Commit Graph

51512 Commits

Author SHA1 Message Date
dependabot[bot]
db423ba153
Build(deps-dev): Bump eslint from 8.45.0 to 8.46.0 in /app/assets/javascripts (#22868)
Bumps [eslint](https://github.com/eslint/eslint) from 8.45.0 to 8.46.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.45.0...v8.46.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-31 09:17:31 +08:00
Kris
8c75fa5dfd
UX: increase experimental lightbox z-index (#22865) 2023-07-28 18:06:48 -04:00
David Taylor
27cdd724ce
PERF: Add exponential backoff for /presence/update errors (#22864)
We already handled 429 rate limit errors correctly. This commit adds backoff logic to other types of error to avoid requests being retried every second.
2023-07-28 22:42:46 +01:00
Jordan Vidrine
0f1479e896
UX: Refactor AI summarizing animation (#22839) 2023-07-28 14:02:26 -05:00
Kris
331507f6b0
UX: allow composer title to shrink when needed (#22863) 2023-07-28 14:48:23 -04:00
Joffrey JAFFEUX
1d2cb3abdc
DEV: skip flakey spec in deleted messages (#22862) 2023-07-28 20:37:41 +02:00
Blake Erickson
274c3c9396
DEV: Update code comment wording (#22861)
Follow up to: a8c504aee4

See: https://github.com/discourse/discourse/pull/22829#discussion_r1277747036
2023-07-28 11:47:22 -06:00
Joffrey JAFFEUX
891aabde19
FIX: when using arrow to bottom fetch from newest (#22860)
We were attempting to fetch from last read but this is actually complicated to get right when you have a lot unread, as we might still have more to load after this but the last unread id is still the same and would make the user end up in a loop.
2023-07-28 19:31:28 +02:00
Carson Chang
98e3bbd6bf
FIX: Breaking typo, missing closing parenthesis in topic-post.scss (#22852)
* Breaking typo, Update topic-post.scss

* Update topic-post.scss
2023-07-28 09:55:04 -07:00
Andrei Prigorshnev
7c67360d4a
DEV: a better way of picking of the earliest date (#22858)
See https://github.com/discourse/discourse/pull/22854#discussion_r1277542736.
2023-07-28 20:17:04 +04:00
Selase Krakani
81cf481b16
FIX: Missing pending queued posts from topic view (#22838)
A previous change updated `ReviewableQueuedPost`'s `created_by`
to be consistent with other reviewable types. It assigns
the the creator of the post being queued to `target_created_by` and sets
the `created_by` to the creator of the reviewable itself.

This fix updates some of the `created_by` references missed during the
intial fix.
2023-07-28 16:16:23 +00:00
Penar Musaraj
3bee2a41f4
UX: More tweaks to compact tag picker (#22859)
Input font size was too small.
2023-07-28 12:11:24 -04:00
Selase Krakani
4471eabd49
FIX: Hydration of embedded records (#22809)
The store expects values for property names ending with `_id` to be a resource id
and `_ids` to be an array of resource ids.

This change ensures the store gracefully handles situations where an
embedded field with incompliant data structure sneaks its way to production.
2023-07-28 15:58:55 +00:00
Blake Erickson
a8c504aee4
FIX: Internal oneboxes with github links (#22829)
Internal oneboxes to posts that contained oneboxed github links to
commits or PRs with long enough commit messages to have the `show-more`
and the `excerpt hidden` classes in their html were being stripped of
their content resulting in empty internal oneboxes.

see: https://meta.discourse.org/t/269436

This fixes a regression introduced in:

0b3cf83e3c
2023-07-28 09:07:53 -06:00
Ella E
9e4c747657
FIX: Tweak right arrow position; set other arrow placements to default (#22848) 2023-07-28 08:58:34 -06:00
Selase Krakani
e67fe1d07c
FIX: Member Highlights on Group Cards (#22828)
By default, only 10 members are highlighted on group cards. However,
joining/leaving a big group via the buttons on the group card results in
up to 50 members being highlighted. For large groups, this causes the card
to move off-screen.

This happens because, while the initial render explicitly fetches only 10
members, we don't seem to apply the same limit as part of the member
reload performed when a user leaves/joins via the buttons on the card.

This PR fixes that by only making the first 10 users available for
highlight regardless of the number of members loaded in the store.
2023-07-28 14:33:42 +00:00
Andrei Prigorshnev
cd45f33430
FEATURE: Remove restrictions from the chat messages export (#22854)
Now, when we took care of performance in fbe0e4c and ad05924 
there is no need anymore to restrict the export to
- 6 months
- 10000 rows
2023-07-28 17:04:57 +04:00
David Taylor
c35038b00b
Bump version to v3.0.6 2023-07-28 13:15:07 +01:00
David Taylor
263afe6b6a
Bump version to v3.1.0.beta7 2023-07-28 13:05:29 +01:00
Daniel Waterworth
1b6b764cf5
SECURITY: Don't allow a particular site to monopolize the defer queue 2023-07-28 12:56:41 +01:00
Bianca Nenciu
369f0f3335
SECURITY: Hide restricted tags in noscript view
The hidden tags are usually filtered out by the serializer, but the
noscript view uses the topic objects instead of the serialized objects.
2023-07-28 12:56:39 +01:00
Penar Musaraj
23c2fd5efe
SECURITY: Limit length of edit reason column 2023-07-28 12:56:38 +01:00
Blake Erickson
6695d568ca
SECURITY: Handle concurrent invite accepts
Raise an error on concurrent invite accept attempts.
2023-07-28 12:56:36 +01:00
Alan Guo Xiang Tan
439cc5b023
SECURITY: Impose a upper bound on limit params in various controllers
What is the problem here?

In multiple controllers, we are accepting a `limit` params but do not
impose any upper bound on the values being accepted. Without an upper
bound, we may be allowing arbituary users from generating DB queries
which may end up exhausing the resources on the server.

What is the fix here?

A new `fetch_limit_from_params` helper method is introduced in
`ApplicationController` that can be used by controller actions to safely
get the limit from the params as a default limit and maximum limit has
to be set. When an invalid limit params is encountered, the server will
respond with the 400 response code.
2023-07-28 12:56:35 +01:00
Daniel Waterworth
26e267478d
SECURITY: Don't allow a particular site to monopolize the defer queue 2023-07-28 12:53:51 +01:00
Bianca Nenciu
0736611423
SECURITY: Hide restricted tags in noscript view
The hidden tags are usually filtered out by the serializer, but the
noscript view uses the topic objects instead of the serialized objects.
2023-07-28 12:53:50 +01:00
Penar Musaraj
dcc825bda5
SECURITY: Limit length of edit reason column 2023-07-28 12:53:49 +01:00
Blake Erickson
62a609ea2d
SECURITY: Handle concurrent invite accepts
Raise an error on concurrent invite accept attempts.
2023-07-28 12:53:48 +01:00
Alan Guo Xiang Tan
bfc3132bb2
SECURITY: Impose a upper bound on limit params in various controllers
What is the problem here?

In multiple controllers, we are accepting a `limit` params but do not
impose any upper bound on the values being accepted. Without an upper
bound, we may be allowing arbituary users from generating DB queries
which may end up exhausing the resources on the server.

What is the fix here?

A new `fetch_limit_from_params` helper method is introduced in
`ApplicationController` that can be used by controller actions to safely
get the limit from the params as a default limit and maximum limit has
to be set. When an invalid limit params is encountered, the server will
respond with the 400 response code.
2023-07-28 12:53:46 +01:00
OsamaSayegh
0976c8fad6
SECURITY: Don't reuse CSP nonce between anonymous requests 2023-07-28 12:53:44 +01:00
Alan Guo Xiang Tan
672f3e7e41
Revert "DEV: Skip flaky QUnit tests (#22847)" (#22850)
This reverts commit 26fc5d2d1f.

Flaky test has been fixed in e7208ab4c6
2023-07-28 17:37:31 +08:00
David Battersby
383f48c688
FIX: reset scrollbar position for mobile on lightbox images (#22822)
Using pinch-zoom on mobile devices with lightbox images can lead to scrolling of background content.

This change handles this by capturing the window.scrollY value when opening the lightbox, then when exiting we check if the scroll position has changed and reset it.
2023-07-28 15:03:04 +08:00
Alan Guo Xiang Tan
32d4810e2b
FIX: Can't dismiss new topics that belong to a sub-sub category (#22849)
What is the context for this change?

Prior to this change, there is a bug in `TopicsController#reset_new`
where it does not dismiss new topics in sub-subcategories when the
`category_id` and `include_subcategories=true` params are present. This
is because the controller did not account for sub-subcategories when
fetching the category ids of the new topics that should be dismissed.

This commit fixes the problem by relying on the `Category.subcategory_ids` class
method which accounts for sub-subcategories.
2023-07-28 12:06:42 +08:00
Alan Guo Xiang Tan
26fc5d2d1f
DEV: Skip flaky QUnit tests (#22847)
See
https://github.com/discourse/discourse/actions/runs/5683868303/job/15405355263
and https://github.com/discourse/discourse/actions/runs/5684998320/job/15408941916
2023-07-28 11:05:15 +08:00
Martin Brennan
3c8cc0c73e
DEV: Remove chat TODO (#22846)
This is unnecessary, I already fixed this problem
2023-07-28 09:10:14 +08:00
dependabot[bot]
3c236fb44d
Build(deps-dev): Bump patch-package in /app/assets/javascripts (#22844)
Bumps [patch-package](https://github.com/ds300/patch-package) from 7.0.2 to 8.0.0.
- [Release notes](https://github.com/ds300/patch-package/releases)
- [Changelog](https://github.com/ds300/patch-package/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ds300/patch-package/commits)

---
updated-dependencies:
- dependency-name: patch-package
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-28 00:58:36 +02:00
dependabot[bot]
4cc895ed40
Build(deps-dev): Bump mocha from 2.0.4 to 2.1.0 (#22841)
Bumps [mocha](https://github.com/freerange/mocha) from 2.0.4 to 2.1.0.
- [Changelog](https://github.com/freerange/mocha/blob/main/RELEASE.md)
- [Commits](https://github.com/freerange/mocha/compare/v2.0.4...v2.1.0)

---
updated-dependencies:
- dependency-name: mocha
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-28 00:42:39 +02:00
dependabot[bot]
028cd2a79e
Build(deps): Bump lograge from 0.12.0 to 0.13.0 (#22842)
Bumps [lograge](https://github.com/roidrage/lograge) from 0.12.0 to 0.13.0.
- [Release notes](https://github.com/roidrage/lograge/releases)
- [Changelog](https://github.com/roidrage/lograge/blob/master/CHANGELOG.md)
- [Commits](https://github.com/roidrage/lograge/compare/v0.12.0...v0.13.0)

---
updated-dependencies:
- dependency-name: lograge
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-28 00:42:18 +02:00
marstall
e7208ab4c6
FIX: fix flaky test from settings editor PR (discouse:main:80f5018) (#22834) 2023-07-27 17:46:58 -04:00
Isaac Janzen
de6070fac4
DEV: Convert delete-topic-disallowed modal to component-based API (#22830) 2023-07-27 15:08:37 -05:00
Natalie Tay
173de8afe6
DEV: Add logging and rescue when user already exists and connecting via DiscourseConnect (#22833)
This is happening because despite the user already existing in the forum, the `SingleSignOnRecord` doesn't exist and "require_activation" is set on the provider, causing us to skip looking for the email, and resulting in us creating a new User then seeing Validation failed: Primary email has already been taken when DiscourseConnect is attempting to make a new account.
2023-07-28 02:53:33 +08:00
Andrei Prigorshnev
ad05924bdf
DEV: Do one query per month when exporting chat messages (#22746)
We did some testing and saw that making one query per month is 
cheaper than querying all chat messages at ones. Note that even 
though the export job will be performing one query per month, 
the exported messages will be streamed into a single CSV file, so 
nothing changes from the user's point of view.
2023-07-27 21:56:32 +04:00
marstall
80f5018924
FEATURE: JSON editor for theme settings (#21647)
provide the ability to edit theme settings in the json editor, and also copy them as a text file so they can be pasted into another instance.

Reference: /t/65023
2023-07-27 13:48:59 -04:00
Jarek Radosz
a44378a1b6
FIX: Toggling overridden settings broke in #21572 (#22831) 2023-07-27 19:41:42 +02:00
Isaac Janzen
291629834d
DEV: Convert delete-topic-confirm modal to component-based API (#22813)
<img width="677" alt="Screenshot 2023-07-26 at 4 19 52 PM" src="https://github.com/discourse/discourse/assets/50783505/5b969d38-0283-4217-9f70-de3561f82dd5">
2023-07-27 11:52:12 -05:00
Tobias Eigen
84ffea4916
Update ADMIN-QUICK-START-GUIDE.md (#22788)
This is a fairly extensive update to add checklists and to reorganize the presented information so it is more accessible. Some info is relegated to links to docs on meta. For convenience and regular reference, this topic is now linked to from a GETTING STARTED button next to the site title as long as the site is in bootstrap mode.
2023-07-27 08:44:38 -07:00
Joffrey JAFFEUX
db0aef1192
DEV: removes unused group_manager model (#22827)
The associated table has been removed in 2015: 6dd4bc7d57 (diff-53b8234c51c429b92eb91d0212e15bbab16fcd5d1cbd3db64509977c9e1a060d)
2023-07-27 17:10:58 +02:00
David Taylor
507433f45c
FIX: Share topic shortcut (shift+s) (#22826)
This has been broken for a long time (since 04a63cfaaa)
2023-07-27 15:39:42 +01:00
chapoi
7b3f9dc86b
UX: different way of centering chat notice to accommodate longer texts (#22779)
* UX: different way of centering chat notice to accommodate longer

* linting

* UX: keep close button in top right corner
2023-07-27 15:53:43 +02:00
Jan Cernik
807390bb93
DEV: Remove experimental setting row for chat threads (#22730) 2023-07-27 15:29:28 +02:00