Commit Graph

1767 Commits

Author SHA1 Message Date
dependabot-preview[bot]
68ebfa3ef1
Build(deps): Bump zeitwerk from 2.3.0 to 2.3.1 (#10146)
Bumps [zeitwerk](https://github.com/fxn/zeitwerk) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/fxn/zeitwerk/releases)
- [Changelog](https://github.com/fxn/zeitwerk/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fxn/zeitwerk/compare/v2.3.0...v2.3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-30 10:06:51 -04:00
dependabot-preview[bot]
598b7914b6
Build(deps): Bump mini_racer from 0.2.14 to 0.2.15 (#10142)
Bumps [mini_racer](https://github.com/discourse/mini_racer) from 0.2.14 to 0.2.15.
- [Release notes](https://github.com/discourse/mini_racer/releases)
- [Changelog](https://github.com/rubyjs/mini_racer/blob/master/CHANGELOG)
- [Commits](https://github.com/discourse/mini_racer/compare/v0.2.14...v0.2.15)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-29 11:51:07 -04:00
dependabot-preview[bot]
cb898a8023
Build(deps): Bump rubocop-ast from 0.0.3 to 0.1.0 (#10132)
Bumps [rubocop-ast](https://github.com/rubocop-hq/rubocop-ast) from 0.0.3 to 0.1.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-ast/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-ast/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-ast/compare/v0.0.3...v0.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-26 12:01:08 -04:00
dependabot-preview[bot]
855d423791
Build(deps-dev): Bump mock_redis from 0.24.0 to 0.25.0 (#10123)
Bumps [mock_redis](https://github.com/sds/mock_redis) from 0.24.0 to 0.25.0.
- [Release notes](https://github.com/sds/mock_redis/releases)
- [Changelog](https://github.com/sds/mock_redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sds/mock_redis/compare/v0.24.0...v0.25.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-25 10:28:20 -04:00
Guo Xiang Tan
b28d97b64a
FIX: Bump onebox for twitch video and clips embedding fix. 2020-06-24 11:00:30 +08:00
dependabot-preview[bot]
e0cd7ddada Build(deps): Bump excon from 0.74.0 to 0.75.0
Bumps [excon](https://github.com/excon/excon) from 0.74.0 to 0.75.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.74.0...v0.75.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-24 09:35:51 +08:00
dependabot-preview[bot]
f6ad0d3fac Build(deps): Bump diff-lcs from 1.4 to 1.4.1
Bumps [diff-lcs](https://github.com/halostatue/diff-lcs) from 1.4 to 1.4.1.
- [Release notes](https://github.com/halostatue/diff-lcs/releases)
- [Changelog](https://github.com/halostatue/diff-lcs/blob/master/History.md)
- [Commits](https://github.com/halostatue/diff-lcs/compare/v1.4...v1.4.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-24 09:35:12 +08:00
dependabot-preview[bot]
4a189f396e
Build(deps): Bump diff-lcs from 1.3 to 1.4 (#10112)
Bumps [diff-lcs](https://github.com/halostatue/diff-lcs) from 1.3 to 1.4.
- [Release notes](https://github.com/halostatue/diff-lcs/releases)
- [Changelog](https://github.com/halostatue/diff-lcs/blob/master/History.md)
- [Commits](https://github.com/halostatue/diff-lcs/compare/v1.3...v1.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-23 12:46:46 -04:00
Guo Xiang Tan
97d12a3a8e
Bump rails_failover to 0.5.2. 2020-06-23 10:07:30 +08:00
dependabot-preview[bot]
1617905e03
Build(deps): Bump rubocop from 0.85.1 to 0.86.0 (#10103)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.85.1 to 0.86.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.85.1...v0.86.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-22 12:43:39 -04:00
dependabot-preview[bot]
2ffb6ebd47
Build(deps): Bump parser from 2.7.1.3 to 2.7.1.4 (#10096)
Bumps [parser](https://github.com/whitequark/parser) from 2.7.1.3 to 2.7.1.4.
- [Release notes](https://github.com/whitequark/parser/releases)
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/whitequark/parser/compare/v2.7.1.3...v2.7.1.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-22 12:39:59 -04:00
dependabot-preview[bot]
3a780bc49d
Build(deps-dev): Bump mock_redis from 0.23.0 to 0.24.0 (#10075)
Bumps [mock_redis](https://github.com/sds/mock_redis) from 0.23.0 to 0.24.0.
- [Release notes](https://github.com/sds/mock_redis/releases)
- [Changelog](https://github.com/sds/mock_redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sds/mock_redis/compare/v0.23.0...v0.24.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-18 11:25:16 -04:00
dependabot-preview[bot]
332a7bb59c
Build(deps): Bump aws-sigv4 from 1.1.4 to 1.2.0 (#10070)
Bumps [aws-sigv4](https://github.com/aws/aws-sdk-ruby) from 1.1.4 to 1.2.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sigv4/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/1.1.4...1.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-18 11:11:17 -04:00
Guo Xiang Tan
f096181653
Upgrade rubocop and generate rubocop todo. 2020-06-17 14:50:34 +08:00
dependabot-preview[bot]
ad447677ed Build(deps): Bump sanitize from 5.2.0 to 5.2.1
Bumps [sanitize](https://github.com/rgrove/sanitize) from 5.2.0 to 5.2.1.
- [Release notes](https://github.com/rgrove/sanitize/releases)
- [Changelog](https://github.com/rgrove/sanitize/blob/master/HISTORY.md)
- [Commits](https://github.com/rgrove/sanitize/compare/v5.2.0...v5.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-17 09:39:04 +08:00
dependabot-preview[bot]
5610792704 Build(deps): Bump loofah from 2.5.0 to 2.6.0
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/flavorjones/loofah/releases)
- [Changelog](https://github.com/flavorjones/loofah/blob/master/CHANGELOG.md)
- [Commits](https://github.com/flavorjones/loofah/compare/v2.5.0...v2.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-17 09:38:41 +08:00
dependabot-preview[bot]
9b30e8126e
Build(deps): Bump excon from 0.73.0 to 0.74.0 (#10046)
Bumps [excon](https://github.com/excon/excon) from 0.73.0 to 0.74.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.73.0...v0.74.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-16 11:40:12 -04:00
dependabot-preview[bot]
06e5fd5627
Build(deps): Bump aws-sdk-sns from 1.23.0 to 1.25.1 (#10033)
Bumps [aws-sdk-sns](https://github.com/aws/aws-sdk-ruby) from 1.23.0 to 1.25.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-sns/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-16 11:24:15 -04:00
dependabot-preview[bot]
8bd787646b
Build(deps): Bump rubocop-rspec from 1.39.0 to 1.40.0 (#10029)
Bumps [rubocop-rspec](https://github.com/rubocop-hq/rubocop-rspec) from 1.39.0 to 1.40.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-rspec/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-rspec/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-rspec/compare/v1.39.0...v1.40.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-16 11:05:45 -04:00
dependabot-preview[bot]
11fa0cc16b
Build(deps-dev): Bump parallel_tests from 2.32.0 to 3.0.0 (#10018)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.32.0 to 3.0.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.32.0...v3.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-16 10:49:03 -04:00
Guo Xiang Tan
092ae858af
DEV: Bump rails_failover.
Avoid configuring AR stuff if `replica_host` and `replica_port` hasn't
been provided.
2020-06-16 10:51:21 +08:00
dependabot-preview[bot]
18244ff44c
Bump sanitize from 5.1.0 to 5.2.0 (#9996)
Bumps [sanitize](https://github.com/rgrove/sanitize) from 5.1.0 to 5.2.0.
- [Release notes](https://github.com/rgrove/sanitize/releases)
- [Changelog](https://github.com/rgrove/sanitize/blob/master/HISTORY.md)
- [Commits](https://github.com/rgrove/sanitize/compare/v5.1.0...v5.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-15 12:23:47 -04:00
Guo Xiang Tan
58e52c0e4f
DEV: Use rails_failover gem for ActiveRecord and Redis failover handling 2020-06-15 15:47:07 +08:00
Guo Xiang Tan
0ff86b00cb
DEV: Upgrade Redis to 4.2.1. 2020-06-15 10:05:22 +08:00
dependabot-preview[bot]
14dc6f350e
Build(deps): Bump logster from 2.8.0 to 2.9.0 (#10035)
Bumps [logster](https://github.com/discourse/logster) from 2.8.0 to 2.9.0.
- [Release notes](https://github.com/discourse/logster/releases)
- [Changelog](https://github.com/discourse/logster/blob/master/CHANGELOG.md)
- [Commits](https://github.com/discourse/logster/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-13 10:46:57 +03:00
dependabot-preview[bot]
d47dc1e92d
DEV: Bump ffi from 1.13.0 to 1.13.1 (#10006)
Bumps [ffi](https://github.com/ffi/ffi) from 1.13.0 to 1.13.1.
- [Release notes](https://github.com/ffi/ffi/releases)
- [Changelog](https://github.com/ffi/ffi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ffi/ffi/compare/1.13.0...1.13.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

very safe change, should not impact anything.
2020-06-11 17:49:36 +10:00
Arpit Jalan
0061f758bd Bump onebox version.
- temporary workaround to fetch Twitter OpenGraph data
2020-06-11 11:40:44 +05:30
Guo Xiang Tan
a3dfd553a1
Revert "Bump redis to 4.2.0."
This reverts commit 98bc28cea2.
2020-06-10 14:52:05 +08:00
Guo Xiang Tan
98bc28cea2
Bump redis to 4.2.0. 2020-06-10 14:28:56 +08:00
Guo Xiang Tan
2ce829cc01
DEV: Allow multisite apps to boot with reading connection handler. 2020-06-10 14:18:29 +08:00
Guo Xiang Tan
8b434531e4
Bump message_bus to 3.3.1. 2020-06-09 14:12:14 +08:00
Guo Xiang Tan
4ce618e55b
Bump rails_failover. 2020-06-08 17:04:58 +08:00
Guo Xiang Tan
2ffda2b320
Bump rails_failover. 2020-06-08 12:19:33 +08:00
Guo Xiang Tan
dc8b773765
Update rails_failover. 2020-06-08 11:03:25 +08:00
dependabot-preview[bot]
cb015efb74 Bump rubocop from 0.85.0 to 0.85.1
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.85.0 to 0.85.1.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.85.0...v0.85.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-08 09:11:58 +08:00
dependabot-preview[bot]
dc633f299f
Bump email_reply_trimmer from 0.1.12 to 0.1.13 (#9980)
Bumps [email_reply_trimmer](https://github.com/discourse/email_reply_trimmer) from 0.1.12 to 0.1.13.
- [Release notes](https://github.com/discourse/email_reply_trimmer/releases)
- [Commits](https://github.com/discourse/email_reply_trimmer/commits/v0.1.13)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-05 10:00:59 -04:00
Martin Brennan
e84ffb4861
DEV: Add pry-byebug and optionally require pry behind a ENV var for better spec debugging (#9984)
We removed pry-nav a while back because it is not up to date with pry but it is super useful. Luckily pry-byebug is here to save us all from Satan's power.

To get this to work you need to add the following to your $HOME/.pryrc file.

```
if defined?(PryByebug)
  Pry.commands.alias_command 'c', 'continue'
  Pry.commands.alias_command 's', 'step'
  Pry.commands.alias_command 'n', 'next'
  Pry.commands.alias_command 'f', 'finish'
end

Pry::Commands.command /^$/, "repeat last command" do
  pry_instance.run_command Pry.history.to_a.last
end
```

The require-ing of pry, pry-rails, and pry-byebug in specs is controlled by the IMPROVED_SPEC_DEBUGGING flag (disabled by default).
2020-06-05 12:30:34 +10:00
Guo Xiang Tan
e82d4d8a75
DEV: Update rails_failover to avoid monkey patching Rails config. 2020-06-05 09:05:19 +08:00
Guo Xiang Tan
aaece34e8b DEV: Update rails_failover so that we can move middleware up the stack. 2020-06-04 17:14:13 +08:00
Guo Xiang Tan
8e1681d356 Bump rails_failover. 2020-06-04 15:22:35 +08:00
dependabot-preview[bot]
fc0f112f16
Bump connection_pool from 2.2.2 to 2.2.3 (#9967)
Bumps [connection_pool](https://github.com/mperham/connection_pool) from 2.2.2 to 2.2.3.
- [Release notes](https://github.com/mperham/connection_pool/releases)
- [Changelog](https://github.com/mperham/connection_pool/blob/master/Changes.md)
- [Commits](https://github.com/mperham/connection_pool/compare/v2.2.2...v2.2.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-03 09:29:30 -04:00
Guo Xiang Tan
a4a33fccb0
DEV: Update rails_failover. 2020-06-03 14:31:11 +08:00
Guo Xiang Tan
439db7ca1e
DEV: Add REDIS_RAILS_FAILOVER env to test our new redis failover. 2020-06-02 17:24:14 +08:00
Guo Xiang Tan
deb84017f2
Update rails_failover. 2020-06-02 17:01:45 +08:00
Guo Xiang Tan
4120ef7305
Bump rails_multisite to 2.2.2. 2020-06-02 16:49:33 +08:00
dependabot-preview[bot]
111e8dec10
DEV: Bump rubocop from 0.84.0 to 0.85.0 (#9960)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.84.0 to 0.85.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.84.0...v0.85.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Change looks safe, everything is still passing lint
2020-06-02 15:11:33 +10:00
dependabot-preview[bot]
d8b258b4e5
Build(deps): Bump ffi from 1.12.2 to 1.13.0 (#9954)
Bumps [ffi](https://github.com/ffi/ffi) from 1.12.2 to 1.13.0.
- [Release notes](https://github.com/ffi/ffi/releases)
- [Changelog](https://github.com/ffi/ffi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ffi/ffi/compare/1.12.2...1.13.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-01 10:29:34 -04:00
dependabot-preview[bot]
2c43c21abc
Build(deps): Bump coderay from 1.1.2 to 1.1.3 (#9943)
Bumps [coderay](https://github.com/rubychan/coderay) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/rubychan/coderay/releases)
- [Changelog](https://github.com/rubychan/coderay/blob/master/Changes.textile)
- [Commits](https://github.com/rubychan/coderay/compare/v1.1.2...v1.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-01 10:21:46 -04:00
Guo Xiang Tan
5c24f83a6b
DEV: Bump rails_failover. 2020-06-01 10:22:04 +08:00
Guo Xiang Tan
3b311f6b15
DEV: Bump rails_failover. 2020-05-29 09:02:34 +08:00
Robin Ward
cae839ca96
DEV: Update gems to latest versions (#9909) 2020-05-28 13:13:10 -04:00
dependabot-preview[bot]
0e9a380b13
Build(deps): Bump parser from 2.7.1.2 to 2.7.1.3 (#9884)
Bumps [parser](https://github.com/whitequark/parser) from 2.7.1.2 to 2.7.1.3.
- [Release notes](https://github.com/whitequark/parser/releases)
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/whitequark/parser/compare/v2.7.1.2...v2.7.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 10:00:57 -04:00
Robin Ward
2033c3ec9c Revert "Revert "DEV: Import MessageBus from message-bus-client instead of globals""
This reverts commit b10e995d9d.
2020-05-28 08:42:36 -04:00
Guo Xiang Tan
8c86a109bb
DEV: Add ENV flag to test out ActiveRecord::Failover. 2020-05-28 16:24:22 +08:00
Blake Erickson
b10e995d9d Revert "DEV: Import MessageBus from message-bus-client instead of globals"
This reverts commit 9dddbcc00d.
2020-05-27 16:14:09 -06:00
Robin Ward
9dddbcc00d DEV: Import MessageBus from message-bus-client instead of globals 2020-05-27 16:42:42 -04:00
Robin Ward
0f71d38d3a Revert "DEV: Import MessageBus from message-bus-client instead of globals (#9902)"
This reverts commit d3bd482142.
2020-05-27 16:34:30 -04:00
Robin Ward
d3bd482142
DEV: Import MessageBus from message-bus-client instead of globals (#9902) 2020-05-27 15:56:46 -04:00
dependabot-preview[bot]
63b3155983
Build(deps): Bump onebox from 1.9.28.2 to 1.9.28.3 (#9887)
Bumps [onebox](https://github.com/discourse/onebox) from 1.9.28.2 to 1.9.28.3.
- [Release notes](https://github.com/discourse/onebox/releases)
- [Changelog](https://github.com/discourse/onebox/blob/master/CHANGELOG.md)
- [Commits](https://github.com/discourse/onebox/compare/v1.9.28.2...v1.9.28.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-27 08:38:16 +05:30
Arpit Jalan
a6189c5070 Bump onebox version
- use oEmbed for Instagram onebox
2020-05-26 22:03:51 +05:30
dependabot-preview[bot]
d38e571cba
Build(deps): Bump excon from 0.72.0 to 0.73.0 (#9228)
Bumps [excon](https://github.com/excon/excon) from 0.72.0 to 0.73.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.72.0...v0.73.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-26 12:28:28 -04:00
dependabot-preview[bot]
098c9e5950
Build(deps-dev): Bump rspec-rails from 4.0.0 to 4.0.1 (#9804)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v4.0.0...v4.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-25 15:50:56 +10:00
dependabot-preview[bot]
32d13ab97f
DEV: Bump rack-mini-profiler from 2.0.1 to 2.0.2 (#9865)
Bumps [rack-mini-profiler](https://github.com/MiniProfiler/rack-mini-profiler) from 2.0.1 to 2.0.2.
- [Release notes](https://github.com/MiniProfiler/rack-mini-profiler/releases)
- [Changelog](https://github.com/MiniProfiler/rack-mini-profiler/blob/master/CHANGELOG.md)
- [Commits](https://github.com/MiniProfiler/rack-mini-profiler/compare/v2.0.1...v2.0.2)

This is a simple fix to restore client timings in the UI
2020-05-25 15:43:55 +10:00
Michael Brown
d9a02d1336
Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse""
This reverts commit 20780a1eee.

* SECURITY: re-adds accidentally reverted commit:
  03d26cd6: ensure embed_url contains valid http(s) uri
* when the merge commit e62a85cf was reverted, git chose the 2660c2e2 parent to land on
  instead of the 03d26cd6 parent (which contains security fixes)
2020-05-23 00:56:13 -04:00
Jeff Atwood
20780a1eee Revert "Merge branch 'master' of https://github.com/discourse/discourse"
This reverts commit e62a85cf6f, reversing
changes made to 2660c2e21d.
2020-05-22 20:25:56 -07:00
dependabot-preview[bot]
11304ba27c
Build(deps): Bump rubocop from 0.83.0 to 0.84.0 (#9849)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.83.0 to 0.84.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.83.0...v0.84.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-21 09:23:34 -04:00
Guo Xiang Tan
a2d939608d
Bump rails_failover to 0.2.0. 2020-05-21 11:41:58 +08:00
dependabot-preview[bot]
cfff8b1f27
Build(deps): Bump puma from 4.3.4 to 4.3.5 (#9836)
Bumps [puma](https://github.com/puma/puma) from 4.3.4 to 4.3.5.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-20 10:37:43 -04:00
Guo Xiang Tan
f7f436e536
DEV: Install rails_failover gem to test our Redis changes. 2020-05-20 15:40:27 +08:00
dependabot-preview[bot]
42229fecad
Build(deps): Bump rbtrace from 0.4.12 to 0.4.13 (#9827)
Bumps [rbtrace](https://github.com/tmm1/rbtrace) from 0.4.12 to 0.4.13.
- [Release notes](https://github.com/tmm1/rbtrace/releases)
- [Commits](https://github.com/tmm1/rbtrace/compare/v0.4.12...v0.4.13)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-19 12:46:16 -04:00
dependabot-preview[bot]
b23fe547ab
Build(deps): Bump puma from 4.3.3 to 4.3.4 (#9824)
Bumps [puma](https://github.com/puma/puma) from 4.3.3 to 4.3.4.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.3...v4.3.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-19 12:40:39 -04:00
dependabot-preview[bot]
01c27d991a
Build(deps-dev): Bump minitest from 5.14.0 to 5.14.1 (#9807)
Bumps [minitest](https://github.com/seattlerb/minitest) from 5.14.0 to 5.14.1.
- [Release notes](https://github.com/seattlerb/minitest/releases)
- [Changelog](https://github.com/seattlerb/minitest/blob/master/History.rdoc)
- [Commits](https://github.com/seattlerb/minitest/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-19 11:34:53 -04:00
Krzysztof Kotlarek
16f6240782
FIX: Bump rack version from 2.0.8 to 2.2.2 (#9811)
Version 2.1.1 was not working with our Sidekiq but version 2.2.2 is fine
2020-05-19 08:43:45 +10:00
dependabot-preview[bot]
769611f2d9
Build(deps-dev): Bump ruby-prof from 1.4.0 to 1.4.1 (#9790)
Bumps [ruby-prof](https://github.com/ruby-prof/ruby-prof) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/ruby-prof/ruby-prof/releases)
- [Changelog](https://github.com/ruby-prof/ruby-prof/blob/master/CHANGES)
- [Commits](https://github.com/ruby-prof/ruby-prof/compare/1.4.0...1.4.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-15 10:13:49 -04:00
Sam Saffron
4601833e4e
PERF: ensure we run full GC on contexts
Prior to this change we would never clear memory from contexts and
rely on V8 reacting to pressure

This could lead to bloating of PrettyText and Transpiler contexts

This optimisations ensures that we will clear memory 2 seconds after
the last eval on the context
2020-05-15 14:01:54 +10:00
Sam Saffron
5b603cb3ab
FIX: update mini racer to correct heap dumps
This corrects an issue where mini racer's `write_heap_snapshot`
produces corrupt heaps cause the file is not flushed.
2020-05-14 17:52:05 +10:00
dependabot-preview[bot]
e1f11f4374
Build(deps-dev): Bump better_errors from 2.7.0 to 2.7.1 (#9767)
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.7.0 to 2.7.1.
- [Release notes](https://github.com/BetterErrors/better_errors/releases)
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.7.0...v2.7.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-13 16:03:56 -04:00
dependabot-preview[bot]
d69263f934
Build(deps-dev): Bump ruby-prof from 1.3.2 to 1.4.0 (#9761)
Bumps [ruby-prof](https://github.com/ruby-prof/ruby-prof) from 1.3.2 to 1.4.0.
- [Release notes](https://github.com/ruby-prof/ruby-prof/releases)
- [Changelog](https://github.com/ruby-prof/ruby-prof/blob/master/CHANGES)
- [Commits](https://github.com/ruby-prof/ruby-prof/compare/1.3.2...1.4.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-13 10:57:39 -04:00
dependabot-preview[bot]
4ea7a7cf67 Build(deps): Bump rubocop from 0.82.0 to 0.83.0
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.82.0 to 0.83.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.82.0...v0.83.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-05-12 14:28:29 +08:00
dependabot-preview[bot]
33b8314ac5
Build(deps): Bump public_suffix from 4.0.4 to 4.0.5 (#9733)
Bumps [public_suffix](https://github.com/weppos/publicsuffix-ruby) from 4.0.4 to 4.0.5.
- [Release notes](https://github.com/weppos/publicsuffix-ruby/releases)
- [Changelog](https://github.com/weppos/publicsuffix-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/weppos/publicsuffix-ruby/compare/v4.0.4...v4.0.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-11 11:20:35 -04:00
dependabot-preview[bot]
22ed36e483
Build(deps): Bump rspec-expectations from 3.9.1 to 3.9.2 (#9732)
Bumps [rspec-expectations](https://github.com/rspec/rspec-expectations) from 3.9.1 to 3.9.2.
- [Release notes](https://github.com/rspec/rspec-expectations/releases)
- [Changelog](https://github.com/rspec/rspec-expectations/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-expectations/compare/v3.9.1...v3.9.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-11 11:20:15 -04:00
dependabot-preview[bot]
dae29afd7d
Build(deps): Bump jquery-rails from 4.3.5 to 4.4.0 (#9709)
Bumps [jquery-rails](https://github.com/rails/jquery-rails) from 4.3.5 to 4.4.0.
- [Release notes](https://github.com/rails/jquery-rails/releases)
- [Changelog](https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/jquery-rails/compare/v4.3.5...v4.4.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 13:50:56 -04:00
Sam Saffron
609e929186
Revert "Revert "DEV: upgrade to Rails 6.0.3""
This reverts commit 2ff8b4f5d9.

Attempt #2 at a Rails update this time we also update the
rails_multisite gem to allow for cleaner reordering
2020-05-08 11:49:22 +10:00
David Taylor
2ff8b4f5d9
Revert "DEV: upgrade to Rails 6.0.3"
This was causing issues during multisite:migrate

https://meta.discourse.org/t/multisite-migrate-broken-since-rails-6-0-3-update/150691

This reverts commit 136a545653.
2020-05-07 11:44:39 +01:00
Sam Saffron
136a545653
DEV: upgrade to Rails 6.0.3
Upgrades Rails to latest, this version has better compatibility
with Ruby 2.7

During the upgrade we needed a new cleaner mechanism for configuring
message bus.

All tests are green.

If anything weird pops up please revert.
2020-05-07 15:53:40 +10:00
Jarek Radosz
666823d4b7 Revert "Revert "DEV: Move rubocop config to rubocop-discourse (#9616)""
This reverts commit 2d31a14789.

Should be good now - all the plugins are using the updated rubocop config.
2020-05-06 18:41:15 +02:00
Jarek Radosz
2d31a14789 Revert "DEV: Move rubocop config to rubocop-discourse (#9616)"
This reverts commit e23f1a9071.

Reverting as this currently breaks our plugin linting job in GithHub Action and Jenkins. Will re-revert after all the plugins get the latest rubocop config and/or a (potential) rubocop issue is fixed.
2020-05-06 17:22:25 +02:00
Arpit Jalan
10ca6968af Bump onebox version
- reuse existing video icon class
- CSS changes for reddit video onebox
2020-05-06 19:34:03 +05:30
Jarek Radosz
e23f1a9071
DEV: Move rubocop config to rubocop-discourse (#9616) 2020-05-06 15:03:06 +02:00
Arpit Jalan
8ede0e7bc2 Bump onebox version.
- add linkedin and meetedgar to whitelist
- FEATURE: reddit video onebox
- FEATURE: facebook video onebox
2020-05-06 17:55:00 +05:30
Sam Saffron
57fcea7709
DEV: update rspec dependencies
rspec-rails 4.0 was released so we no longer need to depend on a
beta version. Also updates minor on a bunch of rspec gems.

Thanks to @ryanwi for raising this.
2020-05-04 15:21:34 +10:00
Guo Xiang Tan
e32ac831ee
DEV: Update rubocop-discourse to 2.1.2. 2020-05-04 10:51:33 +08:00
dependabot-preview[bot]
85605efe84
Build(deps): Bump redis from 4.1.3 to 4.1.4 (#9608)
Bumps [redis](https://github.com/redis/redis-rb) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/redis/redis-rb/releases)
- [Changelog](https://github.com/redis/redis-rb/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/redis-rb/compare/v4.1.3...v4.1.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-01 11:06:03 -04:00
dependabot-preview[bot]
a4a7ee110b
Build(deps-dev): Bump rubocop-rspec from 1.38.1 to 1.39.0 (#9606)
Bumps [rubocop-rspec](https://github.com/rubocop-hq/rubocop-rspec) from 1.38.1 to 1.39.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-rspec/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-rspec/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-rspec/compare/v1.38.1...v1.39.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-01 11:04:53 -04:00
dependabot-preview[bot]
43210004e5
DEV: Bump parser from 2.7.1.1 to 2.7.1.2 (#9602)
Bumps [parser](https://github.com/whitequark/parser) from 2.7.1.1 to 2.7.1.2.
- [Release notes](https://github.com/whitequark/parser/releases)
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/whitequark/parser/compare/v2.7.1.1...v2.7.1.2)

Very minor, used for ruby 2.7 support
2020-05-01 11:58:57 +10:00
dependabot-preview[bot]
c092370847
Build(deps-dev): Bump rb-fsevent from 0.10.3 to 0.10.4 (#9599)
Bumps [rb-fsevent](https://github.com/thibaudgg/rb-fsevent) from 0.10.3 to 0.10.4.
- [Release notes](https://github.com/thibaudgg/rb-fsevent/releases)
- [Commits](https://github.com/thibaudgg/rb-fsevent/compare/0.10.3...v0.10.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-30 11:14:34 -04:00
Régis Hanol
501b19b6e0
FIX: server-side HtmlToMarkdown improvements (#9586)
TLDR; this commit vastly improves how whitespaces are handled when converting from HTML to Markdown.
It also adds support for converting HTML <tables> to markdown tables.

The previous 'remove_whitespaces!' method was traversing the whole HTML tree and used a heuristic to remove
leading and trailing whitespaces whenever it was appropriate (ie. mostly before and after HTML block elements)

It was a good idea, but it was very limited and leaded to bad conversion when the html had leading whitespaces on several lines for example.
One such example can be found [here](https://meta.discourse.org/t/86782).

For various reasons, most of the whitespaces in a HTML file is ignored when the page is being displayed in a browser.
The rules that the browsers follow are the [CSS' White Space Processing Rules](https://www.w3.org/TR/css-text-3/#white-space-rules).
They can be quite complicated when you take into account RTL languages and other various tidbits but they boils down to the following:

- Collapse whitespaces down to one space (0x20) inside an inline context (ie. nodes/tags that are being displaying on the same line)
- Remove any leading/trailing whitespaces inside an inline context

One quick & dirty way of getting this 90% solved would be to do 'HTML.gsub!(/[[:space:]]+/, " ")'.
We would also need to hoist <pre> elements in order to not mess with their whitespaces.
Unfortunately, this solution let some whitespaces creep around HTML tags which leads to more '.strip!' calls than I can bear.

I decided to "emulate" the browser's handling of whitespaces and came up with a solution in 4 parts

1. remove_not_allowed!

The HtmlToMarkdown library is recursively "visiting" all the nodes in the HTML in order to convert them to Markdown.
All the nodes that aren't handled by the library (eg. <script>, <style> or any non-textual HTML tags) are "swallowed".
In order to reduce the number of nodes visited, the method 'remove_not_allowed!' will automatically delete all the nodes
that have no "visitor" (eg. a 'visit_<tag>' method) defined.

2. remove_hidden!

Similar purpose as the previous method (eg. reducing number of nodes visited), there's no point trying to convert something that is hidden.
The 'remove_hidden!' method removes any nodes that was hidden using the "hidden" HTML attribute, some CSS or with a width or height equal to 0.

3. hoist_line_breaks!

The 'hoist_line_breaks!' method is there to handle <br> tags. I know those tiny <br> don't do much but they can be quite annoying.
The <br> tags are inline elements but they visually work like a block element (ie. they create a new line).
If you have the following HTML "<i>Foo<br>Bar</i>", it ends up visually similar to "<i>Foo</i><br><i>Bar</i>".
The latter being much more easy to process than the former, so that's what this method is doing.
The "hoist_line_breaks" will hoist <br> tags out of inline tags until their parent is a block element.

4. remove_whitespaces!

The "remove_whitespaces!" is where all the whitespace removal is happening. It's broken down into 4 methods as well

- remove_whitespaces!
- is_inline?
- collapse_spaces!
- remove_trailing_space!

The 'remove_whitespace!' method is recursively walking the HTML tree (skipping <pre> tags).
If a node has any children, they will be chunked into groups of inline elements vs block elements.
For each chunks of inline elements, it will call the "collapse_space!" and "remove_trailing_space!" methods.
For each chunks of block elements, it will call "remote_whitespace!" to keep walking the HTML tree recursively.

The "is_inline?" method determines whether a node is part of a inline context.
A node is inline iif it's a text node or it's an inline tag, but not <br>, and all its children are also inline.

The "collapse_spaces!" method will collapse any kind of (white) space into a single space (" ") character, even accros tags.
For example, if we have "  Foo \n<i> Bar </i>\t42", it will return "Foo <i>Bar </i>42".

Finally, the "remove_trailing_space!" method is there to remove any trailing space that might creep in at the end of the inline chunk.

This solution is not 100% bullet-proof.
It does not support RTL languages at all and has some caveats that I felt were not worth the work to get properly fixed.

FIX: better detection of hidden elements when converting HTML to Markdown
FIX: take into account the 'allowed_href_schemes' site setting when converting HTML <a> to Markdown
FIX: added support for 'mailto:' scheme when converting <a> from HTML to Markdown
FIX: added support for <img> dimensions when converting from HTML to Markdown
FIX: added support for <dl>, <dd> and <dt> when converting from HTML to Markdown
FIX: added support for multilines emphases, strongs and strikes when converting from HTML to Markdown
FIX: added support for <acronym> when converting from HTML to Markdown
DEV: remove unused 'sanitize' gem

Wow, did you just read all that?! Congratz, here's a cookie: 🍪.
2020-04-30 12:21:25 +02:00
Sam Saffron
4f5ed8e781
DEV: pry-nav was holding back on pry upgrades
pry-nav is not yet supported on latest pry, this holds off on
upgrading pry, which in turn holds off on upgrading deps

Stripping pry-nav for now till it works with latest pry
2020-04-30 09:40:50 +10:00
Robin Ward
3ec21b4124 SECURITY: Update onebox to add rel="noopener" 2020-04-29 10:57:05 -04:00
dependabot-preview[bot]
7ccfc73edb
Build(deps): Bump rqrcode_core from 0.1.1 to 0.1.2 (#9244)
Bumps [rqrcode_core](https://github.com/whomwah/rqrcode_core) from 0.1.1 to 0.1.2.
- [Release notes](https://github.com/whomwah/rqrcode_core/releases)
- [Commits](https://github.com/whomwah/rqrcode_core/commits)
2020-04-29 12:58:52 +01:00
David Taylor
6a9a7b56df
DEV: Bump Hashie and Faraday (#9583)
These were previously pinned due to a dependency in the zendesk plugin. That has now been resolved.
2020-04-29 12:55:30 +01:00
dependabot-preview[bot]
d3dc8fc1b3
DEV: Bump message_bus from 3.0.0 to 3.1.0 (#9565)
Bumps [message_bus](https://github.com/SamSaffron/message_bus) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/SamSaffron/message_bus/releases)
- [Changelog](https://github.com/discourse/message_bus/blob/master/CHANGELOG)
- [Commits](https://github.com/SamSaffron/message_bus/compare/v3.0.0...v3.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Very safe change introduces new API needed for message filtering. 

7fad5a3e7d
2020-04-28 15:46:40 +10:00
Blake Erickson
a93ef2926d
DEV: Add rswag to aid in api documention (#9546)
Adding in rswag will allow us to write spec files to document and test
our api.
2020-04-27 16:40:07 -06:00
dependabot-preview[bot]
e92a54f681
Build(deps): Bump aws-sigv4 from 1.1.2 to 1.1.3 (#9560)
Bumps [aws-sigv4](https://github.com/aws/aws-sdk-ruby) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sigv4/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/1.1.2...1.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-27 16:08:31 -04:00
dependabot-preview[bot]
f15fc0ebf3
Build(deps): Bump unicorn from 5.5.4 to 5.5.5 (#9552)
Bumps [unicorn](https://yhbt.net/unicorn/) from 5.5.4 to 5.5.5.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-27 12:50:03 -04:00
Guo Xiang Tan
e0725fd123 Upgrade message_bus to 3.0.0
Fixes an issue where specifying `group_ids` and `user_ids` while
publishing a message would result in an intersection between both
options.
2020-04-27 12:45:23 +08:00
dependabot-preview[bot]
94d753ad16
Build(deps-dev): Bump better_errors from 2.6.0 to 2.7.0 (#9544)
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.6.0 to 2.7.0.
- [Release notes](https://github.com/BetterErrors/better_errors/releases)
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.6.0...v2.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-24 14:22:05 -04:00
dependabot-preview[bot]
8b0ac092d8 Build(deps-dev): Bump byebug from 11.1.2 to 11.1.3
Bumps [byebug](https://github.com/deivid-rodriguez/byebug) from 11.1.2 to 11.1.3.
- [Release notes](https://github.com/deivid-rodriguez/byebug/releases)
- [Changelog](https://github.com/deivid-rodriguez/byebug/blob/master/CHANGELOG.md)
- [Commits](https://github.com/deivid-rodriguez/byebug/compare/v11.1.2...v11.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-04-24 09:42:19 +08:00
dependabot-preview[bot]
4d45602517
Build(deps): Bump mini_racer from 0.2.9 to 0.2.10 (#9507)
Bumps [mini_racer](https://github.com/discourse/mini_racer) from 0.2.9 to 0.2.10.
- [Release notes](https://github.com/discourse/mini_racer/releases)
- [Changelog](https://github.com/rubyjs/mini_racer/blob/master/CHANGELOG)
- [Commits](https://github.com/discourse/mini_racer/compare/v0.2.9...v0.2.10)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-22 10:26:31 -04:00
dependabot-preview[bot]
32f3f1c14b
Build(deps-dev): Bump mock_redis from 0.22.0 to 0.23.0 (#9506)
Bumps [mock_redis](https://github.com/sds/mock_redis) from 0.22.0 to 0.23.0.
- [Release notes](https://github.com/sds/mock_redis/releases)
- [Changelog](https://github.com/sds/mock_redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sds/mock_redis/compare/v0.22.0...v0.23.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-22 10:26:09 -04:00
Jarek Radosz
07e0490fe4
DEV: Update mocha (#9490)
The spec that was blocking the update was fixed in c08753dc34.
2020-04-21 18:32:42 +02:00
dependabot-preview[bot]
776caa24c9
DEV: Bump optimist from 3.0.0 to 3.0.1 (#9476)
Bumps [optimist](https://github.com/ManageIQ/optimist) from 3.0.0 to 3.0.1.

Mostly about fixing tests and adding a license file
2020-04-21 15:32:24 +10:00
dependabot-preview[bot]
afe1407c75
Build(deps): Bump aws-sdk-s3 from 1.61.2 to 1.62.0 (#9479)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.61.2 to 1.62.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits/v1.62.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 16:06:38 -04:00
dependabot-preview[bot]
f63ac79b9d
Build(deps-dev): Bump ruby-prof from 1.3.1 to 1.3.2 (#9474)
Bumps [ruby-prof](https://github.com/ruby-prof/ruby-prof) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/ruby-prof/ruby-prof/releases)
- [Changelog](https://github.com/ruby-prof/ruby-prof/blob/master/CHANGES)
- [Commits](https://github.com/ruby-prof/ruby-prof/compare/1.3.1...1.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 12:34:53 -04:00
Daniel Waterworth
7876ee2d67 DEV: upgrade Rails
Latest version of Rails contains compatibility fixes for Ruby 2.7 and some
minor security fixes we would like to have

It also broke some of the multisite tests.

Rails tries to use the same connection for reading from a replica as writing
to the leader during tests, because, with everything happening in a
transaction, changes to the DB wouldn't otherwise be reflected in the
replica connection.

The difference now is that Rails tries to do this for connections opened
after the test has started which affected rails multisite connections.

The upshot of this is that, as things stand, you are likely to
experience problems if you try to connect to a different multisite DB in
a test when the `current_db` is not 'default'.
2020-04-20 12:55:53 +01:00
dependabot-preview[bot]
3ac6e16250
Build(deps): Bump aws-sigv4 from 1.1.1 to 1.1.2 (#9465)
Bumps [aws-sigv4](https://github.com/aws/aws-sdk-ruby) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sigv4/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/1.1.1...1.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-17 17:32:30 -04:00
dependabot-preview[bot]
80563705da
Build(deps-dev): Bump byebug from 11.1.1 to 11.1.2 (#9462)
Bumps [byebug](https://github.com/deivid-rodriguez/byebug) from 11.1.1 to 11.1.2.
- [Release notes](https://github.com/deivid-rodriguez/byebug/releases)
- [Changelog](https://github.com/deivid-rodriguez/byebug/blob/master/CHANGELOG.md)
- [Commits](https://github.com/deivid-rodriguez/byebug/compare/v11.1.1...v11.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-17 14:31:27 -04:00
dependabot-preview[bot]
77dd31a642
Build(deps): Bump sidekiq from 6.0.6 to 6.0.7 (#9460)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.0.6 to 6.0.7.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.0.6...v6.0.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-17 12:10:39 -04:00
Robin Ward
6f391b9387 Upgrade rubocop 2020-04-17 11:16:14 -04:00
dependabot-preview[bot]
338eaf9167
Build(deps): Bump parser from 2.7.1.0 to 2.7.1.1 (#9425)
Bumps [parser](https://github.com/whitequark/parser) from 2.7.1.0 to 2.7.1.1.
- [Release notes](https://github.com/whitequark/parser/releases)
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/whitequark/parser/compare/v2.7.1.0...v2.7.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-15 10:30:30 -04:00
dependabot-preview[bot]
81c7f369eb
Build(deps): Bump aws-eventstream from 1.0.3 to 1.1.0 (#9395)
Bumps [aws-eventstream](https://github.com/aws/aws-sdk-ruby) from 1.0.3 to 1.1.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-eventstream/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/1.0.3...1.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-09 09:57:50 -04:00
dependabot-preview[bot]
3e176f9bf4
Build(deps): Bump mini_sql from 0.2.4 to 0.2.5 (#9368)
Bumps [mini_sql](https://github.com/discourse/mini_sql) from 0.2.4 to 0.2.5.
- [Release notes](https://github.com/discourse/mini_sql/releases)
- [Changelog](https://github.com/discourse/mini_sql/blob/master/CHANGELOG)
- [Commits](https://github.com/discourse/mini_sql/compare/v0.2.4...v0.2.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-07 10:29:49 -04:00
dependabot-preview[bot]
ed74a6c126
Build(deps): Bump public_suffix from 4.0.3 to 4.0.4 (#9353)
Bumps [public_suffix](https://github.com/weppos/publicsuffix-ruby) from 4.0.3 to 4.0.4.
- [Release notes](https://github.com/weppos/publicsuffix-ruby/releases)
- [Changelog](https://github.com/weppos/publicsuffix-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/weppos/publicsuffix-ruby/compare/4.0.3...v4.0.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-06 11:42:03 -04:00
dependabot-preview[bot]
c72fb252a5
Build(deps): Bump loofah from 2.4.0 to 2.5.0 (#9352)
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/flavorjones/loofah/releases)
- [Changelog](https://github.com/flavorjones/loofah/blob/master/CHANGELOG.md)
- [Commits](https://github.com/flavorjones/loofah/compare/v2.4.0...v2.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-06 11:41:47 -04:00
dependabot-preview[bot]
24fbe3e796
Build(deps): Bump oj from 3.10.5 to 3.10.6 (#9351)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.5 to 3.10.6.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.5...v3.10.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-06 11:40:45 -04:00
dependabot-preview[bot]
8c06c64bfb
Build(deps): Bump aws-sdk-s3 from 1.61.1 to 1.61.2 (#9348)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.61.1 to 1.61.2.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-06 11:35:29 -04:00
dependabot-preview[bot]
a00cfe853a
Build(deps): Bump parser from 2.7.0.5 to 2.7.1.0 (#9347)
Bumps [parser](https://github.com/whitequark/parser) from 2.7.0.5 to 2.7.1.0.
- [Release notes](https://github.com/whitequark/parser/releases)
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/whitequark/parser/compare/v2.7.0.5...v2.7.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-06 11:34:59 -04:00
dependabot-preview[bot]
4500928a39
Build(deps-dev): Bump fabrication from 2.21.0 to 2.21.1 (#9341)
Bumps [fabrication](https://github.com/paulelliott/fabrication) from 2.21.0 to 2.21.1.
- [Release notes](https://github.com/paulelliott/fabrication/releases)
- [Changelog](https://github.com/paulelliott/fabrication/blob/master/Changelog.markdown)
- [Commits](https://github.com/paulelliott/fabrication/compare/2.21.0...2.21.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-03 10:32:05 -04:00
dependabot-preview[bot]
06de6f80f8
Build(deps): Bump tzinfo from 1.2.6 to 1.2.7 (#9340)
Bumps [tzinfo](https://github.com/tzinfo/tzinfo) from 1.2.6 to 1.2.7.
- [Release notes](https://github.com/tzinfo/tzinfo/releases)
- [Changelog](https://github.com/tzinfo/tzinfo/blob/master/CHANGES.md)
- [Commits](https://github.com/tzinfo/tzinfo/compare/v1.2.6...v1.2.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-03 10:31:45 -04:00
dependabot-preview[bot]
0d646d1a26
Build(deps-dev): Bump rubocop from 0.80.1 to 0.81.0 (#9330)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.80.1 to 0.81.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.80.1...v0.81.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 11:31:14 -04:00
dependabot-preview[bot]
14b8e221e7
Build(deps): Bump cose from 0.11.0 to 1.0.0 (#9307)
Bumps [cose](https://github.com/cedarcode/cose-ruby) from 0.11.0 to 1.0.0.
- [Release notes](https://github.com/cedarcode/cose-ruby/releases)
- [Changelog](https://github.com/cedarcode/cose-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cedarcode/cose-ruby/compare/v0.11.0...v1.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-30 11:18:55 -04:00
dependabot-preview[bot]
0841ba1c6b
Build(deps): Bump unf_ext from 0.0.7.6 to 0.0.7.7 (#9306)
Bumps [unf_ext](https://github.com/knu/ruby-unf_ext) from 0.0.7.6 to 0.0.7.7.
- [Release notes](https://github.com/knu/ruby-unf_ext/releases)
- [Changelog](https://github.com/knu/ruby-unf_ext/blob/master/CHANGELOG.md)
- [Commits](https://github.com/knu/ruby-unf_ext/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-30 11:18:31 -04:00
dependabot-preview[bot]
8ab39f6916
Build(deps): Bump logster from 2.7.1 to 2.8.0 (#9310)
This includes Font Awesome upgrade to version 5.

Bumps [logster](https://github.com/discourse/logster) from 2.7.1 to 2.8.0.
- [Release notes](https://github.com/discourse/logster/releases)
- [Changelog](https://github.com/discourse/logster/blob/master/CHANGELOG.md)
- [Commits](https://github.com/discourse/logster/compare/v2.7.1...v2.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-30 07:52:04 +03:00
Jarek Radosz
7ff889574d
DEV: Add rubocop-rspec (#9288)
This adds rubocop-rspec, and enables some cops that were either already passing or are passing now, after fixing them in this commit.

Some new cops are disabled for now, with annotation: "TODO" or "To be decided". Those either need to be discussed first, or require manual changes, or the number of found and fixed offenses is too large to bundle them up in a single PR.

Includes:

* DEV: Update rubocop's `TargetRubyVersion` to 2.6
* DEV: Enable RSpec/VoidExpect
* DEV: Enable RSpec/SharedContext
* DEV: Enable RSpec/EmptyExampleGroup (Removed an obsolete empty spec file)
* DEV: Enable RSpec/ItBehavesLike
* DEV: Remove RSpec/ScatteredLet (It's too strict, as it doesn't recognize fab! as a let-like)
* DEV: Remove RSpec/MultipleExpectations
2020-03-27 17:35:40 +01:00
Jarek Radosz
d21d80198c
DEV: Update rubocop-discourse (#9270)
Includes:
* DEV: Use `eq_time` matcher
2020-03-26 16:32:41 +01:00
Sam Saffron
25f1f23288
FEATURE: Stricter rules for user presence
Previously we would consider a user "present" and "last seen" if the
browser window was visible.

This has many edge cases, you could be considered present and around for
days just by having a window open and no screensaver on.

Instead we now also check that you either clicked, transitioned around app
or scrolled the page in the last minute in combination with window
visibility

This will lead to more reliable notifications via email and reduce load of
message bus for cases where a user walks away from the terminal
2020-03-26 17:36:52 +11:00
Sam Saffron
35e153d84f
DEV: update unicorn
This is a minor update to unicorn, in this update unicorn handles
chunked encoding a bit more correctly according to RFC

Should have no impact, but message bus will be validated in production
to confirm chunked encoding still works as expected
2020-03-25 15:38:25 +11:00
Sam Saffron
c7151f0fd6
Revert "DEV: upgrade Rails"
This reverts commit 5b3bb4b2f0.

This erratically breaks multisite operation, we need more debugging
2020-03-24 17:11:13 +11:00
Sam Saffron
5b3bb4b2f0
DEV: upgrade Rails
Latest version of Rails contains compatibility fixes for Ruby 2.7 and some
minor security fixes we would like to have
2020-03-24 16:47:40 +11:00
dependabot-preview[bot]
4452817ed0
DEV: Bump pg from 1.2.2 to 1.2.3 (#9235)
Bumps [pg](https://github.com/ged/ruby-pg) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Pretty safe, adds protection for 2 possible segfaults.
2020-03-24 16:25:52 +11:00
dependabot-preview[bot]
ecda9dbf25
DEV: Bump annotate from 3.1.0 to 3.1.1 (#9261)
Bumps [annotate](https://github.com/ctran/annotate_models) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ctran/annotate_models/releases)
- [Changelog](https://github.com/ctran/annotate_models/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ctran/annotate_models/compare/v3.1.0...v3.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Very safe upgrade, annotate only used in dev
2020-03-24 16:23:16 +11:00
Sam Saffron
9726a0e0b4
DEV: upgrade json gem and add explicit dependency
json is shipped out of sync with Ruby. Even though we use OJ for many things
we still use the json gem sometimes, this ensures we use the latest

b8b29e79ad/config/initializers/100-oj.rb (L9-L9)
2020-03-24 15:21:50 +11:00
dependabot-preview[bot]
8b7dc35e76
Build(deps): Bump sidekiq from 6.0.5 to 6.0.6 (#9258)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.0.5 to 6.0.6.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.0.5...v6.0.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-23 14:27:51 -04:00
dependabot-preview[bot]
f413ea6b38
Build(deps): Bump onebox from 1.9.26 to 1.9.27.1 (#9255)
Bumps [onebox](https://github.com/discourse/onebox) from 1.9.26 to 1.9.27.1.
- [Release notes](https://github.com/discourse/onebox/releases)
- [Changelog](https://github.com/discourse/onebox/blob/master/CHANGELOG.md)
- [Commits](https://github.com/discourse/onebox/compare/v1.9.26...v1.9.27.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-23 10:18:30 -04:00
dependabot-preview[bot]
8174f1551c
Build(deps): Bump aws-sdk-s3 from 1.61.0 to 1.61.1 (#9216)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.61.0 to 1.61.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-20 09:43:58 -04:00
David Taylor
e9a3639b10
DEV: Pin hashie and faraday versions for zendesk api compatibility (#9214) 2020-03-19 19:52:31 +00:00
dependabot-preview[bot]
0b2e6f4301
Build(deps): Bump aws-partitions from 1.283.0 to 1.284.0 (#9227)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.283.0 to 1.284.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-17 17:22:50 -04:00
dependabot-preview[bot]
9d8eabd32f
Build(deps): Bump aws-partitions from 1.281.0 to 1.283.0 (#9217)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.281.0 to 1.283.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-17 15:30:12 -04:00
dependabot-preview[bot]
125c9966f1
Build(deps): Bump rspec-expectations from 3.9.0 to 3.9.1 (#9211)
Bumps [rspec-expectations](https://github.com/rspec/rspec-expectations) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/rspec/rspec-expectations/releases)
- [Changelog](https://github.com/rspec/rspec-expectations/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-expectations/compare/v3.9.0...v3.9.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-17 15:17:29 -04:00
dependabot-preview[bot]
1b2019e7eb
Build(deps): Bump rack-mini-profiler from 1.1.6 to 2.0.1 (#9222)
* Build(deps): Bump rack-mini-profiler from 1.1.6 to 2.0.1

Bumps [rack-mini-profiler](https://github.com/MiniProfiler/rack-mini-profiler) from 1.1.6 to 2.0.1.
- [Release notes](https://github.com/MiniProfiler/rack-mini-profiler/releases)
- [Changelog](https://github.com/MiniProfiler/rack-mini-profiler/blob/master/CHANGELOG.md)
- [Commits](https://github.com/MiniProfiler/rack-mini-profiler/compare/v1.1.6...v2.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Enable rails patches

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: OsamaSayegh <asooomaasoooma90@gmail.com>
2020-03-17 14:09:45 +03:00
dependabot-preview[bot]
12c29ae955 Build(deps): Bump rbtrace from 0.4.11 to 0.4.12
Bumps [rbtrace](https://github.com/tmm1/rbtrace) from 0.4.11 to 0.4.12.
- [Release notes](https://github.com/tmm1/rbtrace/releases)
- [Commits](https://github.com/tmm1/rbtrace/compare/v0.4.11...v0.4.12)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-17 10:15:36 +00:00
David Taylor
610261f48e
DEV: Bump omniauth from 1.9.0 to 1.9.1 2020-03-16 13:12:10 +00:00
David Taylor
ce50695bff
DEV: Bump OAuth2 from 1.4.2 to 1.4.4 2020-03-16 12:42:23 +00:00
dependabot-preview[bot]
aad43a6223
Build(deps-dev): Bump parallel_tests from 2.31.0 to 2.32.0 (#9210)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.31.0 to 2.32.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.31.0...v2.32.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-16 13:18:07 +01:00
dependabot-preview[bot]
81ba516741
Build(deps): Bump rubyzip from 2.2.0 to 2.3.0 (#9208)
Bumps [rubyzip](https://github.com/rubyzip/rubyzip) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/rubyzip/rubyzip/releases)
- [Changelog](https://github.com/rubyzip/rubyzip/blob/master/Changelog.md)
- [Commits](https://github.com/rubyzip/rubyzip/compare/v2.2.0...v2.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-16 13:17:41 +01:00
dependabot-preview[bot]
8a4784d36f
Build(deps): Bump rails_multisite from 2.1.0 to 2.1.1 (#9196)
Bumps [rails_multisite]() from 2.1.0 to 2.1.1.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-13 13:53:39 +00:00
dependabot-preview[bot]
aa4e76b480
Build(deps-dev): Bump ruby-prof from 1.3.0 to 1.3.1 (#9186)
Bumps [ruby-prof](https://github.com/ruby-prof/ruby-prof) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/ruby-prof/ruby-prof/releases)
- [Changelog](https://github.com/ruby-prof/ruby-prof/blob/master/CHANGES)
- [Commits](https://github.com/ruby-prof/ruby-prof/compare/1.3.0...1.3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-12 11:16:29 -04:00
OsamaSayegh
b23c2437ae DEV: Revert rack-mini-profiler version bump
New version breaks site deploys. Will investigate and fix.
2020-03-11 22:16:15 +03:00
dependabot-preview[bot]
a4929661af
Build(deps): Bump rack-mini-profiler from 1.1.6 to 2.0.0 (#9168)
* Build(deps): Bump rack-mini-profiler from 1.1.6 to 2.0.0

Bumps [rack-mini-profiler](https://github.com/MiniProfiler/rack-mini-profiler) from 1.1.6 to 2.0.0.
- [Release notes](https://github.com/MiniProfiler/rack-mini-profiler/releases)
- [Changelog](https://github.com/MiniProfiler/rack-mini-profiler/blob/master/CHANGELOG.md)
- [Commits](https://github.com/MiniProfiler/rack-mini-profiler/compare/v1.1.6...v2.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Enable rails patches

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: OsamaSayegh <asooomaasoooma90@gmail.com>
2020-03-11 20:11:12 +03:00
dependabot-preview[bot]
40d7686234
Build(deps-dev): Bump webmock from 3.8.2 to 3.8.3 (#9167)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.8.2 to 3.8.3.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.8.2...v3.8.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-11 10:09:19 -04:00
Robin Ward
a3f0543f99
Support for transpiling .js files (#9160)
* Remove some `.es6` from comments where it does not matter

* Use a post processor for transpilation

This will allow us to eventually use the directory structure to
transpile rather than the extension.

* FIX: Some errors and clean up in confirm-new-email

It would throw an error if the webauthn element wasn't present.
Also I changed things so that no-module is not explicitly
referenced.

* Remove `no-module`

Instead we allow a magic comment: `// discourse-skip-module` to prevent
the asset pipeline from creating a module.

* DEV: Enable babel transpilation based on directory

If it's in `app/assets/javascripts/dicourse` it will be transpiled
even without the `.es6` extension.

* REFACTOR: Remove Tilt/ES6ModuleTranspiler
2020-03-11 09:43:55 -04:00
dependabot-preview[bot]
08b992d257
Build(deps): Bump aws-sdk-sns from 1.21.0 to 1.22.0 (#9154)
Bumps [aws-sdk-sns](https://github.com/aws/aws-sdk-ruby) from 1.21.0 to 1.22.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-sns/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/1.21.0...1.22.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-10 10:20:34 -04:00
dependabot-preview[bot]
25b74e252b
Build(deps): Bump aws-sdk-s3 from 1.60.2 to 1.61.0 (#9153)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.60.2 to 1.61.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.60.2...v1.61.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-10 10:14:52 -04:00
dependabot-preview[bot]
5c581b475a
Build(deps): Bump oj from 3.10.3 to 3.10.5 (#9107)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.3 to 3.10.5.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.3...v3.10.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-04 10:06:13 -05:00
dependabot-preview[bot]
f971ecd231
Build(deps): Bump nokogiri from 1.10.8 to 1.10.9 (#9093)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.8 to 1.10.9.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/v1.10.9/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.8...v1.10.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-03 10:19:34 -05:00
OsamaSayegh
5035a490b2 DEV: Bump Logster version to 2.7.1
This version includes a fix to stop `env` mutation that occurred in
Logster default store which caused chained loggers to report different
backtraces for the same message when backtrace is provided via `env`.

https://github.com/discourse/logster/compare/v2.7.0...v2.7.1
2020-03-03 07:02:01 +03:00
dependabot-preview[bot]
8a696a4ffc
Build(deps-dev): Bump annotate from 3.0.3 to 3.1.0 (#9091)
Bumps [annotate](https://github.com/ctran/annotate_models) from 3.0.3 to 3.1.0.
- [Release notes](https://github.com/ctran/annotate_models/releases)
- [Changelog](https://github.com/ctran/annotate_models/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ctran/annotate_models/compare/v3.0.3...v3.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 16:35:13 -05:00
dependabot-preview[bot]
ee35bbdbba
Build(deps): Bump oj from 3.10.2 to 3.10.3 (#9092)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.2 to 3.10.3.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.2...v3.10.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 16:34:53 -05:00
dependabot-preview[bot]
f44ad91a52
Build(deps): Bump hashdiff from 1.0.0 to 1.0.1 (#9068)
Bumps [hashdiff](https://github.com/liufengyun/hashdiff) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/liufengyun/hashdiff/releases)
- [Changelog](https://github.com/liufengyun/hashdiff/blob/master/changelog.md)
- [Commits](https://github.com/liufengyun/hashdiff/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 14:31:19 -05:00
dependabot-preview[bot]
b78df9c4c9
Build(deps): Bump aws-sigv4 from 1.1.0 to 1.1.1 (#9067)
Bumps [aws-sigv4](https://github.com/aws/aws-sdk-ruby) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sigv4/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/1.1.0...1.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 14:31:06 -05:00
dependabot-preview[bot]
8e7868b405
Build(deps-dev): Bump rubocop from 0.80.0 to 0.80.1 (#9081)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.80.0 to 0.80.1.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.80.0...v0.80.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 14:10:19 -05:00
dependabot-preview[bot]
93b8d7ec89
Build(deps): Bump puma from 4.3.2 to 4.3.3 (#9079)
Bumps [puma](https://github.com/puma/puma) from 4.3.2 to 4.3.3.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.2...v4.3.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 14:09:56 -05:00
dependabot-preview[bot]
98d4b7bbc1
Build(deps-dev): Bump better_errors from 2.5.1 to 2.6.0 (#9043)
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/BetterErrors/better_errors/releases)
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.5.1...v2.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 14:09:33 -05:00
dependabot-preview[bot]
d85726a866
Build(deps-dev): Bump simplecov from 0.18.3 to 0.18.5 (#9044)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.18.3 to 0.18.5.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.18.3...v0.18.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 14:09:05 -05:00
David Taylor
68c7699c46 Revert "Build(deps-dev): Bump annotate from 3.0.3 to 3.1.0 (#9013)"
v3.1.0 has a bug which rewrites default annotations with erroneous quotes. https://github.com/ctran/annotate_models/issues/762

This reverts commit dd4a04e72c.
2020-03-02 13:34:39 +00:00
dependabot-preview[bot]
34fddaa824
Build(deps): Bump rails_multisite from 2.0.7 to 2.1.0 (#9083)
Bumps [rails_multisite]() from 2.0.7 to 2.1.0.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 10:34:17 +00:00
dependabot-preview[bot]
18ed2cc7d8
Build(deps): Bump puma from 4.3.1 to 4.3.2 (#9063)
Bumps [puma](https://github.com/puma/puma) from 4.3.1 to 4.3.2.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.1...v4.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-28 14:25:52 -05:00
dependabot-preview[bot]
87b2871074
Build(deps): Bump logster from 2.6.3 to 2.7.0 (#9050)
This includes a new feature that allows you to control the length of log messages via `Logster.config.maximum_message_length`. More details at: e5c4fc0b6e

Bumps [logster](https://github.com/discourse/logster) from 2.6.3 to 2.7.0.
- [Release notes](https://github.com/discourse/logster/releases)
- [Changelog](https://github.com/discourse/logster/blob/master/CHANGELOG.md)
- [Commits](https://github.com/discourse/logster/compare/v2.6.3...v2.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-26 22:08:39 +03:00
dependabot-preview[bot]
709772ea52
Build(deps): Bump bootsnap from 1.4.5 to 1.4.6 (#9032)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.5 to 1.4.6.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.5...v1.4.6)

Simple low risk dependency, only used in dev
2020-02-25 07:54:24 +11:00
dependabot-preview[bot]
fee7a4be8a
Build(deps-dev): Bump simplecov from 0.18.2 to 0.18.3 (#9025)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.18.2 to 0.18.3.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.18.2...v0.18.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-24 13:32:38 -05:00
dependabot-preview[bot]
dedd37503e
Build(deps): Bump simplecov-html from 0.12.0 to 0.12.1 (#9024)
Bumps [simplecov-html](https://github.com/colszowka/simplecov-html) from 0.12.0 to 0.12.1.
- [Release notes](https://github.com/colszowka/simplecov-html/releases)
- [Changelog](https://github.com/colszowka/simplecov-html/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov-html/compare/v0.12.0...v0.12.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-24 13:31:52 -05:00
dependabot-preview[bot]
31f3ed8d36
Build(deps-dev): Bump ruby-prof from 1.2.0 to 1.3.0 (#9023)
Bumps [ruby-prof](https://github.com/ruby-prof/ruby-prof) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/ruby-prof/ruby-prof/releases)
- [Changelog](https://github.com/ruby-prof/ruby-prof/blob/master/CHANGES)
- [Commits](https://github.com/ruby-prof/ruby-prof/compare/1.2.0...1.3.0)

Minor change only impacts development
2020-02-24 13:13:09 +11:00
dependabot-preview[bot]
dd4a04e72c
Build(deps-dev): Bump annotate from 3.0.3 to 3.1.0 (#9013)
Bumps [annotate](https://github.com/ctran/annotate_models) from 3.0.3 to 3.1.0.
- [Release notes](https://github.com/ctran/annotate_models/releases)
- [Changelog](https://github.com/ctran/annotate_models/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ctran/annotate_models/compare/v3.0.3...v3.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-20 12:18:52 -05:00
dependabot-preview[bot]
223edd1286
Build(deps-dev): Bump rubocop from 0.79.0 to 0.80.0 (#8997)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.79.0 to 0.80.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.79.0...v0.80.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-02-19 14:36:36 -05:00
dependabot-preview[bot]
eaf516a5ad
Build(deps-dev): Bump shoulda-matchers from 4.2.0 to 4.3.0 (#8989)
Bumps [shoulda-matchers](https://github.com/thoughtbot/shoulda-matchers) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/thoughtbot/shoulda-matchers/releases)
- [Changelog](https://github.com/thoughtbot/shoulda-matchers/blob/master/NEWS.md)
- [Commits](https://github.com/thoughtbot/shoulda-matchers/compare/v4.2.0...v4.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-02-19 13:41:38 -05:00
OsamaSayegh
3e7c4dcc57 DEV: Bump Logster version to 2.6.3
This version includes a fix for a bug where env wouldn't show up if
filter messages by a search term.
2020-02-17 22:52:18 +03:00
Sam Saffron
28d61cb0d7
Revert "Build(deps): Bump oauth2 from 1.4.2 to 1.4.4 (#8952)"
This reverts commit c7544880b6.

Plugins depend on specific version so this upgrade is in fact
not safe
2020-02-16 10:45:06 +11:00
dependabot-preview[bot]
c7544880b6
Build(deps): Bump oauth2 from 1.4.2 to 1.4.4 (#8952)
Bumps [oauth2](https://github.com/oauth-xx/oauth2) from 1.4.2 to 1.4.4.
- [Release notes](https://github.com/oauth-xx/oauth2/releases)
- [Changelog](https://github.com/oauth-xx/oauth2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/oauth-xx/oauth2/compare/v1.4.2...v1.4.4)

Change should be safe mainly cosmetic
2020-02-16 10:38:56 +11:00
dependabot-preview[bot]
157dcc7e3b
DEV: Bump sidekiq from 6.0.4 to 6.0.5 (#8964)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.0.4 to 6.0.5.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.0.4...v6.0.5)

Changes are safe, mostly around 2.7 support
2020-02-14 14:53:31 +11:00
dependabot-preview[bot]
4b46db6ea8
Build(deps-dev): Bump webmock from 3.8.1 to 3.8.2 (#8951)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.8.1 to 3.8.2.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.8.1...v3.8.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-13 12:32:02 -05:00
dependabot-preview[bot]
08f1866152
Build(deps-dev): Bump simplecov from 0.18.1 to 0.18.2 (#8945)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.18.1 to 0.18.2.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.18.1...v0.18.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-12 13:51:21 -05:00
dependabot-preview[bot]
fb2fad4811
Build(deps): Bump concurrent-ruby from 1.1.5 to 1.1.6 (#8930)
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases)
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.5...v1.1.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-02-12 10:11:31 -05:00
dependabot-preview[bot]
86bbc844fa
Build(deps-dev): Bump test-prof from 0.11.2 to 0.11.3 (#8931)
Bumps [test-prof](https://github.com/palkan/test-prof) from 0.11.2 to 0.11.3.
- [Release notes](https://github.com/palkan/test-prof/releases)
- [Changelog](https://github.com/palkan/test-prof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/palkan/test-prof/compare/v0.11.2...v0.11.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: Régis Hanol <regis@hanol.fr>
2020-02-12 09:38:32 -05:00
dependabot-preview[bot]
747fa94853
Build(deps-dev): Bump test-prof from 0.11.1 to 0.11.2 (#8929)
Bumps [test-prof](https://github.com/palkan/test-prof) from 0.11.1 to 0.11.2.
- [Release notes](https://github.com/palkan/test-prof/releases)
- [Changelog](https://github.com/palkan/test-prof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/palkan/test-prof/compare/v0.11.1...v0.11.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-11 15:43:21 -05:00
dependabot-preview[bot]
b266129ce5
Build(deps): Bump aws-partitions from 1.271.0 to 1.272.0 (#8918)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.271.0 to 1.272.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-11 10:06:04 -05:00
dependabot-preview[bot]
0cf19eb8fa
Build(deps): Bump aws-sdk-kms from 1.28.0 to 1.29.0 (#8917)
Bumps [aws-sdk-kms](https://github.com/aws/aws-sdk-ruby) from 1.28.0 to 1.29.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-kms/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/1.28.0...1.29.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-11 10:04:58 -05:00
David Taylor
3a906ff0e6
DEV: Bump omniauth-github from 1.3.0 to 1.4.0 (#8924)
This switches the github API access to use header-based authentication, rather than the deprecated parameter-based method
2020-02-11 09:36:41 +00:00
dependabot-preview[bot]
d7ae6b28e7
Build(deps): Bump nokogiri from 1.10.7 to 1.10.8 (#8916)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.7 to 1.10.8.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.7...v1.10.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 15:27:36 -05:00
dependabot-preview[bot]
5dc0f1bba2
Build(deps-dev): Bump test-prof from 0.10.2 to 0.11.1 (#8911)
Bumps [test-prof](https://github.com/palkan/test-prof) from 0.10.2 to 0.11.1.
- [Release notes](https://github.com/palkan/test-prof/releases)
- [Changelog](https://github.com/palkan/test-prof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/palkan/test-prof/compare/v0.10.2...v0.11.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 10:57:10 -05:00
dependabot-preview[bot]
e82901875f
Build(deps): Bump aws-sdk-s3 from 1.60.1 to 1.60.2 (#8899)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.60.1 to 1.60.2.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.60.1...v1.60.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 10:42:17 -05:00
dependabot-preview[bot]
0b96e182de
Build(deps): Bump aws-partitions from 1.270.0 to 1.271.0 (#8898)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.270.0 to 1.271.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 10:41:43 -05:00
OsamaSayegh
8054ce735b DEV: Bump Logster version to 2.6.2
This version includes fixes for bugs in the previous version. Changelog: 932e510436 (diff-4ac32a78649ca5bdd8e0ba38b7006a1e)
2020-02-09 15:55:49 +00:00
David Taylor
5919618a87
DEV: Drop legacy OpenID 2.0 support (#8894)
This is not used in core or official plugins, and has been printing a deprecation notice since v2.3.0beta4. All OpenID 2.0 code and dependencies have been dropped. The user_open_ids table remains for now, in case anyone has missed the deprecation notice, and needs to migrate their data.

Context at https://meta.discourse.org/t/-/113249
2020-02-07 17:32:35 +00:00
OsamaSayegh
a516c5df82 DEV: Bump logster version to 2.6.1 and enable new logster feature
Logster 2.6.1 includes a few new features and fixes. More details here: 58bb5c5368/CHANGELOG.md
2020-02-07 13:35:26 +00:00
dependabot-preview[bot]
5eb3255b02
DEV: Bump webmock from 3.8.0 to 3.8.1 (#8884)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.8.0 to 3.8.1.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.8.0...v3.8.1)

Testing only, not a risky change
2020-02-07 14:13:27 +11:00
Jarek Radosz
53529a3427
DEV: Upgrade Ember to version 3.12.2 (#8753)
* DEV: Use Ember 3.12.2
* Add Ember version to ThemeField's DEPENDENT_CONSTANTS
* DEV: Use `id` instead of `elementId` (See: https://github.com/emberjs/ember.js/issues/18147)
* FIX: Don't leak event listeners (bug introduced in 999e2ff)
2020-02-05 14:51:00 +01:00
dependabot-preview[bot]
a84c493de2
DEV: Bump msgpack from 1.3.2 to 1.3.3 (#8859)
Bumps [msgpack](https://github.com/msgpack/msgpack-ruby) from 1.3.2 to 1.3.3.
- [Release notes](https://github.com/msgpack/msgpack-ruby/releases)
- [Changelog](https://github.com/msgpack/msgpack-ruby/blob/master/ChangeLog)
- [Commits](https://github.com/msgpack/msgpack-ruby/compare/v1.3.2...v1.3.3)

Very safe update, mostly covering 2.7 compat.
2020-02-05 16:26:28 +11:00
dependabot-preview[bot]
0497d64849
Build(deps): Bump aws-partitions from 1.269.0 to 1.270.0 (#8855)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.269.0 to 1.270.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-04 16:13:31 -05:00
dependabot-preview[bot]
14758771c6
Build(deps): Bump msgpack from 1.3.1 to 1.3.2 (#8843)
Bumps [msgpack](https://github.com/msgpack/msgpack-ruby) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/msgpack/msgpack-ruby/releases)
- [Changelog](https://github.com/msgpack/msgpack-ruby/blob/master/ChangeLog)
- [Commits](https://github.com/msgpack/msgpack-ruby/compare/v1.3.1...v1.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-04 10:29:42 -05:00
dependabot-preview[bot]
a96eba9714
Build(deps): Bump rubyzip from 2.1.0 to 2.2.0 (#8833)
Bumps [rubyzip](https://github.com/rubyzip/rubyzip) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/rubyzip/rubyzip/releases)
- [Changelog](https://github.com/rubyzip/rubyzip/blob/master/Changelog.md)
- [Commits](https://github.com/rubyzip/rubyzip/compare/v2.1.0...v2.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-03 12:11:41 -05:00
dependabot-preview[bot]
302774f0e9
Build(deps): Bump ffi from 1.12.1 to 1.12.2 (#8831)
Bumps [ffi](https://github.com/ffi/ffi) from 1.12.1 to 1.12.2.
- [Release notes](https://github.com/ffi/ffi/releases)
- [Changelog](https://github.com/ffi/ffi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ffi/ffi/compare/1.12.1...1.12.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-03 12:10:48 -05:00
dependabot-preview[bot]
335f63f8fd
Build(deps): Bump unicorn from 5.5.2 to 5.5.3 (#8830)
Bumps [unicorn](https://yhbt.net/unicorn/) from 5.5.2 to 5.5.3.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-03 12:09:29 -05:00
dependabot-preview[bot]
16ae49eb95
Build(deps-dev): Bump parallel_tests from 2.30.1 to 2.31.0 (#8829)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.30.1 to 2.31.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.30.1...v2.31.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-03 12:08:54 -05:00
Arpit Jalan
e7a511fc7f Bump onebox version.
- remove Douban onebox
- show map icon for Google Map composer preview
2020-02-03 18:57:38 +05:30
dependabot-preview[bot]
6455c6ee87
Build(deps-dev): Bump simplecov from 0.18.0 to 0.18.1 (#8827)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.18.0 to 0.18.1.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.18.0...v0.18.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-31 10:22:12 -05:00
dependabot-preview[bot]
a520012538
Build(deps): Bump cose from 0.10.0 to 0.11.0 (#8822)
Bumps [cose](https://github.com/cedarcode/cose-ruby) from 0.10.0 to 0.11.0.
- [Release notes](https://github.com/cedarcode/cose-ruby/releases)
- [Changelog](https://github.com/cedarcode/cose-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cedarcode/cose-ruby/compare/v0.10.0...v0.11.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-30 14:32:27 -05:00
dependabot-preview[bot]
3c40bcca17
Build(deps): Bump oj from 3.10.1 to 3.10.2 (#8821)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.1 to 3.10.2.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.1...v3.10.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-30 14:30:50 -05:00
Robin Ward
6d8f12612b Revert "Build(deps): Bump oauth2 from 1.4.2 to 1.4.3 (#8815)"
This reverts commit dc34c24ffe.
2020-01-30 11:04:50 -05:00
dependabot-preview[bot]
dc34c24ffe
Build(deps): Bump oauth2 from 1.4.2 to 1.4.3 (#8815)
Bumps [oauth2](https://github.com/oauth-xx/oauth2) from 1.4.2 to 1.4.3.
- [Release notes](https://github.com/oauth-xx/oauth2/releases)
- [Changelog](https://github.com/oauth-xx/oauth2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/oauth-xx/oauth2/compare/v1.4.2...v1.4.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-30 10:59:59 -05:00
Sam Saffron
9f0e57b338 DEV: update rack-mini-profiler
This contains a fix to avoid a certain exception that kept popping up on
page transitions when mini profiler was fighting with our app and our app
was removing the mini profiler timing.
2020-01-30 17:57:47 +11:00
dependabot-preview[bot]
d2ce733936
DEV: Bump simplecov from 0.17.1 to 0.18.0 (#8805)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.17.1 to 0.18.0.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.17.1...v0.18.0)

Only used during testing, upgrade is safe
2020-01-29 12:10:31 +11:00
dependabot-preview[bot]
88548cef6a
DEV: Bump actionview_precompiler from 0.2.1 to 0.2.2 (#8798)
Bumps [actionview_precompiler](https://github.com/jhawthorn/actionview_precompiler) from 0.2.1 to 0.2.2.
- [Release notes](https://github.com/jhawthorn/actionview_precompiler/releases)
- [Commits](https://github.com/jhawthorn/actionview_precompiler/compare/v0.2.1...v0.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

This is used by unicorn for precompilation of templates, it reduces memory and cpu on unicorn workers that reuse the work. Upgrade is safe only contains Ruby 2.7 fixes
2020-01-29 12:09:56 +11:00
dependabot-preview[bot]
54a80e0dc0 Build(deps): Bump rack-mini-profiler from 1.1.4 to 1.1.5 (#8800)
Bumps [rack-mini-profiler](https://github.com/MiniProfiler/rack-mini-profiler) from 1.1.4 to 1.1.5.
- [Release notes](https://github.com/MiniProfiler/rack-mini-profiler/releases)
- [Changelog](https://github.com/MiniProfiler/rack-mini-profiler/blob/master/CHANGELOG.md)
- [Commits](https://github.com/MiniProfiler/rack-mini-profiler/compare/v1.1.4...v1.1.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-28 11:21:57 -05:00
dependabot-preview[bot]
22a089dfa2 Build(deps): Bump excon from 0.71.1 to 0.72.0 (#8797)
Bumps [excon](https://github.com/excon/excon) from 0.71.1 to 0.72.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.71.1...v0.72.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-28 11:20:54 -05:00
David Taylor
885a3ca42c DEV: Bump omniauth-facebook from 5.0.0 to 6.0.0
5.0.0 uses Facebook graph API v2.11, which is deprecated from 28th Jan 2020
6.0.0 uses Facebook graph API v3.0, which is supported until July 2020
2020-01-28 10:57:56 +00:00
dependabot-preview[bot]
4d3254b37c Build(deps): Bump rubyzip from 2.0.0 to 2.1.0 (#8785)
Bumps [rubyzip](https://github.com/rubyzip/rubyzip) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/rubyzip/rubyzip/releases)
- [Changelog](https://github.com/rubyzip/rubyzip/blob/master/Changelog.md)
- [Commits](https://github.com/rubyzip/rubyzip/compare/v2.0.0...v2.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-27 15:55:55 -05:00
dependabot-preview[bot]
bb816302f6 Build(deps-dev): Bump byebug from 11.1.0 to 11.1.1 (#8788)
Bumps [byebug](https://github.com/deivid-rodriguez/byebug) from 11.1.0 to 11.1.1.
- [Release notes](https://github.com/deivid-rodriguez/byebug/releases)
- [Changelog](https://github.com/deivid-rodriguez/byebug/blob/master/CHANGELOG.md)
- [Commits](https://github.com/deivid-rodriguez/byebug/compare/v11.1.0...v11.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-27 11:06:17 -05:00
dependabot-preview[bot]
869fbad2a4 Build(deps): Bump aws-partitions from 1.267.0 to 1.269.0 (#8786)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.267.0 to 1.269.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-27 11:06:05 -05:00
dependabot-preview[bot]
b0f2f1cfb6 Build(deps-dev): Bump ruby-prof from 1.1.0 to 1.2.0 (#8778)
Bumps [ruby-prof](https://github.com/ruby-prof/ruby-prof) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/ruby-prof/ruby-prof/releases)
- [Changelog](https://github.com/ruby-prof/ruby-prof/blob/master/CHANGES)
- [Commits](https://github.com/ruby-prof/ruby-prof/compare/1.1.0...1.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-24 12:55:08 -05:00
Arpit Jalan
5eb2efe64a Revert Faraday to version 0.17.3 2020-01-24 12:08:56 +05:30
dependabot-preview[bot]
0b3de60bee Build(deps): Bump faraday from 0.17.1 to 1.0.0 (#8646)
Bumps [faraday](https://github.com/lostisland/faraday) from 0.17.1 to 1.0.0.
- [Release notes](https://github.com/lostisland/faraday/releases)
- [Changelog](https://github.com/lostisland/faraday/blob/master/CHANGELOG.md)
- [Commits](https://github.com/lostisland/faraday/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-23 16:19:40 +01:00
dependabot-preview[bot]
9fea89a017 Build(deps-dev): Bump webmock from 3.7.6 to 3.8.0 (#8728)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.7.6 to 3.8.0.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.7.6...v3.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-23 16:19:28 +01:00
dependabot-preview[bot]
e309db9b58 Build(deps-dev): Bump parallel_tests from 2.30.0 to 2.30.1 (#8717)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.30.0 to 2.30.1.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.30.0...v2.30.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-23 16:19:14 +01:00
dependabot-preview[bot]
004d9ef3b7 Build(deps): Bump raindrops from 0.19.0 to 0.19.1 (#8680)
Bumps [raindrops](https://yhbt.net/raindrops/) from 0.19.0 to 0.19.1.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-23 15:47:01 +01:00
dependabot-preview[bot]
523bebbfeb Build(deps): Bump kgio from 2.11.2 to 2.11.3 (#8679)
Bumps [kgio](https://yhbt.net/kgio/) from 2.11.2 to 2.11.3.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-23 15:46:50 +01:00
dependabot-preview[bot]
9e8ee90774 Build(deps): Bump aws-partitions from 1.266.0 to 1.267.0 (#8762)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.266.0 to 1.267.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-22 11:52:47 -05:00
dependabot-preview[bot]
b49f7a420b Build(deps): Bump aws-sdk-kms from 1.27.0 to 1.28.0 (#8755)
Bumps [aws-sdk-kms](https://github.com/aws/aws-sdk-ruby) from 1.27.0 to 1.28.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-kms/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/1.27.0...1.28.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-21 10:09:41 -05:00
dependabot-preview[bot]
6cf088b7c9 Build(deps-dev): Bump byebug from 11.0.1 to 11.1.0 (#8758)
Bumps [byebug](https://github.com/deivid-rodriguez/byebug) from 11.0.1 to 11.1.0.
- [Release notes](https://github.com/deivid-rodriguez/byebug/releases)
- [Changelog](https://github.com/deivid-rodriguez/byebug/blob/master/CHANGELOG.md)
- [Commits](https://github.com/deivid-rodriguez/byebug/compare/v11.0.1...v11.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-21 10:09:20 -05:00
dependabot-preview[bot]
3c28f55ab7 Build(deps): Bump mini_sql from 0.2.3 to 0.2.4 (#8757)
Bumps [mini_sql](https://github.com/discourse/mini_sql) from 0.2.3 to 0.2.4.
- [Release notes](https://github.com/discourse/mini_sql/releases)
- [Changelog](https://github.com/discourse/mini_sql/blob/master/CHANGELOG)
- [Commits](https://github.com/discourse/mini_sql/compare/v0.2.3...v0.2.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-21 10:08:53 -05:00
dependabot-preview[bot]
32ec61d63c Build(deps): Bump unicode-display_width from 1.6.0 to 1.6.1 (#8756)
Bumps [unicode-display_width](https://github.com/janlelis/unicode-display_width) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/janlelis/unicode-display_width/releases)
- [Changelog](https://github.com/janlelis/unicode-display_width/blob/master/CHANGELOG.md)
- [Commits](https://github.com/janlelis/unicode-display_width/compare/v1.6.0...v1.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-21 10:08:24 -05:00
dependabot-preview[bot]
304dcb3eb8 Build(deps): Bump ffi from 1.11.3 to 1.12.1 (#8721)
Bumps [ffi](https://github.com/ffi/ffi) from 1.11.3 to 1.12.1.
- [Release notes](https://github.com/ffi/ffi/releases)
- [Changelog](https://github.com/ffi/ffi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ffi/ffi/compare/1.11.3...1.12.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-20 15:45:55 -05:00
dependabot-preview[bot]
932ccc89d7 Build(deps): Bump i18n from 1.8.0 to 1.8.2 (#8705)
Bumps [i18n](https://github.com/svenfuchs/i18n) from 1.8.0 to 1.8.2.
- [Release notes](https://github.com/svenfuchs/i18n/releases)
- [Changelog](https://github.com/ruby-i18n/i18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/svenfuchs/i18n/compare/v1.8.0...v1.8.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-20 15:45:02 -05:00
dependabot-preview[bot]
cff97b9ab3 Build(deps): Bump oj from 3.10.0 to 3.10.1 (#8722)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.0 to 3.10.1.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.0...v3.10.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-20 15:44:35 -05:00
dependabot-preview[bot]
e5e210f616 Build(deps): Bump aws-partitions from 1.262.0 to 1.266.0 (#8745)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.262.0 to 1.266.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-20 15:40:30 -05:00
dependabot-preview[bot]
4773cf2933 Build(deps): Bump onebox from 1.9.24 to 1.9.25 (#8707)
Bumps [onebox](https://github.com/discourse/onebox) from 1.9.24 to 1.9.25.
- [Release notes](https://github.com/discourse/onebox/releases)
- [Changelog](https://github.com/discourse/onebox/blob/master/CHANGELOG.md)
- [Commits](https://github.com/discourse/onebox/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-13 19:57:16 +05:30
Sam Saffron
eb105ba79d DEV: revert upgrade of rack to version 2.0.8
We can not upgrade rack cause it breaks Sidekiq web.

I can not find a trivial fix short of disabling sessions in Sidekiq which
is a security concern.

We need to figure out how to reuse sessions with our Rails application in
Sidekiq.

This gets extra complex cause we use a special cookie store for sessions.

9e399b42b9/lib/discourse_cookie_store.rb (L3-L21)
2020-01-13 18:07:16 +11:00
dependabot-preview[bot]
d50eb82d51 DEV: Bump rack from 2.0.8 to 2.1.1 (#8702)
Bumps [rack](https://github.com/rack/rack) from 2.0.8 to 2.1.1.
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rack/rack/compare/2.0.8...2.1.1)

On a cursory look none of the changes should impact Discourse, we want to be on latest rack so we can benefit from all the latest bug fixes.
2020-01-13 12:09:50 +11:00
dependabot-preview[bot]
33a9d60569 DEV: Bump shoulda-matchers from 4.1.2 to 4.2.0 (#8689)
Bumps [shoulda-matchers](https://github.com/thoughtbot/shoulda-matchers) from 4.1.2 to 4.2.0.
- [Release notes](https://github.com/thoughtbot/shoulda-matchers/releases)
- [Changelog](https://github.com/thoughtbot/shoulda-matchers/blob/master/NEWS.md)
- [Commits](https://github.com/thoughtbot/shoulda-matchers/compare/v4.1.2...v4.2.0)

Mostly about updating gem dependencies, only used in dev, very safe upgrade.
2020-01-13 12:04:31 +11:00
dependabot-preview[bot]
69779f79d9 DEV: Bump pg from 1.2.1 to 1.2.2 (#8685)
Bumps [pg](https://github.com/ged/ruby-pg) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.2.1...v1.2.2)

Very safe upgrade, Discourse is not impacted by any of the changes.
2020-01-13 12:02:44 +11:00
dependabot-preview[bot]
c9327fce12 Build(deps-dev): Bump minitest from 5.13.0 to 5.14.0 (#8703)
Bumps [minitest](https://github.com/seattlerb/minitest) from 5.13.0 to 5.14.0.
- [Release notes](https://github.com/seattlerb/minitest/releases)
- [Changelog](https://github.com/seattlerb/minitest/blob/master/History.rdoc)
- [Commits](https://github.com/seattlerb/minitest/compare/v5.13.0...v5.14.0)

Very safe change only impacts our test framework.
2020-01-13 12:01:40 +11:00
dependabot-preview[bot]
3ddebc61a9 Build(deps): Bump public_suffix from 4.0.2 to 4.0.3 (#8663)
Bumps [public_suffix](https://github.com/weppos/publicsuffix-ruby) from 4.0.2 to 4.0.3.
- [Release notes](https://github.com/weppos/publicsuffix-ruby/releases)
- [Changelog](https://github.com/weppos/publicsuffix-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/weppos/publicsuffix-ruby/compare/4.0.2...4.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-10 10:04:54 -05:00
dependabot-preview[bot]
aa9450646b Build(deps-dev): Bump test-prof from 0.10.1 to 0.10.2 (#8676)
Bumps [test-prof](https://github.com/palkan/test-prof) from 0.10.1 to 0.10.2.
- [Release notes](https://github.com/palkan/test-prof/releases)
- [Changelog](https://github.com/palkan/test-prof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/palkan/test-prof/compare/v0.10.1...v0.10.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-10 10:03:56 -05:00
dependabot-preview[bot]
d0cd08a67c Build(deps): Bump parser from 2.7.0.1 to 2.7.0.2 (#8686)
Bumps [parser](https://github.com/whitequark/parser) from 2.7.0.1 to 2.7.0.2.
- [Release notes](https://github.com/whitequark/parser/releases)
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/whitequark/parser/compare/v2.7.0.1...v2.7.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-10 10:03:11 -05:00
dependabot-preview[bot]
6e480392ea Build(deps): Bump aws-sdk-core from 3.86.0 to 3.87.0 (#8696)
Bumps [aws-sdk-core](https://github.com/aws/aws-sdk-ruby) from 3.86.0 to 3.87.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-core/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-10 10:01:57 -05:00
dependabot-preview[bot]
8b3c40c79d DEV: Bump mini_racer from 0.2.8 to 0.2.9 (#8688)
Bumps [mini_racer](https://github.com/discourse/mini_racer) from 0.2.8 to 0.2.9.
- [Release notes](https://github.com/discourse/mini_racer/releases)
- [Changelog](https://github.com/rubyjs/mini_racer/blob/master/CHANGELOG)
- [Commits](https://github.com/discourse/mini_racer/compare/v0.2.8...v0.2.9)

Very safe change, adds support for JavaScript Symbol which used to cause segfaults.
2020-01-09 13:11:26 +11:00
dependabot-preview[bot]
f1cd599966 DEV: Bump rubocop from 0.78.0 to 0.79.0 (#8667)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.78.0 to 0.79.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.78.0...v0.79.0)

Changes seem pretty safe, nothing should impact Discourse. Merging so we are on latest version.
2020-01-08 17:09:24 +11:00
dependabot-preview[bot]
5736b5808c Build(deps): Bump rspec-mocks from 3.9.0 to 3.9.1 (#8644)
Bumps [rspec-mocks](https://github.com/rspec/rspec-mocks) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/rspec/rspec-mocks/releases)
- [Changelog](https://github.com/rspec/rspec-mocks/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-mocks/compare/v3.9.0...v3.9.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-07 01:12:04 +01:00
dependabot-preview[bot]
4352bc2a78 Build(deps): Bump aws-partitions from 1.260.0 to 1.262.0 (#8666)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.260.0 to 1.262.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-07 00:38:29 +01:00
dependabot-preview[bot]
d6e08308e0 Build(deps): Bump aws-sdk-s3 from 1.59.1 to 1.60.1 (#8596)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.59.1 to 1.60.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.59.1...v1.60.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-07 00:30:14 +01:00
dependabot-preview[bot]
c2b83f4dfa DEV: Bump rake-compiler from 1.0.8 to 1.1.0 (#8636)
Bumps [rake-compiler](https://github.com/luislavena/rake-compiler) from 1.0.8 to 1.1.0.
- [Release notes](https://github.com/luislavena/rake-compiler/releases)
- [Changelog](https://github.com/rake-compiler/rake-compiler/blob/master/History.txt)
- [Commits](https://github.com/luislavena/rake-compiler/compare/v1.0.8...v1.1.0)

Ruby 2.7 support.
2020-01-06 17:12:28 +11:00
dependabot-preview[bot]
b789fa9a50 DEV: Bump rack-protection from 2.0.7 to 2.0.8.1 (#8648)
Bumps [rack-protection](https://github.com/sinatra/sinatra) from 2.0.7 to 2.0.8.1.
- [Release notes](https://github.com/sinatra/sinatra/releases)
- [Changelog](https://github.com/sinatra/sinatra/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sinatra/sinatra/compare/v2.0.7...v2.0.8.1)

Minor performance update and Ruby 2.7 deprecation removal.
2020-01-06 17:11:37 +11:00
dependabot-preview[bot]
01358e2b42 DEV: Bump pg from 1.2.0 to 1.2.1 (#8657)
Bumps [pg](https://github.com/ged/ruby-pg) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.2.0...v1.2.1)

Very minor update, adds some functionality we do not use, specifically better support for the sequel orm.
2020-01-06 17:10:24 +11:00
Régis Hanol
ce512452b5 Revert "Revert "DEV: Bump public_suffix from 4.0.1 to 4.0.2 (#8631)""
This reverts commit f04f6cbf01.
2019-12-31 17:12:06 +01:00
Sam Saffron
f04f6cbf01 Revert "DEV: Bump public_suffix from 4.0.1 to 4.0.2 (#8631)"
This reverts commit 09a6bb240e.
2019-12-31 14:07:55 +11:00
Sam Saffron
e32bf19cd3 DEV: update dependencies
Quite a few have popped up due to 2.7 release, all gems being updated have
non urgent fixes, but it makes sense to be on latest.
2019-12-31 12:20:26 +11:00
dependabot-preview[bot]
d048464b03 DEV: Bump rspec-core from 3.9.0 to 3.9.1 (#8637)
Bumps [rspec-core](https://github.com/rspec/rspec-core) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/rspec/rspec-core/releases)
- [Changelog](https://github.com/rspec/rspec-core/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-core/compare/v3.9.0...v3.9.1)

Test only dependency, low risk.
2019-12-31 11:49:21 +11:00
dependabot-preview[bot]
4ddc6b8b96 DEV: Bump tzinfo from 1.2.5 to 1.2.6 (#8635)
Bumps [tzinfo](https://github.com/tzinfo/tzinfo) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/tzinfo/tzinfo/releases)
- [Changelog](https://github.com/tzinfo/tzinfo/blob/master/CHANGES.md)
- [Commits](https://github.com/tzinfo/tzinfo/compare/v1.2.5...v1.2.6)

Pretty safe update, deals with Ruby 2.7 and corrects a minor internal bug
2019-12-31 11:48:37 +11:00
dependabot-preview[bot]
09a6bb240e DEV: Bump public_suffix from 4.0.1 to 4.0.2 (#8631)
Bumps [public_suffix](https://github.com/weppos/publicsuffix-ruby) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/weppos/publicsuffix-ruby/releases)
- [Changelog](https://github.com/weppos/publicsuffix-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/weppos/publicsuffix-ruby/compare/v4.0.1...4.0.2)

Definition only update, has very little impact.
2019-12-31 11:47:14 +11:00
dependabot-preview[bot]
acabea4cfe DEV: Bump rspec-support from 3.9.0 to 3.9.2 (#8628)
Bumps [rspec-support](https://github.com/rspec/rspec-support) from 3.9.0 to 3.9.2.
- [Release notes](https://github.com/rspec/rspec-support/releases)
- [Changelog](https://github.com/rspec/rspec-support/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-support/compare/v3.9.0...v3.9.2)

Minor test only update, also cleans up Ruby 2.7 support
2019-12-31 11:45:43 +11:00
dependabot-preview[bot]
420fd27e48 DEV: Bump pg from 1.1.4 to 1.2.0 (#8632)
Bumps [pg](https://github.com/ged/ruby-pg) from 1.1.4 to 1.2.0.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.1.4...v1.2.0)

This is a big update to the PG gem, overall our codebase should support it fully. It also comes with some perf fixes which is nice!
2019-12-31 11:44:49 +11:00
dependabot-preview[bot]
dca99c0391 Build(deps): Bump cose from 0.9.0 to 0.10.0 (#8595)
Bumps [cose](https://github.com/cedarcode/cose-ruby) from 0.9.0 to 0.10.0.
- [Release notes](https://github.com/cedarcode/cose-ruby/releases)
- [Changelog](https://github.com/cedarcode/cose-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cedarcode/cose-ruby/compare/v0.9.0...v0.10.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-30 16:10:34 +10:00
dependabot-preview[bot]
831d46f55f DEV: Bump aws-partitions from 1.256.0 to 1.260.0 (#8617)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.256.0 to 1.260.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Contains a bunch of AWS gem updates that we do not use. My long term thinking here is that maybe the AWS dependency is just too heavy and we should consume the API directly to avoid this constant churn.
2019-12-30 17:09:07 +11:00
dependabot-preview[bot]
9178b36e64 Build(deps): Bump request_store from 1.4.1 to 1.5.0 (#8608)
Bumps [request_store](https://github.com/steveklabnik/request_store) from 1.4.1 to 1.5.0.
- [Release notes](https://github.com/steveklabnik/request_store/releases)
- [Commits](https://github.com/steveklabnik/request_store/compare/v1.4.1...v1.5.0)

request_store is a side dependency that is only used for lograge support, not expecting this to break anything.
2019-12-30 17:07:37 +11:00
dependabot-preview[bot]
bb9c54514f DEV: Bump unicorn from 5.5.1 to 5.5.2 (#8602)
Bumps [unicorn](https://bogomips.org/unicorn/) from 5.5.1 to 5.5.2.

This contains a fix for: 024f7a8c8c 

Specifically its around operation when you use the ruby tainting feature (which will soon be removed) 

Update has no actual impact on Discourse.
2019-12-30 17:06:00 +11:00
dependabot-preview[bot]
640fa6d118 DEV: Bump excon from 0.71.0 to 0.71.1 (#8587)
Bumps [excon](https://github.com/excon/excon) from 0.71.0 to 0.71.1.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.71.0...v0.71.1)

Minor performance update, the big change here is that internally excon starts using frozen strings.
2019-12-30 16:57:32 +11:00
Sam Saffron
be880d2ac1 DEV: update rubocop
This is a minor update to rubocop, it is fully compatible with our current
set of rules.
2019-12-30 16:54:47 +11:00
dependabot-preview[bot]
0234214533 DEV: Bump stackprof from 0.2.14 to 0.2.15 (#8584)
Bumps [stackprof](https://github.com/tmm1/stackprof) from 0.2.14 to 0.2.15.
- [Release notes](https://github.com/tmm1/stackprof/releases)
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tmm1/stackprof/compare/v0.2.14...v0.2.15)

Very safe change only used for diagnostics.
2019-12-30 16:42:16 +11:00
dependabot-preview[bot]
2d3d7a8f86 DEV: Bump mini_sql from 0.2.2 to 0.2.3 (#8601)
Bumps [mini_sql](https://discourse.org) from 0.2.2 to 0.2.3.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Minor update was there mainly for JRuby support should not have any real impact on Discourse.
2019-12-30 16:41:37 +11:00
dependabot-preview[bot]
4989fec1be DEV: Bump sidekiq from 6.0.3 to 6.0.4 (#8611)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.0.3 to 6.0.4.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.0.3...v6.0.4)

Minor update which seems very safe.
2019-12-30 16:36:23 +11:00
Rafael dos Santos Silva
b445e0e76a
DEV: Update Bundler (#8583)
* DEV: Update Bundler

Latest RubyGems 3.1.1 vendors bundler 2.1.0 *again*. And our base
image build system even updates it to 2.1.1.

After that it is unable to run a simple `bundle install` because of
version mismatch.

Updating bundler to the one that comes with our enforced Ruby version
solves this.

* DEV: Update bundler in CI too
2019-12-19 16:25:33 -03:00
Neil Lalonde
93c8b4fb58 Bump rack from 2.0.7 to 2.0.8 2019-12-19 12:22:48 -05:00
dependabot-preview[bot]
e0df0f479a Bump aws-sdk-s3 from 1.59.0 to 1.59.1 (#8575)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.59.0 to 1.59.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.59.0...v1.59.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-18 12:11:43 -03:00
dependabot-preview[bot]
2cdaf05c37 Bump ruby-prof from 1.0.0 to 1.1.0 (#8546)
Bumps [ruby-prof](https://github.com/ruby-prof/ruby-prof) from 1.0.0 to 1.1.0.
- [Release notes](https://github.com/ruby-prof/ruby-prof/releases)
- [Changelog](https://github.com/ruby-prof/ruby-prof/blob/master/CHANGES)
- [Commits](https://github.com/ruby-prof/ruby-prof/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-18 12:10:09 -03:00
dependabot-preview[bot]
7b7926c486 Bump rake-compiler from 1.0.7 to 1.0.8 (#8559)
Bumps [rake-compiler](https://github.com/luislavena/rake-compiler) from 1.0.7 to 1.0.8.
- [Release notes](https://github.com/luislavena/rake-compiler/releases)
- [Changelog](https://github.com/rake-compiler/rake-compiler/blob/master/History.txt)
- [Commits](https://github.com/luislavena/rake-compiler/compare/v1.0.7...v1.0.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-18 11:56:16 -03:00
dependabot-preview[bot]
aaf159c48c Bump aws-partitions from 1.255.0 to 1.256.0 (#8566)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.255.0 to 1.256.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-18 11:55:44 -03:00
dependabot-preview[bot]
caa7cc51f1 Build(deps): Bump thor from 1.0.0 to 1.0.1 (#8572)
Bumps [thor](https://github.com/erikhuda/thor) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/erikhuda/thor/releases)
- [Changelog](https://github.com/erikhuda/thor/blob/master/CHANGELOG.md)
- [Commits](https://github.com/erikhuda/thor/compare/v1.0.0...v1.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-18 11:55:18 -03:00
Martin Brennan
beb91e7eff
FIX: require: false for rotp gem (#8540)
The ROTP gem is only used in a very small amount of places in the app, we don't need to globally require it.

Also set the Addressable gem to not have a specific version range, as it has not been a problem yet.

Some slight refactoring of UserSecondFactor here too to use SecondFactorManager to avoid code repetition
2019-12-17 10:33:51 +10:00
dependabot-preview[bot]
998bbdc40f Bump fspath from 3.1.0 to 3.1.2 (#8564)
Bumps [fspath](https://github.com/toy/fspath) from 3.1.0 to 3.1.2.
- [Release notes](https://github.com/toy/fspath/releases)
- [Commits](https://github.com/toy/fspath/compare/v3.1.0...v3.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 12:19:31 -08:00
dependabot-preview[bot]
5acecfcb91 Bump in_threads from 1.5.1 to 1.5.3 (#8556)
Bumps [in_threads](https://github.com/toy/in_threads) from 1.5.1 to 1.5.3.
- [Release notes](https://github.com/toy/in_threads/releases)
- [Changelog](https://github.com/toy/in_threads/blob/master/CHANGELOG.markdown)
- [Commits](https://github.com/toy/in_threads/compare/v1.5.1...v1.5.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 10:57:22 -08:00
dependabot-preview[bot]
82828d5145 Bump progress from 3.5.0 to 3.5.2 (#8560)
Bumps [progress](https://github.com/toy/progress) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/toy/progress/releases)
- [Changelog](https://github.com/toy/progress/blob/master/CHANGELOG.markdown)
- [Commits](https://github.com/toy/progress/compare/v3.5.0...v3.5.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 10:45:33 -08:00
dependabot-preview[bot]
aee3c6b96b Bump json from 2.2.0 to 2.3.0 (#8563)
Bumps [json](https://github.com/flori/json) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/flori/json/releases)
- [Changelog](https://github.com/flori/json/blob/master/CHANGES.md)
- [Commits](https://github.com/flori/json/compare/v2.2.0...v2.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 10:35:08 -08:00
dependabot-preview[bot]
e328700ae5 Bump aws-sdk-core from 3.85.0 to 3.86.0 (#8558)
Bumps [aws-sdk-core](https://github.com/aws/aws-sdk-ruby) from 3.85.0 to 3.86.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-core/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 10:09:38 -08:00
dependabot-preview[bot]
22f1aa0c58 Bump jquery-rails from 4.3.3 to 4.3.5 (#8557)
Bumps [jquery-rails](https://github.com/rails/jquery-rails) from 4.3.3 to 4.3.5.
- [Release notes](https://github.com/rails/jquery-rails/releases)
- [Changelog](https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/jquery-rails/compare/v4.3.3...v4.3.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 09:44:56 -08:00
dependabot-preview[bot]
db82ed86c4 Bump thor from 0.20.3 to 1.0.0 (#8550) 2019-12-16 09:23:47 -08:00
dependabot-preview[bot]
6b3308d614 Bump excon from 0.70.0 to 0.71.0 (#8551)
Bumps [excon](https://github.com/excon/excon) from 0.70.0 to 0.71.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.70.0...v0.71.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 08:53:42 -08:00
OsamaSayegh
dc3c4bdd00 DEV: Bump Logster version to 2.5.1
This version has minor follow-up fixes and changes to the pattern
grouping feature that was introduced yesterday. See Logster changelog
for details: https://github.com/discourse/logster/blob/master/CHANGELOG.md
2019-12-13 09:51:19 +00:00
dependabot-preview[bot]
885d2bb87a Bump logster from 2.4.2 to 2.5.0 (#8538)
Bumps [logster](https://github.com/discourse/logster) from 2.4.2 to 2.5.0.
- [Release notes](https://github.com/discourse/logster/releases)
- [Changelog](https://github.com/discourse/logster/blob/master/CHANGELOG.md)
- [Commits](https://github.com/discourse/logster/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

This new version of Logster has grouping patterns that can be added via the UI to group logs that match into a single row. More details at 24d6cc9742
2019-12-12 08:26:49 +03:00
Martin Brennan
e8ee847dd2 Merge branch 'master' of github.com:discourse/discourse 2019-12-12 14:33:09 +10:00
Martin Brennan
9c1e0b8bd2 bump rubocop-discourse to 1.0.2 for NoURIEscapeEncode cop 2019-12-12 14:30:27 +10:00
Martin Brennan
edbc356593
FIX: Replace deprecated URI.encode, URI.escape, URI.unescape and URI.unencode (#8528)
The following methods have long been deprecated in ruby due to flaws in their implementation per http://blade.nagaokaut.ac.jp/cgi-bin/vframe.rb/ruby/ruby-core/29293?29179-31097:

URI.escape
URI.unescape
URI.encode
URI.unencode
escape/encode are just aliases for one another. This PR uses the Addressable gem to replace these methods with its own encode, unencode, and encode_component methods where appropriate.

I have put all references to Addressable::URI here into the UrlHelper to keep them corralled in one place to make changes to this implementation easier.

Addressable is now also an explicit gem dependency.
2019-12-12 12:49:21 +10:00
Sam Saffron
b6acfb7847 DEV: upgrade redis-namespace gem
New release has a few extra commands namespaced, nothing we use.

Also added a comment about why this is explicitly required.
2019-12-12 13:36:08 +11:00
dependabot-preview[bot]
61ac0d47ee DEV: Bump stackprof from 0.2.13 to 0.2.14 (#8531)
Bumps [stackprof](https://github.com/tmm1/stackprof) from 0.2.13 to 0.2.14.
- [Release notes](https://github.com/tmm1/stackprof/releases)
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tmm1/stackprof/compare/v0.2.13...v0.2.14)

Minor upgrade to stackprof which is only used for diagnostics and not default required. Changes all look safe.
2019-12-12 13:29:00 +11:00
Krzysztof Kotlarek
746ba0d8fd SECURITY: upgrade rack-mini-profiler to avoid possible XSS (#8537) 2019-12-12 13:15:40 +11:00
dependabot-preview[bot]
863d3f89de Build(deps): Bump aws-sdk-s3 from 1.36.1 to 1.59.0 (#8502)
* Build(deps): Bump aws-sdk-s3 from 1.36.1 to 1.59.0

Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.36.1 to 1.59.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.36.1...v1.59.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Dependabot/bundler/aws sdk s3 1.59.0 (#8532)
2019-12-11 10:18:11 -08:00
Mark VanLandingham
06c6062ed2
DEV: Lock sassc gem at version 2.0.1 with note (#8523) 2019-12-11 06:22:39 -08:00
dependabot-preview[bot]
b90a592146 DEV: Bump aws-sdk-sns from 1.13.0 to 1.21.0 (#8490)
Bumps [aws-sdk-sns](https://github.com/aws/aws-sdk-ruby) from 1.13.0 to 1.21.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-sns/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/1.13.0...1.21.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-11 06:13:17 -08:00
Sam Saffron
1d16b34284 DEV: forgot to check in lockfile
updates lock file to properly match the generated one.
2019-12-11 12:45:42 +11:00
dependabot-preview[bot]
508b4c1e5e DEV: Bump css_parser from 1.7.0 to 1.7.1 (#8524)
Bumps [css_parser](https://github.com/premailer/css_parser) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/premailer/css_parser/releases)
- [Changelog](https://github.com/premailer/css_parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/premailer/css_parser/compare/v1.7.0...v1.7.1)

This minor update force UTF-8, this should have not impact on us as we only trade in UTF-8 strings for CSS anyway.
2019-12-11 10:56:53 +11:00
dependabot-preview[bot]
83175c9bfb DEV: Bump rspec-html-matchers from 0.9.1 to 0.9.2 (#8525)
Bumps [rspec-html-matchers](https://github.com/kucaahbe/rspec-html-matchers) from 0.9.1 to 0.9.2.
- [Release notes](https://github.com/kucaahbe/rspec-html-matchers/releases)
- [Changelog](https://github.com/kucaahbe/rspec-html-matchers/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kucaahbe/rspec-html-matchers/compare/v0.9.1...v0.9.2)

Low risk update, only impacts tests.
2019-12-11 10:55:25 +11:00
dependabot-preview[bot]
505b8b76bc Build(deps): Bump webpush from 0.3.8 to 1.0.0 (#8511)
Bumps [webpush](https://github.com/zaru/webpush) from 0.3.8 to 1.0.0.
- [Release notes](https://github.com/zaru/webpush/releases)
- [Changelog](https://github.com/zaru/webpush/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zaru/webpush/compare/v0.3.8...v1.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-10 12:56:52 -08:00
dependabot-preview[bot]
3309a2b564 Build(deps-dev): Bump webmock from 3.5.1 to 3.7.6 (#8512)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.5.1 to 3.7.6.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.5.1...v3.7.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-10 10:38:03 -08:00
dependabot-preview[bot]
31c6a1528b Build(deps-dev): Bump listen from 3.1.5 to 3.2.1 (#8498)
Bumps [listen](https://github.com/guard/listen) from 3.1.5 to 3.2.1.
- [Release notes](https://github.com/guard/listen/releases)
- [Commits](https://github.com/guard/listen/compare/v3.1.5...v3.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-10 08:48:40 -08:00
dependabot-preview[bot]
287ba20f3b Build(deps-dev): Bump parallel_tests from 2.29.2 to 2.30.0 (#8508)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.29.2 to 2.30.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.29.2...v2.30.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-10 16:11:49 +00:00
Mark VanLandingham
148970ca9b
DEV: Revert parallel_tests bump (#8518)
parallel_tests with this version uses `bin/rake`, which auto-loads plugins
2019-12-10 07:58:12 -08:00
dependabot-preview[bot]
2605adede0 Build(deps-dev): Bump parallel_tests from 2.29.2 to 2.30.0 (#8508)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.29.2 to 2.30.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.29.2...v2.30.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-10 07:12:38 -08:00
dependabot-preview[bot]
da62f87694 Build(deps): Bump rqrcode from 0.10.1 to 1.1.2 (#8497)
Bumps [rqrcode](https://github.com/whomwah/rqrcode) from 0.10.1 to 1.1.2.
- [Release notes](https://github.com/whomwah/rqrcode/releases)
- [Commits](https://github.com/whomwah/rqrcode/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-10 06:49:20 -08:00
dependabot-preview[bot]
ee1f77d301 Build(deps-dev): Bump uglifier from 4.1.20 to 4.2.0 (#8510)
Bumps [uglifier](https://github.com/lautis/uglifier) from 4.1.20 to 4.2.0.
- [Release notes](https://github.com/lautis/uglifier/releases)
- [Changelog](https://github.com/lautis/uglifier/blob/master/CHANGELOG.md)
- [Commits](https://github.com/lautis/uglifier/compare/v4.1.20...v4.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-10 06:28:15 -08:00
dependabot-preview[bot]
33ae9679d8 DEV: Bump excon from 0.64.0 to 0.70.0 (#8503)
Bumps [excon](https://github.com/excon/excon) from 0.64.0 to 0.70.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.64.0...v0.70.0)

Most changes are minor and update should be pretty safe.
2019-12-10 12:34:00 +11:00
Sam Saffron
3e0454c97b DEV: add a note about sprockets being held back
We want to upgrade to version 4, but it does not work atm.
2019-12-10 12:31:16 +11:00
dependabot-preview[bot]
84c251c778 DEV: Bump sidekiq from 5.2.7 to 6.0.3 (#8499)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 5.2.7 to 6.0.3.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v5.2.7...v6.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

The big thing for us with this update is that it makes sidekiq a bit faster.
2019-12-10 12:05:02 +11:00
dependabot-preview[bot]
c923c49964 DEV: Bump sassc-rails from 2.1.1 to 2.1.2 (#8501)
Bumps [sassc-rails](https://github.com/sass/sassc-rails) from 2.1.1 to 2.1.2.
- [Release notes](https://github.com/sass/sassc-rails/releases)
- [Commits](https://github.com/sass/sassc-rails/compare/v2.1.1...v2.1.2)

Minor fixes in the gem
2019-12-10 11:50:34 +11:00
Sam Saffron
0c52537f10 DEV: update rubocop to version 0.77
We like to stay as close as possible to latest with rubocop cause the cops
get better.

This update required some code changes, specifically the default is to avoid
explicit returns where implicit is done

Also this renames a few rules
2019-12-10 11:48:39 +11:00
dependabot-preview[bot]
ee9afb87f2 DEV: Bump mock_redis from 0.19.0 to 0.22.0 (#8504)
Bumps [mock_redis](https://github.com/sds/mock_redis) from 0.19.0 to 0.22.0.
- [Release notes](https://github.com/sds/mock_redis/releases)
- [Changelog](https://github.com/sds/mock_redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sds/mock_redis/compare/v0.19.0...v0.22.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Mock redis update adds better parity for redis mock, we use it during tests.
2019-12-10 11:36:36 +11:00
Mark VanLandingham
6740e08caa
DEV: Revert 3 dependabot suggestions (#8506) 2019-12-09 14:40:54 -08:00
Mark VanLandingham
642c17a4b2
DEV: revert webpush version bump (#8505) 2019-12-09 13:53:25 -08:00
dependabot-preview[bot]
413a49fe06 Build(deps-dev): Bump rspec-html-matchers from 0.9.1 to 0.9.2 (#8494)
Bumps [rspec-html-matchers](https://github.com/kucaahbe/rspec-html-matchers) from 0.9.1 to 0.9.2.
- [Release notes](https://github.com/kucaahbe/rspec-html-matchers/releases)
- [Changelog](https://github.com/kucaahbe/rspec-html-matchers/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kucaahbe/rspec-html-matchers/compare/v0.9.1...v0.9.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-09 12:22:55 -08:00
dependabot-preview[bot]
866b634f22 Build(deps): Bump webpush from 0.3.8 to 1.0.0 (#8491)
Bumps [webpush](https://github.com/zaru/webpush) from 0.3.8 to 1.0.0.
- [Release notes](https://github.com/zaru/webpush/releases)
- [Changelog](https://github.com/zaru/webpush/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zaru/webpush/compare/v0.3.8...v1.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-09 12:21:49 -08:00
dependabot-preview[bot]
6dd1d63671 Build(deps): Bump sassc from 2.0.1 to 2.2.1 (#8493)
Bumps [sassc](https://github.com/sass/sassc-ruby) from 2.0.1 to 2.2.1.
- [Release notes](https://github.com/sass/sassc-ruby/releases)
- [Changelog](https://github.com/sass/sassc-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/sassc-ruby/compare/v2.0.1...v2.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-09 12:19:39 -08:00
dependabot-preview[bot]
bf847e680a Build(deps-dev): Bump uglifier from 4.1.20 to 4.2.0 (#8489)
Bumps [uglifier](https://github.com/lautis/uglifier) from 4.1.20 to 4.2.0.
- [Release notes](https://github.com/lautis/uglifier/releases)
- [Changelog](https://github.com/lautis/uglifier/blob/master/CHANGELOG.md)
- [Commits](https://github.com/lautis/uglifier/compare/v4.1.20...v4.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-09 12:16:03 -08:00
dependabot-preview[bot]
16de46f8d4 Build(deps): Bump omniauth-google-oauth2 from 0.7.0 to 0.8.0 (#8488)
Bumps [omniauth-google-oauth2](https://github.com/zquestz/omniauth-google-oauth2) from 0.7.0 to 0.8.0.
- [Release notes](https://github.com/zquestz/omniauth-google-oauth2/releases)
- [Changelog](https://github.com/zquestz/omniauth-google-oauth2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zquestz/omniauth-google-oauth2/compare/v0.7.0...v0.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-09 12:13:07 -08:00
dependabot-preview[bot]
9be3945c91 Build(deps-dev): Bump rspec from 3.8.0 to 3.9.0 (#8487)
Bumps [rspec](https://github.com/rspec/rspec) from 3.8.0 to 3.9.0.
- [Release notes](https://github.com/rspec/rspec/releases)
- [Commits](https://github.com/rspec/rspec/compare/v3.8.0...v3.9.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-09 11:34:30 -08:00
dependabot-preview[bot]
3092cdc2bd Build(deps-dev): Bump simplecov from 0.16.1 to 0.17.1 (#8486)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.16.1 to 0.17.1.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.16.1...v0.17.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-09 11:32:25 -08:00
dependabot-preview[bot]
41f4159cc7 Build(deps): Bump multi_json from 1.13.1 to 1.14.1 (#8485)
Bumps [multi_json](https://github.com/intridea/multi_json) from 1.13.1 to 1.14.1.
- [Release notes](https://github.com/intridea/multi_json/releases)
- [Changelog](https://github.com/intridea/multi_json/blob/master/CHANGELOG.md)
- [Commits](https://github.com/intridea/multi_json/compare/v1.13.1...v1.14.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-09 11:30:30 -08:00
dependabot-preview[bot]
276fb7f46f DEV: Bump parallel_tests from 2.28.0 to 2.29.2 (#8484)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.28.0 to 2.29.2.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.28.0...v2.29.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-09 10:46:01 +00:00
dependabot-preview[bot]
510047c5df Build(deps): Bump ruby-openid from 2.7.0 to 2.9.2 (#8476)
Bumps [ruby-openid](https://github.com/openid/ruby-openid) from 2.7.0 to 2.9.2.
- [Release notes](https://github.com/openid/ruby-openid/releases)
- [Changelog](https://github.com/openid/ruby-openid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/openid/ruby-openid/compare/v2.7.0...v2.9.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-09 10:40:50 +00:00
Sam Saffron
ed6d3b493c DEV: update dependencies
This updates some low risk dependencies. Mostly minor changes.

Public suffix now requires Ruby 2.3 and up which is not a problem for us.
2019-12-09 19:20:45 +11:00
dependabot-preview[bot]
9b30922109 Build(deps): Bump rotp from 3.3.1 to 5.1.0 (#8477)
* Build(deps): Bump rotp from 3.3.1 to 5.1.0

Bumps [rotp](https://github.com/mdp/rotp) from 3.3.1 to 5.1.0.
- [Release notes](https://github.com/mdp/rotp/releases)
- [Changelog](https://github.com/mdp/rotp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mdp/rotp/compare/v3.3.1...v5.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Fix breaking ROTP changes
2019-12-09 14:29:48 +10:00
dependabot-preview[bot]
fca727fd92 DEV: Bump tilt from 2.0.9 to 2.0.10 (#8479)
Minor update, removes a Ruby 2.7 deprecation.
2019-12-09 14:22:55 +11:00
dependabot-preview[bot]
c853051edb DEV: Bump mustache from 1.1.0 to 1.1.1 (#8478)
Minor update, removes one warning which we have not seen yet.
2019-12-09 14:21:55 +11:00
dependabot-preview[bot]
7aa3233bcb DEV: Bump puma from 3.12.2 to 4.3.1 (#8475)
The downside here is that we are now going to require nio4r which requires some native code.

It is reasonably low risk though cause puma is very well tested. We use puma mostly in test environments, not in production.
2019-12-09 12:51:41 +11:00
dependabot-preview[bot]
d198e824ce DEV: Bump fastimage from 2.1.5 to 2.1.7
This library is used to detect size of images, upgrading a minor version here should be low risk, we have integration tests to detect issues.
2019-12-09 12:49:53 +11:00
Sam Saffron
8a6421565e DEV: upgrade low risk gems
This updates a bunch of gems that have very low risk of breaking anything
or are mostly used in dev. Overall our goal is to be on latest gems with
latest bug fixes so this is us working in that direction.
2019-12-06 17:12:43 +11:00
dependabot[bot]
cc92aa9e71 SECURITY: Bump puma from 3.12.1 to 3.12.2 (#8464)
Bumps [puma](https://github.com/puma/puma) from 3.12.1 to 3.12.2.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v3.12.1...v3.12.2)

Signed-off-by: dependabot[bot] <support@github.com>
2019-12-06 14:09:29 +11:00
Sam Saffron
a06fccae1b DEV: update dependencies and add notes about exceptions
Previously it was unclear why certain gems are being held back cause Gemfile
had no comment explaining it.

I tried to add some explanation from memory and remove some exceptions that
seemed to be superfluous.

This upgrades shoulda to latest, it appears to work once a couple of assertions
are removed

Also update http accept language used to auto detect language from http header
this is tested

Zeitwerk small update seems fine
2019-12-06 13:00:28 +11:00
Arpit Jalan
cab9c7c77e Bump onebox version.
- FIX: use dedicated Vimeo onebox for all video types
2019-11-27 16:22:25 +05:30
Arpit Jalan
7543db086a Bump onebox version.
- FIX: Amazon video oneboxes were not working.
2019-11-20 14:47:59 +05:30
David Taylor
eaf6096890 DEV: Use rubocop-discourse gem to add custom chdir cop
Followup to b27e009655
2019-11-18 15:39:41 +00:00
Gerhard Schlager
c04369ed8f
DEV: Revert to Bundler 1.17
Follow-up to a2d6169a5e
2019-11-11 15:37:13 +01:00
Sam Saffron
a2d6169a5e DEV: upgrade mini_racer
This is done to fix a compatibility issue with Ruby 2.7, it ensures we clean
up fds for a pipe we use to track timeouts in mini racer.
2019-11-11 15:36:16 +11:00
Sam Saffron
652b6363a2 DEV: upgrade bootsnap
This fixes Ruby 2.7 support which we are starting to test
2019-11-08 17:07:58 +11:00
Sam Saffron
26c0199c01 DEV: update Rails to version 6.0.1
This version of Rails eliminates a monkey patch that is no longer needed!

Additionally it preps us for Ruby 2.7 support.
2019-11-08 16:56:30 +11:00
Mark VanLandingham
f79796fcac DEV: Bump loofah version due to vulnerability 2019-11-07 10:02:02 -05:00
Arpit Jalan
c5df853dea Bump onebox version.
- fix for gfycat onebox in email
2019-11-07 10:03:12 +05:30
Arpit Jalan
cb9702bf7a Bump onebox version.
- Remove native caching
- FIX: dropbox videos were not loading
2019-11-04 10:46:20 +05:30
Sam Saffron
af841fa883 DEV: update rack-mini-profiler
This includes an important new feature, we pre-compile templates so CSPs
that disable eval can still apply to our sites.
2019-10-28 16:46:13 +11:00
Sam Saffron
c9714fcbf8 FIX: update rack-mini-profiler
1.1.0 had regressions where rack mini profiler would break the site for IE11
users cause the payload had errors.

1.1.2 fixes that.
2019-10-25 11:17:44 +11:00
Arpit Jalan
12409f63a0 Bump onebox version.
- FIX: Follow redirect returns url if response code is 200
- FIX: do not resize xkcd image
2019-10-22 12:26:01 +05:30
Krzysztof Kotlarek
858cf5836c
FIX: update Redis gem to version 4.1.3
I run our benchmark on commit with hiredis and redis-4.1.3

Results:
type | hidredis | redis 4.1.3 | percent
--- | --- | --- | ---
Categories-50 | 49 | 50 | 102.04%
Categories-75 | 51 | 51 | 100.00%
Categories-90 | 63 | 64 | 101.59%
Categories-99 | 86 | 85 | 98.84%
Home-50 | 55 | 55 | 100.00%
Home-75 | 56 | 57 | 101.79%
Home-90 | 68 | 69 | 101.47%
Home-99 | 102 | 104 | 101.96%
Topic-50 | 36 | 37 | 102.78%
Topic-75 | 37 | 37 | 100.00%
Topic-90 | 47 | 48 | 102.13%
Topic-99 | 60 | 61 | 101.67%
Categories-admin-50 | 124 | 117 | 94.35%
Categories-admin-75 | 130 | 129 | 99.23%
Categories-admin-90 | 147 | 143 | 97.28%
Categories-admin-99 | 204 | 199 | 97.55%
Home-admin-50 | 146 | 148 | 101.37%
Home-admin-75 | 150 | 152 | 101.33%
Home-admin-90 | 169 | 168 | 99.41%
Home-admin-99 | 232 | 223 | 96.12%
Topic-admin-50 | 60 | 61 | 101.67%
Topic-admin-75 | 64 | 63 | 98.44%
Topic-admin-90 | 76 | 73 | 96.05%
Topic-admin-99 | 124 | 94 | 75.81%
Load rails | 2412 | 2360 | 97.84%
rss | 290204 | 295828 | 101.94%
pss | 277948 | 283624 | 102.04%

Redis gem is manipulating Redis config https://github.com/redis/redis-rb/blob/master/lib/redis/client.rb#L95
therefore we cannot pass the frozen config object.

Pass of the copy of the object is protecting original config
2019-10-21 09:59:24 +11:00
OsamaSayegh
1f6f118e52 DEV: Bump Logster version to 2.4.1
This version includes a few performance fixes, details here: 59f8cb0abf
2019-10-17 20:06:27 +00:00
Sam Saffron
ae2a56999e Revert "FIX: update Redis gem to version 4.1.3 (#8197)"
This reverts commit ab74a50d85.

We really want to upgrade redis, but discovered some edge cases
around failover we need to test.

Holding off on the upgrade till a bit more testing happens
2019-10-17 11:41:46 +11:00
Krzysztof Kotlarek
ab74a50d85 FIX: update Redis gem to version 4.1.3 (#8197)
* FIX: update Redis gem to version 4.1.3

I run our benchmark on commit with hiredis and redis-4.1.3

Results:
type | hidredis | redis 4.1.3 | percent
--- | --- | --- | ---
Categories-50 | 49 | 50 | 102.04%
Categories-75 | 51 | 51 | 100.00%
Categories-90 | 63 | 64 | 101.59%
Categories-99 | 86 | 85 | 98.84%
Home-50 | 55 | 55 | 100.00%
Home-75 | 56 | 57 | 101.79%
Home-90 | 68 | 69 | 101.47%
Home-99 | 102 | 104 | 101.96%
Topic-50 | 36 | 37 | 102.78%
Topic-75 | 37 | 37 | 100.00%
Topic-90 | 47 | 48 | 102.13%
Topic-99 | 60 | 61 | 101.67%
Categories-admin-50 | 124 | 117 | 94.35%
Categories-admin-75 | 130 | 129 | 99.23%
Categories-admin-90 | 147 | 143 | 97.28%
Categories-admin-99 | 204 | 199 | 97.55%
Home-admin-50 | 146 | 148 | 101.37%
Home-admin-75 | 150 | 152 | 101.33%
Home-admin-90 | 169 | 168 | 99.41%
Home-admin-99 | 232 | 223 | 96.12%
Topic-admin-50 | 60 | 61 | 101.67%
Topic-admin-75 | 64 | 63 | 98.44%
Topic-admin-90 | 76 | 73 | 96.05%
Topic-admin-99 | 124 | 94 | 75.81%
Load rails | 2412 | 2360 | 97.84%
rss | 290204 | 295828 | 101.94%
pss | 277948 | 283624 | 102.04%

* FIX: get rid of redis freedom patch
2019-10-17 08:49:23 +11:00
David Taylor
061c8874f5 FIX: Correct line count link in GitHub commit onebox
Bump onebox version
2019-10-15 23:52:59 +01:00
Sam Saffron
c3cc96084c FIX: remove hiredis gem which is no longer needed
Previously some local micro-benchmarks revealed it was not giving any perf
benefits.

Now that we upgraded to 2.6.5 we are seeing some segfaults.

No need to carry this dependency around anymore.

We can re-evaluate in future if it improves perf and fix the segfaults.
2019-10-15 18:17:14 +11:00
romanrizzi
9845963105 FEATURE: Use the 'ugc' rel attribute alongside 'nofollow' 2019-10-14 15:21:48 -03:00
David Taylor
939a746dcd UX: Use theme colors for GitHub issue labels
Bump onebox version to pull tag rendering bug fix
2019-10-09 12:28:48 +01:00
David Taylor
3edd514c72 FEATURE: Redesigned GitHub oneboxes
Bump onebox version, and add new styling

Commit, PR and Issue oneboxes are updated with a new design. Timestamps are now localized using local-dates (if installed).
2019-10-09 11:47:58 +01:00
OsamaSayegh
061b98bc75 DEV: Bump Logster version to 2.3.3
This new version of Logster has a new feature that keeps track of
message timestamp when it's merged into other similar messages.
2019-10-08 16:39:52 +00:00
David Taylor
e7cc7def8b UX: Stop using fixed-width font to render github issue description
Bump onebox version
2019-10-08 11:48:05 +01:00
Joffrey JAFFEUX
67a90a7d97 FIX: updates discourse-ember-source gem (#8167)
This is related to fix made to prevent a crash in iOS 9.5
2019-10-08 11:39:20 +11:00
David Taylor
615039f228 FEATURE: Improve GitHub commit, PR and issue onebox rendering
Bump onebox version to include new github rendering, and add relevant CSS

Avatars are reduced in size significantly, and icons are added to easily differentiate PRs and commits. The 'Issue:' prefix is removed from issue oneboxes, to make them consistent with commits and PRs.
2019-10-07 19:26:10 +01:00
Sam Saffron
8d5f47dded PREF: optimise preloading application
We preload to ensure as much memory as possible is reused from unicorn master
to various workers using copy-on-write (sidekiq, unicorn)

This migrates the preloading code into the Discourse module for easier
reuse and adds 3 notable preloading changes

1. We attempt to localize a string on each site, ensuring we warmup
the i18n

2. We preload all our templates (compiling .erb to class)

3. We warm-up our search tokenizer which uses cppjieba which is a large
memory consumer, this will only cause a warmup on CJK sites or sites with
the special site setting enabled.
2019-10-07 00:33:37 -04:00
Martin Brennan
68d35b14f4 FEATURE: Webauthn authenticator management with 2FA login (Security Keys) (#8099)
Adds 2 factor authentication method via second factor security keys over [web authn](https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API).

Allows a user to authenticate a second factor on login, login-via-email, admin-login, and change password routes. Adds registration area within existing user second factor preferences to register multiple security keys. Supports both external (yubikey) and built-in (macOS/android fingerprint readers).
2019-10-01 19:08:41 -07:00
Sam Saffron
0420e8145e SECURITY: update rubyzip dependency
This updates rubyzip library so that callers can trust entries when
extracting files avoiding situations where a rogues zip imported by a rogue
admin could cause a disk space issue.
2019-10-01 17:11:20 +10:00
Sam Saffron
ba0114a6ff SECURITY: update rack-mini-profiler to latest to correct XSS
This corrects an XSS in ?pp=help.

Also removes the jQuery dependency from rack-mini-profiler and restricts
memory sensitive profiling methods development only.
2019-10-01 16:55:58 +10:00
Krzysztof Kotlarek
32b8a2ccff DEV: Upgrade Discourse to Rails 6 (#8083)
* Adjustments to pass specs on Rails 6.0.0
* Use classic autoloader instead of Zeitwerk
* Update Rails 6.0.0 deprecated methods
* Rails 6.0.0 not allowing column with integer name
* Drop freedom_patches/rails6.rb
* Default value for trigger_transactional_callbacks? is true
* Bump rspec-rails version to 4.0.0.beta2
2019-09-12 10:41:50 +10:00
Arpit Jalan
4195548a17 Bump onebox version.
- indicate and link to Flickr Album
2019-09-11 23:23:11 +05:30
Sam Saffron
5da7ffd46c FEATURE: update mini_scheduler to support history filtering
New version of mini scheduler allows you to select the name of a schedule
in the history page in `/sidekiq/scheduler/history`.

This is handy for quickly looking up timing trends.
2019-09-11 18:43:02 +10:00
Sam Saffron
ed00f35306 FEATURE: improve performance of anonymous cache
This commit introduces 2 features:

1. DISCOURSE_COMPRESS_ANON_CACHE (true|false, default false): this allows
you to optionally compress the anon cache body entries in Redis, can be
useful for high load sites with Redis that lives on a separate server to
to webs

2. DISCOURSE_ANON_CACHE_STORE_THRESHOLD (default 2), only pop entries into
redis if we observe them more than N times. This avoids situations where
a crawler can walk a big pile of topics and store them all in Redis never
to be used. Our default anon cache time for topics is only 60 seconds. Anon
cache is in place to avoid the "slashdot" effect where a single topic is
hit by 100s of people in one minute.
2019-09-04 17:18:32 +10:00
Sam Saffron
5db204f370 FIX: broken scheduler when changing per_host <-> global
Prior to this commit if we ever checked in a per_host directive and scheduled
job was previously global, total chaos could ensue as a feedback loop would
start

We very rarely used per_host to date, but just started making use of it
for heartbeats
2019-08-30 23:26:44 +10:00
Sam Saffron
098f9e8b5b PERF: Run multiple threads for regular job schedules
Under extreme load on large databases certain regular jobs can take quite
a while to run. We need to ensure we never starve a sidekiq from running
mini scheduler, cause without it we are unable to queue stuff such as
heartbeat jobs.
2019-08-29 15:34:36 +10:00
Arpit Jalan
e9c971ba77 Bump onebox version.
- allow oneboxing for `www.amazon.com.mx`
2019-08-26 16:44:10 +05:30
Arpit Jalan
038bf02e33 Bump onebox version.
- strip whitespace from Twitter onebox
2019-08-21 10:19:54 +05:30
Régis Hanol
727430aacf SECURITY: bump nokogiri
We're not using the vulnerable method but there's no harm in upgrading.
2019-08-20 10:58:18 +02:00
Sam Saffron
8db38de9d7 SECURITY: add rate limiting to anon JS error reporting
This adds a 1 minute rate limit to all JS error reporting per IP. Previously
we would only use the global rate limit.

This also introduces DISCOURSE_ENABLE_JS_ERROR_REPORTING, if it is set to
false then no JS error reporting will be allowed on the site.
2019-08-20 11:29:11 +10:00
Arpit Jalan
f27564a0a0 Bump onebox version.
- normalize and decode html entities for image URL
2019-08-19 19:01:23 +05:30
OsamaSayegh
50368940f7 DEV: Bump Logster version to 2.3.1
Commits since last version bump: 5cdcb76...c5bcb8e
2019-08-15 07:21:34 +00:00
Arpit Jalan
44f4801087 Bump onebox version.
- do not double encode percentage in url
- support hashbang in url
2019-08-12 08:42:50 +05:30
Sam Saffron
1f47ed1ea3 PERF: message_bus will be deferred by server when flooded
The message_bus performs a fair amount of work prior to hijacking requests
this change ensures that if there is a situation where the server is flooded
message_bus will inform client to back off for 30 seconds + random(120 secs)

This back-off is ultra cheap and happens very early in the middleware.

It corrects a situation where a flood to message bus could cause the app
to become unresponsive

MessageBus update is here to ensure message_bus gem properly respects
Retry-After header and status 429.

Under normal state this code should never trigger, to disable raise the
value of DISCOURSE_REJECT_MESSAGE_BUS_QUEUE_SECONDS, default is to tell
message bus to go away if we are queueing for 100ms or longer
2019-08-09 17:48:01 +10:00
Arpit Jalan
bc5daa1466 Bump onebox version.
- prioritize `card_html` over `article_html`
2019-08-05 11:04:58 +05:30
Neil Lalonde
9656a21fdb
FEATURE: customization of html emails (#7934)
This feature adds the ability to customize the HTML part of all emails using a custom HTML template and optionally some CSS to style it. The CSS will be parsed and converted into inline styles because CSS is poorly supported by email clients. When writing the custom HTML and CSS, be aware of what email clients support. Keep customizations very simple.

Customizations can be added and edited in Admin > Customize > Email Style.

Since the summary email is already heavily styled, there is a setting to disable custom styles for summary emails called "apply custom styles to digest" found in Admin > Settings > Email.

As part of this work, RTL locales are now rendered correctly for all emails.
2019-07-30 15:05:08 -04:00
Arpit Jalan
6a0787445c Bump onebox version.
- Deprioritize Twitter card in generic onebox
2019-07-25 17:13:23 +05:30
Roman Rizzi
f5c707c97a
FEATURE: Gz to zip for exports (#7889)
* Revert "Revert "FEATURE: admin/user exports are compressed using the zip format (#7784)""

This reverts commit f89bd55576.

* Replace .tar.zip with .zip
2019-07-18 09:34:48 -03:00
Joffrey JAFFEUX
b3eb67976d
DEV: Upgrades to Ember 3.10 (#7871)
Co-Authored-By: majakomel <maja.komel@gmail.com>
2019-07-16 12:45:15 +02:00
Arpit Jalan
25830c73be Bump onebox version.
- use custom placeholder HTML for generic whitelisted oneboxes
- optimize usage of custom placeholder HTML
2019-07-11 18:31:51 +05:30
romanrizzi
f89bd55576 Revert "FEATURE: admin/user exports are compressed using the zip format (#7784)"
This reverts commit 8b2580e20f.
2019-07-10 11:38:51 -03:00
Roman Rizzi
8b2580e20f
FEATURE: admin/user exports are compressed using the zip format (#7784)
* FEATURE: admin/user exports are compressed using the zip format

* Update translations. Theme exporter now exports .zip file. Theme importer supports .zip and .gz files

* Fix controller test, updated locale and skip saving the csv export to disk
2019-07-10 11:13:03 -03:00
Arpit Jalan
f0f271cd5f Bump onebox version.
- remove additional whitespace from Twitter onebox
2019-07-09 13:12:03 +05:30
Arpit Jalan
bb8cf81089 Bump onebox version.
- better placeholders for audio/video/trello/typeform oneboxes
- added CSS for audio/video/trello/typeform onebox placeholders
2019-07-08 21:40:33 +05:30
Arpit Jalan
feb828172b Bump onebox version.
- improved spacing for quoted twitter onebox
2019-07-06 09:41:01 +05:30
Arpit Jalan
5bc1fd23b0 Bump onebox version.
- update HTML for twitter quoted onebox
- updated CSS for twitter quoted onebox
2019-07-05 19:35:36 +05:30
Arpit Jalan
1ebc3cce4a Bump onebox version.
- twitter oneboxing using API was broken
2019-07-04 11:41:07 +05:30
Arpit Jalan
32edaa3843 Bump onebox version
- support for Twitter quoted tweets
2019-07-04 11:01:30 +05:30
Abroskin Alexander
0872a1182d DEV: Replace Overcommit with Lefthook (#7826)
Overcommit uses prebuilt hooks and require global installation.
To avoid this issues replace it with Lefthook.
Lefthook will be installed with npm packages. New contributors
will have fully consistent git hooks.
2019-07-02 11:29:52 +02:00
Arpit Jalan
7f14e185cc Bump onebox version.
- prevent double escaping of URL
2019-06-27 23:35:35 +05:30
Arpit Jalan
168a38dc29 Bump onebox version.
- better Twitch placeholder
- CSS for said placeholder
2019-06-26 23:22:29 +05:30
Arpit Jalan
2af4002817 Bump onebox version.
- Add a placeholder icon for Twitch onebox preview
- Add CSS for showing fontawesome play icon for placeholder class
2019-06-26 13:40:14 +05:30
Sam Saffron
4c89f7f881 DEV: bump version on mini_scheduler
This corrects a catastrophic state that can ensue if redis becomes readonly

It also adds support for multiple queues and minor cleanup
2019-06-24 16:56:16 +10:00
Guo Xiang Tan
29259b46ae DEV: Verbose mode for posts:inline_uploads rake task. 2019-06-10 08:59:11 +08:00
Guo Xiang Tan
1991af2abb DEV: Switch InlineUploads to a regexp based implementation. 2019-06-04 15:54:25 +08:00
Guo Xiang Tan
d93e5fb00d DEV: Class that converts MD with old attachment links to new MD. 2019-06-04 15:54:25 +08:00
Vinoth Kannan
787ccb5746 revert the bundler version
871fcf1117
2019-06-04 08:45:30 +05:30
Vinoth Kannan
871fcf1117 PERF: omit user profile and private message stats in web hook serializer. 2019-06-04 08:44:10 +05:30
David Taylor
8511bfe583 Bump omniauth-google-oauth2 gem version
Pinning to an old version is no longer required following 8b4d6dafea
2019-06-03 19:17:00 +01:00
Joffrey JAFFEUX
ee43b36b64
Bump onebox version. (#7666)
Fixes multiple possible sources of exceptions due to frozen strings. Wikipedia onebox was definitely failing before this patch.
2019-05-31 17:04:34 +02:00
Joffrey JAFFEUX
75d413ad11
Bump onebox version. (#7665)
Fixes a regression with soundclound onebox due to frozen string literal.
2019-05-31 16:41:33 +02:00
Arpit Jalan
bf3c781f26 Bump onebox version.
- add frozen string literal to all the files
2019-05-28 17:39:42 +05:30
Daniel Waterworth
f46d2ad086 DEV: Update test-prof (#7572)
* Updated test-prof

* Made rails_helper.rb use new test-prof APIs

Instead of the previous temporary hacks.

* Added environment option to disable prefabrication

It was removed mistakenly
2019-05-21 22:07:40 +10:00
Arpit Jalan
ce89f19250 Bump onebox version.
- use Vimeo engine for private links only
- if og:video_url is missing, make one using Vimeo ID
2019-05-20 12:24:43 +05:30
Sam Saffron
a4627c3d82 DEV: revert bundler to 1.7.3
At the moment bundler 2.0 is not compatible with:

https://github.com/discourse/discourse-backup-uploads-to-s3

We plan to get this fixed but in the mean time do not upgrade.

followup to 2a7065c5
2019-05-20 11:23:28 +10:00
Vinoth Kannan
2a7065c505 FIX: skip uploads without etag in s3 inventory check. 2019-05-20 00:09:52 +05:30
Régis Hanol
081eb76308 DEV: update rubocop - take 2 2019-05-17 14:13:25 +02:00
Régis Hanol
88102ce13d DEV: update rubocop 2019-05-17 14:08:58 +02:00
Sam Saffron
bbcc39e66c FEATURE: update mini_racer to version including heap dump support
We recently noticed a leak, this introduces a new method on MiniRacer::Context

```
context.write_heap_snapshot(path)
```

To dump current memory in v8 context to a file, this can then be analyzed
in chrome and other similar tools

Can be triggered in production using rbtrace
2019-05-14 18:01:15 +10:00
Gerhard Schlager
73da9c171a DEV: Upgrade unicorn
The gem has minor bug fixes. One of those stopped the RubyMine debugger from working.
2019-05-07 17:03:27 +02:00
Arpit Jalan
d679c4e0eb Bump onebox version.
- FIX: encode the URL per RFC 3986 spec
2019-05-06 18:17:42 +05:30
Vinoth Kannan
28547c6f08 revert bundler version change
73418aaf73
2019-05-02 04:37:55 +05:30
Vinoth Kannan
73418aaf73 DEV: Add bucket folder path to inventory id 2019-05-02 04:35:35 +05:30
romanrizzi
2ebe9e3a8b Bump onebox version 2019-04-30 10:07:48 -03:00
Guo Xiang Tan
09b3d0c2a0
DEV: Only install danger on Travis. (#7452) 2019-04-29 14:45:24 +08:00
Sam Saffron
fa313564d7 DEV: update rails multisite
This gives us Rails 6 support, should not impact existing behavior
2019-04-29 16:24:47 +10:00
Sam Saffron
c0a5a07eda DEV: missing change from prev commit 2019-04-29 15:52:47 +10:00
Sam Saffron
7ea5c8a5f5 DEV: update AWS dependency
AWS is a big moving target, this fills gaps in the API. Technically we
use such a tiny surface area that it probably does not matter, but it is
good to be up to date here.
2019-04-29 15:39:19 +10:00
Sam Saffron
2d9c8581ce DEV: low risk gem updates
This updates another batch of gems that are lowish risk

Most of the gem changes are here for Rails 6 / Ruby 2.6.3 support

Excon did some stuff around better cipher ordering
2019-04-29 15:33:01 +10:00
Sam Saffron
9797073de0 DEV: update mini_sql and some other gems
Big one is mini_sql, only noticeable change is that the internals now
support jruby!
2019-04-29 15:04:19 +10:00
Sam Saffron
75c1506cb0 DEV: update minor dependencies
These gems have very minor changes, and are low risk updates
2019-04-29 15:00:58 +10:00
Sam Saffron
b3d91ea541 DEV: update rubocop
No changes required in core Discourse.
2019-04-29 14:57:30 +10:00
Sam Saffron
6449170e15 DEV: update mini racer version
Mini Racer 0.2.5 provides support for libv8 7.3 (so we just upgraded from
Chrome 67 -> 73 JS engine wise)
2019-04-29 10:22:27 +10:00
Maja Komel
4b455e741e DEV: Ember 3.8.0
Co-Authored-By: majakomel <maja.komel@gmail.com>
2019-04-26 12:16:21 +02:00
Sam Saffron
68d7b4023b FIX: update mini scheduler
The UX was not showing any durations longer than 1 minute for scheduled
jobs

Also updates sidekiq and rack minor versions which are low risk
2019-04-26 11:24:17 +10:00
Vinoth Kannan
1724c27713 FIX: reload the 'post' model to retrive raw field value. 2019-04-25 02:09:27 +05:30
Vinoth Kannan
aed683390c FIX: Don't treat 'upload_patterns' as constant to make the rake task compatible with multisite 2019-04-25 02:06:20 +05:30
Gerhard Schlager
01a3311ffb SECURITY: Update nokogiri 2019-04-24 10:42:24 +02:00
Arpit Jalan
e8f51815e5 Bump onebox version.
- Update github_blob engine to support displaying stl files
- FEATURE: add `data-original-href` attribute to Vimeo iframes
- Add poster image for video oneboxes
2019-04-24 13:59:14 +05:30
Guo Xiang Tan
8c8d3bea31 Remove unncessary gems installed due to Rails 5.2.3 upgrade.
Follow up to b3dcaacdf4.
2019-04-23 17:44:49 +08:00
Guo Xiang Tan
b3dcaacdf4 Update Rails to 5.2.3. 2019-04-20 10:49:54 +09:00
Daniel Waterworth
7e3628d11f Added test-prof as a dependency (#7395)
test-prof is a collection of tools for analyzing test-suite performance.
2019-04-19 10:52:31 +02:00
Nicolas Sebastian Vidal
2b8487b0ea Removed "shoulda" gem in favor of "shoulda-matchers" and update (#7387)
* Update shoulda gem

* Remove shoulda gem in favor of shoulda-matchers only
2019-04-18 07:41:37 +10:00
Guo Xiang Tan
e50494bcde Revert "DEV: Upgradae to Bundler 2."
This reverts commit f65c8a7ba1.

I can't deal with this now.
2019-04-15 11:05:51 +08:00
Guo Xiang Tan
f65c8a7ba1 DEV: Upgradae to Bundler 2. 2019-04-15 09:02:02 +08:00
Vinoth Kannan
70fef8e0c3 FIX: change to correct bundled version 2019-04-14 14:46:56 +05:30