github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-16 09:25:49 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
23,457 Commits 214 Branches 500 Tags 960 MiB
c6f5df4caa
Commit Graph

23457 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Guo Xiang Tan
c6f5df4caa SECURITY: Don't pass email backup token to sidekiq as a parameter. 
* This exposes the token in the Sidekiq dashboard which can be
  viewed by an admin and defeats the purpose of using a token
  in the download backup email ink.
 2017-12-18 11:32:26 +08:00
Guo Xiang Tan
56b79ff2b9 Update .travis.yml. 2017-12-14 15:46:10 +08:00
Guo Xiang Tan
fcdd8491a1 Fix broken spec. 2017-12-14 15:43:50 +08:00
Guo Xiang Tan
6d475a15a8 SECURITY: Any group can be invited into a PM. 2017-12-14 15:18:27 +08:00
Sam
5748ad6f66 SECURITY: prevent staged accounts from changing email 2017-12-14 17:27:50 +11:00
Neil Lalonde
f18f608613 Version bump to v1.8.10 2017-10-30 11:18:24 -04:00
Neil Lalonde
504bcf4550 SECURITY: signup without verified email using Google auth 2017-10-16 15:23:32 -04:00
Neil Lalonde
3fd7f69972 Version bump to v1.8.9 2017-10-13 11:29:31 -04:00
Sam
a9bcc935b7 SECURITY: verify that inviter can invite new user to a topics 2017-10-11 09:49:45 +11:00
Neil Lalonde
834eef7b67 Version bump to v1.8.8 2017-09-28 15:19:43 -04:00
Guo Xiang Tan
5137ae8704 SECURITY: Update Nokogiri. 2017-09-25 21:19:35 +08:00
Neil Lalonde
8b6e4d1867 Version bump to v1.8.7 2017-09-14 10:37:26 -04:00
David Taylor
7cd4880e24 SECURITY: Only publish PM reply messagebus notifications to allowed users 2017-09-08 17:33:10 -04:00
Arpit Jalan
d4d548a874 Version bump to v1.8.6 2017-09-01 00:34:04 +05:30
Arpit Jalan
70d4c39bcd SECURITY: do not include links from whispers in topic summary map 
https://meta.discourse.org/t/staff-whispers-links-in-whispers-showing-up-publicly-in-topics-summary/69134?u=techapj
 2017-09-01 00:25:49 +05:30
Rafael dos Santos Silva
75364c6286 FIX: Make .eslintrc file compatible with eslint 4 take 2 2017-08-29 14:44:46 +08:00
Rafael dos Santos Silva
3413140346 FIX: Make .eslintrc file compatible with eslint 4 2017-08-29 14:44:02 +08:00
Guo Xiang Tan
5f0351348b FIX: Group name was being reverted to non-localized version. 
https://meta.discourse.org/t/localized-staff-group-names-changed/65360/16
 2017-08-29 14:42:07 +08:00
Neil Lalonde
3982a8ef30 Version bump to v1.8.5 2017-08-16 12:43:22 -04:00
David Taylor
77977dd32c SECURITY: Do not show latest/top topics on 404 for login_required sites 2017-08-13 23:47:41 +05:30
Neil Lalonde
ae8bd6c825 Version bump to v1.8.4 2017-08-01 14:23:50 -04:00
Guo Xiang Tan
62afa41f83 FIX: Exclude www in topic map links. 
https://meta.discourse.org/t/topic-popular-links-panel-domain-extraction-doesnt-handle-country-tlds/60156/38?u=tgxworld
 2017-07-26 09:58:58 +09:00
Guo Xiang Tan
1797994a63 Revert "UX: Don't try to figure out root domain." 
This reverts commit 7690cc6ca5.
 2017-07-26 09:58:48 +09:00
Robin Ward
70abd2b033 FIX: Allow discourse app to link directly to wizard 2017-07-10 14:35:51 -04:00
Neil Lalonde
53f3c54e4d Version bump to v1.8.3 2017-07-10 11:43:53 -04:00
Neil Lalonde
2fdbde0253 FIX: invited user should not be able to redeem invite as admin 2017-07-10 11:30:21 -04:00
Robin Ward
7ad2703397 SECURITY: Remove disposable invite feature 2017-07-07 20:52:21 -04:00
Neil Lalonde
b0be304591 Version bump to v1.8.2 2017-07-05 12:20:23 -04:00
Arpit Jalan
6eef7417ab FIX: include canonical meta tag on category pages 2017-07-03 14:45:16 +05:30
Robin Ward
3479298a71 FIX: Topic Entrance wasn't showing up on some suggested topics 2017-06-29 12:54:45 -04:00
Régis Hanol
04bc75b521 FIX: image orientation wasn't properly working 2017-06-23 10:19:38 +02:00
Guo Xiang Tan
787e4e6894 Pin eslint to version 3.x on travis. 2017-06-15 11:44:49 +08:00
Guo Xiang Tan
33291fdec0 Switch to yarn for our travis build. 2017-06-15 11:44:28 +08:00
Guo Xiang Tan
0fc10161a5 FIX: Send request membership PM to last 5 active group owner. 2017-06-15 11:39:16 +08:00
Guo Xiang Tan
84d46bceb9 FIX: Create group membership request on behalf of user. 2017-06-14 21:10:51 +09:00
Guo Xiang Tan
69dc8188e3 UX: Don't send emails for discobot notifications. 2017-06-14 21:09:47 +09:00
Guo Xiang Tan
88dacd4f6b Avoid monkey patching which causes weird reloading error in dev. 2017-06-14 21:09:38 +09:00
Robin Ward
e3bfcbc7c9 FIX: Don't fail seed if avatar can't be downloaded 2017-06-13 10:55:20 -04:00
Robin Ward
5d04cb4b47 FIX: Always allow the host the forum is hosted on 2017-06-13 10:55:15 -04:00
Robin Ward
4324ea024c FIX: Don't use target=_blank for local oneboxes 2017-06-13 10:55:10 -04:00
Robin Ward
28b241295d FIX: Onebox wasn't using correct uri 2017-06-13 10:55:05 -04:00
Robin Ward
075d0ecacc FIX: Support for cookies in onebox redirects 2017-06-13 10:54:56 -04:00
Robin Ward
502bca2c0d FIX: If HEAD is not supported, try GET. Also set cookies 2017-06-13 10:54:27 -04:00
Neil Lalonde
a4be79d297 padding below suggested topics on mobile 2017-06-12 16:13:40 -04:00
Neil Lalonde
91a75d98c8 Version bump to v1.8.1 2017-06-12 12:47:19 -04:00
Guo Xiang Tan
7b902c18a5 FIX: Bot mentioned check should be case insensitive. 2017-06-08 19:01:59 +09:00
Guo Xiang Tan
38cc6dec84 Move the constant as well. 2017-06-06 15:39:39 +09:00
Guo Xiang Tan
b19bc887e8 FIX: Ensure that we cancel any timeout jobs when terminating a track. 2017-06-05 16:28:25 +09:00
Guo Xiang Tan
c7108e077e FIX: Bot should only respond to regular posts. 2017-06-05 15:24:40 +09:00
Régis Hanol
5cd9236f17 FIX: PNG-to-JPEG conversion should only be done to images with at least 1 megapixels 2017-06-03 21:51:33 +02:00