Commit Graph

780 Commits

Author SHA1 Message Date
Sam
cf9b4a789b FIX: update mini_racer in stable
This is required due to a bundler/build bug that means it is picking the wrong
version of libv8 when compiling mini_racer
2018-07-24 12:25:45 +10:00
Sam
f2cb89b0d2 SECURITY: update sprockets for CVE-2018-3760 2018-06-20 09:50:28 +10:00
Guo Xiang Tan
2bafd2a355 Don't pin version of Fabrication gem. 2018-05-28 15:09:02 +08:00
Arpit Jalan
1c61117cbc bump onebox version 2018-05-23 17:44:01 +05:30
Régis Hanol
8238097d0f bump email_reply_trimmer 2018-05-17 10:22:53 +02:00
Sam
fc54238726 FIX: message bus had corrupt internal state for first 30 secs
This upgrades message bus to latest and corrects an issue where
it did not track the fact it was polling for the first 30 seconds

It corrected internal state after, but this caused some odd issues
2018-05-16 12:19:16 +10:00
Guo Xiang Tan
b18e0825b5 Update Gemfile.lock. 2018-05-07 17:10:34 +08:00
Jeff Wong
91b31860a1
Feature: Push notifications for Android (#5792)
* Feature: Push notifications for Android

Notification config for desktop and mobile are merged.

Desktop notifications stay as they are for desktop views.

If mobile mode, push notifications are enabled.

Added push notification subscriptions in their own table, rather than through
custom fields.

Notification banner prompts appear for both mobile and desktop when enabled.
2018-05-04 15:31:48 -07:00
Arpit Jalan
c718c59b5d bump onebox version 2018-05-03 16:14:16 +05:30
Régis Hanol
ddb092f397 FIX: update mail gem to fix UTF-8 parsing issue 2018-04-25 21:53:37 +02:00
Arpit Jalan
256545ca2c bump onebox version 2018-04-23 15:18:19 +05:30
Sam
050ce48bd0 Update message bus to correct issue where too many reqs are performed 2018-04-20 15:52:24 +10:00
Guo Xiang Tan
9c9fa4537c Update Redis gems. 2018-04-20 12:49:36 +08:00
Guo Xiang Tan
56b3527eb8 Upgrade Sidekiq. 2018-04-20 11:47:40 +08:00
Sam
284c946128 revert puma upgrade for now
it does not work right in dev
2018-04-11 14:36:10 +10:00
dependabot[bot]
a89d7ef851 Bump puma from 3.9.1 to 3.11.3
Bumps [puma](https://github.com/puma/puma) from 3.9.1 to 3.11.3.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v3.9.1...v3.11.3)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-04-10 16:09:30 +10:00
Guo Xiang Tan
689144b2bf Upgrade Mail gem. 2018-04-04 18:35:40 +08:00
Sam
98faf2878e FEATURE: bump rack-mini-profiler version
This corrects a warning in chrome console and provides better jQuery 3 compatability
2018-03-29 11:12:09 +11:00
Régis Hanol
2c1ede6e5f update email_reply_trimmer 2018-03-28 13:12:50 +02:00
Robin Ward
2ca37602d9 Update rack-protection 2018-03-26 12:49:54 -04:00
Robin Ward
84e1ffd141 Update rails-html-sanitizer 2018-03-26 12:48:28 -04:00
Arpit Jalan
3a62eba299 bump onebox version 2018-03-22 11:38:01 +05:30
Régis Hanol
25284d2340 update loofah gem 2018-03-21 13:32:28 +01:00
Régis Hanol
9c4936ec9c update sanitize gem 2018-03-21 13:27:17 +01:00
Arpit Jalan
3e32ab1523 UX: css for Instagram onebox 2018-03-19 13:32:36 +05:30
Guo Xiang Tan
8027096c09 Partially revert "Upgrade mail gem to remove dependency on mime-types."
Still seeing heap_live_count spikes.

This reverts commit 58b8ea4f41.
2018-03-14 20:21:45 +08:00
Guo Xiang Tan
58b8ea4f41 Upgrade mail gem to remove dependency on mime-types.
* Use a EmailValidator.email_regexp for `Email.is_valid?`
  check as we're seeing an increase in allocation when
  parsing email addresses wih `Mail::Address`.
2018-03-14 14:37:55 +08:00
Sam
685406b1bb try updating rubocop so it does not crash 2018-03-13 17:58:23 +11:00
Sam
39e679d3cb FEATURE: allow themes to live in private git repos
This feature allows themes sourced from git to live on private
servers, it automatically generates key pairs.
2018-03-09 16:14:38 +11:00
Guo Xiang Tan
bdb25338e5 Update bootsnap. 2018-03-06 17:37:02 +08:00
Gerhard Schlager
56bacb1c2f Bump onebox 2018-02-27 12:07:16 +01:00
Sam
79e0cd7f52 update onebox 2018-02-26 10:15:14 +11:00
Jeff Wong
f4f8a293e7 FEATURE: Implement 2factor login TOTP
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Sam
80ec6ce4fd bump onebox 2018-02-21 10:06:17 +11:00
Sam
107eb5d830 FIX: binding_of_caller not working on Ruby 2.5 2018-02-19 11:37:16 +11:00
Sam
9d8df812dd PERF: upgrade Oj gem 2018-02-19 11:37:16 +11:00
Arpit Jalan
9bb7c3dcf0 bump onebox version 2018-02-16 21:32:25 +05:30
Sam
e456ae1b6c Revert "Upgrade mail gem to drop dependency on mime-types."
This reverts commit 498cc15aa9.

Noticed a certain amount of extra allocations due to this upgrade,
reverting to confirm if this is the case
2018-02-16 07:04:22 +11:00
Guo Xiang Tan
498cc15aa9 Upgrade mail gem to drop dependency on mime-types.
Boot Memory Usage

```
Total allocated: 225695379 bytes (1990663 objects)
Total retained:  32795116 bytes (291607 objects)
```

```
Total allocated: 218342892 bytes (1897350 objects)
Total retained:  30123426 bytes (261198 objects)
```
2018-02-15 16:24:26 +08:00
Sam
94b2c70c0d PERF: remove oga gem
oga gem is automatically required by the aws gem
the oga gem retains about 1mb of memory, aws now uses nokogiri

This also removes the html normalize from the pretty text specs that was
a fair bit buggy as the polls test shows.
2018-02-15 14:36:40 +11:00
Sam
c89b42c488 PERF: only require the rss library if used
Before:

Total allocated: 257909321 bytes (2514134 objects)
Total retained:  39681579 bytes (343387 objects)

allocated memory by gem
-----------------------------------
  42875979  rss

retained memory by gem
-----------------------------------
   2080188  rss

retained objects by gem
-----------------------------------
     13052  rss

After:

Total allocated: 210562047 bytes (2252030 objects)
Total retained:  37433816 bytes (328635 objects)

----

So, 2 less megabytes on boot and 13000 objects stuck in ruby heaps forever.
2018-02-15 13:11:33 +11:00
Rafael dos Santos Silva
218c8e8623
Merge pull request #5595 from discourse/new-gfycat-onebox
New gfycat onebox
2018-02-14 19:03:28 -02:00
Rafael dos Santos Silva
c3606fdef6 Update onebox 2018-02-14 17:43:13 -02:00
Robin Ward
0b13b82e94 Update nokogiri to latest version 2018-02-13 19:36:19 -05:00
Guo Xiang Tan
19b4116416 Bump rails_multisite to 2.0.4. 2018-02-12 15:39:21 +08:00
Guo Xiang Tan
5dabcc9081 Fix Gemfile.lock. 2018-02-12 14:08:02 +08:00
Guo Xiang Tan
87b0cc382b Bump rails_multisite to 2.0.3. 2018-02-12 14:03:04 +08:00
Régis Hanol
508a8e29ab update email_reply_trimmer to latest version 2018-02-06 01:04:45 +01:00
Sam
073d072aa6 correct lockfile 2018-01-29 18:28:59 +11:00
Sam
d2025e33cf FEATURE: bump rbtrace to latest 2018-01-23 15:36:47 +11:00