github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-14 20:43:54 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
41,124 Commits 214 Branches 500 Tags 960 MiB
924639578e
Commit Graph

1767 Commits

Author SHA1 Message Date
dependabot-preview[bot]
3ddebc61a9 Build(deps): Bump public_suffix from 4.0.2 to 4.0.3 (#8663) 
Bumps [public_suffix](https://github.com/weppos/publicsuffix-ruby) from 4.0.2 to 4.0.3.
- [Release notes](https://github.com/weppos/publicsuffix-ruby/releases)
- [Changelog](https://github.com/weppos/publicsuffix-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/weppos/publicsuffix-ruby/compare/4.0.2...4.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-01-10 10:04:54 -05:00
dependabot-preview[bot]
aa9450646b Build(deps-dev): Bump test-prof from 0.10.1 to 0.10.2 (#8676) 
Bumps [test-prof](https://github.com/palkan/test-prof) from 0.10.1 to 0.10.2.
- [Release notes](https://github.com/palkan/test-prof/releases)
- [Changelog](https://github.com/palkan/test-prof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/palkan/test-prof/compare/v0.10.1...v0.10.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-01-10 10:03:56 -05:00
dependabot-preview[bot]
d0cd08a67c Build(deps): Bump parser from 2.7.0.1 to 2.7.0.2 (#8686) 
Bumps [parser](https://github.com/whitequark/parser) from 2.7.0.1 to 2.7.0.2.
- [Release notes](https://github.com/whitequark/parser/releases)
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/whitequark/parser/compare/v2.7.0.1...v2.7.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-01-10 10:03:11 -05:00
dependabot-preview[bot]
6e480392ea Build(deps): Bump aws-sdk-core from 3.86.0 to 3.87.0 (#8696) 
Bumps [aws-sdk-core](https://github.com/aws/aws-sdk-ruby) from 3.86.0 to 3.87.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-core/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-01-10 10:01:57 -05:00
dependabot-preview[bot]
8b3c40c79d DEV: Bump mini_racer from 0.2.8 to 0.2.9 (#8688) 
Bumps [mini_racer](https://github.com/discourse/mini_racer) from 0.2.8 to 0.2.9.
- [Release notes](https://github.com/discourse/mini_racer/releases)
- [Changelog](https://github.com/rubyjs/mini_racer/blob/master/CHANGELOG)
- [Commits](https://github.com/discourse/mini_racer/compare/v0.2.8...v0.2.9)

Very safe change, adds support for JavaScript Symbol which used to cause segfaults.
 2020-01-09 13:11:26 +11:00
dependabot-preview[bot]
f1cd599966 DEV: Bump rubocop from 0.78.0 to 0.79.0 (#8667) 
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.78.0 to 0.79.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.78.0...v0.79.0)

Changes seem pretty safe, nothing should impact Discourse. Merging so we are on latest version.
 2020-01-08 17:09:24 +11:00
dependabot-preview[bot]
5736b5808c Build(deps): Bump rspec-mocks from 3.9.0 to 3.9.1 (#8644) 
Bumps [rspec-mocks](https://github.com/rspec/rspec-mocks) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/rspec/rspec-mocks/releases)
- [Changelog](https://github.com/rspec/rspec-mocks/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-mocks/compare/v3.9.0...v3.9.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-01-07 01:12:04 +01:00
dependabot-preview[bot]
4352bc2a78 Build(deps): Bump aws-partitions from 1.260.0 to 1.262.0 (#8666) 
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.260.0 to 1.262.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-01-07 00:38:29 +01:00
dependabot-preview[bot]
d6e08308e0 Build(deps): Bump aws-sdk-s3 from 1.59.1 to 1.60.1 (#8596) 
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.59.1 to 1.60.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.59.1...v1.60.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-01-07 00:30:14 +01:00
dependabot-preview[bot]
c2b83f4dfa DEV: Bump rake-compiler from 1.0.8 to 1.1.0 (#8636) 
Bumps [rake-compiler](https://github.com/luislavena/rake-compiler) from 1.0.8 to 1.1.0.
- [Release notes](https://github.com/luislavena/rake-compiler/releases)
- [Changelog](https://github.com/rake-compiler/rake-compiler/blob/master/History.txt)
- [Commits](https://github.com/luislavena/rake-compiler/compare/v1.0.8...v1.1.0)

Ruby 2.7 support.
 2020-01-06 17:12:28 +11:00
dependabot-preview[bot]
b789fa9a50 DEV: Bump rack-protection from 2.0.7 to 2.0.8.1 (#8648) 
Bumps [rack-protection](https://github.com/sinatra/sinatra) from 2.0.7 to 2.0.8.1.
- [Release notes](https://github.com/sinatra/sinatra/releases)
- [Changelog](https://github.com/sinatra/sinatra/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sinatra/sinatra/compare/v2.0.7...v2.0.8.1)

Minor performance update and Ruby 2.7 deprecation removal.
 2020-01-06 17:11:37 +11:00
dependabot-preview[bot]
01358e2b42 DEV: Bump pg from 1.2.0 to 1.2.1 (#8657) 
Bumps [pg](https://github.com/ged/ruby-pg) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.2.0...v1.2.1)

Very minor update, adds some functionality we do not use, specifically better support for the sequel orm.
 2020-01-06 17:10:24 +11:00
Régis Hanol
ce512452b5 Revert "Revert "DEV: Bump public_suffix from 4.0.1 to 4.0.2 (#8631)"" 
This reverts commit f04f6cbf01.
 2019-12-31 17:12:06 +01:00
Sam Saffron
f04f6cbf01 Revert "DEV: Bump public_suffix from 4.0.1 to 4.0.2 (#8631)" 
This reverts commit 09a6bb240e.
 2019-12-31 14:07:55 +11:00
Sam Saffron
e32bf19cd3 DEV: update dependencies 
Quite a few have popped up due to 2.7 release, all gems being updated have
non urgent fixes, but it makes sense to be on latest.
 2019-12-31 12:20:26 +11:00
dependabot-preview[bot]
d048464b03 DEV: Bump rspec-core from 3.9.0 to 3.9.1 (#8637) 
Bumps [rspec-core](https://github.com/rspec/rspec-core) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/rspec/rspec-core/releases)
- [Changelog](https://github.com/rspec/rspec-core/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-core/compare/v3.9.0...v3.9.1)

Test only dependency, low risk.
 2019-12-31 11:49:21 +11:00
dependabot-preview[bot]
4ddc6b8b96 DEV: Bump tzinfo from 1.2.5 to 1.2.6 (#8635) 
Bumps [tzinfo](https://github.com/tzinfo/tzinfo) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/tzinfo/tzinfo/releases)
- [Changelog](https://github.com/tzinfo/tzinfo/blob/master/CHANGES.md)
- [Commits](https://github.com/tzinfo/tzinfo/compare/v1.2.5...v1.2.6)

Pretty safe update, deals with Ruby 2.7 and corrects a minor internal bug
 2019-12-31 11:48:37 +11:00
dependabot-preview[bot]
09a6bb240e DEV: Bump public_suffix from 4.0.1 to 4.0.2 (#8631) 
Bumps [public_suffix](https://github.com/weppos/publicsuffix-ruby) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/weppos/publicsuffix-ruby/releases)
- [Changelog](https://github.com/weppos/publicsuffix-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/weppos/publicsuffix-ruby/compare/v4.0.1...4.0.2)

Definition only update, has very little impact.
 2019-12-31 11:47:14 +11:00
dependabot-preview[bot]
acabea4cfe DEV: Bump rspec-support from 3.9.0 to 3.9.2 (#8628) 
Bumps [rspec-support](https://github.com/rspec/rspec-support) from 3.9.0 to 3.9.2.
- [Release notes](https://github.com/rspec/rspec-support/releases)
- [Changelog](https://github.com/rspec/rspec-support/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-support/compare/v3.9.0...v3.9.2)

Minor test only update, also cleans up Ruby 2.7 support
 2019-12-31 11:45:43 +11:00
dependabot-preview[bot]
420fd27e48 DEV: Bump pg from 1.1.4 to 1.2.0 (#8632) 
Bumps [pg](https://github.com/ged/ruby-pg) from 1.1.4 to 1.2.0.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.1.4...v1.2.0)

This is a big update to the PG gem, overall our codebase should support it fully. It also comes with some perf fixes which is nice!
 2019-12-31 11:44:49 +11:00
dependabot-preview[bot]
dca99c0391 Build(deps): Bump cose from 0.9.0 to 0.10.0 (#8595) 
Bumps [cose](https://github.com/cedarcode/cose-ruby) from 0.9.0 to 0.10.0.
- [Release notes](https://github.com/cedarcode/cose-ruby/releases)
- [Changelog](https://github.com/cedarcode/cose-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cedarcode/cose-ruby/compare/v0.9.0...v0.10.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-30 16:10:34 +10:00
dependabot-preview[bot]
831d46f55f DEV: Bump aws-partitions from 1.256.0 to 1.260.0 (#8617) 
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.256.0 to 1.260.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Contains a bunch of AWS gem updates that we do not use. My long term thinking here is that maybe the AWS dependency is just too heavy and we should consume the API directly to avoid this constant churn.
 2019-12-30 17:09:07 +11:00
dependabot-preview[bot]
9178b36e64 Build(deps): Bump request_store from 1.4.1 to 1.5.0 (#8608) 
Bumps [request_store](https://github.com/steveklabnik/request_store) from 1.4.1 to 1.5.0.
- [Release notes](https://github.com/steveklabnik/request_store/releases)
- [Commits](https://github.com/steveklabnik/request_store/compare/v1.4.1...v1.5.0)

request_store is a side dependency that is only used for lograge support, not expecting this to break anything.
 2019-12-30 17:07:37 +11:00
dependabot-preview[bot]
bb9c54514f DEV: Bump unicorn from 5.5.1 to 5.5.2 (#8602) 
Bumps [unicorn](https://bogomips.org/unicorn/) from 5.5.1 to 5.5.2.

This contains a fix for: 024f7a8c8c 

Specifically its around operation when you use the ruby tainting feature (which will soon be removed) 

Update has no actual impact on Discourse.
 2019-12-30 17:06:00 +11:00
dependabot-preview[bot]
640fa6d118 DEV: Bump excon from 0.71.0 to 0.71.1 (#8587) 
Bumps [excon](https://github.com/excon/excon) from 0.71.0 to 0.71.1.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.71.0...v0.71.1)

Minor performance update, the big change here is that internally excon starts using frozen strings.
 2019-12-30 16:57:32 +11:00
Sam Saffron
be880d2ac1 DEV: update rubocop 
This is a minor update to rubocop, it is fully compatible with our current
set of rules.
 2019-12-30 16:54:47 +11:00
dependabot-preview[bot]
0234214533 DEV: Bump stackprof from 0.2.14 to 0.2.15 (#8584) 
Bumps [stackprof](https://github.com/tmm1/stackprof) from 0.2.14 to 0.2.15.
- [Release notes](https://github.com/tmm1/stackprof/releases)
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tmm1/stackprof/compare/v0.2.14...v0.2.15)

Very safe change only used for diagnostics.
 2019-12-30 16:42:16 +11:00
dependabot-preview[bot]
2d3d7a8f86 DEV: Bump mini_sql from 0.2.2 to 0.2.3 (#8601) 
Bumps [mini_sql](https://discourse.org) from 0.2.2 to 0.2.3.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Minor update was there mainly for JRuby support should not have any real impact on Discourse.
 2019-12-30 16:41:37 +11:00
dependabot-preview[bot]
4989fec1be DEV: Bump sidekiq from 6.0.3 to 6.0.4 (#8611) 
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.0.3 to 6.0.4.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.0.3...v6.0.4)

Minor update which seems very safe.
 2019-12-30 16:36:23 +11:00
Rafael dos Santos Silva
b445e0e76a
DEV: Update Bundler (#8583) 
* DEV: Update Bundler

Latest RubyGems 3.1.1 vendors bundler 2.1.0 *again*. And our base
image build system even updates it to 2.1.1.

After that it is unable to run a simple `bundle install` because of
version mismatch.

Updating bundler to the one that comes with our enforced Ruby version
solves this.

* DEV: Update bundler in CI too
 2019-12-19 16:25:33 -03:00
Neil Lalonde
93c8b4fb58 Bump rack from 2.0.7 to 2.0.8 2019-12-19 12:22:48 -05:00
dependabot-preview[bot]
e0df0f479a Bump aws-sdk-s3 from 1.59.0 to 1.59.1 (#8575) 
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.59.0 to 1.59.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.59.0...v1.59.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-18 12:11:43 -03:00
dependabot-preview[bot]
2cdaf05c37 Bump ruby-prof from 1.0.0 to 1.1.0 (#8546) 
Bumps [ruby-prof](https://github.com/ruby-prof/ruby-prof) from 1.0.0 to 1.1.0.
- [Release notes](https://github.com/ruby-prof/ruby-prof/releases)
- [Changelog](https://github.com/ruby-prof/ruby-prof/blob/master/CHANGES)
- [Commits](https://github.com/ruby-prof/ruby-prof/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-18 12:10:09 -03:00
dependabot-preview[bot]
7b7926c486 Bump rake-compiler from 1.0.7 to 1.0.8 (#8559) 
Bumps [rake-compiler](https://github.com/luislavena/rake-compiler) from 1.0.7 to 1.0.8.
- [Release notes](https://github.com/luislavena/rake-compiler/releases)
- [Changelog](https://github.com/rake-compiler/rake-compiler/blob/master/History.txt)
- [Commits](https://github.com/luislavena/rake-compiler/compare/v1.0.7...v1.0.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-18 11:56:16 -03:00
dependabot-preview[bot]
aaf159c48c Bump aws-partitions from 1.255.0 to 1.256.0 (#8566) 
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.255.0 to 1.256.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-18 11:55:44 -03:00
dependabot-preview[bot]
caa7cc51f1 Build(deps): Bump thor from 1.0.0 to 1.0.1 (#8572) 
Bumps [thor](https://github.com/erikhuda/thor) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/erikhuda/thor/releases)
- [Changelog](https://github.com/erikhuda/thor/blob/master/CHANGELOG.md)
- [Commits](https://github.com/erikhuda/thor/compare/v1.0.0...v1.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-18 11:55:18 -03:00
Martin Brennan
beb91e7eff
FIX: require: false for rotp gem (#8540) 
The ROTP gem is only used in a very small amount of places in the app, we don't need to globally require it.

Also set the Addressable gem to not have a specific version range, as it has not been a problem yet.

Some slight refactoring of UserSecondFactor here too to use SecondFactorManager to avoid code repetition
 2019-12-17 10:33:51 +10:00
dependabot-preview[bot]
998bbdc40f Bump fspath from 3.1.0 to 3.1.2 (#8564) 
Bumps [fspath](https://github.com/toy/fspath) from 3.1.0 to 3.1.2.
- [Release notes](https://github.com/toy/fspath/releases)
- [Commits](https://github.com/toy/fspath/compare/v3.1.0...v3.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-16 12:19:31 -08:00
dependabot-preview[bot]
5acecfcb91 Bump in_threads from 1.5.1 to 1.5.3 (#8556) 
Bumps [in_threads](https://github.com/toy/in_threads) from 1.5.1 to 1.5.3.
- [Release notes](https://github.com/toy/in_threads/releases)
- [Changelog](https://github.com/toy/in_threads/blob/master/CHANGELOG.markdown)
- [Commits](https://github.com/toy/in_threads/compare/v1.5.1...v1.5.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-16 10:57:22 -08:00
dependabot-preview[bot]
82828d5145 Bump progress from 3.5.0 to 3.5.2 (#8560) 
Bumps [progress](https://github.com/toy/progress) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/toy/progress/releases)
- [Changelog](https://github.com/toy/progress/blob/master/CHANGELOG.markdown)
- [Commits](https://github.com/toy/progress/compare/v3.5.0...v3.5.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-16 10:45:33 -08:00
dependabot-preview[bot]
aee3c6b96b Bump json from 2.2.0 to 2.3.0 (#8563) 
Bumps [json](https://github.com/flori/json) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/flori/json/releases)
- [Changelog](https://github.com/flori/json/blob/master/CHANGES.md)
- [Commits](https://github.com/flori/json/compare/v2.2.0...v2.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-16 10:35:08 -08:00
dependabot-preview[bot]
e328700ae5 Bump aws-sdk-core from 3.85.0 to 3.86.0 (#8558) 
Bumps [aws-sdk-core](https://github.com/aws/aws-sdk-ruby) from 3.85.0 to 3.86.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-core/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-16 10:09:38 -08:00
dependabot-preview[bot]
22f1aa0c58 Bump jquery-rails from 4.3.3 to 4.3.5 (#8557) 
Bumps [jquery-rails](https://github.com/rails/jquery-rails) from 4.3.3 to 4.3.5.
- [Release notes](https://github.com/rails/jquery-rails/releases)
- [Changelog](https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/jquery-rails/compare/v4.3.3...v4.3.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-16 09:44:56 -08:00
dependabot-preview[bot]
db82ed86c4 Bump thor from 0.20.3 to 1.0.0 (#8550) 2019-12-16 09:23:47 -08:00
dependabot-preview[bot]
6b3308d614 Bump excon from 0.70.0 to 0.71.0 (#8551) 
Bumps [excon](https://github.com/excon/excon) from 0.70.0 to 0.71.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.70.0...v0.71.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-16 08:53:42 -08:00
OsamaSayegh
dc3c4bdd00 DEV: Bump Logster version to 2.5.1 
This version has minor follow-up fixes and changes to the pattern
grouping feature that was introduced yesterday. See Logster changelog
for details: https://github.com/discourse/logster/blob/master/CHANGELOG.md
 2019-12-13 09:51:19 +00:00
dependabot-preview[bot]
885d2bb87a Bump logster from 2.4.2 to 2.5.0 (#8538) 
Bumps [logster](https://github.com/discourse/logster) from 2.4.2 to 2.5.0.
- [Release notes](https://github.com/discourse/logster/releases)
- [Changelog](https://github.com/discourse/logster/blob/master/CHANGELOG.md)
- [Commits](https://github.com/discourse/logster/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

This new version of Logster has grouping patterns that can be added via the UI to group logs that match into a single row. More details at 24d6cc9742
 2019-12-12 08:26:49 +03:00
Martin Brennan
e8ee847dd2 Merge branch 'master' of github.com:discourse/discourse 2019-12-12 14:33:09 +10:00
Martin Brennan
9c1e0b8bd2 bump rubocop-discourse to 1.0.2 for NoURIEscapeEncode cop 2019-12-12 14:30:27 +10:00
Martin Brennan
edbc356593
FIX: Replace deprecated URI.encode, URI.escape, URI.unescape and URI.unencode (#8528) 
The following methods have long been deprecated in ruby due to flaws in their implementation per http://blade.nagaokaut.ac.jp/cgi-bin/vframe.rb/ruby/ruby-core/29293?29179-31097:

URI.escape
URI.unescape
URI.encode
URI.unencode
escape/encode are just aliases for one another. This PR uses the Addressable gem to replace these methods with its own encode, unencode, and encode_component methods where appropriate.

I have put all references to Addressable::URI here into the UrlHelper to keep them corralled in one place to make changes to this implementation easier.

Addressable is now also an explicit gem dependency.
 2019-12-12 12:49:21 +10:00
Sam Saffron
b6acfb7847 DEV: upgrade redis-namespace gem 
New release has a few extra commands namespaced, nothing we use.

Also added a comment about why this is explicitly required.
 2019-12-12 13:36:08 +11:00
dependabot-preview[bot]
61ac0d47ee DEV: Bump stackprof from 0.2.13 to 0.2.14 (#8531) 
Bumps [stackprof](https://github.com/tmm1/stackprof) from 0.2.13 to 0.2.14.
- [Release notes](https://github.com/tmm1/stackprof/releases)
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tmm1/stackprof/compare/v0.2.13...v0.2.14)

Minor upgrade to stackprof which is only used for diagnostics and not default required. Changes all look safe.
 2019-12-12 13:29:00 +11:00
Krzysztof Kotlarek
746ba0d8fd SECURITY: upgrade rack-mini-profiler to avoid possible XSS (#8537) 2019-12-12 13:15:40 +11:00
dependabot-preview[bot]
863d3f89de Build(deps): Bump aws-sdk-s3 from 1.36.1 to 1.59.0 (#8502) 
* Build(deps): Bump aws-sdk-s3 from 1.36.1 to 1.59.0

Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.36.1 to 1.59.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.36.1...v1.59.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Dependabot/bundler/aws sdk s3 1.59.0 (#8532)
 2019-12-11 10:18:11 -08:00
Mark VanLandingham
06c6062ed2
DEV: Lock sassc gem at version 2.0.1 with note (#8523) 2019-12-11 06:22:39 -08:00
dependabot-preview[bot]
b90a592146 DEV: Bump aws-sdk-sns from 1.13.0 to 1.21.0 (#8490) 
Bumps [aws-sdk-sns](https://github.com/aws/aws-sdk-ruby) from 1.13.0 to 1.21.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-sns/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/1.13.0...1.21.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-11 06:13:17 -08:00
Sam Saffron
1d16b34284 DEV: forgot to check in lockfile 
updates lock file to properly match the generated one.
 2019-12-11 12:45:42 +11:00
dependabot-preview[bot]
508b4c1e5e DEV: Bump css_parser from 1.7.0 to 1.7.1 (#8524) 
Bumps [css_parser](https://github.com/premailer/css_parser) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/premailer/css_parser/releases)
- [Changelog](https://github.com/premailer/css_parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/premailer/css_parser/compare/v1.7.0...v1.7.1)

This minor update force UTF-8, this should have not impact on us as we only trade in UTF-8 strings for CSS anyway.
 2019-12-11 10:56:53 +11:00
dependabot-preview[bot]
83175c9bfb DEV: Bump rspec-html-matchers from 0.9.1 to 0.9.2 (#8525) 
Bumps [rspec-html-matchers](https://github.com/kucaahbe/rspec-html-matchers) from 0.9.1 to 0.9.2.
- [Release notes](https://github.com/kucaahbe/rspec-html-matchers/releases)
- [Changelog](https://github.com/kucaahbe/rspec-html-matchers/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kucaahbe/rspec-html-matchers/compare/v0.9.1...v0.9.2)

Low risk update, only impacts tests.
 2019-12-11 10:55:25 +11:00
dependabot-preview[bot]
505b8b76bc Build(deps): Bump webpush from 0.3.8 to 1.0.0 (#8511) 
Bumps [webpush](https://github.com/zaru/webpush) from 0.3.8 to 1.0.0.
- [Release notes](https://github.com/zaru/webpush/releases)
- [Changelog](https://github.com/zaru/webpush/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zaru/webpush/compare/v0.3.8...v1.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-10 12:56:52 -08:00
dependabot-preview[bot]
3309a2b564 Build(deps-dev): Bump webmock from 3.5.1 to 3.7.6 (#8512) 
Bumps [webmock](https://github.com/bblimke/webmock) from 3.5.1 to 3.7.6.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.5.1...v3.7.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-10 10:38:03 -08:00
dependabot-preview[bot]
31c6a1528b Build(deps-dev): Bump listen from 3.1.5 to 3.2.1 (#8498) 
Bumps [listen](https://github.com/guard/listen) from 3.1.5 to 3.2.1.
- [Release notes](https://github.com/guard/listen/releases)
- [Commits](https://github.com/guard/listen/compare/v3.1.5...v3.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-10 08:48:40 -08:00
dependabot-preview[bot]
287ba20f3b Build(deps-dev): Bump parallel_tests from 2.29.2 to 2.30.0 (#8508) 
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.29.2 to 2.30.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.29.2...v2.30.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-10 16:11:49 +00:00
Mark VanLandingham
148970ca9b
DEV: Revert parallel_tests bump (#8518) 
parallel_tests with this version uses `bin/rake`, which auto-loads plugins
 2019-12-10 07:58:12 -08:00
dependabot-preview[bot]
2605adede0 Build(deps-dev): Bump parallel_tests from 2.29.2 to 2.30.0 (#8508) 
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.29.2 to 2.30.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.29.2...v2.30.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-10 07:12:38 -08:00
dependabot-preview[bot]
da62f87694 Build(deps): Bump rqrcode from 0.10.1 to 1.1.2 (#8497) 
Bumps [rqrcode](https://github.com/whomwah/rqrcode) from 0.10.1 to 1.1.2.
- [Release notes](https://github.com/whomwah/rqrcode/releases)
- [Commits](https://github.com/whomwah/rqrcode/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-10 06:49:20 -08:00
dependabot-preview[bot]
ee1f77d301 Build(deps-dev): Bump uglifier from 4.1.20 to 4.2.0 (#8510) 
Bumps [uglifier](https://github.com/lautis/uglifier) from 4.1.20 to 4.2.0.
- [Release notes](https://github.com/lautis/uglifier/releases)
- [Changelog](https://github.com/lautis/uglifier/blob/master/CHANGELOG.md)
- [Commits](https://github.com/lautis/uglifier/compare/v4.1.20...v4.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-10 06:28:15 -08:00
dependabot-preview[bot]
33ae9679d8 DEV: Bump excon from 0.64.0 to 0.70.0 (#8503) 
Bumps [excon](https://github.com/excon/excon) from 0.64.0 to 0.70.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.64.0...v0.70.0)

Most changes are minor and update should be pretty safe.
 2019-12-10 12:34:00 +11:00
Sam Saffron
3e0454c97b DEV: add a note about sprockets being held back 
We want to upgrade to version 4, but it does not work atm.
 2019-12-10 12:31:16 +11:00
dependabot-preview[bot]
84c251c778 DEV: Bump sidekiq from 5.2.7 to 6.0.3 (#8499) 
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 5.2.7 to 6.0.3.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v5.2.7...v6.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

The big thing for us with this update is that it makes sidekiq a bit faster.
 2019-12-10 12:05:02 +11:00
dependabot-preview[bot]
c923c49964 DEV: Bump sassc-rails from 2.1.1 to 2.1.2 (#8501) 
Bumps [sassc-rails](https://github.com/sass/sassc-rails) from 2.1.1 to 2.1.2.
- [Release notes](https://github.com/sass/sassc-rails/releases)
- [Commits](https://github.com/sass/sassc-rails/compare/v2.1.1...v2.1.2)

Minor fixes in the gem
 2019-12-10 11:50:34 +11:00
Sam Saffron
0c52537f10 DEV: update rubocop to version 0.77 
We like to stay as close as possible to latest with rubocop cause the cops
get better.

This update required some code changes, specifically the default is to avoid
explicit returns where implicit is done

Also this renames a few rules
 2019-12-10 11:48:39 +11:00
dependabot-preview[bot]
ee9afb87f2 DEV: Bump mock_redis from 0.19.0 to 0.22.0 (#8504) 
Bumps [mock_redis](https://github.com/sds/mock_redis) from 0.19.0 to 0.22.0.
- [Release notes](https://github.com/sds/mock_redis/releases)
- [Changelog](https://github.com/sds/mock_redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sds/mock_redis/compare/v0.19.0...v0.22.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Mock redis update adds better parity for redis mock, we use it during tests.
 2019-12-10 11:36:36 +11:00
Mark VanLandingham
6740e08caa
DEV: Revert 3 dependabot suggestions (#8506) 2019-12-09 14:40:54 -08:00
Mark VanLandingham
642c17a4b2
DEV: revert webpush version bump (#8505) 2019-12-09 13:53:25 -08:00
dependabot-preview[bot]
413a49fe06 Build(deps-dev): Bump rspec-html-matchers from 0.9.1 to 0.9.2 (#8494) 
Bumps [rspec-html-matchers](https://github.com/kucaahbe/rspec-html-matchers) from 0.9.1 to 0.9.2.
- [Release notes](https://github.com/kucaahbe/rspec-html-matchers/releases)
- [Changelog](https://github.com/kucaahbe/rspec-html-matchers/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kucaahbe/rspec-html-matchers/compare/v0.9.1...v0.9.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-09 12:22:55 -08:00
dependabot-preview[bot]
866b634f22 Build(deps): Bump webpush from 0.3.8 to 1.0.0 (#8491) 
Bumps [webpush](https://github.com/zaru/webpush) from 0.3.8 to 1.0.0.
- [Release notes](https://github.com/zaru/webpush/releases)
- [Changelog](https://github.com/zaru/webpush/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zaru/webpush/compare/v0.3.8...v1.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-09 12:21:49 -08:00
dependabot-preview[bot]
6dd1d63671 Build(deps): Bump sassc from 2.0.1 to 2.2.1 (#8493) 
Bumps [sassc](https://github.com/sass/sassc-ruby) from 2.0.1 to 2.2.1.
- [Release notes](https://github.com/sass/sassc-ruby/releases)
- [Changelog](https://github.com/sass/sassc-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/sassc-ruby/compare/v2.0.1...v2.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-09 12:19:39 -08:00
dependabot-preview[bot]
bf847e680a Build(deps-dev): Bump uglifier from 4.1.20 to 4.2.0 (#8489) 
Bumps [uglifier](https://github.com/lautis/uglifier) from 4.1.20 to 4.2.0.
- [Release notes](https://github.com/lautis/uglifier/releases)
- [Changelog](https://github.com/lautis/uglifier/blob/master/CHANGELOG.md)
- [Commits](https://github.com/lautis/uglifier/compare/v4.1.20...v4.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-09 12:16:03 -08:00
dependabot-preview[bot]
16de46f8d4 Build(deps): Bump omniauth-google-oauth2 from 0.7.0 to 0.8.0 (#8488) 
Bumps [omniauth-google-oauth2](https://github.com/zquestz/omniauth-google-oauth2) from 0.7.0 to 0.8.0.
- [Release notes](https://github.com/zquestz/omniauth-google-oauth2/releases)
- [Changelog](https://github.com/zquestz/omniauth-google-oauth2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zquestz/omniauth-google-oauth2/compare/v0.7.0...v0.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-09 12:13:07 -08:00
dependabot-preview[bot]
9be3945c91 Build(deps-dev): Bump rspec from 3.8.0 to 3.9.0 (#8487) 
Bumps [rspec](https://github.com/rspec/rspec) from 3.8.0 to 3.9.0.
- [Release notes](https://github.com/rspec/rspec/releases)
- [Commits](https://github.com/rspec/rspec/compare/v3.8.0...v3.9.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-09 11:34:30 -08:00
dependabot-preview[bot]
3092cdc2bd Build(deps-dev): Bump simplecov from 0.16.1 to 0.17.1 (#8486) 
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.16.1 to 0.17.1.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.16.1...v0.17.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-09 11:32:25 -08:00
dependabot-preview[bot]
41f4159cc7 Build(deps): Bump multi_json from 1.13.1 to 1.14.1 (#8485) 
Bumps [multi_json](https://github.com/intridea/multi_json) from 1.13.1 to 1.14.1.
- [Release notes](https://github.com/intridea/multi_json/releases)
- [Changelog](https://github.com/intridea/multi_json/blob/master/CHANGELOG.md)
- [Commits](https://github.com/intridea/multi_json/compare/v1.13.1...v1.14.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-09 11:30:30 -08:00
dependabot-preview[bot]
276fb7f46f DEV: Bump parallel_tests from 2.28.0 to 2.29.2 (#8484) 
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.28.0 to 2.29.2.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.28.0...v2.29.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-09 10:46:01 +00:00
dependabot-preview[bot]
510047c5df Build(deps): Bump ruby-openid from 2.7.0 to 2.9.2 (#8476) 
Bumps [ruby-openid](https://github.com/openid/ruby-openid) from 2.7.0 to 2.9.2.
- [Release notes](https://github.com/openid/ruby-openid/releases)
- [Changelog](https://github.com/openid/ruby-openid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/openid/ruby-openid/compare/v2.7.0...v2.9.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-09 10:40:50 +00:00
Sam Saffron
ed6d3b493c DEV: update dependencies 
This updates some low risk dependencies. Mostly minor changes.

Public suffix now requires Ruby 2.3 and up which is not a problem for us.
 2019-12-09 19:20:45 +11:00
dependabot-preview[bot]
9b30922109 Build(deps): Bump rotp from 3.3.1 to 5.1.0 (#8477) 
* Build(deps): Bump rotp from 3.3.1 to 5.1.0

Bumps [rotp](https://github.com/mdp/rotp) from 3.3.1 to 5.1.0.
- [Release notes](https://github.com/mdp/rotp/releases)
- [Changelog](https://github.com/mdp/rotp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mdp/rotp/compare/v3.3.1...v5.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Fix breaking ROTP changes
 2019-12-09 14:29:48 +10:00
dependabot-preview[bot]
fca727fd92 DEV: Bump tilt from 2.0.9 to 2.0.10 (#8479) 
Minor update, removes a Ruby 2.7 deprecation.
 2019-12-09 14:22:55 +11:00
dependabot-preview[bot]
c853051edb DEV: Bump mustache from 1.1.0 to 1.1.1 (#8478) 
Minor update, removes one warning which we have not seen yet.
 2019-12-09 14:21:55 +11:00
dependabot-preview[bot]
7aa3233bcb DEV: Bump puma from 3.12.2 to 4.3.1 (#8475) 
The downside here is that we are now going to require nio4r which requires some native code.

It is reasonably low risk though cause puma is very well tested. We use puma mostly in test environments, not in production.
 2019-12-09 12:51:41 +11:00
dependabot-preview[bot]
d198e824ce DEV: Bump fastimage from 2.1.5 to 2.1.7 
This library is used to detect size of images, upgrading a minor version here should be low risk, we have integration tests to detect issues.
 2019-12-09 12:49:53 +11:00
Sam Saffron
8a6421565e DEV: upgrade low risk gems 
This updates a bunch of gems that have very low risk of breaking anything
or are mostly used in dev. Overall our goal is to be on latest gems with
latest bug fixes so this is us working in that direction.
 2019-12-06 17:12:43 +11:00
dependabot[bot]
cc92aa9e71 SECURITY: Bump puma from 3.12.1 to 3.12.2 (#8464) 
Bumps [puma](https://github.com/puma/puma) from 3.12.1 to 3.12.2.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v3.12.1...v3.12.2)

Signed-off-by: dependabot[bot] <support@github.com>
 2019-12-06 14:09:29 +11:00
Sam Saffron
a06fccae1b DEV: update dependencies and add notes about exceptions 
Previously it was unclear why certain gems are being held back cause Gemfile
had no comment explaining it.

I tried to add some explanation from memory and remove some exceptions that
seemed to be superfluous.

This upgrades shoulda to latest, it appears to work once a couple of assertions
are removed

Also update http accept language used to auto detect language from http header
this is tested

Zeitwerk small update seems fine
 2019-12-06 13:00:28 +11:00
Arpit Jalan
cab9c7c77e Bump onebox version. 
- FIX: use dedicated Vimeo onebox for all video types
 2019-11-27 16:22:25 +05:30
Arpit Jalan
7543db086a Bump onebox version. 
- FIX: Amazon video oneboxes were not working.
 2019-11-20 14:47:59 +05:30
David Taylor
eaf6096890 DEV: Use rubocop-discourse gem to add custom chdir cop 
Followup to b27e009655
 2019-11-18 15:39:41 +00:00
Gerhard Schlager
c04369ed8f
DEV: Revert to Bundler 1.17 
Follow-up to a2d6169a5e
 2019-11-11 15:37:13 +01:00
Sam Saffron
a2d6169a5e DEV: upgrade mini_racer 
This is done to fix a compatibility issue with Ruby 2.7, it ensures we clean
up fds for a pipe we use to track timeouts in mini racer.
 2019-11-11 15:36:16 +11:00
Sam Saffron
652b6363a2 DEV: upgrade bootsnap 
This fixes Ruby 2.7 support which we are starting to test
 2019-11-08 17:07:58 +11:00
Sam Saffron
26c0199c01 DEV: update Rails to version 6.0.1 
This version of Rails eliminates a monkey patch that is no longer needed!

Additionally it preps us for Ruby 2.7 support.
 2019-11-08 16:56:30 +11:00
Mark VanLandingham
f79796fcac DEV: Bump loofah version due to vulnerability 2019-11-07 10:02:02 -05:00
Arpit Jalan
c5df853dea Bump onebox version. 
- fix for gfycat onebox in email
 2019-11-07 10:03:12 +05:30
Arpit Jalan
cb9702bf7a Bump onebox version. 
- Remove native caching
- FIX: dropbox videos were not loading
 2019-11-04 10:46:20 +05:30
Sam Saffron
af841fa883 DEV: update rack-mini-profiler 
This includes an important new feature, we pre-compile templates so CSPs
that disable eval can still apply to our sites.
 2019-10-28 16:46:13 +11:00
Sam Saffron
c9714fcbf8 FIX: update rack-mini-profiler 
1.1.0 had regressions where rack mini profiler would break the site for IE11
users cause the payload had errors.

1.1.2 fixes that.
 2019-10-25 11:17:44 +11:00
Arpit Jalan
12409f63a0 Bump onebox version. 
- FIX: Follow redirect returns url if response code is 200
- FIX: do not resize xkcd image
 2019-10-22 12:26:01 +05:30
Krzysztof Kotlarek
858cf5836c
FIX: update Redis gem to version 4.1.3 
I run our benchmark on commit with hiredis and redis-4.1.3

Results:
type | hidredis | redis 4.1.3 | percent
--- | --- | --- | ---
Categories-50 | 49 | 50 | 102.04%
Categories-75 | 51 | 51 | 100.00%
Categories-90 | 63 | 64 | 101.59%
Categories-99 | 86 | 85 | 98.84%
Home-50 | 55 | 55 | 100.00%
Home-75 | 56 | 57 | 101.79%
Home-90 | 68 | 69 | 101.47%
Home-99 | 102 | 104 | 101.96%
Topic-50 | 36 | 37 | 102.78%
Topic-75 | 37 | 37 | 100.00%
Topic-90 | 47 | 48 | 102.13%
Topic-99 | 60 | 61 | 101.67%
Categories-admin-50 | 124 | 117 | 94.35%
Categories-admin-75 | 130 | 129 | 99.23%
Categories-admin-90 | 147 | 143 | 97.28%
Categories-admin-99 | 204 | 199 | 97.55%
Home-admin-50 | 146 | 148 | 101.37%
Home-admin-75 | 150 | 152 | 101.33%
Home-admin-90 | 169 | 168 | 99.41%
Home-admin-99 | 232 | 223 | 96.12%
Topic-admin-50 | 60 | 61 | 101.67%
Topic-admin-75 | 64 | 63 | 98.44%
Topic-admin-90 | 76 | 73 | 96.05%
Topic-admin-99 | 124 | 94 | 75.81%
Load rails | 2412 | 2360 | 97.84%
rss | 290204 | 295828 | 101.94%
pss | 277948 | 283624 | 102.04%

Redis gem is manipulating Redis config https://github.com/redis/redis-rb/blob/master/lib/redis/client.rb#L95
therefore we cannot pass the frozen config object.

Pass of the copy of the object is protecting original config
 2019-10-21 09:59:24 +11:00
OsamaSayegh
1f6f118e52 DEV: Bump Logster version to 2.4.1 
This version includes a few performance fixes, details here: 59f8cb0abf
 2019-10-17 20:06:27 +00:00
Sam Saffron
ae2a56999e Revert "FIX: update Redis gem to version 4.1.3 (#8197)" 
This reverts commit ab74a50d85.

We really want to upgrade redis, but discovered some edge cases
around failover we need to test.

Holding off on the upgrade till a bit more testing happens
 2019-10-17 11:41:46 +11:00
Krzysztof Kotlarek
ab74a50d85 FIX: update Redis gem to version 4.1.3 (#8197) 
* FIX: update Redis gem to version 4.1.3

I run our benchmark on commit with hiredis and redis-4.1.3

Results:
type | hidredis | redis 4.1.3 | percent
--- | --- | --- | ---
Categories-50 | 49 | 50 | 102.04%
Categories-75 | 51 | 51 | 100.00%
Categories-90 | 63 | 64 | 101.59%
Categories-99 | 86 | 85 | 98.84%
Home-50 | 55 | 55 | 100.00%
Home-75 | 56 | 57 | 101.79%
Home-90 | 68 | 69 | 101.47%
Home-99 | 102 | 104 | 101.96%
Topic-50 | 36 | 37 | 102.78%
Topic-75 | 37 | 37 | 100.00%
Topic-90 | 47 | 48 | 102.13%
Topic-99 | 60 | 61 | 101.67%
Categories-admin-50 | 124 | 117 | 94.35%
Categories-admin-75 | 130 | 129 | 99.23%
Categories-admin-90 | 147 | 143 | 97.28%
Categories-admin-99 | 204 | 199 | 97.55%
Home-admin-50 | 146 | 148 | 101.37%
Home-admin-75 | 150 | 152 | 101.33%
Home-admin-90 | 169 | 168 | 99.41%
Home-admin-99 | 232 | 223 | 96.12%
Topic-admin-50 | 60 | 61 | 101.67%
Topic-admin-75 | 64 | 63 | 98.44%
Topic-admin-90 | 76 | 73 | 96.05%
Topic-admin-99 | 124 | 94 | 75.81%
Load rails | 2412 | 2360 | 97.84%
rss | 290204 | 295828 | 101.94%
pss | 277948 | 283624 | 102.04%

* FIX: get rid of redis freedom patch
 2019-10-17 08:49:23 +11:00
David Taylor
061c8874f5 FIX: Correct line count link in GitHub commit onebox 
Bump onebox version
 2019-10-15 23:52:59 +01:00
Sam Saffron
c3cc96084c FIX: remove hiredis gem which is no longer needed 
Previously some local micro-benchmarks revealed it was not giving any perf
benefits.

Now that we upgraded to 2.6.5 we are seeing some segfaults.

No need to carry this dependency around anymore.

We can re-evaluate in future if it improves perf and fix the segfaults.
 2019-10-15 18:17:14 +11:00
romanrizzi
9845963105 FEATURE: Use the 'ugc' rel attribute alongside 'nofollow' 2019-10-14 15:21:48 -03:00
David Taylor
939a746dcd UX: Use theme colors for GitHub issue labels 
Bump onebox version to pull tag rendering bug fix
 2019-10-09 12:28:48 +01:00
David Taylor
3edd514c72 FEATURE: Redesigned GitHub oneboxes 
Bump onebox version, and add new styling

Commit, PR and Issue oneboxes are updated with a new design. Timestamps are now localized using local-dates (if installed).
 2019-10-09 11:47:58 +01:00
OsamaSayegh
061b98bc75 DEV: Bump Logster version to 2.3.3 
This new version of Logster has a new feature that keeps track of
message timestamp when it's merged into other similar messages.
 2019-10-08 16:39:52 +00:00
David Taylor
e7cc7def8b UX: Stop using fixed-width font to render github issue description 
Bump onebox version
 2019-10-08 11:48:05 +01:00
Joffrey JAFFEUX
67a90a7d97 FIX: updates discourse-ember-source gem (#8167) 
This is related to fix made to prevent a crash in iOS 9.5
 2019-10-08 11:39:20 +11:00
David Taylor
615039f228 FEATURE: Improve GitHub commit, PR and issue onebox rendering 
Bump onebox version to include new github rendering, and add relevant CSS

Avatars are reduced in size significantly, and icons are added to easily differentiate PRs and commits. The 'Issue:' prefix is removed from issue oneboxes, to make them consistent with commits and PRs.
 2019-10-07 19:26:10 +01:00
Sam Saffron
8d5f47dded PREF: optimise preloading application 
We preload to ensure as much memory as possible is reused from unicorn master
to various workers using copy-on-write (sidekiq, unicorn)

This migrates the preloading code into the Discourse module for easier
reuse and adds 3 notable preloading changes

1. We attempt to localize a string on each site, ensuring we warmup
the i18n

2. We preload all our templates (compiling .erb to class)

3. We warm-up our search tokenizer which uses cppjieba which is a large
memory consumer, this will only cause a warmup on CJK sites or sites with
the special site setting enabled.
 2019-10-07 00:33:37 -04:00
Martin Brennan
68d35b14f4 FEATURE: Webauthn authenticator management with 2FA login (Security Keys) (#8099) 
Adds 2 factor authentication method via second factor security keys over [web authn](https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API).

Allows a user to authenticate a second factor on login, login-via-email, admin-login, and change password routes. Adds registration area within existing user second factor preferences to register multiple security keys. Supports both external (yubikey) and built-in (macOS/android fingerprint readers).
 2019-10-01 19:08:41 -07:00
Sam Saffron
0420e8145e SECURITY: update rubyzip dependency 
This updates rubyzip library so that callers can trust entries when
extracting files avoiding situations where a rogues zip imported by a rogue
admin could cause a disk space issue.
 2019-10-01 17:11:20 +10:00
Sam Saffron
ba0114a6ff SECURITY: update rack-mini-profiler to latest to correct XSS 
This corrects an XSS in ?pp=help.

Also removes the jQuery dependency from rack-mini-profiler and restricts
memory sensitive profiling methods development only.
 2019-10-01 16:55:58 +10:00
Krzysztof Kotlarek
32b8a2ccff DEV: Upgrade Discourse to Rails 6 (#8083) 
* Adjustments to pass specs on Rails 6.0.0
* Use classic autoloader instead of Zeitwerk
* Update Rails 6.0.0 deprecated methods
* Rails 6.0.0 not allowing column with integer name
* Drop freedom_patches/rails6.rb
* Default value for trigger_transactional_callbacks? is true
* Bump rspec-rails version to 4.0.0.beta2
 2019-09-12 10:41:50 +10:00
Arpit Jalan
4195548a17 Bump onebox version. 
- indicate and link to Flickr Album
 2019-09-11 23:23:11 +05:30
Sam Saffron
5da7ffd46c FEATURE: update mini_scheduler to support history filtering 
New version of mini scheduler allows you to select the name of a schedule
in the history page in `/sidekiq/scheduler/history`.

This is handy for quickly looking up timing trends.
 2019-09-11 18:43:02 +10:00
Sam Saffron
ed00f35306 FEATURE: improve performance of anonymous cache 
This commit introduces 2 features:

1. DISCOURSE_COMPRESS_ANON_CACHE (true|false, default false): this allows
you to optionally compress the anon cache body entries in Redis, can be
useful for high load sites with Redis that lives on a separate server to
to webs

2. DISCOURSE_ANON_CACHE_STORE_THRESHOLD (default 2), only pop entries into
redis if we observe them more than N times. This avoids situations where
a crawler can walk a big pile of topics and store them all in Redis never
to be used. Our default anon cache time for topics is only 60 seconds. Anon
cache is in place to avoid the "slashdot" effect where a single topic is
hit by 100s of people in one minute.
 2019-09-04 17:18:32 +10:00
Sam Saffron
5db204f370 FIX: broken scheduler when changing per_host <-> global 
Prior to this commit if we ever checked in a per_host directive and scheduled
job was previously global, total chaos could ensue as a feedback loop would
start

We very rarely used per_host to date, but just started making use of it
for heartbeats
 2019-08-30 23:26:44 +10:00
Sam Saffron
098f9e8b5b PERF: Run multiple threads for regular job schedules 
Under extreme load on large databases certain regular jobs can take quite
a while to run. We need to ensure we never starve a sidekiq from running
mini scheduler, cause without it we are unable to queue stuff such as
heartbeat jobs.
 2019-08-29 15:34:36 +10:00
Arpit Jalan
e9c971ba77 Bump onebox version. 
- allow oneboxing for `www.amazon.com.mx`
 2019-08-26 16:44:10 +05:30
Arpit Jalan
038bf02e33 Bump onebox version. 
- strip whitespace from Twitter onebox
 2019-08-21 10:19:54 +05:30
Régis Hanol
727430aacf SECURITY: bump nokogiri 
We're not using the vulnerable method but there's no harm in upgrading.
 2019-08-20 10:58:18 +02:00
Sam Saffron
8db38de9d7 SECURITY: add rate limiting to anon JS error reporting 
This adds a 1 minute rate limit to all JS error reporting per IP. Previously
we would only use the global rate limit.

This also introduces DISCOURSE_ENABLE_JS_ERROR_REPORTING, if it is set to
false then no JS error reporting will be allowed on the site.
 2019-08-20 11:29:11 +10:00
Arpit Jalan
f27564a0a0 Bump onebox version. 
- normalize and decode html entities for image URL
 2019-08-19 19:01:23 +05:30
OsamaSayegh
50368940f7 DEV: Bump Logster version to 2.3.1 
Commits since last version bump: 5cdcb76...c5bcb8e
 2019-08-15 07:21:34 +00:00
Arpit Jalan
44f4801087 Bump onebox version. 
- do not double encode percentage in url
- support hashbang in url
 2019-08-12 08:42:50 +05:30
Sam Saffron
1f47ed1ea3 PERF: message_bus will be deferred by server when flooded 
The message_bus performs a fair amount of work prior to hijacking requests
this change ensures that if there is a situation where the server is flooded
message_bus will inform client to back off for 30 seconds + random(120 secs)

This back-off is ultra cheap and happens very early in the middleware.

It corrects a situation where a flood to message bus could cause the app
to become unresponsive

MessageBus update is here to ensure message_bus gem properly respects
Retry-After header and status 429.

Under normal state this code should never trigger, to disable raise the
value of DISCOURSE_REJECT_MESSAGE_BUS_QUEUE_SECONDS, default is to tell
message bus to go away if we are queueing for 100ms or longer
 2019-08-09 17:48:01 +10:00
Arpit Jalan
bc5daa1466 Bump onebox version. 
- prioritize `card_html` over `article_html`
 2019-08-05 11:04:58 +05:30
Neil Lalonde
9656a21fdb
FEATURE: customization of html emails (#7934) 
This feature adds the ability to customize the HTML part of all emails using a custom HTML template and optionally some CSS to style it. The CSS will be parsed and converted into inline styles because CSS is poorly supported by email clients. When writing the custom HTML and CSS, be aware of what email clients support. Keep customizations very simple.

Customizations can be added and edited in Admin > Customize > Email Style.

Since the summary email is already heavily styled, there is a setting to disable custom styles for summary emails called "apply custom styles to digest" found in Admin > Settings > Email.

As part of this work, RTL locales are now rendered correctly for all emails.
 2019-07-30 15:05:08 -04:00
Arpit Jalan
6a0787445c Bump onebox version. 
- Deprioritize Twitter card in generic onebox
 2019-07-25 17:13:23 +05:30
Roman Rizzi
f5c707c97a
FEATURE: Gz to zip for exports (#7889) 
* Revert "Revert "FEATURE: admin/user exports are compressed using the zip format (#7784)""

This reverts commit f89bd55576.

* Replace .tar.zip with .zip
 2019-07-18 09:34:48 -03:00
Joffrey JAFFEUX
b3eb67976d
DEV: Upgrades to Ember 3.10 (#7871) 
Co-Authored-By: majakomel <maja.komel@gmail.com>
 2019-07-16 12:45:15 +02:00
Arpit Jalan
25830c73be Bump onebox version. 
- use custom placeholder HTML for generic whitelisted oneboxes
- optimize usage of custom placeholder HTML
 2019-07-11 18:31:51 +05:30
romanrizzi
f89bd55576 Revert "FEATURE: admin/user exports are compressed using the zip format (#7784)" 
This reverts commit 8b2580e20f.
 2019-07-10 11:38:51 -03:00
Roman Rizzi
8b2580e20f
FEATURE: admin/user exports are compressed using the zip format (#7784) 
* FEATURE: admin/user exports are compressed using the zip format

* Update translations. Theme exporter now exports .zip file. Theme importer supports .zip and .gz files

* Fix controller test, updated locale and skip saving the csv export to disk
 2019-07-10 11:13:03 -03:00
Arpit Jalan
f0f271cd5f Bump onebox version. 
- remove additional whitespace from Twitter onebox
 2019-07-09 13:12:03 +05:30
Arpit Jalan
bb8cf81089 Bump onebox version. 
- better placeholders for audio/video/trello/typeform oneboxes
- added CSS for audio/video/trello/typeform onebox placeholders
 2019-07-08 21:40:33 +05:30
Arpit Jalan
feb828172b Bump onebox version. 
- improved spacing for quoted twitter onebox
 2019-07-06 09:41:01 +05:30
Arpit Jalan
5bc1fd23b0 Bump onebox version. 
- update HTML for twitter quoted onebox
- updated CSS for twitter quoted onebox
 2019-07-05 19:35:36 +05:30
Arpit Jalan
1ebc3cce4a Bump onebox version. 
- twitter oneboxing using API was broken
 2019-07-04 11:41:07 +05:30
Arpit Jalan
32edaa3843 Bump onebox version 
- support for Twitter quoted tweets
 2019-07-04 11:01:30 +05:30
Abroskin Alexander
0872a1182d DEV: Replace Overcommit with Lefthook (#7826) 
Overcommit uses prebuilt hooks and require global installation.
To avoid this issues replace it with Lefthook.
Lefthook will be installed with npm packages. New contributors
will have fully consistent git hooks.
 2019-07-02 11:29:52 +02:00
Arpit Jalan
7f14e185cc Bump onebox version. 
- prevent double escaping of URL
 2019-06-27 23:35:35 +05:30
Arpit Jalan
168a38dc29 Bump onebox version. 
- better Twitch placeholder
- CSS for said placeholder
 2019-06-26 23:22:29 +05:30
Arpit Jalan
2af4002817 Bump onebox version. 
- Add a placeholder icon for Twitch onebox preview
- Add CSS for showing fontawesome play icon for placeholder class
 2019-06-26 13:40:14 +05:30
Sam Saffron
4c89f7f881 DEV: bump version on mini_scheduler 
This corrects a catastrophic state that can ensue if redis becomes readonly

It also adds support for multiple queues and minor cleanup
 2019-06-24 16:56:16 +10:00
Guo Xiang Tan
29259b46ae DEV: Verbose mode for posts:inline_uploads rake task. 2019-06-10 08:59:11 +08:00
Guo Xiang Tan
1991af2abb DEV: Switch InlineUploads to a regexp based implementation. 2019-06-04 15:54:25 +08:00
Guo Xiang Tan
d93e5fb00d DEV: Class that converts MD with old attachment links to new MD. 2019-06-04 15:54:25 +08:00
Vinoth Kannan
787ccb5746 revert the bundler version 
871fcf1117
 2019-06-04 08:45:30 +05:30
Vinoth Kannan
871fcf1117 PERF: omit user profile and private message stats in web hook serializer. 2019-06-04 08:44:10 +05:30
David Taylor
8511bfe583 Bump omniauth-google-oauth2 gem version 
Pinning to an old version is no longer required following 8b4d6dafea
 2019-06-03 19:17:00 +01:00
Joffrey JAFFEUX
ee43b36b64
Bump onebox version. (#7666) 
Fixes multiple possible sources of exceptions due to frozen strings. Wikipedia onebox was definitely failing before this patch.
 2019-05-31 17:04:34 +02:00
Joffrey JAFFEUX
75d413ad11
Bump onebox version. (#7665) 
Fixes a regression with soundclound onebox due to frozen string literal.
 2019-05-31 16:41:33 +02:00
Arpit Jalan
bf3c781f26 Bump onebox version. 
- add frozen string literal to all the files
 2019-05-28 17:39:42 +05:30
Daniel Waterworth
f46d2ad086 DEV: Update test-prof (#7572) 
* Updated test-prof

* Made rails_helper.rb use new test-prof APIs

Instead of the previous temporary hacks.

* Added environment option to disable prefabrication

It was removed mistakenly
 2019-05-21 22:07:40 +10:00
Arpit Jalan
ce89f19250 Bump onebox version. 
- use Vimeo engine for private links only
- if og:video_url is missing, make one using Vimeo ID
 2019-05-20 12:24:43 +05:30
Sam Saffron
a4627c3d82 DEV: revert bundler to 1.7.3 
At the moment bundler 2.0 is not compatible with:

https://github.com/discourse/discourse-backup-uploads-to-s3

We plan to get this fixed but in the mean time do not upgrade.

followup to 2a7065c5
 2019-05-20 11:23:28 +10:00
Vinoth Kannan
2a7065c505 FIX: skip uploads without etag in s3 inventory check. 2019-05-20 00:09:52 +05:30
Régis Hanol
081eb76308 DEV: update rubocop - take 2 2019-05-17 14:13:25 +02:00
Régis Hanol
88102ce13d DEV: update rubocop 2019-05-17 14:08:58 +02:00
Sam Saffron
bbcc39e66c FEATURE: update mini_racer to version including heap dump support 
We recently noticed a leak, this introduces a new method on MiniRacer::Context

```
context.write_heap_snapshot(path)
```

To dump current memory in v8 context to a file, this can then be analyzed
in chrome and other similar tools

Can be triggered in production using rbtrace
 2019-05-14 18:01:15 +10:00
Gerhard Schlager
73da9c171a DEV: Upgrade unicorn 
The gem has minor bug fixes. One of those stopped the RubyMine debugger from working.
 2019-05-07 17:03:27 +02:00
Arpit Jalan
d679c4e0eb Bump onebox version. 
- FIX: encode the URL per RFC 3986 spec
 2019-05-06 18:17:42 +05:30
Vinoth Kannan
28547c6f08 revert bundler version change 
73418aaf73
 2019-05-02 04:37:55 +05:30
Vinoth Kannan
73418aaf73 DEV: Add bucket folder path to inventory id 2019-05-02 04:35:35 +05:30
romanrizzi
2ebe9e3a8b Bump onebox version 2019-04-30 10:07:48 -03:00
Guo Xiang Tan
09b3d0c2a0
DEV: Only install danger on Travis. (#7452) 2019-04-29 14:45:24 +08:00
Sam Saffron
fa313564d7 DEV: update rails multisite 
This gives us Rails 6 support, should not impact existing behavior
 2019-04-29 16:24:47 +10:00
Sam Saffron
c0a5a07eda DEV: missing change from prev commit 2019-04-29 15:52:47 +10:00
Sam Saffron
7ea5c8a5f5 DEV: update AWS dependency 
AWS is a big moving target, this fills gaps in the API. Technically we
use such a tiny surface area that it probably does not matter, but it is
good to be up to date here.
 2019-04-29 15:39:19 +10:00
Sam Saffron
2d9c8581ce DEV: low risk gem updates 
This updates another batch of gems that are lowish risk

Most of the gem changes are here for Rails 6 / Ruby 2.6.3 support

Excon did some stuff around better cipher ordering
 2019-04-29 15:33:01 +10:00
Sam Saffron
9797073de0 DEV: update mini_sql and some other gems 
Big one is mini_sql, only noticeable change is that the internals now
support jruby!
 2019-04-29 15:04:19 +10:00
Sam Saffron
75c1506cb0 DEV: update minor dependencies 
These gems have very minor changes, and are low risk updates
 2019-04-29 15:00:58 +10:00
Sam Saffron
b3d91ea541 DEV: update rubocop 
No changes required in core Discourse.
 2019-04-29 14:57:30 +10:00
Sam Saffron
6449170e15 DEV: update mini racer version 
Mini Racer 0.2.5 provides support for libv8 7.3 (so we just upgraded from
Chrome 67 -> 73 JS engine wise)
 2019-04-29 10:22:27 +10:00
Maja Komel
4b455e741e DEV: Ember 3.8.0 
Co-Authored-By: majakomel <maja.komel@gmail.com>
 2019-04-26 12:16:21 +02:00
Sam Saffron
68d7b4023b FIX: update mini scheduler 
The UX was not showing any durations longer than 1 minute for scheduled
jobs

Also updates sidekiq and rack minor versions which are low risk
 2019-04-26 11:24:17 +10:00
Vinoth Kannan
1724c27713 FIX: reload the 'post' model to retrive raw field value. 2019-04-25 02:09:27 +05:30
Vinoth Kannan
aed683390c FIX: Don't treat 'upload_patterns' as constant to make the rake task compatible with multisite 2019-04-25 02:06:20 +05:30
Gerhard Schlager
01a3311ffb SECURITY: Update nokogiri 2019-04-24 10:42:24 +02:00
Arpit Jalan
e8f51815e5 Bump onebox version. 
- Update github_blob engine to support displaying stl files
- FEATURE: add `data-original-href` attribute to Vimeo iframes
- Add poster image for video oneboxes
 2019-04-24 13:59:14 +05:30
Guo Xiang Tan
8c8d3bea31 Remove unncessary gems installed due to Rails 5.2.3 upgrade. 
Follow up to b3dcaacdf4.
 2019-04-23 17:44:49 +08:00
Guo Xiang Tan
b3dcaacdf4 Update Rails to 5.2.3. 2019-04-20 10:49:54 +09:00
Daniel Waterworth
7e3628d11f Added test-prof as a dependency (#7395) 
test-prof is a collection of tools for analyzing test-suite performance.
 2019-04-19 10:52:31 +02:00
Nicolas Sebastian Vidal
2b8487b0ea Removed "shoulda" gem in favor of "shoulda-matchers" and update (#7387) 
* Update shoulda gem

* Remove shoulda gem in favor of shoulda-matchers only
 2019-04-18 07:41:37 +10:00
Guo Xiang Tan
e50494bcde Revert "DEV: Upgradae to Bundler 2." 
This reverts commit f65c8a7ba1.

I can't deal with this now.
 2019-04-15 11:05:51 +08:00
Guo Xiang Tan
f65c8a7ba1 DEV: Upgradae to Bundler 2. 2019-04-15 09:02:02 +08:00
Vinoth Kannan
70fef8e0c3 FIX: change to correct bundled version 2019-04-14 14:46:56 +05:30
Vinoth Kannan
87b53e170b FIX: skip <br> inside <p> if next character is \n 2019-04-14 14:44:54 +05:30
Roman Rizzi
76e76140e1 Bump onebox version 2019-04-12 10:28:36 -03:00
Arpit Jalan
9c1d1777db Bump onebox version 
- adds support for oneboxing google drive files
- add styling for google drive onebox favicon
 2019-04-10 13:37:24 +05:30
Maja Komel
b0053f3a1c FEATURE: bump onebox version, add styling for new reddit image onebox 2019-04-04 11:24:30 +02:00
David Taylor
b375dcb14a DEV: Introduce parallel rspec testing 
Adds the parallel_tests gem, and redis/postgres configuration for running rspec tests in parallel. To use:

```
rake parallel:rake[db:create]
rake parallel:rake[db:migrate]
rake parallel:spec
```

This brings the test suite from 12m20s to 3m11s on my macOS machine
 2019-04-01 11:06:47 -04:00
Gerhard Schlager
cadd1d670f DEV: Add simplecov as test dependency (#7271) 2019-04-01 16:00:11 +11:00
Osama Sayegh
6ea14b591f
Bump logster to 2.3.0 (#7251) 
Introduces a new feature that keeps track of number of logs that have been suppressed by each pattern. 

![image](https://user-images.githubusercontent.com/17474474/54972259-e3b00680-4f9b-11e9-96cd-e2c12d2c239f.png)

d3146c0fe1
 2019-03-26 07:51:58 +03:00
David Taylor
59491f3047 FIX: Add sassc-rails for plugins using sprockets to compile scss 
This did not affect core because we have a custom stylesheet pipeline
 2019-03-21 23:23:29 +00:00
David Taylor
56b4ee43d3 DEV: Update sassc gem 2019-03-20 16:04:26 +00:00
Maja Komel
f3d0d8fe7d Upgrade to Ember 3.7.0 2019-03-20 14:43:25 +01:00
Osama Sayegh
14c1af0a9e Bump logster version to 2.2.0 (#7200) 2019-03-19 09:39:16 +01:00
Roman Rizzi
bd8e46a9c1 SECURITY: Upgrading Rails version to 5.2.2.1 2019-03-13 16:24:54 -03:00
Roman Rizzi
77931b70c3
Revert "DEV: Upgrade to Ember 3.7.0 (#6977)" (#7165) 
This reverts commit 3eebf8be73.
 2019-03-13 15:49:47 -03:00
Maja Komel
3eebf8be73
DEV: Upgrade to Ember 3.7.0 (#6977) 
* Upgrade to Ember 3.7.0

* use ember source 3.7.0.2

* fix mobile header

* fix navigation
 2019-03-13 12:16:06 +01:00
Vinoth Kannan
d4d67386c9 FIX: change to correct bundled version 2019-03-13 16:43:45 +05:30
Vinoth Kannan
1b454c73ae FIX: 'topic' can have null value 2019-03-13 16:34:47 +05:30
Arpit Jalan
a9648e8fd1 onebox version bump 
- FIX: respect code indentation
 2019-03-07 17:55:47 +05:30
Vinoth Kannan
1b1f9831b0 Bump onebox version 
discourse/onebox@4dd5a62
 2019-03-06 11:58:41 +05:30
Gerhard Schlager
33129efdb5 Revert "Bump onebox version" 
This reverts commit 345f6237cb.
 2019-03-05 22:51:02 +01:00
Gerhard Schlager
345f6237cb Bump onebox version 
f2b361fc28
 2019-03-05 22:18:49 +01:00
Arpit Jalan
2d247cc4e9 Bump onebox version 
- deafult to dedicated vimeo and gfycat engine
 2019-02-26 10:50:27 +05:30
Sam
9faf058120 FEATURE: mini_sql upgrade 
- Fixes deprecation regarding usage of BigDecimal in dev
- Handle edge case where query_hash would clear a non existent result
- Minor perf improvement to query_single

Most important thing though is that we are now on the latest gem
 2019-02-25 16:02:32 +11:00
Sam
3aabb9825f Revert "DEV: update mini_sql to remove deprecation" 
This reverts commit e8e61535eb.

Turns out some other changes happened to MiniSql which require Discourse
changes
 2019-02-25 15:14:16 +11:00
Sam
e8e61535eb DEV: update mini_sql to remove deprecation 
The only reason this was done was to remove this deprecation when running
tests.

```
/home/sam/.rbenv/versions/2.6.1/lib/ruby/gems/2.6.0/gems/mini_sql-0.1.10/lib/mini_sql/coders.rb:5: warning: BigDecimal.new is deprecated; use BigDecimal() method instead.
```
 2019-02-25 14:31:43 +11:00
Osama Sayegh
f86ca5631a
Bump logster to v 2.1.2 (#7052) 2019-02-21 18:59:33 +03:00
Sam
8745f78277 DEV: disable async logging in development on broken Ruby 
Ruby 2.5.3 has an upatched issue that crashes unicorn after fork:

https://bugs.ruby-lang.org/issues/14634

This will be patched in 2.5.4 however for now just warn people dev is slower
and disable async logging on the older rubies
 2019-02-21 17:20:58 +11:00
Sam Saffron
83f13ecf82 FEATURE: bump onebox dependency 
- Adds support of kaltura oneboxes
- Adds support for typeform oneboxes
 2019-02-19 15:22:43 +11:00
Régis Hanol
a3e9b809b2 Update aws-sdk-* gems to latest versions 2019-02-14 11:04:35 +01:00
Régis Hanol
4d674acc25 FEATURE: AWS SNS bounce notifications webhooks 2019-02-13 21:26:40 +01:00
Osama Sayegh
1c00e8a755 Bump logster to 2.1.0 (#7000) 2019-02-13 10:57:22 +01:00
Vinoth Kannan
fb911766ee FIX: Bump onebox version to include imgur security fix 2019-02-13 01:14:06 +05:30
Sam
4cfc201604 DEV: update logster to stable release 
This update logster to the stable 2.0.1 release instead of running a pre
release
 2019-02-06 16:54:42 +11:00
Sam
0098b3072e DEV: update rack-mini-profiler 
This gem update fixes an issue with upcoming Rails 6

(without this fix mini profiler will not work on rails 6 and simply renders
text)
 2019-02-06 16:51:45 +11:00
Sam
1748ec421e DEV: gem updates 
Another group of gems updated, better_errors is fairly safe as its for dev
chunky_png fairly safe, used for getting image info from pngs, erubi update
is very safe. Sanitize is used by onebox and should always be on latest.

Long term we should think of making sanitize an optional dependency on onebox
cause we are happy to just provide methods from core to do this and it would
remove nokogumbo and sanitize deps.
 2019-02-05 12:35:42 +11:00
Sam
27c8688f02 DEV: update dependencies 
This updates some more low risk gems, maxmind, hiredis (c wrapper for
redis), puma, rbtrace and stackprof.
 2019-02-05 11:23:21 +11:00
Sam
635bc72ec5 DEV: pin redis to version 4.0.1 
Version 4.1.0 returns frozen hashes which conflict with our monkey patch

We will follow up unpinning this later
 2019-02-05 09:08:44 +11:00
Sam
be24220e95 DEV: update low risk gems 
This follows up on 03376224 which reverted the redis update which is not
supported, rest of the gems should be fine.(unicorn / nokogiri / sidekiq /
pg)
 2019-02-05 06:54:10 +11:00
Sam
0337622420 Revert "DEV: more low risk gem updates" 
This reverts commit 2c53dde918

Turns out redis upgrade breaks our usage of redis, more internal fixes
are required
 2019-02-04 18:11:09 +11:00
Sam
2c57b65bfc DEV: update more gems including i18n 
This updates a few more lower risk gems, the main goal here is to have
nothing outdated. Avoiding a giant commit is going to make it slightly
easier to partially roll back if something goes wrong
 2019-02-04 17:54:39 +11:00
Sam
ab23615077 DEV: update rubocop gem to latest 
not much to say here, the new version seems compatible with Discourse,
no changes appear to be needed
 2019-02-04 17:52:10 +11:00
Sam
2c53dde918 DEV: more low risk gem updates 
redis/sidekiq/unicorn/nokogiri and pg all are fairly safe to update
 2019-02-04 17:48:31 +11:00
Sam
9f5bbd663d DEV: update mini_racer and message_bus 
Two very low risk updates, message_bus has been released no need to depend
on pre-release.

mini_racer update is for a very minor change (shared isolates are not used
in discourse so it is not a fix we technically need)
 2019-02-04 17:46:38 +11:00
Sam
1816bdf46e DEV: upgrade mail gem from pre-release 
2.7.1 version of the mail gem was released! We no longer need to depend on
the pre-release.
 2019-02-04 16:10:13 +11:00
Sam
ab52241d32 DEV: upgrade thor gem 
0.19.4 was no longer compatible with Rails 6, this prepares us for Rails 6
support.
 2019-02-04 15:09:15 +11:00
Sam
377f3efb60 DEV: remove foreman gem and unsupported Procfile 
Launching Discourse no longer should require foreman in dev. We can simply
use `bin/unicorn` which automatically launches a sidekiq worker.

The foreman gem depends on thor ~> 0.19.1 which is no longer supported in
rails 6. So this pre-emptively prepares us for it.
 2019-02-04 15:05:54 +11:00
Guo Xiang Tan
49b21727ee Update rails_multisite to 2.0.6. 2019-01-23 17:42:59 +08:00
Guo Xiang Tan
53c0ad9388 Revert "DEV: Only install danger on Travis." 
This reverts commit 792dd033e6.
 2019-01-21 11:31:16 +08:00
Guo Xiang Tan
d7f11be575 Bump mini_scheduler. 2019-01-21 10:57:30 +08:00
Guo Xiang Tan
792dd033e6 DEV: Only install danger on Travis. 2019-01-21 09:46:32 +08:00
Joffrey JAFFEUX
502b1316d0
DEV: s/this._super()/this._super(...arguments) (#6908) 2019-01-19 10:05:51 +01:00
Guo Xiang Tan
ee7ab3e2ec Pause MiniScheduler when Sidekiq is paused. 2019-01-18 17:50:24 +08:00
Osama Sayegh
d0dc674875
Bump logster to 2.0.0.pre (#6897) 2019-01-17 18:13:47 +03:00
Sam
0890078993 Revert "Bump logster to 1.4.0.pre (#6866)" 
This temporary revert is here cause a certain immune system in logster
when a large number of events are groupes is no longer working in
production.

What this means is that if you have 10 thousand errors grouped it can
impose an very large amount of load on redis.

This reverts commit abee39ecd0.
 2019-01-11 11:25:48 +11:00
Joffrey JAFFEUX
f9648de897
DEV: upgrades from Ember 2.13 to Ember 3.5.1 (#6808) 
Co-Authored-By: Bianca Nenciu <nbianca@users.noreply.github.com>
Co-Authored-By: David Taylor <david@taylorhq.com>
 2019-01-10 11:06:01 +01:00
Gerhard Schlager
6f867660bc FIX: Push notifications didn't work anymore 2019-01-09 22:47:38 +01:00
David Taylor
af227cada5 FIX: Bump onebox version for gfycat aspect ratio fix 
Including the `Gemfile.lock` changes this time
 2019-01-09 18:08:46 +00:00
David Taylor
286cc72c8b FIX: Gyfcat onebox should have fixed aspect ratio videos 
(Fixed upstream in the onebox gem)
 2019-01-09 17:15:15 +00:00
Osama Sayegh
abee39ecd0
Bump logster to 1.4.0.pre (#6866) 
2 new features and a few fixes. More details here:

https://github.com/discourse/logster/pull/76

https://github.com/discourse/logster/pull/77
 2019-01-09 13:50:48 +03:00
David Taylor
fe20cb4b56 FIX: Enforce a fixed height on generic oneboxed videos 
This prevents 'jumping' as the video loads. This change will require posts to be rebaked before it takes effect.
 2019-01-08 16:22:03 +00:00
Arpit Jalan
c76c44bc66 bump onebox version 
- FEATURE: Add support for Twitter cards.
- FIX: add more https hosts
 2019-01-08 09:20:08 +05:30
Joshua Rosenfeld
2fc7d2c56d Bump omniauth-google-oauth2 version 2019-01-02 10:42:39 +00:00
sau226
828c07b658 Build(deps-dev): Bump rubocop from 0.60.0 to 0.61.1 (#6835) 2019-01-02 05:44:19 +08:00
Joshua Rosenfeld
9878274427 Revert "Bump omniauth-google-oauth2 version" 
This reverts commit 8ac0b721c5.
 2018-12-31 14:59:09 -05:00
Joshua Rosenfeld
8ac0b721c5 Bump omniauth-google-oauth2 version 2018-12-31 14:07:18 -05:00
Osama Sayegh
8bd5c90b0c
Bump logster to version 1.3.4 (#6834) 
Fixes linear-gradient CSS issue on iOS
Increases z-index for the actions menu to prevent the screen divider/splitter from obstructing the menu

e43e98dc61
 2018-12-31 06:58:46 +03:00
Osama Sayegh
8f65e4fb01
Bump logster to 1.3.3 (#6813) 
Fixes a UI issue
 2018-12-26 18:21:52 +03:00
Osama Sayegh
2ab02d6642 Bump logster version to 1.3.2 (#6811) 
Logster 1.3.2 improves UX on mobile
 2018-12-26 14:09:00 +08:00
Arpit Jalan
a8a0f97157 bump onebox version 
- FEATURE: support YouTube `rel` parameter
 2018-12-25 06:36:51 +05:30
Joffrey JAFFEUX
7b253dbe4a
FIX: gfycat oneboxing 2018-12-22 11:16:18 +01:00
Arpit Jalan
59cb907f25 Bump onebox version 
- update Twitter status icons
 2018-12-13 06:25:50 +05:30
Sam
a34bc92e1a DEV: update mini profiler 
This provides us with instrumentation missing after rails upgrade

Latest version of rails uses exec_params internally which is no longer
routed to intercepted methods in mini profiler 1.0.0
 2018-12-10 14:29:20 +11:00
Sam
fcb3f1e219 DEV: upgrade Rails to version 5.2.2 2018-12-10 11:29:28 +11:00
Régis Hanol
3c9c95ac83 Update Rubocop to 0.60 2018-12-04 10:48:16 +01:00
Sam
8868cfd2e4 FIX: redis leak when visiting large amounts of topics 
Message bus uses a key to keep track of the last id for each channel
this key was never expired even if channel data expired

This change ensures we also expire the tracking key, it means a lot to us
cause each topic has a channel, so if you have 1 million topics that is
1 million keys that may persist forever
 2018-11-30 14:41:15 +11:00
Arpit Jalan
597f170995 bump onebox version 
- FIX: show Google video preview on iOS devices
- FIX: convert relative image url to absolute url
 2018-11-17 13:45:55 +05:30
Sam
296928ec04 FIX: update logster to handle logging of invalid encoding strings 
Previously if a string had invalid encoding we would explode and log
to STDERR, this often goes lost, instead logster now scrubs as needed
 2018-11-13 16:06:06 +11:00
Osama Sayegh
dd0b4c565b Bump logster version (#6584) 2018-11-12 08:49:00 +08:00
Arpit Jalan
cf0acad1e4 bump onebox version (again) 
- Improve google photos album title
 2018-11-09 18:31:25 +05:30
Arpit Jalan
1151c093ad bump onebox version 
- Better Google Photos oneboxing
 2018-11-09 15:44:06 +05:30
Sam
81ccfa5a8a there is a new bundler 2018-11-07 10:05:22 +11:00
Sam
3951e9b528 SECURITY: update rack from 2.0.5 to 2.0.6 
This release contains security fixes to the underlying rack library
used by Discourse.

Impact is not too high as we do not use request.scheme in our templates
 2018-11-07 10:05:22 +11:00
Kyle Zhao
57ab6bcba1 SECURITY: update loofah for CVE-2018-16468 2018-10-30 10:51:03 -04:00
Arpit Jalan
7fe3491bc0 bump onebox version 
- UX: make title on Instagram less redundant
 2018-10-25 12:18:16 +05:30
Penar Musaraj
d20fd66286 bump onebox to 1.8.64 2018-10-16 11:10:11 -04:00
Sam
3aceda2dfd Update to latest version of message bus 
This includes DistributedCache which we will be using and perf fixes
 2018-10-15 13:49:04 +11:00
Bianca Nenciu
1d26a473e7 FEATURE: Show "Recently used devices" in user preferences (#6335) 
* FEATURE: Added MaxMindDb to resolve IP information.

* FEATURE: Added browser detection based on user agent.

* FEATURE: Added recently used devices in user preferences.

* DEV: Added acceptance test for recently used devices.

* UX: Do not show 'Show more' button if there aren't more tokens.

* DEV: Fix unit tests.

* DEV: Make changes after code review.

* Add more detailed unit tests.

* Improve logging messages.

* Minor coding style fixes.

* DEV: Use DropdownSelectBoxComponent and run Prettier.

* DEV: Fix unit tests.
 2018-10-09 22:21:41 +08:00
Guo Xiang Tan
893c0e9d5f Don't run the pre-release for bundler. 2018-10-08 09:23:39 +08:00
Grey Baker
6995fd12c6 build(deps): [security] bump nokogiri from 1.8.3 to 1.8.5 (#6455) 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.8.3 to 1.8.5. **This update includes security fixes.**
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.8.3...v1.8.5)

Signed-off-by: dependabot[bot] <support@dependabot.com>
 2018-10-05 09:43:17 -04:00
Sam
378584fdc0 correct under reporting of memory in memory profiler 2018-10-04 17:02:53 +10:00
Arpit Jalan
420e7bccca bump onebox version (take 2) 
- better detection of zero dollar amazon price
 2018-10-03 17:54:56 +05:30
Arpit Jalan
b56d0026b9 bump onebox version 
- do not display zero dollar price on Amazon onebox
- fix google play store onebox
 2018-10-03 17:05:51 +05:30
Sam Saffron
a2b6eed284 FIX: correct compilation issues on clang 10 
In MacOS we need different compilation flags now that some are
deprecated in clang 10, this is not specific to mojave which was
the previous fix
 2018-09-28 09:42:06 +08:00
Sam Saffron
afd2edabe4 DEV: update mini_racer for Mojave support 
MacOS Mojave deprecates some libraries making it a bit
harder to compile Mini Racer, this release adds support
 2018-09-26 07:43:34 +08:00
Arpit Jalan
80229668f9 bump onebox version 
- FIX: user correct steam placeholder image url
- catch up Ruby 2.6
 2018-09-19 10:06:43 +05:30
Gerhard Schlager
fb9e3e6423 Update aws-sdk-s3 
In preparation for https://github.com/discourse/discourse/pull/6345
 2018-09-17 17:39:46 +02:00
Sam
5bb7cc8710 FIX: update PG gem 
We need the newer PG gem to fix issues around rb_wait_for_single_fd that
pop up in rare conditions
 2018-09-13 21:57:20 +10:00
Gerhard Schlager
0d8c72d8c4 DEV: Add rake task to check locale files for errors 2018-09-05 00:47:39 +02:00
Arpit Jalan
8ce8edaf40 bump onebox version 2018-08-31 15:10:11 +05:30
Arpit Jalan
6b9aeeea73 bump onebox version 2018-08-31 08:40:36 +05:30
Guo Xiang Tan
a928bf4300 Revert rails_multisite back to 2.0.4. 2018-08-30 15:42:51 +08:00
Arpit Jalan
2872b100dc bump onebox version 2018-08-29 16:55:06 +05:30
Sam
b760f66523 Upgrade PG gem to latest 
This unlocks some performance improvements
 2018-08-27 10:58:19 +10:00
Guo Xiang Tan
6acba44ed9 Revert "Install mailcatcher in development." 
This reverts commit 914ce34e5b.

* requires sqlite3 to be installed.
 2018-08-21 15:40:50 +08:00
Guo Xiang Tan
914ce34e5b Install mailcatcher in development. 2018-08-21 15:28:02 +08:00
Sam
168ffd8384 FEATURE: group warnings about IP level rate limiting 2018-08-13 14:38:20 +10:00
Neil Lalonde
b829452c75
Merge pull request #6209 from discourse/mini_scheduler 
REFACTOR: extract scheduler to the mini_scheduler gem
 2018-08-01 10:28:24 -04:00
Gerhard Schlager
a115aae45f Use rchardet instead of charlock_holmes gem 2018-08-01 10:41:20 +02:00
Gerhard Schlager
ff942ed2f3 FIX: Try detecting encoding of RSS feed 2018-08-01 10:41:20 +02:00
Neil Lalonde
4ad7ce70ce REFACTOR: extract scheduler to the mini_scheduler gem 2018-07-31 17:12:55 -04:00
Arpit Jalan
458d9cd17a bump onebox version 2018-07-31 22:52:03 +05:30
Joffrey JAFFEUX
b4a2f3fe2f
DEV: implementing danger for travis 2018-07-24 10:12:15 -04:00
Arpit Jalan
22dad7f0e8 bump onebox version 2018-07-17 13:55:00 +05:30
Arpit Jalan
39299fdd8c bump onebox version 2018-07-16 11:43:32 +05:30
Arpit Jalan
2a5a57a87e bump onebox version 2018-07-12 21:29:34 +05:30
Guo Xiang Tan
72a3457379 Bump discourse_image_optim which uses a global timeout. 
Our previous solution has the timeout set at the worker level
which means the total timeout would be X timeout secs * N number of
workers.
 2018-07-09 10:30:18 +08:00
Sam
564e7e6898 FEATURE: update libv8 to version 6.7 
This has parity with stable Chrome!
 2018-07-09 09:08:25 +10:00
Sam
f662d1135e FIX: update mini_racer corrects erratic segfaults 
In some conditions mini_racer would segfault causing sidekiq crash or
web crash, this was automatically recovered from but not ideal.
 2018-07-06 11:00:07 +10:00
Guo Xiang Tan
3d2f3ef8ae Update discourse_image_optim gem. 2018-07-03 15:22:54 +08:00
Arpit Jalan
55a963252d bump onebox version 2018-07-02 10:36:26 +05:30
Joffrey JAFFEUX
ebd2be9e02
DEV: lower highline requirement 2018-06-27 22:50:00 +02:00
Arpit Jalan
2f5b7beace bump onebox version 2018-06-25 11:22:06 +05:30
Sam
da8c6e9ac0 bump mini_sql for faster/more correct time conversions 2018-06-24 15:17:47 +10:00
Arpit Jalan
a171464a55 bump onebox version 2018-06-20 16:47:55 +05:30
Guo Xiang Tan
bb959e85e6 Pin exifr to 1.2.5. 2018-06-20 17:27:46 +08:00
Sam
cb824a6b33 DEV: remove all calls to SqlBuilder use DB.build instead 
This is part of the migration to mini_sql, SqlBuilder.new is being
deprecated and replaced with DB.build
 2018-06-20 17:53:49 +10:00
Guo Xiang Tan
76707eec1b Update rails_multisite. 2018-06-20 15:11:41 +08:00
Arpit Jalan
ccb57e609f bump onebox version 2018-06-20 11:06:56 +05:30
Sam
2a8e7a5d4e upgrade gems 2018-06-20 10:07:56 +10:00
Sam
8ea29c51ae SECURITY: update sprockets for CVE-2018-3760 2018-06-20 09:49:26 +10:00
Sam
b8e5989201 correct rake db:create, which needs a defer DB object 2018-06-19 16:43:50 +10:00
Sam
5f64fd0a21 DEV: remove exec_sql and replace with mini_sql 
Introduce new patterns for direct sql that are safe and fast.

MiniSql is not prone to memory bloat that can happen with direct PG usage.
It also has an extremely fast materializer and very a convenient API

- DB.exec(sql, *params) => runs sql returns row count
- DB.query(sql, *params) => runs sql returns usable objects (not a hash)
- DB.query_hash(sql, *params) => runs sql returns an array of hashes
- DB.query_single(sql, *params) => runs sql and returns a flat one dimensional array
- DB.build(sql) => returns a sql builder

See more at: https://github.com/discourse/mini_sql
 2018-06-19 16:13:36 +10:00
Guo Xiang Tan
f4fdcda502 Upgrade to Rails 5.2 take 2. 2018-06-08 09:33:50 +08:00
Gerhard Schlager
c6bf8f6e24 FIX: Uploading JPEG files didn't work anymore 2018-06-07 17:39:27 +02:00
Sam
1834417e2f downgrade rails properly 2018-06-07 20:38:22 +10:00
Sam
d3b8ee761c revert to rails 5.1 for now 2018-06-07 19:47:53 +10:00
Sam
89ad2b5900 DEV: Rails 5.2 upgrade and global gem upgrade 
This updates tests to use latest rails 5 practice
and updates ALL dependencies that could be updated

Performance testing shows that performance has not regressed
if anything it is marginally faster now.
 2018-06-07 14:21:33 +10:00
Guo Xiang Tan
2bd905c632 Revert "Upgrade Rails to 5.1.6." 
This reverts commit ab66215f5c.
 2018-06-07 09:49:38 +08:00
Guo Xiang Tan
ab66215f5c Upgrade Rails to 5.1.6. 2018-06-07 08:34:36 +08:00
Régis Hanol
685083491e FEATURE: StackOverflow importer 2018-06-04 16:57:12 +02:00
Guo Xiang Tan
2bafd2a355 Don't pin version of Fabrication gem. 2018-05-28 15:09:02 +08:00
Arpit Jalan
1c61117cbc bump onebox version 2018-05-23 17:44:01 +05:30
Régis Hanol
8238097d0f bump email_reply_trimmer 2018-05-17 10:22:53 +02:00
Sam
fc54238726 FIX: message bus had corrupt internal state for first 30 secs 
This upgrades message bus to latest and corrects an issue where
it did not track the fact it was polling for the first 30 seconds

It corrected internal state after, but this caused some odd issues
 2018-05-16 12:19:16 +10:00
Guo Xiang Tan
b18e0825b5 Update Gemfile.lock. 2018-05-07 17:10:34 +08:00
Jeff Wong
91b31860a1
Feature: Push notifications for Android (#5792) 
* Feature: Push notifications for Android

Notification config for desktop and mobile are merged.

Desktop notifications stay as they are for desktop views.

If mobile mode, push notifications are enabled.

Added push notification subscriptions in their own table, rather than through
custom fields.

Notification banner prompts appear for both mobile and desktop when enabled.
 2018-05-04 15:31:48 -07:00
Arpit Jalan
c718c59b5d bump onebox version 2018-05-03 16:14:16 +05:30
Régis Hanol
ddb092f397 FIX: update mail gem to fix UTF-8 parsing issue 2018-04-25 21:53:37 +02:00
Arpit Jalan
256545ca2c bump onebox version 2018-04-23 15:18:19 +05:30
Sam
050ce48bd0 Update message bus to correct issue where too many reqs are performed 2018-04-20 15:52:24 +10:00
Guo Xiang Tan
9c9fa4537c Update Redis gems. 2018-04-20 12:49:36 +08:00
Guo Xiang Tan
56b3527eb8 Upgrade Sidekiq. 2018-04-20 11:47:40 +08:00
Sam
284c946128 revert puma upgrade for now 
it does not work right in dev
 2018-04-11 14:36:10 +10:00
dependabot[bot]
a89d7ef851 Bump puma from 3.9.1 to 3.11.3 
Bumps [puma](https://github.com/puma/puma) from 3.9.1 to 3.11.3.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v3.9.1...v3.11.3)

Signed-off-by: dependabot[bot] <support@dependabot.com>
 2018-04-10 16:09:30 +10:00
Guo Xiang Tan
689144b2bf Upgrade Mail gem. 2018-04-04 18:35:40 +08:00
Sam
98faf2878e FEATURE: bump rack-mini-profiler version 
This corrects a warning in chrome console and provides better jQuery 3 compatability
 2018-03-29 11:12:09 +11:00
Régis Hanol
2c1ede6e5f update email_reply_trimmer 2018-03-28 13:12:50 +02:00
Robin Ward
2ca37602d9 Update rack-protection 2018-03-26 12:49:54 -04:00
Robin Ward
84e1ffd141 Update rails-html-sanitizer 2018-03-26 12:48:28 -04:00
Arpit Jalan
3a62eba299 bump onebox version 2018-03-22 11:38:01 +05:30
Régis Hanol
25284d2340 update loofah gem 2018-03-21 13:32:28 +01:00
Régis Hanol
9c4936ec9c update sanitize gem 2018-03-21 13:27:17 +01:00
Arpit Jalan
3e32ab1523 UX: css for Instagram onebox 2018-03-19 13:32:36 +05:30
Guo Xiang Tan
8027096c09 Partially revert "Upgrade mail gem to remove dependency on mime-types." 
Still seeing heap_live_count spikes.

This reverts commit 58b8ea4f41.
 2018-03-14 20:21:45 +08:00
Guo Xiang Tan
58b8ea4f41 Upgrade mail gem to remove dependency on mime-types. 
* Use a EmailValidator.email_regexp for `Email.is_valid?`
  check as we're seeing an increase in allocation when
  parsing email addresses wih `Mail::Address`.
 2018-03-14 14:37:55 +08:00
Sam
685406b1bb try updating rubocop so it does not crash 2018-03-13 17:58:23 +11:00
Sam
39e679d3cb FEATURE: allow themes to live in private git repos 
This feature allows themes sourced from git to live on private
servers, it automatically generates key pairs.
 2018-03-09 16:14:38 +11:00
Guo Xiang Tan
bdb25338e5 Update bootsnap. 2018-03-06 17:37:02 +08:00
Gerhard Schlager
56bacb1c2f Bump onebox 2018-02-27 12:07:16 +01:00
Sam
79e0cd7f52 update onebox 2018-02-26 10:15:14 +11:00
Jeff Wong
f4f8a293e7 FEATURE: Implement 2factor login TOTP 
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
 2018-02-21 09:04:07 +08:00
Sam
80ec6ce4fd bump onebox 2018-02-21 10:06:17 +11:00
Sam
107eb5d830 FIX: binding_of_caller not working on Ruby 2.5 2018-02-19 11:37:16 +11:00
Sam
9d8df812dd PERF: upgrade Oj gem 2018-02-19 11:37:16 +11:00
Arpit Jalan
9bb7c3dcf0 bump onebox version 2018-02-16 21:32:25 +05:30
Sam
e456ae1b6c Revert "Upgrade mail gem to drop dependency on mime-types." 
This reverts commit 498cc15aa9.

Noticed a certain amount of extra allocations due to this upgrade,
reverting to confirm if this is the case
 2018-02-16 07:04:22 +11:00
Guo Xiang Tan
498cc15aa9 Upgrade mail gem to drop dependency on mime-types. 
Boot Memory Usage

```
Total allocated: 225695379 bytes (1990663 objects)
Total retained:  32795116 bytes (291607 objects)
```

```
Total allocated: 218342892 bytes (1897350 objects)
Total retained:  30123426 bytes (261198 objects)
```
 2018-02-15 16:24:26 +08:00
Sam
94b2c70c0d PERF: remove oga gem 
oga gem is automatically required by the aws gem
the oga gem retains about 1mb of memory, aws now uses nokogiri

This also removes the html normalize from the pretty text specs that was
a fair bit buggy as the polls test shows.
 2018-02-15 14:36:40 +11:00
Sam
c89b42c488 PERF: only require the rss library if used 
Before:

Total allocated: 257909321 bytes (2514134 objects)
Total retained:  39681579 bytes (343387 objects)

allocated memory by gem
-----------------------------------
  42875979  rss

retained memory by gem
-----------------------------------
   2080188  rss

retained objects by gem
-----------------------------------
     13052  rss

After:

Total allocated: 210562047 bytes (2252030 objects)
Total retained:  37433816 bytes (328635 objects)

----

So, 2 less megabytes on boot and 13000 objects stuck in ruby heaps forever.
 2018-02-15 13:11:33 +11:00
Rafael dos Santos Silva
218c8e8623
Merge pull request #5595 from discourse/new-gfycat-onebox 
New gfycat onebox
 2018-02-14 19:03:28 -02:00
Rafael dos Santos Silva
c3606fdef6 Update onebox 2018-02-14 17:43:13 -02:00
Robin Ward
0b13b82e94 Update nokogiri to latest version 2018-02-13 19:36:19 -05:00
Guo Xiang Tan
19b4116416 Bump rails_multisite to 2.0.4. 2018-02-12 15:39:21 +08:00
Guo Xiang Tan
5dabcc9081 Fix Gemfile.lock. 2018-02-12 14:08:02 +08:00
Guo Xiang Tan
87b0cc382b Bump rails_multisite to 2.0.3. 2018-02-12 14:03:04 +08:00
Régis Hanol
508a8e29ab update email_reply_trimmer to latest version 2018-02-06 01:04:45 +01:00
Sam
073d072aa6 correct lockfile 2018-01-29 18:28:59 +11:00
Sam
d2025e33cf FEATURE: bump rbtrace to latest 2018-01-23 15:36:47 +11:00
Sam
36ed8f5176 Correct regression where /sidekiq/scheduler was not working 2018-01-22 10:48:35 +11:00
Guo Xiang Tan
54dc191a91 Update rails_multisite to 2.0.1. 2018-01-19 10:19:16 +08:00
Sam
12872d03be PERF: run post timings in background 
This means that if a very large amount of registered users hit
a single topic we will handle it gracefully, even if db gets slow.
 2018-01-19 08:27:29 +11:00
Gerhard Schlager
5d7a33cd6d Update email_reply_trimmer to improve performance 2018-01-17 12:04:56 +01:00
Sam
8c47eb2951 update coderay 2018-01-17 15:50:41 +11:00
Arpit Jalan
a0f0ed576a bump onebox version 2018-01-11 23:15:25 +05:30
Arpit Jalan
afb18a5c41 bump onebox version 2018-01-11 14:30:35 +05:30
Sam
d5fd6d2639 PERF: defer message bus on hidden tabs so only one in 1.5 seconds happens 2018-01-09 12:39:17 +11:00
Guo Xiang Tan
74ec100aff Upgrade pg gem. 2018-01-08 10:27:19 +08:00
Régis Hanol
e3f8182125 FIX: Google Calendar oneboxes weren't working 2018-01-07 19:15:11 +01:00
Sam
8d4cd57662 Update libv8 from 5.9 to 6.3 2018-01-05 17:12:04 +11:00
Jano Suchal
05ec1be101 Drop the fork usage of fastimage (#5461) 
Fork is not needed anymore since fastimage 2.1.1 has been released with the needed PR merged in.
 2018-01-04 09:53:53 +01:00
Sam
030a0cd698 bump onebox for vimeo private link support 2017-12-29 09:38:25 +11:00
Arpit Jalan
b74e933cfb bump onebox version 2017-12-23 01:17:30 +05:30
Arpit Jalan
16076f9ab8 bump onebox version 2017-12-21 14:49:59 +05:30
Sam
fd67508497 FIX: don't count users as replying long after they are done typing 
Also, don't leak a large amount of redis usage for presence stuff
 2017-12-18 15:41:32 +11:00
Arpit Jalan
f9990eeb13 bump onebox version 2017-12-07 12:05:19 +05:30
Kyle Zhao
5f318a5241 FEATURE: Replace SimpleRSS with Ruby RSS module (#5311) 
* SPEC: PollFeedJob parsing atom feed

* add FeedItemAccessor

It is to provide a consistent interface to access a feed item's tag
content.

* add FeedElementInstaller

to install non-standard and non-namespaced feed elements

* FEATURE: replace SimpleRSS with Ruby RSS module

* get FinalDestination and download with Excon

* support namespaced element with FeedElementInstaller
 2017-12-06 10:45:09 +11:00
Arpit Jalan
7bbf137238 bump onebox version 2017-12-05 07:28:45 +05:30
Guo Xiang Tan
f5d45f797a Fix broken Gemfile.lock. 2017-12-04 11:28:45 +08:00
Guo Xiang Tan
78f09f0489 Logster 1.2.9 is the version we want to be at. 2017-12-04 11:05:14 +08:00
Guo Xiang Tan
846b047847 Revert "Revert "Upgrade logster."" 
This reverts commit 57ca4b20e2.
 2017-12-04 09:30:21 +08:00
Guo Xiang Tan
57ca4b20e2 Revert "Upgrade logster." 
This reverts commit 1376a86bcc.
 2017-12-01 17:32:49 +08:00
Guo Xiang Tan
1376a86bcc Upgrade logster. 2017-12-01 16:03:00 +08:00
Guo Xiang Tan
3053499375 Update mini_suffix. 2017-11-30 11:14:06 +08:00
Guo Xiang Tan
fffb7561c4 Update mini_suffix. 2017-11-29 17:07:41 +08:00
Guo Xiang Tan
8491c5fba5 UX: Replace heuristic solution for extracting root domain. 2017-11-29 16:26:46 +08:00
Arpit Jalan
64cdb4f7e8 bump onebox version 2017-11-27 12:21:47 +05:30
Guo Xiang Tan
c8157f6b07 Update seed-fu with PG10 support. 
https://meta.discourse.org/t/discourse-appears-to-be-broken-with-postgres-10/71723
 2017-11-27 10:26:59 +08:00
Arpit Jalan
abbb2b28eb bump onebox version 2017-11-25 15:53:18 +05:30
Sam
407d80f1dd FEATURE: update rack-mini-profiler to latest 2017-11-24 10:28:35 +11:00
Sam
8fd09fe616 FEATURE: upgrade message bus 
new version recovers very cleanly from redis flush
 2017-11-24 09:23:12 +11:00
Arpit Jalan
961a09ff14 bump onebox version 2017-11-23 17:45:08 +05:30
Arpit Jalan
211dac6f71 bump onebox version 2017-11-22 14:55:47 +05:30
Arpit Jalan
b8c9975429 bump onebox version 2017-11-21 11:10:44 +05:30
Guo Xiang Tan
89d9ffa884 EXPERIMENTAL: Allow logs to be shipped via different methods. 
See https://github.com/dwbutler/logstash-logger#uri-configuration for
a list of available methods.
 2017-11-15 09:11:33 +08:00
Sam
5427ca13b7 FEATURE: update rails multisite so we error out if RAILS_DB is invalid 2017-11-13 16:37:25 +11:00
Sam
86e6732f78 FEATURE: update rails multisite 
always allow /srv/status through even if host does not match
 2017-11-09 15:40:56 +11:00
Sam
fc7dca58fe UX: oneboxes with avatars now display consistently 
Onebox avatar size is reduced to 60px

Also fixes regression with some oneboxes not cooking after post
 2017-11-08 11:50:01 +11:00
Guo Xiang Tan
a97273e1a5 Update Unicorn to 5.3.1. 2017-11-06 11:22:58 +08:00
Arpit Jalan
253de41166 bump onebox gem version 2017-11-03 22:38:36 +05:30
Arpit Jalan
91438849d2 bump onebox version 2017-11-02 00:51:21 +05:30
Arpit Jalan
6b5bb9d664 bump onebox gem version 2017-11-01 15:50:23 +05:30
Guo Xiang Tan
d888d3c54c EXPERIMENTAL: Allow Logstash formatter to be enable for lograge logs. 2017-11-01 08:38:06 +08:00
Guo Xiang Tan
58bb3c14f6 Remove gem that is no longer used. 2017-10-31 14:13:54 +08:00
Guo Xiang Tan
d487be759c EXPERIMENTAL: Allow app to Logstash directly. 2017-10-27 22:56:32 +08:00
Guo Xiang Tan
90d6677d97 EXPERIMENTAL: Allow lograge to be selected as the logging library. 2017-10-27 17:54:45 +08:00
Guo Xiang Tan
db579f7917 Upgrade logster. 2017-10-27 12:13:52 +08:00
Guo Xiang Tan
09e7c1ce8a Update Rubocop. 2017-10-23 12:03:31 +08:00
Guo Xiang Tan
a88f910469 Bump message_bus to 2.0.8. 2017-10-06 08:33:46 +08:00
Guo Xiang Tan
a25851032a Update Sidekiq. 2017-10-05 13:59:21 +08:00
Sam
ac01885b60 FEATURE: rake tasks for uploading assets to S3 
This opens the door to serving application.js and so on from s3.

Also updates s3 gem for some tagging support
 2017-10-03 18:00:53 +11:00
Guo Xiang Tan
f1d8ed6aaf Update lock file. 2017-10-03 14:59:25 +08:00
Guo Xiang Tan
7e059a5a6e Upgrade Rails to 5.1.4. 2017-10-03 14:56:44 +08:00
Sam
9fa575dca1 Update message bus 
This corrects a rare race condition.
 2017-10-02 15:21:45 +11:00
Sam
41261b32a5 FIX: update message bus 
- Corrects broken short polling
- Corrects after fork
 2017-09-29 16:58:12 +10:00
Guo Xiang Tan
d442da9fdd SECURITY: Update Nokogiri. 2017-09-25 20:06:58 +08:00
Guo Xiang Tan
77d4c4d8dc Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
Guo Xiang Tan
898ee93547 Upgrade to Rails 5. 2017-09-25 10:01:22 +08:00
Guo Xiang Tan
d58de2b484 Install Ruby-Prof. 2017-09-25 10:01:22 +08:00
Gerhard Schlager
0960e2dd67 bump onebox version 2017-09-18 14:25:56 +02:00
Gerhard Schlager
619864bc70 update email_reply_trimmer to latest 2017-09-14 17:20:55 +02:00
Arpit Jalan
eafab41a2c bump onebox version 2017-08-17 13:10:11 +05:30
Sam
91f0f76fb1 update message bus to ruby 2.0 packaged version 2017-08-16 15:05:39 -04:00
Sam Saffron
d27e81a296 Perf: update message_bus to latest 2017-08-16 07:50:12 -04:00
Bianca Nenciu
1c079bec33 Remove Spork dependency. 2017-08-10 22:54:52 +01:00
Régis Hanol
9aa49e922c let's use the latest omniauth-github gem 2017-08-07 10:43:54 +02:00
Régis Hanol
ad20f59897 FIX: couldn't upload SVG with a DOCTYPE 2017-08-07 10:32:35 +02:00
Arpit Jalan
447e4386ee bump onebox version 2017-08-03 13:37:22 +05:30
Guo Xiang Tan
54f09ca59d Install rubocop in development mode. 2017-08-01 10:51:44 +09:00
Erick Guan
f1eccd113c Replace rmmseg gem for cppjieba_rb since better dictionary (#5006) 
* Rename locale to ts config in search module to make it clear

* Replace rmmese-cpp for cppjieba_rb
 2017-07-31 15:28:48 -04:00
Régis Hanol
cae437850e update email_reply_trimmer to latest 2017-07-31 11:21:41 +02:00
Guo Xiang Tan
358d245dd8 Upgrade Rails to 4.2.9. 2017-07-31 15:37:46 +09:00
Sam
9d774a951a Update libv8 and benchmark 2017-07-26 10:59:41 -04:00
Sam Saffron
045a2abcec FEATURE: remove the timecop gem 
We should only have one way of mocking time, misuse of timecop
was causing build stability issues
 2017-07-24 12:11:10 -04:00
Arpit Jalan
eb6c5a54ea bump onebox version 2017-07-20 22:31:01 +05:30
Sam
38daa61fc7 FEATURE: libv8 upgraded to version 5.7 
corresponds more or less with Chrome 57
 2017-07-18 10:55:51 -04:00
Sam Saffron
d0c5205a52 Feature: Change markdown engine to markdown it 
This commit removes the old evilstreak markdownjs engine.

- Adds specs to WhiteLister and changes it to stop using globals
    (Fixes large memory leak)
- Fixes edge cases around bbcode handling
- Removes mdtest which is no longer valid (to be replaced with
    CommonMark)
- Updates MiniRacer to correct minor unmanaged memory leak
- Fixes plugin specs
 2017-07-17 11:41:34 -04:00
Robin Ward
c786700817 Upgrade onebox for a simple video fix 2017-07-10 14:20:07 -04:00
Robin Ward
7906c9ce29 Update onebox gem for Trello support 2017-07-07 10:45:22 -04:00
Robin Ward
2f480e21a0 Stop using Babel source gem, which is no longer updated 2017-07-05 14:19:16 -04:00
Sam
234694b50f Feature: CommonMark support 
This adds the markdown.it engine to Discourse.
https://github.com/markdown-it/markdown-it

As the migration is going to take a while the new engine is default
disabled. To enable it you must change the hidden site setting:
enable_experimental_markdown_it.

This commit is a squash of many other commits, it also includes some
improvements to autospec (ability to run plugins), and a dev dependency
on the og gem for html normalization.
 2017-06-23 12:01:33 -04:00
Robin Ward
94ab194a7f Adds support for Github oneboxes to commits in pull requests 2017-06-22 15:46:07 -04:00
Sam
2181e995f1 remove sinatra 2017-06-19 13:49:11 -04:00
Guo Xiang Tan
be44e4b730 Update Sidekiq. 2017-06-19 14:20:54 +09:00
Guo Xiang Tan
d82dbd565b FIX: Remove dependency on rest-client. 2017-06-16 09:42:41 +09:00
Robin Ward
8ae445766f Upgrade Ember to 2.13 2017-06-15 10:12:07 -04:00
Régis Hanol
5d63a7f4a6 FIX: pull hotlinked images even when they have no extension 2017-06-13 13:27:05 +02:00
Guo Xiang Tan
3acc9941dd Merge pull request #4920 from greysteil/dependabot/bundler/mail-2.6.6 
Bump mail from 2.6.6.rc1 to 2.6.6
 2017-06-12 18:00:08 +09:00
dependabot[bot]
d43b46d09b Bump mail from 2.6.6.rc1 to 2.6.6 
Bumps [mail](https://github.com/mikel/mail) from 2.6.6.rc1 to 2.6.6.
- [Changelog](https://github.com/mikel/mail/blob/master/CHANGELOG.rdoc)
- [Commits](https://github.com/mikel/mail/commits/v2.6.6)
 2017-06-10 07:03:22 +00:00
Robin Ward
b5bead1fe3 FIX: Don't use target=_blank for local oneboxes 2017-06-09 12:15:36 -04:00
dependabot[bot]
63eb298089 Bump puma from 3.6.0 to 3.9.1 
Bumps [puma](https://github.com/puma/puma) from 3.6.0 to 3.9.1.
- [Release notes](https://github.com/puma/puma/releases/tag/v3.9.1)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v3.6.0...v3.9.1)
 2017-06-08 14:37:02 +00:00
Guo Xiang Tan
ff1154b523 Update Sidekiq to 5.0.x. 2017-06-08 07:15:13 +09:00
Guo Xiang Tan
22ecbf1249 More gem updates. 2017-06-08 07:14:22 +09:00
Guo Xiang Tan
61a4711e83 Update i18n. 2017-06-07 11:13:21 +09:00
Guo Xiang Tan
24cf302753 Update nokogiri. 2017-06-07 11:13:07 +09:00
Guo Xiang Tan
5332f25aa9 Update gems in development group. 2017-06-07 11:12:44 +09:00
Robin Ward
369bb78f8e FIX: Support for cookies in onebox redirects 2017-06-06 15:02:11 -04:00
Robin Ward
4b82d4fb15 Upgrade Ember to latest patch 2017-06-05 14:39:04 -04:00
Robin Ward
3acabf3e2f FIX: Improved Amazon oneboxing for some URLs 2017-06-02 16:53:40 -04:00
Robin Ward
c4b6420455 Update Onebox for better Twitch support 2017-06-01 16:23:47 -04:00
Robin Ward
19d5eb903c SECURITY: Vunerability in mail gem 
(see https://github.com/mikel/mail/pull/1097)
 2017-06-01 14:51:30 -04:00
Sam
3384a7dd2a proper bootsnap release 2017-05-26 13:26:45 -04:00
Sam
076f079d17 bootsnap upgrade 
see: https://github.com/Shopify/bootsnap/pull/43#issuecomment-304281474
 2017-05-26 09:37:18 -04:00
Guo Xiang Tan
56f98de7b2 Use webmock to stub external web requests. 2017-05-26 15:19:09 +08:00
Robin Ward
8bc93c0b01 FEATURE: Add custom User-Agent to Discourse Oneboxes 2017-05-24 12:19:36 -04:00
Robin Ward
29755be139 Remove bundle-audit, it is not updated frequently enough 2017-05-18 12:31:19 -04:00
Sam
851876acfa update miniprofiler to clean up errors 2017-05-17 15:35:18 -04:00
Robin Ward
1870089cf1 Include latest onebox fix 2017-05-17 15:21:40 -04:00
Sam
17f75bc95e FIX: bump mini profiler to support sub folders 2017-05-17 13:51:31 -04:00
Sam
bdd4a9e69d update nokogiri 2017-05-17 11:33:20 -04:00
Robin Ward
e865a44b93 FIX: Forgot to lock gem 2017-05-15 13:35:28 -04:00
Guo Xiang Tan
d5f823dae5 Fix the build on travis. 2017-05-15 19:48:14 +08:00
Robin Ward
49a30a7532 FIX: Include new onebox fixes 2017-05-12 14:25:15 -04:00
Sam
961dc0480d update bootsnap 2017-05-12 09:45:28 -04:00
Sam
704101253d add bootsnap to speed up test and dev 2017-05-11 13:51:38 -04:00
Régis Hanol
9641d2413d REFACTOR: upload workflow creation into UploadCreator 
- Automatically convert large-ish PNG/BMP to JPEG
- Updated fast_image to latest version
 2017-05-11 00:16:57 +02:00
Guo Xiang Tan
a470bce8fb Update mail gem to 2.6.5 for a slightly smaller memory footprint. 2017-05-03 17:02:47 +08:00
Guo Xiang Tan
8d04afc01b Update OJ. 2017-05-03 16:52:02 +08:00
Guo Xiang Tan
862052fca8 Update rack-mini-profiler. 2017-05-03 16:52:02 +08:00
Guo Xiang Tan
f81d39114d Update RSpec's dependency to fix deprecation warning. 2017-04-26 16:21:51 +08:00
Guo Xiang Tan
b00886f5c1 Remove sidekiq-statistic gem. 
* We don't really use it and there is an on-going issue
  with the gem not expiring keys in a Redis list which
  hasn't been fully resolved.

  https://github.com/davydovanton/sidekiq-statistic/issues/73
 2017-04-26 14:54:47 +08:00
Sam Saffron
587653ad73 remove bootsnap till we sort out linux 2017-04-25 14:55:18 -07:00
Sam Saffron
1ae67a21f5 FEATURE: add support for bootsnap in dev 
To use bootsnap which speeds up rails boot add

BOOTSNAP=1 to your env
 2017-04-25 10:15:12 -07:00
Sam
0b3aec9c94 FEATURE: set UNICORN_STATS_SOCKET_DIR for status socket 
eg:

sam@ubuntu stats_sockets % socat - UNIX-CONNECT:9622.sock
gc_stat
{"count":46,"heap_allocated_pages":2459,"heap_sorted_length":2460,"heap_allocatable_pages":0,"heap_available_slots":1002267,"heap_live_slots":647293,"heap_free_slots":354974,"heap_final_slots":0,"heap_marked_slots":503494,"heap_swept_slots":498773,"heap_eden_pages":2459,"heap_tomb_pages":0,"total_allocated_pages":2459,"total_freed_pages":0,"total_allocated_objects":4337014,"total_freed_objects":3689721,"malloc_increase_bytes":6448248,"malloc_increase_bytes_limit":29188387,"minor_gc_count":36,"major_gc_count":10,"remembered_wb_unprotected_objects":19958,"remembered_wb_unprotected_objects_limit":39842,"old_objects":462019,"old_objects_limit":895782,"oldmalloc_increase_bytes":6448696,"oldmalloc_increase_bytes_limit":19350882}
 2017-04-21 11:37:03 -04:00
Guo Xiang Tan
d7b446c174 Install discourse_image_optim gem for now. 2017-04-20 15:14:39 +08:00
Sam
6e5296a510 FEATURE: upgrade sprockets to latest stable 
This unlocks Rails upgrades, so we can now upgrade to latest Rails
 2017-04-17 10:12:05 -04:00
Guo Xiang Tan
04016f0dec Support Ruby 2.4. 2017-04-15 12:29:00 +08:00
Guo Xiang Tan
86efc57390 FIX: Onebox's dependencies were not updated. 2017-04-15 11:39:51 +08:00
Sam
22214f5e5c Upgrade the Listen gem 2017-04-13 10:39:36 -04:00
Guo Xiang Tan
f48022b674 Upgrade Rails to 4.2.8. 2017-04-13 10:17:09 +08:00
Régis Hanol
a5f1c57a70 bump onebox 2017-04-13 00:49:22 +02:00
Guo Xiang Tan
0165b22b76 Bump onebox. 2017-04-13 06:31:25 +08:00
Sam
a3e8c3cd7b FEATURE: Native theme support 
This feature introduces the concept of themes. Themes are an evolution
of site customizations.

Themes introduce two very big conceptual changes:

- A theme may include other "child themes", children can include grand
children and so on.

- A theme may specify a color scheme

The change does away with the idea of "enabled" color schemes.

It also adds a bunch of big niceties like

- You can source a theme from a git repo

- History for themes is much improved

- You can only have a single enabled theme. Themes can be selected by
    users, if you opt for it.

On a technical level this change comes with a whole bunch of goodies

- All CSS is now compiled using a custom pipeline that uses libsass
    see /lib/stylesheet

- There is a single pipeline for css compilation (in the past we used
    one for customizations and another one for the rest of the app

- The stylesheet pipeline is now divorced of sprockets, there is no
   reliance on sprockets for CSS bundling

- CSS is generated with source maps everywhere (including themes) this
    makes debugging much easier

- Our "live reloader" is smarter and avoid a flash of unstyled content
   we run a file watcher in "puma" in dev so you no longer need to run
   rake autospec to watch for CSS changes
 2017-04-12 10:53:49 -04:00
Guo Xiang Tan
4cb6880766 Upgrade image_optim. 2017-04-12 10:38:17 -04:00
Robin Ward
28da0549b6 Update facebook login gem 2017-03-27 16:52:09 -04:00
Guo Xiang Tan
9f299b6842 Use after_commit since after_save runs within the transaction as well. 2017-03-16 16:02:34 +08:00
Régis Hanol
60dc531531 bump onebox 2017-03-13 16:31:41 +01:00
Sam
ab3faeb0f9 PERF: user mini racer to uglify assets 2017-03-09 16:44:50 -05:00
Guo Xiang Tan
c4e22a12f9 Bump Redis. 2017-03-09 18:40:07 +08:00
Robin Ward
890f1bde89 FIX: Add thor to Gemfile. We need it for our CLI tool. 2017-03-02 13:36:06 -05:00
Robin Ward
bcbe474856 FIX: Don't raise DownloadTooLarge, just do nothing 2017-02-17 14:08:54 -05:00
Arpit Jalan
75f154b177 bump onebox 2017-02-08 12:08:41 +05:30
Arpit Jalan
be9230cba2 bump onebox 2017-02-07 00:35:05 +05:30
Régis Hanol
ba115480ba FIX: wasn't extracting links to quoted posts 2017-02-06 14:45:04 +01:00
Sam
a898d6a02a FIX: silence and quiet logger not thread safe 
This caused info/warning to be consistently missing
in dev mode when using puma
 2017-01-31 15:44:46 -05:00
Régis Hanol
cb1b24b594 bump onebox 2017-01-27 11:49:01 +01:00
Robin Ward
396557bae9 SECURITY: Prevent large onebox downloads, better timeout support 2017-01-25 14:55:54 -05:00
Sam Saffron
1a45fe94a2 drop thin, it is no longer supported 2017-01-20 08:11:36 -05:00
Arpit Jalan
b741adb364 bump onebox version 2017-01-20 00:55:12 +05:30
Régis Hanol
07660ecedb bump onebox 2017-01-19 00:28:37 +01:00
Guo Xiang Tan
b2162b910b Update rbtrace to work on 2.4.0. 2017-01-16 08:06:09 +08:00
Sam Saffron
e90af4f2de FEATURE: Update omniauth twitter as prep for Ruby 2.4 support 2017-01-14 20:10:09 -05:00
Régis Hanol
f3a325ac0f bump onebox 2017-01-11 21:55:31 +01:00
Régis Hanol
d39afa9501 bump onebox 2017-01-06 16:37:38 +01:00
Arpit Jalan
51386bd339 bump onebox version 2017-01-06 19:50:16 +05:30
Régis Hanol
107d1bb357 bump onebox 2017-01-04 19:56:12 +01:00
Arpit Jalan
69b79ea3f9 bump onebox version 2017-01-04 01:26:10 +05:30
Sam Saffron
920050c3ec remove conditional support for ruby 2.0 2016-12-29 16:32:23 +11:00
Sam Saffron
65c40feb32 upgrade libv8 so it installs better on mac 2016-12-29 16:29:37 +11:00
Sam
4bc57f3686 update memory profiler 2016-12-23 12:58:44 +11:00
Sam
c531f4ded5 remove rails-observers 
Rails yanked out observers many many years ago, instead the functionality
was yanked out to a gem that is very lightly maintained.

For example: if we want to upgrade to rails 5 there is no published gem

Internally the usage of observers had quite a few problem.

The series of refactors renamed a bunch of classes to give us more clarity
and removed some magic.
 2016-12-22 16:46:53 +11:00
Robin Ward
71dd94e92d FIX: Didn't mean to upgrade sprockets version with Ember 2016-12-21 10:39:45 -05:00
Régis Hanol
eaa40756a8 bump onebox 2016-12-21 16:34:26 +01:00
Sam
ea9f7a41af remove gctools (no longer used) add gctracer for debugging 2016-12-20 15:07:30 +11:00
Robin Ward
e03d5e2140 Reapply Ember 2.10 for good this time! 
This reverts commit ddd299f4aa.
 2016-12-19 11:19:10 -05:00
Sam
7918d99a2e SECURITY: update onebox gem 2016-12-19 13:17:51 +11:00
Robin Ward
ddd299f4aa Revert "Revert "Revert Ember 2.10+ for a short while"" 
This reverts commit 76bbc481cb.
 2016-12-16 10:29:30 -05:00
Robin Ward
76bbc481cb Revert "Revert Ember 2.10+ for a short while" 
This reverts commit 21682fd60b.
 2016-12-16 09:52:29 -05:00
Robin Ward
21682fd60b Revert Ember 2.10+ for a short while 2016-12-15 16:43:38 -05:00
Robin Ward
a149913c4d FIX: Template compilation was broken 2016-12-15 10:28:15 -05:00
Robin Ward
28699e66d8 Revert "REVERT: Ember 2.10 -- it's not building properly" 
This reverts commit 600541c623.
 2016-12-15 10:28:15 -05:00
Guo Xiang Tan
e765e64cb1 Bump onebox for fixes. 2016-12-15 16:18:48 +08:00
Robin Ward
4648e32ed1 SECURITY: Update to latest onebox gem 2016-12-14 12:49:18 -05:00
Guo Xiang Tan
20f9aad539 Merge pull request #4599 from tgxworld/remove_rspec_given 
Remove RSpec given.
 2016-12-14 17:42:30 +08:00
Guo Xiang Tan
18f400e652 Remove RSpec given. 2016-12-14 10:29:22 +08:00
Neil Lalonde
3b20e8b094 update onebox gem to 1.6.3 2016-12-13 16:30:49 -05:00
Robin Ward
600541c623 REVERT: Ember 2.10 -- it's not building properly 2016-12-12 16:19:05 -05:00
Robin Ward
a808bcb0b8 Upgrade to Ember 2.10 2016-12-12 14:44:29 -05:00
Robin Ward
765e5e9186 Upgrade to Ember 2.9 2016-12-12 14:44:29 -05:00
Régis Hanol
3cc6fabb62 bump onebox 2016-11-30 16:29:36 +01:00
Régis Hanol
6725464d31 bump onebox 2016-11-29 15:46:10 +01:00
Régis Hanol
671e230490 bump onebox 2016-11-28 15:35:10 +01:00
Robin Ward
2d3518f475 Enable newer version of Ember 2016-11-25 10:09:58 -05:00
Régis Hanol
1de28ce8be bump onebox 2016-11-21 17:20:55 +01:00
Guo Xiang Tan
00c0410fc7 Bump rails_multisite. 2016-11-18 12:06:47 +08:00
Guo Xiang Tan
6e10fc3f11 Revert "Rollback Rails Multisite - seems to have a bug" 
This reverts commit ed1720cd02.
 2016-11-18 11:07:46 +08:00
Régis Hanol
343396e182 bump email_reply_trimmer 2016-11-17 23:33:16 +01:00
Robin Ward
ed1720cd02 Rollback Rails Multisite - seems to have a bug 2016-11-17 16:10:54 -05:00
Régis Hanol
17f2be9f88 FEATURE: new 'enable_forwarded_email' site setting 2016-11-16 19:42:11 +01:00
Guo Xiang Tan
0d295cc7b9 Bump onebox for fixes. 2016-11-14 21:51:37 +08:00
Régis Hanol
80769a5acd bump onebox version 2016-11-14 10:45:13 +01:00
Guo Xiang Tan
8967357924 Update rails_multisite. 2016-11-14 09:56:34 +08:00
Régis Hanol
6b65c009e1 bump onebox 2016-11-07 22:22:25 +01:00
Arpit Jalan
36127b6eca update onebox gem 2016-11-06 15:23:18 +05:30
Guo Xiang Tan
83de81930f Update gems. 2016-11-04 09:02:09 +08:00
Guo Xiang Tan
3277fb1c78 Remove unused gem. 2016-11-04 08:30:49 +08:00
Régis Hanol
3255a215ec bump onebox 2016-11-03 01:46:46 +01:00
Sam
a5bf3b88a7 FIX: mini_racer will no longer Dispose forked isolates 2016-11-02 22:20:29 +11:00
Sam
55e33414bb update mini_racer to latest version 2016-10-25 13:21:02 +11:00
Guo Xiang Tan
becff2de4d Update gems. 2016-10-14 11:01:35 +08:00
Régis Hanol
726eb7bdca bump email_reply_trimmer to latest version 2016-10-12 19:57:05 +02:00
Arpit Jalan
bd03061028 update onebox gem version 2016-10-10 00:37:56 +05:30
Sam
846a08d3c7 FIX: improve error results for message bus failures 2016-08-25 15:39:39 +10:00
Arpit Jalan
4f25010844 bump onebox version 2016-08-23 18:12:51 +05:30
Guo Xiang Tan
9144fe5dc7 Update aws-sdk gem. 2016-08-15 12:15:46 +08:00
Guo Xiang Tan
b89489b65c SECURITY: Upgrade Rails. 2016-08-13 09:25:06 +08:00
Arpit Jalan
e5695b573e bump onebox version 2016-08-11 19:48:08 +05:30
Arpit Jalan
6946efce91 bump onebox version 2016-08-10 19:25:24 +05:30
Arpit Jalan
90d4ea7099 bump onebox version 2016-08-08 20:40:50 +05:30
Guo Xiang Tan
463b536b85 Bump onebox. 2016-08-02 15:49:05 +08:00
Guo Xiang Tan
d55da4fe1b Revert "Revert "Update rails."" 
This reverts commit 4d27d7e1d3.
 2016-07-18 11:00:23 +08:00
Robin Ward
4d27d7e1d3 Revert "Update rails." 
This reverts commit 898ec43989.
 2016-07-15 16:35:57 -04:00
Guo Xiang Tan
9353013b40 Merge pull request #4332 from tgxworld/bunch_of_fixes_for_backup 
Bunch of fixes for backup
 2016-07-15 17:26:30 +08:00
Guo Xiang Tan
898ec43989 Update rails. 2016-07-15 13:18:30 +08:00
Guo Xiang Tan
5f5e045271 Update aws-sdk. 2016-07-15 11:35:18 +08:00
Arpit Jalan
c7bbc1cebf update onebox gem 2016-07-13 21:54:49 +05:30
Guo Xiang Tan
11ccce5a27 Bump logster. 2016-07-11 15:14:07 +08:00
Arpit Jalan
ad16329b5c Update onebox gem 2016-06-29 21:31:50 +05:30
Guo Xiang Tan
9ed79d8ecd
Add Bullet gem to detect N+1 queries. 2016-06-28 09:29:42 +08:00
Sam
7f78cf3f1a update message bus to release gem 2016-06-21 10:10:54 +10:00
Régis Hanol
5e2545a578 FEATURE: improve support for (whitelisted) SVGs as images 2016-06-20 10:22:13 +02:00
Sam
9416c93a23 SECURITY: update logster 2016-06-20 12:12:48 +10:00
Sam
3160cdf2f4 update nokogiri to stable 2016-06-07 16:54:36 +10:00
Régis Hanol
11e303e278 update discourse_fastimage to latest (add support for SVG with doctype) 2016-06-06 17:11:16 +02:00
Guo Xiang Tan
cb5be1fe8f
Upgrade rspec to 3.4.0. 2016-05-30 11:38:38 +08:00
Arpit Jalan
5ec98e7ec5 update onebox gem 2016-05-25 21:53:42 +05:30
Sam
64e59564dd update gems 2016-05-23 12:23:15 +10:00
Sam
f06266f31e execjs 2.7 was just released to support mini_racer 2016-05-23 09:57:37 +10:00
Sam
695773db1c FEATURE: upgrade from therubyracer to mini_racer 
This pushes our internal V8 JavaScript engine from Chrome 32 to 50.

It also resolves some long standing issues we had with the old wrapper.
 2016-05-23 09:57:15 +10:00
Sam
d2e0ee6222 SECURITY: update rack-mini-profiler 2016-05-18 18:32:34 +10:00
Sam
75d8e6f1ec We need latest nokogiri so it compiles with Ruby 2.3.1 2016-05-17 16:12:06 +10:00
Sam
a13b48e001 upgrade profiling gems 2016-05-13 18:30:03 +10:00
Sam Saffron
cefcc81ced bump in lockfile 2016-05-11 12:29:32 +10:00
Sam Saffron
fb513fc936 another messagebus upgrade to work around rubygems bug 2016-05-11 12:01:00 +10:00
Sam Saffron
d0b9b69cba FIX: message_bus upgrade to correct CORS issue 2016-05-11 10:42:34 +10:00
Sam Saffron
2cda3c1e6b upgrade sidekiq to fix redis leak 2016-05-08 21:23:13 +10:00
Sam Saffron
c209155521 upgrade eventmachine so it compiles more easily on mac 2016-05-08 21:21:58 +10:00
Sam
5d165c19b8 update logster 2016-05-05 14:54:25 +10:00
Régis Hanol
df14926e42 SECURITY: check magic bytes before using ImageMagick tools 2016-05-03 21:54:07 +02:00
Guo Xiang Tan
44868c9e77
Update message_bus. 2016-05-03 13:37:35 +08:00
Guo Xiang Tan
cd4ffccb4a
Upgrade onebox. 2016-04-21 16:09:21 +08:00
Guo Xiang Tan
256d7a00e9 Update sprockets. (#4167) 
* Update sass-rails.

* FIX: Tilt dependency has been removed from Ember::Handlebars::Template.

* Update `DiscourseIIFE` to new Sprockets API.

* `Rails.application.assets` returns `nil` in production.

* Move sprockets-rails out of the assets group.

* Pin ember-rails to 0.18.5 which works with Sprockets 3.x.

* Update sprockets to 3.6.0.

* Make `DiscourseSassCompiler` work with Sprockets 3.

* Use `Sass::Rails::SassImporterGlobbing` instead of haxxing our own.

* Moneky patch so that we don't add dependencies for our custom css.

* FIX: Missing class.

* Upgrade ember-handlebars-template.

* FIX: require path needs to share the same root as the folder's path.

* Bump discourse-qunit-rails.

* Update ember-template-compiler.js to 1.12.2.

* `prepend` is private in Ruby 2.0.0.
 2016-04-18 10:47:52 +08:00
Guo Xiang Tan
4c855047c1 Update rails_multisite. 2016-04-04 11:26:29 +08:00
Régis Hanol
59a2720b2a update email_reply_trimmer 2016-03-31 19:06:36 +02:00
Arpit Jalan
b55d3b240b Update onebox gem 2016-03-30 21:02:29 +05:30
Arpit Jalan
e763337f87 update onebox gem 2016-03-29 19:06:19 +05:30
Régis Hanol
480e8d0dc7 update 'email_reply_trimmer' to latest version 2016-03-29 12:35:50 +02:00
Sam
24630f6b54 update puma dependency 2016-03-29 17:12:15 +11:00
Guo Xiang Tan
2af4e4152e Update Logster. 2016-03-29 14:02:34 +08:00
Guo Xiang Tan
8e4e545929 Bump onebox. 2016-03-29 09:35:22 +08:00
Guo Xiang Tan
936b55faad Upgrade Rails to 4.2.6. 2016-03-24 09:31:19 +08:00
Guo Xiang Tan
8fea5ad35e Update Logster. 2016-03-22 15:24:11 +08:00
Guo Xiang Tan
54bdcd9b98 Update to new rate limit Redis config. 2016-03-21 14:00:50 +08:00
Sam
963d558bee update message bus 2016-03-11 14:17:06 +11:00
Régis Hanol
6e3dcdeea1 update email_reply_trimmer to latest 2016-03-07 19:17:14 +01:00
Sam
995f13d442 missing gem 2016-03-07 14:30:13 +11:00
Sam Saffron
67995b3926 update rack-mini-profiler 
minor change previously expanded timings will collapse on transition.
 2016-03-06 22:56:23 +11:00
Sam Saffron
ce040bfa56 FEATURE: upgrade rack-mini-profiler 
new version is collapsed so screen does not fill with timings. expands on click
 2016-03-06 22:22:45 +11:00
Régis Hanol
1135d2094a Merge pull request #4006 from scossar/set-locale-from-header 
Feature: (WIP) Set locale from Accept-Language header
 2016-03-04 09:12:30 +01:00
Sam
a45dd6e491 update rails 2016-03-01 15:58:30 +11:00
Sam
5dd746d61f Upgrade message bus to latest 2016-02-29 10:54:40 +11:00
scossar
0a396583ed set locale for anonymous from header 
set locale on signup

update spec

add locale option
 2016-02-26 13:45:00 -08:00
Arpit Jalan
5f747a74a1 Update onebox version 2016-02-22 16:05:40 +05:30
Guo Xiang Tan
c852fb83d0 Upgrade Logster. 2016-02-22 15:18:25 +08:00
Guo Xiang Tan
afa4e58efd Revert "SECURITY: Upgrade Sprockets." 
This reverts commit 1a0a364503.
 2016-02-19 15:52:47 +08:00
Guo Xiang Tan
1a0a364503 SECURITY: Upgrade Sprockets. 
* Advisory: CVE-2014-7819
* URL: https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY
 2016-02-19 10:10:25 +08:00
Régis Hanol
3b9223c5da bump email_reply_trimmer to latest version 2016-02-18 16:56:45 +01:00
Régis Hanol
1beb6070aa update email_reply_trimmer to latest version 2016-02-08 18:29:49 +01:00
Régis Hanol
e8969b0c34 use bug-free version of email_reply_trimmer gem 2016-02-04 17:06:12 +01:00
Régis Hanol
5ee845fc5f update email_reply_trimmer to latest version 2016-02-04 16:39:57 +01:00
Régis Hanol
46b6c55197 FIX: replace 'discourse_email_parser' with 'email_reply_trimmer' to better trim replies from plain text emails 
FIX: undefined method `number_to_human_size' when email contains attachments
 2016-01-30 01:29:31 +01:00
Guo Xiang Tan
9b9f0ab4af Upgrade omniauth-google-oauth2. 2016-01-29 23:14:51 +08:00
Arpit Jalan
2e4d668ff1 bump onebox version 2016-01-26 23:06:32 +05:30
Guo Xiang Tan
33a7651ad6 SECURITY: Upgrade rails. 2016-01-26 12:01:57 +08:00
Guo Xiang Tan
0e73660c8d Remove addressable from Discourse. 2016-01-25 18:34:58 +08:00
Arpit Jalan
4e8a2981a7 downgrade omniauth-oauth2 gem 2016-01-19 00:50:58 +05:30
Arpit Jalan
85f51f8b57 update onebox version 2016-01-18 21:28:29 +05:30
Arpit Jalan
ea1a0e31ee update onebox version 2016-01-18 00:54:21 +05:30
Robin Ward
4bbbdd8dc4 SECURITY: Upgrade Ember to fix CVE-2015-7565. Also upgrade Handlebars 2016-01-15 13:57:45 -05:00
Robin Ward
7a28338a07 Revert "SECURITY: Upgrade Ember to fix CVE-2015-7565" 
This reverts commit 211521df4f.
 2016-01-15 11:39:07 -05:00
Robin Ward
211521df4f SECURITY: Upgrade Ember to fix CVE-2015-7565 2016-01-15 11:31:02 -05:00
Sam Saffron
38c63c2185 update google oauth 
early versions are not working with omniauth so we are stuck with this and addressable
 2016-01-11 23:48:31 +11:00
Sam Saffron
da25502bed downgrade google omniauth 2016-01-11 23:29:01 +11:00
Sam Saffron
61650edfd4 big gem update 2016-01-11 18:17:13 +11:00
Sam Saffron
341714e270 various gem updates 2016-01-11 17:35:09 +11:00
Sam Saffron
c2e45c8377 Update annotate and annotate models 2016-01-11 17:30:56 +11:00
Sam
eaab27325d upgrade message_bus, had stray console.log :( 2016-01-06 20:20:23 +11:00
Sam Saffron
93855db158 FEATURE: upgrade message_bus 
New version has support for chunked encoding, this cuts down
significantly on network usage when lots of messages are sent

We no longer have to re-establish a connection after we get a message,
 we simply reuse.
 2016-01-05 21:39:25 +11:00
Arpit Jalan
fcf08f3ed5 update onebox version 2016-01-02 00:20:33 +05:30
Sam Saffron
426299d261 FEATURE: upgrade to Sidekiq 4 2016-01-01 15:40:31 +11:00
Sam
af91d6f35b Revert "FEATURE: upgrade sidekiq to version 4.0" 
This reverts commit af93a1d94c.

We need to wait a bit to clean up our internal API usage.
 2015-12-31 16:35:02 +11:00
Sam
af93a1d94c FEATURE: upgrade sidekiq to version 4.0 2015-12-31 16:14:58 +11:00
Guo Xiang Tan
c4b1817583 FIX: Update vulnerable gems. 2015-12-26 14:02:42 +08:00
Arpit Jalan
797e179e2d update onebox gem 2015-12-26 10:22:57 +05:30
Sam
f3e24bac4f we need spork rails to run our specs 2015-12-21 16:47:42 +11:00
Sam
2e6af399a8 update rails, remove spork 2015-12-21 16:39:15 +11:00
Sam
950b69cfb0 Prepare for Rails 5, don't simply include Rails be explicit 2015-12-21 16:15:30 +11:00
Arpit Jalan
4a21c29961 update onebox gem 2015-12-12 00:30:21 +05:30
Arpit Jalan
553248de86 FEATURE: new gem discourse_email_parser 2015-12-11 01:02:28 +05:30
Arpit Jalan
7a8e5a50ff FEATURE: better email reply parsing 2015-12-09 23:47:01 +05:30
Sam
2663b3775f correct MessageBus cross talk in multisite environment 2015-12-09 13:57:57 +11:00
Sam
65edbb609c Revert "Revert message bus upgrade" 
This reverts commit 47e718f5b2.
 2015-12-09 11:48:41 +11:00
Sam
47e718f5b2 Revert message bus upgrade 2015-12-09 11:45:11 +11:00
Sam
2cc95af69b Revert "REVERT: message bus changes" 
This reverts commit 4820d5c7b0.
 2015-12-09 07:36:36 +11:00
Robin Ward
4820d5c7b0 REVERT: message bus changes 2015-12-08 15:32:31 -05:00
Sam
c866d5b42d Revert "Revert "PERF: move message bus to the front of the middleware stack"" 
This reverts commit cd1dd18f01.
 2015-12-08 07:11:28 +11:00
Robin Ward
cd1dd18f01 Revert "PERF: move message bus to the front of the middleware stack" 
I suspect this commit is preventing Sidekiq from running inprocess.
 2015-12-07 14:57:23 -05:00
Sam
c04bcf8655 PERF: move message bus to the front of the middleware stack 
Organise all initializers so they are properly ordered and use the same naming scheme
 2015-12-07 14:51:24 +11:00
Sam
b0905bee15 update logster 2015-11-27 14:14:19 +11:00
Robin Ward
434deb1bd3 SECURITY: Backported XSS fixes from Handlebars 2015-11-24 16:08:08 -05:00
Sam
1504fdce0c upgrade nokogiri 2015-11-23 22:51:40 +11:00
Robin Ward
3a1979d03c Update onebox gem 2015-11-19 11:14:17 -05:00