00
Martin Brennan
df4197c8b8
FIX: Show deleted bookmark reminders in user bookmarks menu (#25905)
When we send a bookmark reminder, there is an option to delete
the underlying bookmark. The Notification record stays around.
However, if you want to filter your notifications user menu
to only bookmark-based notifications, we were not showing unread
bookmark notifications for deleted bookmarks.

This commit fixes the issue _going forward_ by adding the
bookmarkable_id and bookmarkable_type to the Notification data,
so we can look up the underlying Post/Topic/Chat::Message
for a deleted bookmark and check user access in this way. Then,
it doesn't matter if the bookmark was deleted.
2024-02-29 09:03:49 +10:00
dependabot[bot]
dbc72aaca9
Build(deps): Bump logster from 2.18.1 to 2.19.0 (#25941)
Bumps [logster](https://github.com/discourse/logster) from 2.18.1 to 2.19.0.
- [Changelog](https://github.com/discourse/logster/blob/main/CHANGELOG.md)
- [Commits](https://github.com/discourse/logster/compare/v2.18.1...v2.19.0)

---
updated-dependencies:
- dependency-name: logster
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-29 00:00:09 +01:00