Commit Graph

46624 Commits

Author SHA1 Message Date
Sam
3d59f767ae
FIX: remove RS384 and RS512 cose ciphers (#18619)
RS256 was added for Windows Hello and as a side effect we speculatively added
RS384 and RS512. These ciphers were not tested and are now failing on solo
keys. It may be the case that the ciphers are not configured correctly on
our side. It may be the case that this is a Solo key bug.

Regardless, we are removing the ciphers and will only consider adding them
again if absolutely needed.
2022-10-17 09:13:34 +10:00
dependabot[bot]
2bbacb69a7
Build(deps): Bump ember-auto-import in /app/assets/javascripts (#18618)
Bumps [ember-auto-import](https://github.com/ef4/ember-auto-import/tree/HEAD/packages/ember-auto-import) from 2.4.2 to 2.4.3.
- [Release notes](https://github.com/ef4/ember-auto-import/releases)
- [Changelog](https://github.com/ef4/ember-auto-import/blob/main/packages/ember-auto-import/CHANGELOG.md)
- [Commits](https://github.com/ef4/ember-auto-import/commits/v2.4.3/packages/ember-auto-import)

---
updated-dependencies:
- dependency-name: ember-auto-import
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-16 23:57:28 +02:00
Jarek Radosz
bdd0a98f38
DEV: Fix testem output (#18609)
Failed tests list we're displaying at the end had incorrect ids. e.g

```
(…)
ok 2160 Chrome 106.0 - [54 ms] - Integration | Component | select-kit/category-drop: caretUpIcon
ok 2161 Chrome 106.0 - [20 ms] - Unit | Service | store: find embedded

Used JS Heap Size: 7.304GB

1..2161
# tests 2161
# pass  2152
# skip  7
# todo  0
# fail  2

Failures:

not ok 2162 Chrome 106.0 - [36 ms] - Acceptance: Unknown: Permalink URL to a static page
    ---
        actual: >
            null
        message: >
            Promise rejected during "Permalink URL to a static page": no no
        negative: >
            false
        browser log: |
    ...
not ok 2163 Chrome 106.0 - [238 ms] - Unit | Utility | text: parseAsync
    ---
        actual: >
            null
        message: >
            Promise rejected during "parseAsync": nope
        negative: >
            false
        browser log: |
    ...
Testem finished with non-zero exit code. Tests failed.
```
2022-10-16 19:38:20 +02:00
chapoi
7ed87979a2
UX: theme setting highlight update (#18607) 2022-10-15 15:29:37 -05:00
Joffrey JAFFEUX
3bd94b2794
DEV: includes search_aliases in emoji object (#18608)
This is an information we need on client side for example when filtering emojis.
2022-10-15 07:09:00 -05:00
Roman Rizzi
588bb2ccf2
A11Y: Add more information to the "reply to" button label. (#18604)
Includes the post number and poster's username for screen readers.
2022-10-14 17:47:29 -03:00
Tobias Eigen
07a6b6f55c
updated copy for Create your Welcome Topic CTA (#18600)
Fixed a typo and added more guidance on info the welcome topic should contain.
2022-10-14 11:46:24 -07:00
Roman Rizzi
2933baa0ce
A11Y: Signal the toggle header can reorder table elements. (#18597)
While navigating the table, indicate what the button does and if the user pressed it or not. Also, don't lose focus after reordering elements.
2022-10-14 13:28:20 -03:00
Kris
6b4b279141
UX: horitzontal scroll controls for new user nav (#18583) 2022-10-14 09:32:02 -04:00
Jarek Radosz
a5156d18ff
DEV: Modernize controller unit tests (#17412)
Aligns controller tests with the Ember standard, by using `module` and `setupTest` instead of our custom `discourseModule`)
2022-10-14 13:15:58 +02:00
Jarek Radosz
2c5e8f1763
DEV: Asyncify loadTopicView (#18585)
See https://github.com/discourse/discourse/pull/14838#issuecomment-1271935405 for details about `controllerReady` logic.

Co-authored-by: David Taylor <david@taylorhq.com>
2022-10-14 12:44:31 +02:00
Jean
7718ef97cc
DEV: add plugin connectors to the admin user lists table (#18590) 2022-10-13 22:32:48 -04:00
chapoi
92bfea2f2b
UX: hide keyboard shortcuts on mobile (#18575) 2022-10-14 09:26:21 +08:00
dependabot[bot]
d1d0241d8b
Build(deps): Bump stackprof from 0.2.21 to 0.2.22 (#18589)
Bumps [stackprof](https://github.com/tmm1/stackprof) from 0.2.21 to 0.2.22.
- [Release notes](https://github.com/tmm1/stackprof/releases)
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tmm1/stackprof/compare/v0.2.21...v0.2.22)

---
updated-dependencies:
- dependency-name: stackprof
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-13 23:25:44 +02:00
Penar Musaraj
78044ad2aa
A11Y: Trap focus on auth security modal (#18573) 2022-10-13 16:16:22 -04:00
Penar Musaraj
c81763dcd8
A11Y: Make input popup errors keyboard-accessible (#18570)
Also sets focus to the nearest input when popups are dismissed.
2022-10-13 16:16:05 -04:00
Penar Musaraj
74a6a868d2
A11Y: Fix tab order in "Feature topic" modal (#18576)
Tab order acts strangely in Chrome when the last focusable element in a
modal is a radio group: it switches focus to the address bar. This is a
problem, because for keyboard users, it becomes very hard to return to
the previous context.

This PR adds a focusable "Cancel" button, whose mere presence fixes the
issue.
2022-10-13 16:15:45 -04:00
David Taylor
e0a6d12c55
Use service account credentials for fetching google hd groups (#18329)
The previous implementation would attempt to fetch groups using the end-user's Google auth token. This only worked for admin accounts, or users with 'delegated' access to the `admin.directory.group.readonly` API.

This commit changes the approach to use a single 'service account' for fetching the groups. This removes the need to add permissions to all regular user accounts. I'll be updating the [meta docs](https://meta.discourse.org/t/226850) with instructions on setting up the service account.

This is technically a breaking change in behavior, but the existing implementation was marked experimental, and is currently unusable in production google workspace environments.
2022-10-13 16:04:42 +01:00
Jordan Vidrine
45f93ae75d
UX: Onboarding edits (#18581)
* UX: Adjust size of svg arrow

* UX: Refactor & style edits
2022-10-13 16:39:52 +03:00
Bianca Nenciu
4b2cc2de1e
FIX: Show timelines dates as clickable (#18580)
These two dates used to have the default cursor when hovering. This
commit removes the 'cursor: default' CSS property.
2022-10-13 14:24:41 +03:00
Martin Brennan
beaf009b4a
FIX: action_code_path not being loaded for user-stream-item (#18577)
This commit fixes an issue where we had a typo in the
UserAction.stream query which meant that action_code_path
was not loaded correctly. Once that was fixed, we were also
not actually using the action_code_path in the user-stream-item,
so that has been fixed here too.

The bug this caused was that, when the link for the action was
clicked within the user-stream-item, the user would be redirected
to a URL ending with `[missing%20%%7Bpath%7D%20value]` because
the I18n call did not have the path present.
2022-10-13 19:10:18 +10:00
Alan Guo Xiang Tan
c16cb0e00b
FIX: Missing category badge for category with color stored as 3-digit hex code (#18579)
On the server side, the only limitation for `Category#color` is a length
limit of 6. Therefore, we cannot assume on the client side that the hex
code is always 6 digits.
2022-10-13 17:00:46 +08:00
Alan Guo Xiang Tan
7e94fa86d7
FIX: Category sidebar link not active when filtered by none and all (#18578) 2022-10-13 17:00:20 +08:00
Alan Guo Xiang Tan
940eb0ce4d
UX: Conditionally display sidebar tags section for user (#18558)
If a site has no default sidebar tags configured, show tags section if the user has personal sidebar tags configured.
Otherwise, hide the tags section from the sidebar for the user.

If a site has default sidebar tags configured, always display the tags section.
2022-10-13 09:52:25 +08:00
Alan Guo Xiang Tan
8e80f4c211
UX: Conditionally hide sidebar categories section for user (#18557)
If a site has no default sidebar categories configured:
  * Show categories section if user has categories configured
  * Hide categories section if user does not have categories configured

If a site has default sidebar categories configured:
  * Always show categories section
2022-10-13 09:18:39 +08:00
Alan Guo Xiang Tan
deb0656b63
UX: Hide tags section in sidebar when user has no visible tags (#18539)
Also hides the tags configuration for sidebar under user preferences

Internal ref: /t/73500
2022-10-13 08:37:28 +08:00
Krzysztof Kotlarek
58e4b43fe4
FIX: replace prefixCSS with prefixElementColors (#18556)
Instead of having `prefixCSS`, only `prefixElementColors` are available to reduce chances of exposing XSS.
2022-10-13 09:01:19 +11:00
Vinoth Kannan
7f167de10b
FIX: remove nil items before sorting the sha1 string array. (#18571)
Previously, when the array had both nil and string values it returned the error "comparison of NilClass with String failed". Now I added the `.compact` method to prevent this issue as per @martin-brennan's suggestion https://github.com/discourse/discourse/pull/18431#discussion_r984204788
2022-10-13 02:43:56 +05:30
Andrei Prigorshnev
0fe111e492
FEATURE: add user status to user preferences (#18532) 2022-10-12 23:35:25 +04:00
Isaac Janzen
231dc10bbd
Add replaceContent selectKit modifier (#18569)
Add the ability to modify a selectKit's content with `replaceContent`

Eg.

```
      api.modifySelectKit("combo-box").replaceContent(() => {
        return {
          id: "foo",
          name: "Foo",
        };
      });
```

will override existing content to only include the passed object
2022-10-12 13:38:42 -05:00
Penar Musaraj
d7c5a7033d
A11Y: Make "Load parent post" element accessible (#18568) 2022-10-12 14:35:31 -04:00
dependabot[bot]
c4812948f6
Build(deps-dev): Bump rspec-rails from 5.1.2 to 6.0.0 (#18534)
* Build(deps-dev): Bump rspec-rails from 5.1.2 to 6.0.0

Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 5.1.2 to 6.0.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v5.1.2...v6.0.0)

---
updated-dependencies:
- dependency-name: rspec-rails
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* FIX: Set the default level of FakeLogger

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2022-10-12 20:25:49 +02:00
Blake Erickson
efb116d2bd
FIX: Reset related site settings on general category delete (#18548)
* FIX: Reset related site settings on general category delete

If the new seeded General category is deleted we also need to delete the
corresponding site setting for it so that we don't try and reference it.

This fixes a bug in the category dropdown composer.

This change creates the `clear_related_site_settings` after destroy
hook that could also be used by other features in the future, like maybe
when we have a `default_category_id` site_setting.

Looks like if `nil` out a site setting it is set to `0`?

```
[9] pry(main)> SiteSetting.general_category_id = nil
  SiteSetting Load (0.4ms)  SELECT "site_settings".* FROM "site_settings" WHERE "site_settings"."name" = 'general_category_id' LIMIT 1
=> nil
[10] pry(main)> SiteSetting.general_category_id
=> 0
```

That is why the tests check if the value is `< 1` and not `nil`.

* Use -1 instead of nil because it is the default
2022-10-12 11:09:45 -06:00
chapoi
da9ce77ffd
UX: danger colour update (#18516)
* UX: danger colour update

* Update test
2022-10-12 19:01:01 +02:00
Andrei Prigorshnev
98620f8e0e
FIX: status emoji was shown on the left on mobile (#18567) 2022-10-12 20:54:24 +04:00
Andrei Prigorshnev
c32ab70111
FIX: alignment of user status emoji on posts (#18563) 2022-10-12 20:07:07 +04:00
Bianca Nenciu
7611fec0da
FEATURE: Implement new onboarding popups (#18362)
This commit introduces a new framework for building user tutorials as
popups using the Tippy JS library. Currently, the new framework is used
to replace the old notification spotlight and tips and show a new one
related to the topic timeline.

All popups follow the same structure and have a title, a description and
two buttons for either dismissing just the current tip or all of them
at once.

The state of all seen popups is stored in a user option. Updating
skip_new_user_tips will automatically update the list of seen popups
accordingly.
2022-10-12 18:38:45 +03:00
Osama Sayegh
1eaa1fee2d
DEV: Merge mentions and watching tabs into the replies tab in the user menu (#18544)
This commit merges the mentions and "watching" tabs into the replies tab of the user menu. This change is kind of experimental, so we may change it back either fully or partially. Internal topic: t/76474.
2022-10-12 17:58:17 +03:00
David Taylor
76c86a4269
FIX: Correctly handle HTTP errors during dominant color calculation (#18565)
The previous fix in e83d35d6 was incorrect, and the stub in the test was never actually hit. This commit moves the error handling to the right place and updates the specs to ensure the stub is always used.
2022-10-12 15:50:44 +01:00
chapoi
899ed039b7
FIX: typo (#18566) 2022-10-12 16:50:02 +02:00
Jarek Radosz
67e422c2d4
DEV: Remove noop CSS (#18564)
The lint warnings were:

```
inline-block is ignored due to the float. If 'float' has a value other than 'none', the box is floated and 'display' is treated as 'block'

scss(propertyIgnoredDueToDisplay)
```
2022-10-12 16:35:51 +02:00
Jarek Radosz
a4437ab30b
DEV: Fix FakeLogger compat (#18562)
TaggedLogger requires these methods (see plugin backend failures in #18534)
2022-10-12 16:06:00 +02:00
Jarek Radosz
4170b9bb58
DEV: Use more css vars (#18561)
Followup to #18518

This time it's mostly line-height vars and a couple of other uncommon vars.
2022-10-12 16:05:42 +02:00
dependabot[bot]
55909e30bc
Build(deps): Bump pg from 1.4.3 to 1.4.4 (#18552)
Bumps [pg](https://github.com/ged/ruby-pg) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.4.3...v1.4.4)

---
updated-dependencies:
- dependency-name: pg
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-12 15:38:17 +02:00
dependabot[bot]
1618193f21
Build(deps): Bump faraday-net_http from 3.0.0 to 3.0.1 (#18521)
Bumps [faraday-net_http](https://github.com/lostisland/faraday-net_http) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/lostisland/faraday-net_http/releases)
- [Commits](https://github.com/lostisland/faraday-net_http/compare/v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: faraday-net_http
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-12 15:38:05 +02:00
Jarek Radosz
ea326906e3
DEV: Use css var font sizes (#18518)
For consistency and and the ability to change all font sizes at once in the dev tools
2022-10-12 15:31:59 +02:00
Jarek Radosz
b5005e3574
DEV: Always use non-builtin net-* and digest gems (#18560)
This will possibly fix the issue we're having with Dependabot. It seems it now uses a different ruby version (i.e. 3.1+)
2022-10-12 15:22:22 +02:00
Bianca Nenciu
33087f0bdf
A11Y: Set role=presentation if alt attr is missing (#18546)
This applies to all images posted that do not have a user description.
2022-10-12 14:07:37 +03:00
David Taylor
c707ee714d
DEV: Use npm for forked backburner.js version (#18559)
Using a git-sourced package seems to cause intermittent `yarn install` failures.

Followup to ad37c6c017
2022-10-12 11:14:41 +01:00
David Taylor
ad37c6c017
DEV: Update backburner.js to include bugfix and dev improvements (#18549)
This version of backburner is patched to include
- Fix for scheduleOnce/cancel bug: https://github.com/BackburnerJS/backburner.js/pull/402
- Async stack debugging in Chrome: https://github.com/BackburnerJS/backburner.js/pull/404

The async debugging feature is enabled only in debug builds of Discourse to ensure production performance is unaffected.

Adding to `vendorFiles` causes the JS to be inserted directly after the `ember-source` bundle. That means that the `backburner` module defined by ember-source will be replaced with the patched version.
2022-10-12 10:06:03 +01:00