Commit Graph

39445 Commits

Author SHA1 Message Date
dependabot-preview[bot]
38c5d26b04 Build(deps): Bump nio4r from 2.5.3 to 2.5.4
Bumps [nio4r](https://github.com/socketry/nio4r) from 2.5.3 to 2.5.4.
- [Release notes](https://github.com/socketry/nio4r/releases)
- [Changelog](https://github.com/socketry/nio4r/blob/master/CHANGES.md)
- [Commits](https://github.com/socketry/nio4r/compare/v2.5.3...v2.5.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-16 09:53:37 +08:00
dependabot-preview[bot]
9ed42956f1
Build(deps): Bump onebox from 2.1.2 to 2.1.3 (#10677)
Bumps [onebox](https://github.com/discourse/onebox) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/discourse/onebox/releases)
- [Changelog](https://github.com/discourse/onebox/blob/master/CHANGELOG.md)
- [Commits](https://github.com/discourse/onebox/compare/v2.1.2...v2.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-16 06:54:06 +05:30
Penar Musaraj
6610576deb
FIX: Clear stylesheet cache on base font change
Previously, we were not clearing the cache on themes using the default
color scheme.
2020-09-15 13:13:09 -04:00
Daniel Waterworth
19b24e178c SECURITY: __ws shouldn't be able to override every domain in multisite 2020-09-15 17:35:57 +01:00
dependabot-preview[bot]
b3514ce1a3
Build(deps): Bump rubocop from 0.90.0 to 0.91.0 (#10673)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.90.0 to 0.91.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.90.0...v0.91.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-15 11:05:37 -04:00
dependabot-preview[bot]
7fed4a4d4f
Build(deps): Bump rails_multisite from 2.3.0 to 2.4.0 (#10672)
Bumps [rails_multisite]() from 2.3.0 to 2.4.0.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-15 11:03:57 -04:00
Robin Ward
e7abba9bbe FIX: Missing files from previous commit 2020-09-15 10:59:41 -04:00
Robin Ward
8c384ae6b8 Create proper shim for xss library - second attempt 2020-09-15 10:42:51 -04:00
Penar Musaraj
273db57d6e
FEATURE: Allow admins to delete user SSO records in the UI (#10669)
Also displays the user's last payload in the admin UI to help with debugging SSO issues.
2020-09-15 10:00:10 -04:00
Penar Musaraj
6d7b8a71c0
FIX: topic progress wrapper positioning regression
Followup to 94ed54a616
2020-09-15 09:38:06 -04:00
Jarek Radosz
02e6f4c5d4 UX: Remove extraneous ellipsis after "loading"
The "loading" string already contains an ellipsis: 5990c71c29/config/locales/client.en.yml (L1480)
2020-09-15 15:22:46 +02:00
Discourse Translator Bot
5990c71c29 Update translations 2020-09-15 13:04:17 +00:00
Joffrey JAFFEUX
15b3477145
FIX: img width and height should be in quotes (#10675) 2020-09-15 11:39:12 +02:00
Joffrey JAFFEUX
53e281a3fd
FIX: simplifies updating searchedTerms from connectors (#10674) 2020-09-15 11:21:38 +02:00
Joffrey JAFFEUX
324aa3eb61
REFACTOR: reworks all the search-advanced-options panel (#10661)
* REFACTOR: reworks all the search-advanced-options panel

This commit includes the following changes:
- prevents any mutation of external (to the component) values
- get rid of observers
- uses @action
- minor UI tweaks
- dropped the unecessary debounce
- drops all the legacy code for badges/groups which is not being used
- replaces user-selector by user-chooser and improves multi-select to not show `search` if maximum has been reached

Most importantly this refactor should fix multiple bugs due to _update() being called multiple times if searchTerm was empty and other various bugs where some changes in searchTerm was not applied to the sidebar.
2020-09-15 09:39:12 +02:00
Joffrey JAFFEUX
bbddce4d3a
DEV: updates js transpiler to use babel 7 (#10627)
Updates our js transpiler code to use Babel 7.11.6

List of changes in this commit:

- Updates plugins, babel plugins all have a new version which doesn't contain -es2015- anymore
- Drops [transform-es2015-classes](https://babeljs.io/docs/en/babel-plugin-transform-classes) this plugin shouldn't be needed now that we don't support IE
- Drops check-es2015-constants, checking constants is now part of babel and the check-constants plugin is deprecated. As a result the behavior slightly changed, and is now wrapping every const call in a readOnlyError function which would throw if assigned a new value. This explains the modified spec.
- Adds [proposal-optional-chaining](https://babeljs.io/docs/en/babel-plugin-proposal-optional-chaining)

```javascript
const obj = {
  foo: {
    bar: {
      baz: 42,
    },
  },
};

const baz = obj?.foo?.bar?.baz; // 42
```

- Adds [proposal-json-strings](https://babeljs.io/docs/en/babel-plugin-proposal-json-strings)

```javascript
// IN
const ex = "before
after";
//                ^ There's a U+2028 char between 'before' and 'after'


// OUT
const ex = "before\u2028after";
//                ^ There's a U+2028 char between 'before' and 'after'
```

- Adds [proposal-nullish-coalescing-operator](https://babeljs.io/docs/en/babel-plugin-proposal-nullish-coalescing-operator)

```javascript
var object = {};
var foo = object.foo ?? "default"; // default
```

- Adds [proposal-logical-assignment-operators](https://babeljs.io/docs/en/babel-plugin-proposal-logical-assignment-operators)

```javascript
let a;
let b = 2;
a ||= b; // 2
```

- Adds [proposal-numeric-separator](https://babeljs.io/docs/en/babel-plugin-proposal-numeric-separator)

```javascript
let budget = 1_000_000_000_000;
console.log(budget === 10 ** 12); // true
```

- Adds proposal-object-rest-spread https://babeljs.io/docs/en/babel-plugin-proposal-object-rest-spread

```javascript
let { x, y, ...z } = { x: 1, y: 2, a: 3, b: 4 };
console.log(x); // 1
console.log(y); // 2
console.log(z); // { a: 3, b: 4 }
```

- Adds proposal-optional-catch-binding https://babeljs.io/docs/en/babel-plugin-proposal-optional-catch-binding

```javascript
try {

} catch {

} finally {
  // ensures finally is available in every browsers
}
```

- Adds improved regex support for firefox through (transform-dotall-regex](https://babeljs.io/docs/en/next/babel-plugin-transform-dotall-regex.html) and (proposal-unicode-property-regex](https://babeljs.io/docs/en/babel-plugin-proposal-unicode-property-regex)

- Drops async/generator stuff, the browser we target should allow to use this (excepts iterable async)
2020-09-15 09:26:33 +02:00
Guo Xiang Tan
49f53bdc50
DEV: Fix another MessageBus::InvalidMessageTarget error.
Follow-up to c2f2b57a9b.
2020-09-15 14:25:10 +08:00
Guo Xiang Tan
f7438fc64b
DEV: Fix MessageBus::InvalidMessageTarget error after upgrading mb.
Follow-up to c2f2b57a9b
2020-09-15 14:15:42 +08:00
Guo Xiang Tan
c2f2b57a9b
Update message_bus to 3.3.2. 2020-09-15 13:33:11 +08:00
Guo Xiang Tan
2ff16b3650
FIX: TopicQuery.list_private_messages_unread ignore notification level 2020-09-15 13:33:11 +08:00
Krzysztof Kotlarek
d83e3f9ce8 FIX: improvements after code review 2020-09-15 13:29:35 +08:00
Krzysztof Kotlarek
145814d29c FIX: spec for oversized images security fix
Spec to cover solution presented here - 333ddd4011
2020-09-15 13:29:35 +08:00
Guo Xiang Tan
e3b4632f04
Revert "Create proper shim for xss library"
This reverts commit 30e9112535.
2020-09-15 11:38:40 +08:00
jbrw
b2f556232f
REFACTOR: improve readability of cacheBuster 2020-09-14 16:46:17 -04:00
Robin Ward
30e9112535 Create proper shim for xss library 2020-09-14 15:57:32 -04:00
Robin Ward
7699b90f1a FIX: Wizard does not include discourse-shims
This allowed tests to pass even when wizard was broken, which is
obviously very bad.
2020-09-14 12:34:16 -04:00
Joffrey JAFFEUX
9238a9e427
FIX: adds shims for popper in wizard (#10658) 2020-09-14 12:33:14 -04:00
dependabot-preview[bot]
663d696095
Build(deps-dev): Bump webmock from 3.9.0 to 3.9.1 (#10667)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.9.0...v3.9.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-14 11:25:06 -04:00
Penar Musaraj
06b4ca5dc7
FIX: Mark only uploads as verified/unverified in S3 inventory 2020-09-14 10:21:34 -04:00
David Taylor
66eda8c9df
DEV: Add include_pms option to TopicQuery (#10647)
This is intended for use by plugins which are building their own topic lists, and want to include PMs alongside regular topics (e.g. discourse-assign). It does not get used directly in core.
2020-09-14 12:07:35 +01:00
Faizaan Gagan
21adc07057
FIX: upload errors were sometimes not displayed properly (#10605) 2020-09-14 00:13:38 -07:00
dependabot-preview[bot]
e169e5a32f Build(deps): Bump sprockets-rails from 3.2.1 to 3.2.2
Bumps [sprockets-rails](https://github.com/rails/sprockets-rails) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/rails/sprockets-rails/releases)
- [Commits](https://github.com/rails/sprockets-rails/compare/v3.2.1...v3.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-14 14:35:03 +08:00
dependabot-preview[bot]
11a15cb28e Build(deps): Bump rails_failover from 0.5.5 to 0.5.6
Bumps rails_failover from 0.5.5 to 0.5.6.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-14 14:34:43 +08:00
Joffrey JAFFEUX
e02da64091
FIX: Make form use /u/admin-login instead of /users/admin-login (#10663) 2020-09-14 12:27:06 +10:00
Krzysztof Kotlarek
cb58cbbc2c
FEATURE: allow to extend topic_eager_loads in Search (#10625)
This additional interface is required by encrypt plugin
2020-09-14 11:58:28 +10:00
Sam Saffron
15f7fa801d
DEV: remove stubs from silencer spec
Overall stubs lead to long term instability, this helps stabilize them.

Also fixed flaky spec around plugin hooks.

It was relying you `.posts` on system_user which could be loaded already
and invalid. Instead we now load it by hand.
2020-09-14 11:48:48 +10:00
dependabot-preview[bot]
8abf77b43f Build(deps-dev): Bump webmock from 3.8.3 to 3.9.0
Bumps [webmock](https://github.com/bblimke/webmock) from 3.8.3 to 3.9.0.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.8.3...v3.9.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-14 09:39:01 +08:00
Martin Brennan
5268568d23
FEATURE: Remove user topic timers and migrate to bookmarks with reminders (#10474)
This PR removes the user reminder topic timers, because that system has been supplanted and improved by bookmark reminders. The option is removed from the UI and all existing user reminder topic timers are migrated to bookmark reminders.

Migration does this:

* Get all topic_timers with status_type 5 (reminders)
* Gets all bookmarks where the user ID and topic ID match
* Loops through the found topic timers
  * If there is no bookmark for the OP of the topic, then we just create a bookmark with a reminder
  * If there is a bookmark for the OP of the topic and it does **not** have a reminder set, then just 
update it with the topic timer reminder
  * If there is a bookmark for the OP of the topic with a reminder then just discard the topic timer
* Cancels all outstanding user reminder topic timers
* **Trashes (not deletes) all user reminder topic timers**

Notes:

* For now I have left the user reminder topic timer job class in place; this is so the jobs can be cancelled in the migration. It and the specs will be deleted in the next PR.
* At a later date I will write a migration to delete all trashed user topic timers. They are not deleted here in case there are data issues and they need to be recovered.
* A future PR will change the UI of the topic timer modal to make it look more like the bookmark modal.
2020-09-14 11:11:55 +10:00
Krzysztof Kotlarek
333ddd4011 SECURITY: return error on oversized images 2020-09-14 10:45:11 +10:00
Joffrey JAFFEUX
0a4a273ccc
FEATURE: adds support for mobile view on page publishing (#10662) 2020-09-13 13:50:23 +02:00
Joffrey JAFFEUX
e8053d17f6
FIX: selected diversity was off by one (#10659) 2020-09-12 09:44:45 +02:00
Joffrey JAFFEUX
539eb63904
DEV: heisentest cause by a post not created yet (#10656) 2020-09-12 08:47:06 +02:00
Robin Ward
24f19e8372 Revert "FIX: Was using a global Popper variable"
This reverts commit 05831c2b42.
2020-09-11 17:30:53 -04:00
Justin DiRose
450c731b54
DEV: Add discourse-algolia to official plugins (#10657) 2020-09-11 15:44:06 -05:00
Robin Ward
7887aaf587 FIX: isVisible is no longer allowed even if used properly
This changes it to `shouldShow` instead.
2020-09-11 15:05:50 -04:00
Robin Ward
05831c2b42 FIX: Was using a global Popper variable 2020-09-11 15:02:12 -04:00
Robin Ward
ac08dfac45 FIX: Ember has deprecated isVisible in newer versions 2020-09-11 14:53:44 -04:00
Joffrey JAFFEUX
07d7adb8b4
UX: makes emoji picker case insensitive (#10655) 2020-09-11 19:54:19 +02:00
jbrw
033cebf978
DEV - versions of JS files written to a JS file to be included by loa… (#10649)
* DEV - versions of JS files written to a JS file to be included by load-script and appended as params to URLs

* Formatting

* Incorporate feedback from PR

* Update filename of public-js-versions
2020-09-11 13:53:56 -04:00
dependabot-preview[bot]
2348143e68
Build(deps): Bump rubocop-ast from 0.3.0 to 0.4.0 (#10654)
Bumps [rubocop-ast](https://github.com/rubocop-hq/rubocop-ast) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-ast/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-ast/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-ast/compare/v0.3.0...v0.4.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-11 13:04:36 -04:00