dependabot-preview[bot]
71a7ac365e
Build(deps): Bump rack-protection from 2.0.8.1 to 2.1.0
...
Bumps [rack-protection](https://github.com/sinatra/sinatra ) from 2.0.8.1 to 2.1.0.
- [Release notes](https://github.com/sinatra/sinatra/releases )
- [Changelog](https://github.com/sinatra/sinatra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sinatra/sinatra/compare/v2.0.8.1...v2.1.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-08 10:13:32 -04:00
Joffrey JAFFEUX
02495510e8
FIX: workaround constructor name not available after transpilation ( #10623 )
...
This is only reproducible en production build. In this case, constructor.name could be any value like "i" for example.
2020-09-08 10:14:41 +02:00
Guo Xiang Tan
a1d135f12a
DEV: Correct use of sanitize_sql_array
in TopicQuery
.
2020-09-08 12:30:09 +08:00
Guo Xiang Tan
d3ebaa41ce
DEV: Address review comments for 5ed84d9885
.
2020-09-08 11:17:35 +08:00
Guo Xiang Tan
b0f22f2523
SECURITY: Remove indication that a group exists if user can't see it.
...
Minor security fix but we should not leak any hints that a group exists
even if a user does not have access to the group.
2020-09-08 10:53:48 +08:00
Guo Xiang Tan
5ed84d9885
SECURITY: Don't allow moderators to list PMs of all groups.
...
* Also return 404 when a user is trying to list PMs of a group that
cannot be accessed by the user.
2020-09-08 10:37:00 +08:00
Guo Xiang Tan
0d3239bf21
Revert "SECURITY: Don't allow moderators to view the admins inbox"
...
Superseeded by d9a5280f5665d12bf46efd8cdcc6200da2cdedd8
This reverts commit 18d35bf64a
.
2020-09-08 10:36:49 +08:00
Daniel Waterworth
18d35bf64a
SECURITY: Don't allow moderators to view the admins inbox
2020-09-07 18:02:41 +01:00
Joffrey JAFFEUX
0b8e7d88fe
FIX: wraps popper call in afterRender and uses createPopper ( #10621 )
...
Before this fix, popper was sometimes not applied.
2020-09-07 13:33:52 +02:00
dependabot[bot]
27751ca69f
Build(deps): Bump websocket-extensions ( #10617 )
...
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node ) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases )
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md )
- [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:02:38 +02:00
dependabot[bot]
b191ea4f59
Build(deps): Bump websocket-extensions ( #10615 )
...
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node ) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases )
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md )
- [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:02:27 +02:00
dependabot[bot]
2cb0f013cc
Build(deps): Bump elliptic in /app/assets/javascripts/pretty-text ( #10611 )
...
Bumps [elliptic](https://github.com/indutny/elliptic ) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases )
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:02:09 +02:00
dependabot[bot]
6bff8636e2
Build(deps): Bump elliptic in /app/assets/javascripts/discourse-common ( #10612 )
...
Bumps [elliptic](https://github.com/indutny/elliptic ) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases )
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:01:37 +02:00
dependabot[bot]
9b187b7e11
Build(deps): Bump http-proxy in /app/assets/javascripts/discourse-common ( #10613 )
...
Bumps [http-proxy](https://github.com/http-party/node-http-proxy ) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases )
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md )
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:00:25 +02:00
dependabot[bot]
c119c07fa4
Build(deps): Bump http-proxy in /app/assets/javascripts/pretty-text ( #10614 )
...
Bumps [http-proxy](https://github.com/http-party/node-http-proxy ) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases )
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md )
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:00:10 +02:00
dependabot-preview[bot]
7b889c6201
Build(deps): Bump nio4r from 2.5.2 to 2.5.3 ( #10620 )
...
Bumps [nio4r](https://github.com/socketry/nio4r ) from 2.5.2 to 2.5.3.
- [Release notes](https://github.com/socketry/nio4r/releases )
- [Changelog](https://github.com/socketry/nio4r/blob/master/CHANGES.md )
- [Commits](https://github.com/socketry/nio4r/compare/v2.5.2...v2.5.3 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-07 11:59:25 +02:00
Martin Brennan
431bd84dec
FIX: Make deleted topic post bookmarks more resilient ( #10619 )
...
This PR ensures that new bookmarks cannot be created for deleted posts and topics, and also makes sure that if a bookmark was created and then the topic deleted that the show topic page does not error from trying to retrieve the bookmark reminder at.
2020-09-07 14:52:14 +10:00
Daniel Waterworth
f2842490d3
PERF: Don't load all poll_votes for a poll
2020-09-05 18:42:11 +01:00
awesomerobot
13c9d7e704
UX: Add missing labels to mobile composer buttons
2020-09-04 22:18:29 -04:00
Blake Erickson
a14c9078d3
DEV: Document /u/{username}.json
API endpoint
...
Added some more specs that will be used to auto generate the api docs.
2020-09-04 16:24:43 -06:00
Blake Erickson
b16915d166
DEV: Switch over to a fork of ember-rails
...
We are switching over to a fork because we are currently on a pinned
version of ember-rails 0.18.5 which is pretty old. Upgrading to the
latest version causes many things to break which isn't really worth the
time to debug while we plan to completely switch over to ember-cli
somewhat soonish. Our fork contains a single cherry-pick commit
https://github.com/emberjs/ember-rails/pull/534
which will fix an issue when running the `rails g migration` command and
it spits out a bunch of deprecation warnings.
2020-09-04 14:47:56 -06:00
Jordan Vidrine
e73ff68f75
FEATURE: Add css classes to stylesheet link elements ( #10598 )
...
Adding these classes to the stylesheet link elements in order to toggle dark/light schemes via this theme-component. Eventually this theme-component could possible be merged into core.
2020-09-04 15:40:40 -05:00
Roman Rizzi
726bae8f0c
DEV: Pass the for_export flag to the before_upload_creation event ( #10599 )
2020-09-04 17:24:40 -03:00
Robin Ward
da918ac43e
FIX: Allow us to call script_asset_url
in controllers
...
Without this patch fingerprinting was not applied in production.
2020-09-04 15:23:01 -04:00
Robin Ward
0f9a58e06f
FEATURE: Add stylesheets to bootstrap.json endpoint
...
This allows API consumers (such as Ember CLI) to dynamically get a list
of styles to embed.
2020-09-04 14:12:49 -04:00
Joffrey JAFFEUX
110f6ec6dd
DEV: fixes eslint/prettier on github actions ( #10601 )
2020-09-04 20:01:14 +02:00
Joffrey JAFFEUX
c5b8a47901
FIX: ensures we don't attempt to concat an empty list ( #10600 )
2020-09-04 19:08:07 +02:00
Joffrey JAFFEUX
34c2dfccb7
DEV: specific ext and remove I18n global
2020-09-04 18:59:53 +02:00
Bianca Nenciu
d4471e0316
FIX: Preload bold fonts in wizard
...
The bold fonts are used in previews for topic title.
2020-09-04 19:23:46 +03:00
Joffrey JAFFEUX
ed05839dfc
FIX: prevents error when opening a composer from a tag page ( #10596 )
2020-09-04 15:47:22 +02:00
Bianca Nenciu
58b97ace23
DEV: Use a special import to declare font faces ( #10583 )
...
Update discourse-fonts to v0.0.3.
Follow-up to 7b7357147e
.
2020-09-04 16:25:50 +03:00
Joffrey JAFFEUX
647cdca99b
DEV: ignore coding standards applied to plugins ( #10595 )
2020-09-04 13:53:26 +02:00
Joffrey JAFFEUX
bf88410126
DEV: apply coding standards to plugins ( #10594 )
2020-09-04 13:51:53 +02:00
Joffrey JAFFEUX
034a59a69d
DEV: ignore coding standards commit ( #10593 )
2020-09-04 13:44:58 +02:00
Joffrey JAFFEUX
52672b9eab
DEV: apply new coding standards ( #10592 )
2020-09-04 13:42:47 +02:00
Joffrey JAFFEUX
80dfaeb0d2
DEV: upgrades dev config ( #10588 )
2020-09-04 13:33:03 +02:00
awesomerobot
e4ebc303bb
FEATURE: Add below-static plugin outlet
2020-09-03 22:58:58 -04:00
Vinoth Kannan
ea423b471a
FIX: make crawler linkback list compatible with google schema guidelines.
2020-09-04 04:35:32 +05:30
Penar Musaraj
7a0d1cadc5
DEV: Add option to precompile default multisite stylesheets
2020-09-03 13:00:09 -04:00
Jarek Radosz
4f48304a44
DEV: Remove an unused i18n string
...
The related code was removed in 86cb5803ba
2020-09-03 16:32:46 +02:00
Robin Ward
8c0f18794e
FEATURE: Deprecate lodash so we can remove it.
...
It's currently 240k of Javascript we don't need anymore. It's been
replaced by ES6 and a couple helper functions.
2020-09-03 10:03:33 -04:00
Robin Ward
3a46e44ed8
Rename merge
to deepMerge
so it's more clear what it's doing
2020-09-03 10:03:33 -04:00
Robin Ward
f365d4639a
REFACTOR: Remove _.isEqual
2020-09-03 10:03:33 -04:00
Robin Ward
c4079780be
REFACTOR: Remove _.merge
2020-09-03 10:03:33 -04:00
Robin Ward
720cd57fb5
FIX: Convert jQuery array to JS array
2020-09-03 10:03:33 -04:00
Robin Ward
5e5d5b4f35
REFACTOR: Remove _.last
2020-09-03 10:03:33 -04:00
Robin Ward
0da953b40e
REFACTOR: Remove _.compact
2020-09-03 10:03:33 -04:00
Robin Ward
2d56663fc4
REFACTOR: Remove _.clone
which is not deep
2020-09-03 10:03:33 -04:00
Robin Ward
c2cfa62000
REFACTOR: Remove _.intersection
2020-09-03 10:03:33 -04:00
Robin Ward
0b098566ff
REFACTOR: Remove _.union
2020-09-03 10:03:33 -04:00