Commit Graph

44545 Commits

Author SHA1 Message Date
Penar Musaraj
593f3e5dd8
UX: Styling changes to global banner (#16191) 2022-03-15 16:19:55 +01:00
Jarek Radosz
dec68d780c
DEV: Don't install plugin gems twice (#16192)
Missing plugin gems are installed when the app is being loaded.

That means when you run `bin/rails plugin:install_all_gems` it first installs missing gems and then reinstalls all gems…

Also, the method these rake tasks were using to install gems was very crude, and the regex there was incorrect which resulted in failures in certain cases. Though that didn't matter since those gems were being installed using a correct method just moments before…
2022-03-15 15:08:05 +01:00
Discourse Translator Bot
20a954fa0f
Update translations (#16194) 2022-03-15 14:40:40 +01:00
Jarek Radosz
383f164672
FIX: Always include the first poster when converting to PM (#16187)
Regressed in #15626
2022-03-15 10:51:10 +01:00
Sam
de9a031073
FEATURE: use canonical links in posts.rss feed (#16190)
* FEATURE: use canonical links in posts.rss feed

Previously we used non canonical links in posts.rss

These links get crawled frequently by crawlers when discovering new
content forcing crawlers to hop to non canonical pages just to end up
visiting canonical pages

This uses up expensive crawl time and adds load on Discourse sites

Old links were of the form:

`https://DOMAIN/t/SLUG/43/21`

New links are of the form

`https://DOMAIN/t/SLUG/43?page=2#post_21`

This also adds a post_id identified element to crawler view that was
missing.

Note, to avoid very expensive N+1 queries required to figure out the
page a post is on during rss generation, we cache that information.

There is a smart "cache breaker" which ensures worst case scenario is
a "page drift" - meaning we would publicize a post is on page 11 when
it is actually on page 10 due to post deletions. Cache holds for up to
12 hours.

Change only impacts public post RSS feeds (`/posts.rss`)
2022-03-15 20:17:06 +11:00
David Taylor
8664712c1a
PERF: Fix n+1 for categories + featured topics (#16188)
`topic.featured_topic` and `topic.category` are used by `TopicGuardian#can_see_topic?`
2022-03-14 22:23:39 +00:00
dependabot[bot]
28906cff92
Build(deps): Bump loofah from 2.14.0 to 2.15.0 (#16186)
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.14.0 to 2.15.0.
- [Release notes](https://github.com/flavorjones/loofah/releases)
- [Changelog](https://github.com/flavorjones/loofah/blob/main/CHANGELOG.md)
- [Commits](https://github.com/flavorjones/loofah/compare/v2.14.0...v2.15.0)

---
updated-dependencies:
- dependency-name: loofah
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-14 22:25:09 +01:00
David Taylor
ea1865cc01
DEV: Ensure yarn dependencies are installed during docker.rake (#16185)
Followup to 349a4acc9f
2022-03-14 17:53:21 +00:00
Ella E
bfe9ba3039
UX: Hide group avatar flair block if it's empty 2022-03-14 11:42:37 -06:00
Bianca Nenciu
f317783e65
DEV: Remove duplicated methods (#16178) 2022-03-14 19:35:01 +02:00
David Taylor
349a4acc9f
DEV: Use Ember CLI for docker.rake CI testing (#16182) 2022-03-14 17:32:03 +00:00
David Taylor
21cc57674c
FIX: Do not run Ember CLI chunk files through babel twice (#16183) 2022-03-14 16:11:13 +00:00
Jarek Radosz
172d030a45
DEV: Check if show-modal container is viable (#16170) 2022-03-14 15:14:42 +01:00
Jarek Radosz
bb153c49a1
DEV: Deprecate /posts/:id/reply-ids/all (#16136)
* DEV: Deprecate /posts/:id/reply-ids/all

It was added in ed4c0c4a63 and its only use was removed in b58867b6e9

Nothing in all-the* seems to be using this endpoint.

* Update app/controllers/posts_controller.rb

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-03-14 15:13:26 +01:00
Jarek Radosz
8d5281115e
DEV: Use the --no-rebase option of git pull (#16180)
…to avoid repeatedly printed notes:

```
hint: Pulling without specifying how to reconcile divergent branches is
hint: discouraged. You can squelch this message by running one of the following
hint: commands sometime before your next pull:
hint:
hint:   git config pull.rebase false  # merge (the default strategy)
hint:   git config pull.rebase true   # rebase
hint:   git config pull.ff only       # fast-forward only
hint:
hint: You can replace "git config" with "git config --global" to set a default
hint: preference for all repositories. You can also pass --rebase, --no-rebase,
hint: or --ff-only on the command line to override the configured default per
hint: invocation.
```
2022-03-14 15:13:06 +01:00
Jarek Radosz
fa7d34f593
DEV: Make decorator method names debug-friendly (#16181)
Example

Before: `_decorate_5`
After: `_decorate_5_chat_transcript_datetime`
2022-03-14 15:12:54 +01:00
Penar Musaraj
0400d10907
FIX: J/K post stream navigation inconsistencies (#16171) 2022-03-14 15:09:19 +01:00
David Taylor
839639326c
DEV: Install the @ember/jquery package to remove warning (#16165)
Eventually we want to remove JQuery, but that's a long way off. Installing this package will stop ember-cli printing the deprecation warning on every boot

```
DEPRECATION: The integration of jQuery into Ember has been deprecated and will be removed with Ember 4.0. You can either opt-out of using jQuery, or install the `@ember/jquery` addon to provide the jQuery integration. Please consult the deprecation guide for further details: https://emberjs.com/deprecations/v3.x#toc_jquery-apis
```
2022-03-14 10:25:52 +00:00
dependabot[bot]
989144c87e
Build(deps): Bump excon from 0.91.0 to 0.92.0 (#16174)
Bumps [excon](https://github.com/excon/excon) from 0.91.0 to 0.92.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.91.0...v0.92.0)

---
updated-dependencies:
- dependency-name: excon
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-13 23:00:14 +01:00
dependabot[bot]
ca8eb41b1b
Build(deps): Bump logster from 2.10.1 to 2.11.0 (#16173)
Bumps [logster](https://github.com/discourse/logster) from 2.10.1 to 2.11.0.
- [Release notes](https://github.com/discourse/logster/releases)
- [Changelog](https://github.com/discourse/logster/blob/main/CHANGELOG.md)
- [Commits](https://github.com/discourse/logster/compare/v2.10.1...v2.11.0)

---
updated-dependencies:
- dependency-name: logster
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-13 22:21:31 +01:00
dependabot[bot]
e5ff21855a
Build(deps): Bump unf_ext from 0.0.8 to 0.0.8.1 (#16172)
Bumps [unf_ext](https://github.com/knu/ruby-unf_ext) from 0.0.8 to 0.0.8.1.
- [Release notes](https://github.com/knu/ruby-unf_ext/releases)
- [Changelog](https://github.com/knu/ruby-unf_ext/blob/master/CHANGELOG.md)
- [Commits](https://github.com/knu/ruby-unf_ext/compare/v0.0.8...v0.0.8.1)

---
updated-dependencies:
- dependency-name: unf_ext
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-13 22:21:16 +01:00
Jarek Radosz
44f7a61c2c
UX: Tweak the "new" badge size, position, color (#16168) 2022-03-13 12:50:06 +01:00
Jarek Radosz
47319ad9b2
DEV: Bump chrome-launcher/chrome-remote-interface (#16160) 2022-03-12 19:52:07 +01:00
Osama Sayegh
ddde94f925
FIX: return nil when RetrieveTitle.crawl fails (#16167) 2022-03-11 23:53:10 +03:00
Blake Erickson
02fa04e333
FIX: Update topic route id param (#16166)
This update topic route has never worked. Better late than never. I am
in favor of using non-slug urls when using the api so I do think we
should fix this route.

Just thought I would update the `:id` param to `:topic_id` here in the
routes file instead of updating the controller to handle both params.

Added a spec to test this route.

Also added the same constraint we have on other topic routes to ensure
we only pass in an ID that is a digit.
2022-03-11 11:01:08 -07:00
Jarek Radosz
4dc5500fa6
UX: Allow d-editor to be shrunk (#16164)
…e.g. when resizing the composer. Previously it wouldn't go below a certain size and would overlap the element below it.
2022-03-11 18:18:27 +01:00
Bianca Nenciu
7a416257df
FIX: Invalidate site settings cache in all instances (#16155)
Previous cache implementation did not support multisite instances and
the cache was invalidated only in the instance where the change took
place.
2022-03-11 17:16:56 +02:00
Penar Musaraj
94750c81fa
FIX: Update group inbox notifications on archive/unarchive (#16152) 2022-03-11 11:57:47 +01:00
Osama Sayegh
b0656f3ed0
FIX: Apply onebox blocked domain checks on every redirect (#16150)
The `blocked onebox domains` setting lets site owners change what sites
are allowed to be oneboxed. When a link is entered into a post,
Discourse checks the domain of the link against that setting and blocks
the onebox if the domain is blocked. But if there's a chain of
redirects, then only the final destination website is checked against
the site setting.

This commit amends that behavior so that every website in the redirect
chain is checked against the site setting, and if anything is blocked
the original link doesn't onebox at all in the post. The
`Discourse-No-Onebox` header is also checked in every response and the
onebox is blocked if the header is set to "1".

Additionally, Discourse will now include the `Discourse-No-Onebox`
header with every response if the site requires login to access content.
This is done to signal to a Discourse instance that it shouldn't attempt
to onebox other Discourse instances if they're login-only. Non-Discourse
websites can also use include that header if they don't wish to have
Discourse onebox their content.

Internal ticket: t59305.
2022-03-11 09:18:12 +03:00
maiki
8e010aecfb
Remove a few words for clarity (#16162)
Remove extra words from two descriptions for user like reports
2022-03-11 09:33:16 +08:00
dependabot[bot]
799f35a49d
Build(deps): Bump pg from 1.3.3 to 1.3.4 (#16161)
Bumps [pg](https://github.com/ged/ruby-pg) from 1.3.3 to 1.3.4.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.3.3...v1.3.4)

---
updated-dependencies:
- dependency-name: pg
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-10 22:32:17 +01:00
Jarek Radosz
b0702337df
DEV: Fix rake qunit logging (#16159)
It was logging just the first passed object, which resulted printing out empty lines instead of actual messages (e.g. deprecation warnings)
2022-03-10 20:43:17 +01:00
Penar Musaraj
3a817d2377
FIX: Buggy jump-to-post on Firefox (#16153) 2022-03-10 20:39:39 +01:00
Osama Sayegh
8d96761a4f
FIX: Include engine mount path for API scopes added by plugins (#16154)
In the API keys page where admins can create API keys with restricted scopes, each scope shows a list of URLs that it allows. But currently, this list of allowed URLs shows incomplete URLs for scopes that are added by plugins. For example, the allowed URL for the "run queries" scope of the data-explorer plugin is shown as `/queries/:id/run` when the correct URL for this scope is `/admin/plugins/explorer/queries/:id/run`. The first 3 segments of the path are the mount path of the plugin's engine and it's missing because the routes set of the engine doesn't include the mount path. To fix this, this commit gets the mount path and prepends it to the URL so the complete URL is shown to the user.

It's not possible to write tests for this change because plugins are not loaded in the test environment by default when core's tests suite is running.
2022-03-10 22:01:22 +03:00
Discourse Translator Bot
93407005b5
Update translations (#16132) 2022-03-10 16:51:47 +01:00
David Taylor
8a69de7964
DEV: Enable Ember CLI tests in GitHub Actions for official plugins (#16148) 2022-03-10 12:36:58 +00:00
Osama Sayegh
9b5cc1424f
DEV: Don't mutate Excon.defaults[:middlewares] (#16151)
`Excon.defaults` and its middlewares array are constants that we
shouldn't mutate everytime `FinalDestination#resolve` is called.
2022-03-10 14:21:45 +03:00
dependabot[bot]
892f7e0506
Build(deps): Bump rubocop from 1.25.1 to 1.26.0 (#16149)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.25.1 to 1.26.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.25.1...v1.26.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-09 23:39:41 +01:00
Jarek Radosz
99b2cfe26e
DEV: Disallow Ember global usage (#16147)
…and sprinkle `// eslint-disable-next-line no-undef` throughout the code where is unavoidable for now
2022-03-09 17:54:07 +01:00
Jarek Radosz
2ba602708a
DEV: A manual test waiter might not be needed (#16142) 2022-03-09 15:38:10 +01:00
Jarek Radosz
fbef828ab2
DEV: Remove "empty" template code (#16140)
Its only use seems to have been removed back in 2016 in a9ed15e11a.
2022-03-09 13:57:39 +01:00
Sam
43da88db6c
PERF: avoid following links in topic RSS feeds (#16145)
Topic RSS feeds contain many non canonical links such as:

- https://site.com/t/a-b-c/111/1
- https://site.com/t/a-b-c/111/2
- https://site.com/t/a-b-c/111/3
- https://site.com/t/a-b-c/111/4
- https://site.com/t/a-b-c/111/5
- https://site.com/t/a-b-c/111/6

Previously we were not indexing RSS feeds yet still following these
links.


This change means we totally ignore links in the RSS feeds which
avoids expensive work scanning them just to find we should not
include them.
2022-03-09 18:25:20 +11:00
Ayke Halder
28bb9e11f4
FEATURE: add nofollow to RSS alternate link in topics and categories (#16013)
* FEATURE: add nofollow to RSS alternate link in topics and categories

* Rspec tests for category and topic view: add nofollow to RSS alternate link
2022-03-09 16:34:02 +11:00
Martin Brennan
ca93e5e68b
FIX: Allow admins to change user ignore list (#16129)
Previously, if an admin user tried to add/remove
users to another user's ignored list, it would
be added to their own ignore list because the
controller used current_user. Now for admins only
a source_user_id parameter can be passed through,
which will be used to ignore the target user for
that source user.
2022-03-09 14:51:30 +10:00
dependabot[bot]
efd8bb9008
Build(deps): Bump redis-namespace from 1.8.1 to 1.8.2 (#16126)
Bumps [redis-namespace](https://github.com/resque/redis-namespace) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/resque/redis-namespace/releases)
- [Changelog](https://github.com/resque/redis-namespace/blob/master/CHANGELOG.md)
- [Commits](https://github.com/resque/redis-namespace/compare/v1.8.1...v1.8.2)

---
updated-dependencies:
- dependency-name: redis-namespace
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-09 10:11:12 +08:00
Alan Guo Xiang Tan
01c5f9337a
DEV: Upgrade Rails to 6.1.4.7. (#16143)
There was a security release in 6.1.4.6 to fix: https://github.com/rails/rails/security/advisories/GHSA-wh98-p28r-vrc9

It doesn't affect us as Discourse doesn't use thread local variables
but we should still upgrade as a matter of caution.
2022-03-09 10:10:51 +08:00
Joshua Rosenfeld
a29b133d33
DEV: Update security policy (#16144)
Add note regarding low quality reports being received via email.
2022-03-09 10:02:20 +08:00
Jarek Radosz
9892844507
DEV: Fix a flaky validation message (#16141)
The order of tags in the validation error message could be random, which we don't really care about, but it made the specs flake out once in a while.

The flaky specs were:

```
spec/lib/discourse_tagging_spec.rb:511
spec/lib/discourse_tagging_spec.rb:519
```
2022-03-09 09:38:05 +08:00
David Taylor
3ad9c2cdb6
FEATURE: Add mobile support for subcategories-with-featured-topics (#16118)
Follow-up to eb2e3b510d
2022-03-08 22:06:27 +00:00
dependabot[bot]
5335b40a87
Build(deps): Bump bootsnap from 1.10.3 to 1.11.1 (#16139)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.10.3 to 1.11.1.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.10.3...v1.11.1)

---
updated-dependencies:
- dependency-name: bootsnap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-08 22:34:53 +01:00