Commit Graph

56036 Commits

Author SHA1 Message Date
Bianca Nenciu
50cb7b897e
FIX: Use full column name to prevent ambiguous query (#29111)
This can happen when other plugins, for example discourse-rainbow, are
installed and add columns with same names.
2024-10-07 19:33:07 +03:00
Jarek Radosz
d3793f7aea
DEV: Clean up watched-words controller/component (#29106)
1. rename watched-word-test to watched-word-testing (to fix ember/no-test-import-export lint)
2. convert it to gjs
3. minor tweaks to admin-watched-words-action (async/await, string interpolation, chaining operator, for-of loop)
4. drop action helper usage
2024-10-07 18:28:18 +02:00
Jarek Radosz
b614b72852
DEV: Fix an event reference in widget hooks (#29108)
(and drop an unused eslint setting)
2024-10-07 18:26:39 +02:00
Jarek Radosz
d6961c9a35
DEV: Fix ember/no-incorrect-computed-macros lint (#29107) 2024-10-07 18:26:07 +02:00
Isaac Janzen
84d260613a
DEV: Add search-menu results plugin outlets (#29112) 2024-10-07 10:56:56 -05:00
Jarek Radosz
607134545b
DEV: Use the i18n helper in wizard (#29109) 2024-10-07 16:29:53 +02:00
Alan Guo Xiang Tan
4d1e66418c
DEV: Skip plugin:pull_compatible_all when running against main branch (#29081)
Plugins are expected to always be compatible against the main `branch`
so we can skip the `plugin:pull_compatible_all rake task.
2024-10-07 14:30:03 +08:00
dependabot[bot]
26db4c7534
Build(deps): Bump msgpack from 1.7.2 to 1.7.3 (#29091)
Bumps [msgpack](https://github.com/msgpack/msgpack-ruby) from 1.7.2 to 1.7.3.
- [Changelog](https://github.com/msgpack/msgpack-ruby/blob/master/ChangeLog)
- [Commits](https://github.com/msgpack/msgpack-ruby/compare/v1.7.2...v1.7.3)

---
updated-dependencies:
- dependency-name: msgpack
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-07 14:20:32 +08:00
Alan Guo Xiang Tan
dc3c94961c
DEV: Fix flaky chat system tests (#29104)
`PageObjects::Pages::ChatThread#has_no_loading_skeleton?` was broken
because `.chat-thread__messages` is no longer a valid class.
2024-10-07 14:20:19 +08:00
Ted Johansson
ec7703e622
FIX: Only render admin notice dismiss button for admins (#29103)
Dismissing admin notices is an admin-only action. This is enforced on the back-end both by a routing constraint and a policy in the relevant service.

However, we still unconditionally display the "Dismiss" button to anyone with access to the admin dashboard. When clicked, it results in a 404 modal (due to the routing constraint.)

With this change we only render the dismiss button for admins.
2024-10-07 13:14:01 +08:00
chapoi
8d1867688f
UX: add padding bottom to chat index list (#29096) 2024-10-07 07:09:27 +02:00
Ted Johansson
7ecb258b83
FIX: Support idempotent admin notice dismissal (#29099)
If you have the admin dashboard open, and one of the admin notices listed has already been dismissed (e.g. in another tab, or by another admin) we would show an ugly "FAILED" modal.

This change makes the admin dismiss endpoint idempotent. If the admin notice is already destroyed, then respond with 200. This will also correctly remove it from the list in the front-end.
2024-10-07 12:29:33 +08:00
Alan Guo Xiang Tan
4ba8d3b76b
Bump version to v3.4.0.beta3-dev 2024-10-07 12:14:10 +08:00
Alan Guo Xiang Tan
9cfe725b37
Bump version to v3.4.0.beta2 2024-10-07 12:14:09 +08:00
Penar Musaraj
92ac6be82a
SECURITY: prevent topic list filtering by hidden tags for unathorized users
This fixes an issue where unathorized users were able to filter topics
by tags that are hidden from them.
2024-10-07 11:48:55 +08:00
OsamaSayegh
d7164d57ec
SECURITY: Block registrations for encoded emails that are invalid 2024-10-07 11:48:52 +08:00
Régis Hanol
34d04e7507
SECURITY: add pagination to post replies
When a post has some replies, and the user click on the button to show them, we would load ALL the replies. This could lead to DoS if there were a very large number of replies.

This adds support for pagination to these post replies.

Internal ref t/129773

FIX: Duplicated parent posts

DEV: Query refactor
2024-10-07 11:48:48 +08:00
Bianca Nenciu
e081cc14fb
SECURITY: Use different anon cache keys for XHR requests
XHR requests are handled differently by the application and the
responses do not have any preloaded data so the cache key needs to
differntiate between those requests.
2024-10-07 11:48:45 +08:00
Jan Cernik
1da97de7f0
SECURITY: Correctly parse URLs in chat excerpts 2024-10-07 11:48:41 +08:00
dependabot[bot]
07f6952beb
Build(deps-dev): Bump rswag-specs from 2.14.0 to 2.15.0 (#29093)
Bumps [rswag-specs](https://github.com/rswag/rswag) from 2.14.0 to 2.15.0.
- [Release notes](https://github.com/rswag/rswag/releases)
- [Changelog](https://github.com/rswag/rswag/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rswag/rswag/compare/2.14.0...2.15.0)

---
updated-dependencies:
- dependency-name: rswag-specs
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-07 10:08:23 +08:00
Jeff Wong
7d441e3782
FIX: skips caching a generated secret key base token if skip_redis is true. (#29029)
Allows for `SKIP_DB_AND_REDIS` env var to be used without a secret key setup in
global setting env.
2024-10-06 06:46:58 -07:00
Jeff Wong
91ac382d83
DEV: update compile steps (#29031)
Remove emoji.clear cache calls as data.js.es6.erb hasn't existed in a while.
Emoji data is now compiled separately via javascript rake tasks.

Skip db and redis precompilation when no db is present
2024-10-05 09:50:33 +10:00
Kris
e75571c401
A11Y: add aria-label to user profile link in topic list (#29088) 2024-10-04 16:02:12 -04:00
Penar Musaraj
d959bfdc61
UX: Improve bottom padding to chat index on mobile (#29086)
Minor adjustment to #29082
2024-10-04 11:33:38 -04:00
David Taylor
7a46baa31c
DEV: Update helper.renderGlimmer example to gjs (#28962) 2024-10-04 16:04:08 +01:00
Loïc Guitaut
8eff922ace DEV: Output failing MF keys when compilation fails
Currently, when the MessageFormat compiler fails on some translations,
we just have the raw output from the compiler in the logs and that’s not
always very helpful.

Now, when there is an error, we iterate over the translation keys and
try to compile them one by one. When we detect one that is failing, it’s
added to a list that is now outputted in the logs. That way, it’s easier
to know which keys are not properly translated, and the problems can be
addressed quicker.
2024-10-04 23:38:27 +09:00
David Taylor
69d2373f77
DEV: Resolve stat registration flaky tests (#29084) 2024-10-04 13:49:22 +01:00
chapoi
c13ca6eb19
UX: chat index mini refactor (#29082) 2024-10-04 08:10:36 -04:00
dependabot[bot]
514c543cd4
Build(deps-dev): Bump lint-to-the-future-eslint from 2.1.2 to 2.1.3 (#29078)
Bumps [lint-to-the-future-eslint](https://github.com/mansona/lint-to-the-future-eslint) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/mansona/lint-to-the-future-eslint/releases)
- [Changelog](https://github.com/mansona/lint-to-the-future-eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mansona/lint-to-the-future-eslint/commits)

---
updated-dependencies:
- dependency-name: lint-to-the-future-eslint
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-04 01:12:22 +02:00
dependabot[bot]
8132bb9f50
Build(deps-dev): Bump lint-to-the-future from 2.1.0 to 2.2.0 (#29077)
Bumps [lint-to-the-future](https://github.com/mansona/lint-to-the-future) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/mansona/lint-to-the-future/releases)
- [Changelog](https://github.com/mansona/lint-to-the-future/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mansona/lint-to-the-future/commits)

---
updated-dependencies:
- dependency-name: lint-to-the-future
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-04 01:12:09 +02:00
dependabot[bot]
0d9e0fd23e
Build(deps): Bump jwt from 2.8.2 to 2.9.3 (#29076)
Bumps [jwt](https://github.com/jwt/ruby-jwt) from 2.8.2 to 2.9.3.
- [Release notes](https://github.com/jwt/ruby-jwt/releases)
- [Changelog](https://github.com/jwt/ruby-jwt/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jwt/ruby-jwt/compare/v2.8.2...v2.9.3)

---
updated-dependencies:
- dependency-name: jwt
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-04 01:04:31 +02:00
Penar Musaraj
0cc231f61c
DEV: Do not include passkey metadata needlessly (#29074)
Only current user should see passkey metadata.
2024-10-03 15:44:21 -04:00
dependabot[bot]
0078f0973e
Build(deps): Bump webrick from 1.8.1 to 1.8.2 (#29000)
Bumps [webrick](https://github.com/ruby/webrick) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/ruby/webrick/releases)
- [Commits](https://github.com/ruby/webrick/compare/v1.8.1...v1.8.2)

---
updated-dependencies:
- dependency-name: webrick
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-03 19:43:51 +02:00
Natalie Tay
d984646c97
DEV: Update warning when deleting associated accounts (#29053) 2024-10-03 19:50:29 +08:00
Jarek Radosz
cec5e27192
DEV: Update content-tag to 2.0.2 (#29071) 2024-10-03 12:45:11 +02:00
David Battersby
9eaf908e63
DEV: cleanup chat desktop notification data (#28943)
Makes channel_id and is_direct_message_channel consistent across desktop notifications, which also removes the need to lookup the channel from Chat Notification Manager.
2024-10-03 12:43:17 +04:00
Loïc Guitaut
ad8f46f4f1 DEV: Make params explicit for services in controllers 2024-10-03 16:56:39 +09:00
Martin Brennan
3108e3a6b6
DEV: Try fix bookmark flaky (#29069)
I think the check for the bookmark icon is too optimistic,
so the DB might not be updated by the time we check. Using
try_until_success should fix this, we also don't have a
toast to check against via AJAX success, by design.
2024-10-03 14:34:36 +10:00
Jarek Radosz
ef00d6f633
DEV: Remove accidental pgvector addition (#29068) 2024-10-03 03:49:35 +02:00
Jarek Radosz
53e6e32b2d
DEV: Attempt to fix about model flakes (#29057)
My theory is that there were nil entries (that we were filtering out) that then changed and we weren't resetting them properly.

(the failure no longer repro'd in 30 CI runs in this PR)
2024-10-03 03:19:34 +02:00
dependabot[bot]
3252865016
Build(deps-dev): Bump puppeteer-core from 23.4.1 to 23.5.0 (#29064)
Bumps [puppeteer-core](https://github.com/puppeteer/puppeteer) from 23.4.1 to 23.5.0.
- [Release notes](https://github.com/puppeteer/puppeteer/releases)
- [Changelog](https://github.com/puppeteer/puppeteer/blob/main/release-please-config.json)
- [Commits](https://github.com/puppeteer/puppeteer/compare/puppeteer-core-v23.4.1...puppeteer-core-v23.5.0)

---
updated-dependencies:
- dependency-name: puppeteer-core
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-03 01:48:49 +02:00
dependabot[bot]
19bf9349fd
Build(deps): Bump @messageformat/core from 3.3.0 to 3.4.0 (#29065)
Bumps [@messageformat/core](https://github.com/messageformat/messageformat/tree/HEAD/packages/core) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/messageformat/messageformat/releases)
- [Changelog](https://github.com/messageformat/messageformat/blob/main/packages/core/CHANGELOG.md)
- [Commits](https://github.com/messageformat/messageformat/commits/@messageformat/core@3.4.0/packages/core)

---
updated-dependencies:
- dependency-name: "@messageformat/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-03 01:04:40 +02:00
dependabot[bot]
c5b69854dc
Build(deps-dev): Bump jsuites from 5.6.4 to 5.6.5 (#29066)
Bumps [jsuites](https://github.com/jsuites/jsuites) from 5.6.4 to 5.6.5.
- [Release notes](https://github.com/jsuites/jsuites/releases)
- [Changelog](https://github.com/jsuites/jsuites/blob/master/changelog.md)
- [Commits](https://github.com/jsuites/jsuites/commits)

---
updated-dependencies:
- dependency-name: jsuites
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-03 01:04:21 +02:00
dependabot[bot]
41d3d3e8b4
Build(deps): Bump the babel group with 3 updates (#29063)
Bumps the babel group with 3 updates: [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators), [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) and [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone).


Updates `@babel/plugin-proposal-decorators` from 7.24.7 to 7.25.7
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.25.7/packages/babel-plugin-proposal-decorators)

Updates `@babel/core` from 7.25.2 to 7.25.7
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.25.7/packages/babel-core)

Updates `@babel/standalone` from 7.25.6 to 7.25.7
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.25.7/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/plugin-proposal-decorators"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: babel
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: babel
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: babel
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-03 01:04:12 +02:00
dependabot[bot]
17326cc144
Build(deps-dev): Bump rspec-mocks from 3.13.1 to 3.13.2 (#29062)
Bumps [rspec-mocks](https://github.com/rspec/rspec-mocks) from 3.13.1 to 3.13.2.
- [Release notes](https://github.com/rspec/rspec-mocks/releases)
- [Changelog](https://github.com/rspec/rspec-mocks/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-mocks/compare/v3.13.1...v3.13.2)

---
updated-dependencies:
- dependency-name: rspec-mocks
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-03 00:25:19 +02:00
Keegan George
d0c3f3b8fe
DEV: Remove FontAwesome 5 references (#29060)
Recently we updated the icon library from Font Awesome `5` to `6.6.0`. Since we were running Font Awesome 5 for a long time while 6 had already been released, we often specified in the codebase with the text _"FontAwesome 5"_. However, now that we are in the latest version, there is no need for our API's/comments to keep specifying for version 5. This PR updates all instances of FontAwesome 5 or FA5 and removes the version number to be the more generic: "FontAwesome"
2024-10-02 13:41:51 -07:00
Keegan George
53d41d0727
DEV: Add missing x icon to svg_sprite.rb (#29059) 2024-10-02 16:20:24 -04:00
Kris
0aeeb67cac
A11Y: announce "link copied!" confirmation for screen readers (#29058) 2024-10-02 15:54:38 -04:00
Jarek Radosz
488dc1784b
DEV: Use the "new" test waiters (#29055)
In accordance with 2020 [RFC591](https://github.com/emberjs/rfcs/blob/master/text/0581-new-test-waiters.md) 🙂

Next steps: use them in plugins too (d-encrypt) and enable the eslint rule (https://github.com/ember-cli/eslint-plugin-ember/blob/master/docs/rules/no-legacy-test-waiters.md)
2024-10-02 21:09:55 +02:00
marstall
23fbaf7ee3
UX: change twitter share link to X (#29056) 2024-10-02 14:43:40 -04:00