Commit Graph

44562 Commits

Author SHA1 Message Date
Martin Brennan
ad9e791ba7
FIX: Post migration to fix custom emojis with secure URL (#15944)
Follow up to 88a8584348. Sets
the baked version of all posts with custom emoji and a secure
media URL in the cooked content to 0. Then our periodic rebake
posts job will rebake them to apply the fix in the linked
commit. This only matters on sites with secure media enabled.
2022-02-15 10:37:16 +10:00
dependabot[bot]
16b1fcd95e
Build(deps): Bump simplecov_json_formatter from 0.1.3 to 0.1.4 (#15946)
Bumps [simplecov_json_formatter](https://github.com/fede-moya/simplecov_json_formatter) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/fede-moya/simplecov_json_formatter/releases)
- [Changelog](https://github.com/codeclimate-community/simplecov_json_formatter/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fede-moya/simplecov_json_formatter/commits)

---
updated-dependencies:
- dependency-name: simplecov_json_formatter
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-15 01:33:24 +01:00
dependabot[bot]
e2bca42ca0
Build(deps): Bump jmespath from 1.5.0 to 1.6.0 (#15943)
Bumps [jmespath](https://github.com/trevorrowe/jmespath.rb) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/trevorrowe/jmespath.rb/releases)
- [Changelog](https://github.com/jmespath/jmespath.rb/blob/main/CHANGELOG.md)
- [Commits](https://github.com/trevorrowe/jmespath.rb/compare/v1.5.0...v1.6.0)

---
updated-dependencies:
- dependency-name: jmespath
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-15 01:01:56 +01:00
David Taylor
ebb5c1ff4d
DEV: Prefix deprecation notices with plugin name (#15942)
To make this possible in development mode, the `sourceURL=` implementation needs to include something plugin-specific. This has no effect on production.

The asset version is bumped in order to trigger a re-compilation of plugin JS assets.
2022-02-14 20:13:52 +00:00
dependabot[bot]
4be0e86f1e
Build(deps): Bump pg from 1.3.1 to 1.3.2 (#15941)
Bumps [pg](https://github.com/ged/ruby-pg) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.3.1...v1.3.2)

---
updated-dependencies:
- dependency-name: pg
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-14 21:12:52 +01:00
David Taylor
b8526c6d75
DEV: Ensure stylesheet sourcemap URLs include __ws hostname param (#15934)
Without this parameter, requests for sourcemaps on shared-CDN multisites will not be routed to the correct database, resulting in a 404.

The stylesheet content now depends on the site hostname, so the hostname has been added to the digest.
2022-02-14 19:53:39 +00:00
David Taylor
3405f66b7e
UX: Improve default_code_lang copy (#15940)
Co-authored-by: Dax74 <Dax74@users.noreply.github.com>
2022-02-14 19:16:09 +00:00
dependabot[bot]
22f066832b
Build(deps): Bump loofah from 2.13.0 to 2.14.0 (#15926)
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.13.0 to 2.14.0.
- [Release notes](https://github.com/flavorjones/loofah/releases)
- [Changelog](https://github.com/flavorjones/loofah/blob/main/CHANGELOG.md)
- [Commits](https://github.com/flavorjones/loofah/compare/v2.13.0...v2.14.0)

---
updated-dependencies:
- dependency-name: loofah
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-14 19:57:38 +01:00
dependabot[bot]
506cfd2fdd
Build(deps): Bump rubocop-ast from 1.15.1 to 1.15.2 (#15925)
Bumps [rubocop-ast](https://github.com/rubocop/rubocop-ast) from 1.15.1 to 1.15.2.
- [Release notes](https://github.com/rubocop/rubocop-ast/releases)
- [Changelog](https://github.com/rubocop/rubocop-ast/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-ast/compare/v1.15.1...v1.15.2)

---
updated-dependencies:
- dependency-name: rubocop-ast
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-14 19:54:21 +01:00
dependabot[bot]
a06dafba78
Build(deps): Bump rqrcode from 2.1.0 to 2.1.1 (#15924)
Bumps [rqrcode](https://github.com/whomwah/rqrcode) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/whomwah/rqrcode/releases)
- [Changelog](https://github.com/whomwah/rqrcode/blob/master/CHANGELOG.md)
- [Commits](https://github.com/whomwah/rqrcode/compare/v2.1.0...v2.1.1)

---
updated-dependencies:
- dependency-name: rqrcode
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-14 19:54:06 +01:00
dependabot[bot]
cb626adc9f
Build(deps): Bump regexp_parser from 2.2.0 to 2.2.1 (#15923)
Bumps [regexp_parser](https://github.com/ammar/regexp_parser) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/ammar/regexp_parser/releases)
- [Changelog](https://github.com/ammar/regexp_parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ammar/regexp_parser/compare/v2.2.0...v2.2.1)

---
updated-dependencies:
- dependency-name: regexp_parser
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-14 19:53:17 +01:00
dependabot[bot]
c99f3819e2
Build(deps): Bump puma from 5.6.1 to 5.6.2 (#15922)
Bumps [puma](https://github.com/puma/puma) from 5.6.1 to 5.6.2.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.6.1...v5.6.2)

---
updated-dependencies:
- dependency-name: puma
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-14 19:52:38 +01:00
janzenisaac
ee050e5063
DEV: Make user card non-clickable for anon users: (#15938)
Make name / avatar non-clickable for anon users
2022-02-14 11:25:41 -06:00
Gerhard Schlager
33d6ed60a4
DEV: Don't import year of birth (#15937)
The cakeday plugin doesn't use the year.
2022-02-14 18:10:35 +01:00
David Taylor
f078d1ab0a
FIX: Update application_helper logic now that Ember CLI is default (#15935)
Followup to a01b1dd648
2022-02-14 13:48:18 +00:00
Osama Sayegh
7ed899fed9
FIX: Ensure theme JavaScript cache get consistent SHA1 digest (#15933)
There is a couple of layers of caching for theme JavaScript in Discourse:

The first layer is the `javascript_caches` table in the database. When a theme
with JavaScript files is installed, Discourse stores each one of the JavaScript
files in the `theme_fields` table, and then concatenates the files, compiles
them, computes a SHA1 digest of the compiled JavaScript and store the results
along with the SHA1 digest in the `javascript_caches` table.

Now when a request comes in, we need to render `<script>` tags for the
activated theme(s) of the site. To do this, we retrieve the `javascript_caches`
records of the activated themes and generate a `<script>` tag for each record.
The `src` attribute of these tags is a path to the `/theme-javascripts/:digest`
route which simply responds with the compiled JavaScript that has the requested
digest.

The second layer is a distributed cache whose purpose is to make rendering
`<script>` a lot more efficient. Without this cache, we'd have to query the
`javascript_caches` table to retrieve the SHA1 digests for every single
request. So we use this cache to store the `<script>` tags themselves so that
we only have to retrieve the `javascript_caches` records of the activated
themes for the first request and future requests simply get the cached
`<script>` tags.

What this commit does it ensures that the SHA1 digest in the
`javascript_caches` table stay the same across compilations by adding an order
by id clause to the query that loads the `theme_fields` records. Currently, we
specify no order when retrieving the `theme_fields` records so the order in
which they're retrieved can change across compilations and therefore cause the
SHA1 to change even though the individual records have not changed at all.

An inconsistent SHA1 digest across compilations can cause the database cache
and the distributed cache to have different digests and that causes the
JavaScript to fail to load (and if the theme heavily customizes the site, it
gives the impression that the site is broken) until the cache is cleared.

This can happen in busy sites when 2 concurrent requests recompile the
JavaScript files of a theme at the same time (this can happen when deploying a
new Discourse version) and request A updates the database cache after request B
did, and request B updates the distributed cache after request A did.

Internal ticket: t60783.

Co-authored-by: David Taylor <david@taylorhq.com>
2022-02-14 16:23:06 +03:00
David Taylor
07893779df
DEV: Correct service-worker sourceMappingURL (#15916)
We serve `service-worker.js` in an unusual way, which means that the sourcemap is not available on an adjacent path. This means that the browser fails to fetch the map, and shows an error in the console.

This commit re-writes the source map reference in the static_controller to be an absolute link to the asset (including the appropriate CDN, if enabled), and adds a spec for the behavior.

It's important to do this at runtime, rather than JS precompile time, so that changes to CDN configuration do not require re-compilation to take effect.
2022-02-14 12:47:56 +00:00
David Taylor
6ab4d26d84
PERF: Terminate rake process during ember build (#15920)
The `assets:precompile` rake task loads the full Ruby app, which can consume around 500mb of RAM by itself. Using `exec` to run `ember build` allows us to free up the Ruby memory and make more space for `ember build`
2022-02-14 11:49:46 +00:00
Dan Ungureanu
efb584e32f
FEATURE: Use new topic-chooser for invite modal (#15884)
The old choose-topic component did not have the same style as the rest
of the create invite modal and was not very suitable to use in the modal
because it introduced the search results in modal's body.

The new topic-chooser is built using select-kit and provides a more
polished user experience.
2022-02-14 13:43:52 +02:00
David Taylor
a01b1dd648
PERF: Update ember-auto-import and webpack (#15919)
This makes a small improvement to 'cold cache' ember-cli build times, and a large improvement to 'warm cache' build times

The ember-auto-import update means that vendor is now split into multiple files for efficiency. These are named `chunk.*`, and should be included immediately after the `vendor.js` file. This commit also updates the rails app to render script tags for these chunks.

This change was previously merged, and caused memory-related errors on RAM-constrained machines. This was because Webpack 5 switches from multiple worker processes to a single multi-threaded process. This meant that it was hitting node's default heap size limit (~500mb on a 1GB RAM server). Discourse's standard install procedure recommends adding 2GB swap to 1GB-RAM machines, so we can afford to override's Node's default via the `--max-old-space-size` flag.
2022-02-14 11:21:39 +00:00
David Taylor
c4e34047a1 DEV: Prefix deprecation notices and api warnings with theme name/id 2022-02-14 10:11:19 +00:00
David Taylor
af24c10314 DEV: Improve theme error handling UX
- Update UI to improve contrast
- Make it clear that the message is only shown to administrators
- Add theme name and id to the console output
- Parse the error backtrace to identify the theme-id for post-decoration errors
- Improve console output to include the theme name / URL
- Add `?safe_mode=no_custom` to the admin panel link, so that it will work even if the theme is causing the site to break
2022-02-14 10:11:19 +00:00
Martin Brennan
4b4f2330da
DEV: Expand UploadMarkdown generation capabilities (#15930)
The chat quoting mechanism will need to be able to generate
markdown for all kinds of uploads. The UploadMarkdown class
was missing generation for video and audio uploads. This
commit adds that in, and also expands the server-side regex
recognition of FileHelper types to match those in uploads.js,
and adds a spec for UploadMarkdown
2022-02-14 15:48:27 +10:00
Krzysztof Kotlarek
fbf0345512
Version bump to v2.9.0.beta2 (#15932) 2022-02-14 16:23:19 +11:00
Martin Brennan
88a8584348
FIX: Cooking custom emojis should not use a secure URL (#15929)
When a site has secure media enabled and a post is with secure
media, we were incorrectly cooking custom emoji URLs and using the
secure URL for those emojis, even though they should not be
considered secure (their corresponding upload records in the
database are _not_ secure). Now instead of the blanket
post.with_secure_media? boolean for the secure: param, we also
want to make sure the image whose URL is being cooked is also
_not_ a custom emoji.
2022-02-14 13:02:42 +10:00
Krzysztof Kotlarek
a34075d205
SECURITY: Onebox response timeout and size limit (#15927)
Validation to ensure that Onebox request is no longer than 10 seconds and response size is not bigger than 1 MB
2022-02-14 12:11:09 +11:00
Kris
55007fbf55
UX: crawler view always shows 0 votes, hide count (#15903) 2022-02-11 16:38:10 -05:00
David Taylor
8025768fd2
DEV: Embed source content in JS sourcemaps (#15914)
This removes the need for a further request for the 'original' source file, and brings our custom terser arguments in line with the ember-cli defaults
2022-02-11 20:38:53 +00:00
Gerhard Schlager
6a41ec179c
FIX: Default settings for phpBB3 import were broken (#15913) 2022-02-11 18:18:54 +01:00
David Taylor
a54a06fc41
DEV: Connect pretty-text console to the Rails logger (#15909)
This will allow pretty text deprecations / errors / warnings to appear in the Rails logs, rather than disappearing silently.

(implementation adapted from `discourse_js_processor.rb`)
2022-02-11 17:16:27 +00:00
Régis Hanol
0cda57f236
I18N: improve 'here_mention' site setting's description (#15912)
Inspired by [this suggestion](https://meta.discourse.org/t/what-is-a-here-mention/217878/3) from G Ann Campbell

> I suppose the description of the “here mention” field could be improved to something like:
> "Name used for @here mention to allow a privileged user to notify up to 10 people participating in the thread. Must not…"
2022-02-11 16:21:41 +01:00
Bianca Nenciu
694205cc0c
DEV: Add include_all_pms option to TopicQuery (#15742)
This is intended for use by plugins which are building their own
topic lists, and want to include PMs alongside regular topics (e.g.
discourse-assign). It does not get used directly in core.
2022-02-11 14:46:23 +02:00
David Taylor
3acc54c218
UX: Add whos-online to official plugin list (#15910) 2022-02-11 12:00:24 +00:00
dependabot[bot]
078fc2bbec
Build(deps-dev): Bump rswag-specs from 2.5.0 to 2.5.1 (#15898)
Bumps [rswag-specs](https://github.com/rswag/rswag) from 2.5.0 to 2.5.1.
- [Release notes](https://github.com/rswag/rswag/releases)
- [Changelog](https://github.com/rswag/rswag/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rswag/rswag/compare/2.5.0...2.5.1)

---
updated-dependencies:
- dependency-name: rswag-specs
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-11 11:50:39 +01:00
Alan Guo Xiang Tan
1d6a45d1f9
DEV: Bump Theme::BASE_COMPILER_VERSION. (#15906)
In 8e5b945b0f, we reverted the commit but
at the same time resulted in Theme::BASE_COMPILER_VERSION going
backwards which caused problems with themes caching.

This commit bumps the version to clear all the caches.

Follow-up to 8e5b945b0f
2022-02-11 17:33:04 +11:00
Osama Sayegh
1fc3cf0569
DEV: Make DiscourseRedis#del support deleting multiple keys (#15905)
Redis supports deleting multiple keys at once using the `del` command and so does the `redis` gem: 21ec1dec06/lib/redis/commands/keys.rb (L188-L193). However, our wrapper around the `del` method currently accepts only one argument and expects it to be a string so it's impossible to delete multiple keys at once.

This PR changes the signature of the `DiscourseRedis#del` method so it accepts any number of arguments and makes sure all keys are properly namespaced before calling the `del` implementation of the `redis` gem.
2022-02-11 08:09:32 +03:00
Alan Guo Xiang Tan
81791a821c
DEV: Fix small typo. (#15904) 2022-02-11 11:51:51 +08:00
Alan Guo Xiang Tan
76aadc67bb
Revert "DEV: Prefix deprecation notices and api warnings with theme name/id" (#15902)
This reverts commit a4ff69bd99.

Follow-up to 8e5b945b0f
2022-02-11 11:37:12 +08:00
Alan Guo Xiang Tan
8e5b945b0f
Revert "DEV: Improve theme error handling UX" (#15900)
`PrettyText.cook` is breaking on some sites. Revert for now while we
investigate.

This reverts commit c81d369ab6.
2022-02-11 11:30:36 +08:00
Blake Erickson
febc2361bd
DEV: Document external topic id endpoints (#15897)
* DEV: Document external topic id endpoints

This commit documents the existing Create Topic endpoint with the
`external_id` param and documents the new get topic by external id
endpoint.

It also refactors the existing topic show endpoint to use the new format
where we load the expected json schema response from a file.

See: 71f7f7ed49

* clean up unused test variables
2022-02-10 19:01:19 -07:00
dependabot[bot]
da40c50e57
Build(deps-dev): Bump annotate from 3.1.1 to 3.2.0 (#15895)
Bumps [annotate](https://github.com/ctran/annotate_models) from 3.1.1 to 3.2.0.
- [Release notes](https://github.com/ctran/annotate_models/releases)
- [Changelog](https://github.com/ctran/annotate_models/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ctran/annotate_models/compare/v3.1.1...v3.2.0)

---
updated-dependencies:
- dependency-name: annotate
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-11 09:01:38 +08:00
Alan Guo Xiang Tan
b876ff6281
FIX: Update user stat counts when post/topic visibility changes. (#15883)
Breakdown of fixes in this commit:

* `UserStat#topic_count` was not updated when visibility of
the topic changed.

* `UserStat#post_count` was not updated when post was hidden or
unhidden.

* `TopicConverter` was only incrementing or decrementing the counts by 1
even if a user has multiple posts in the topic.

* The commit turns off the verbose logging by default as it is just
noise to normal users who are not debugging this problem.
2022-02-11 09:00:58 +08:00
Krzysztof Kotlarek
51a31f7835
FIX: subcategory filter limits results (#15655)
When the subcategory dropdown is searched, it should only display categories belonging to the same parent category.
2022-02-11 11:24:01 +11:00
Martin Brennan
e814f77eaa
DEV: Allow focusComposer to reply to existing topic (#15896)
Another use case for focusComposer() is if the user is
already inside a topic but another component (such as the
floating chat window) needs to open the composer. This
commit also fixes the appendText option to only prepend
2 new lines if there is text before the text to be appended.

Follow up 7850ee318f
2022-02-11 10:16:06 +10:00
David Taylor
a4ff69bd99 DEV: Prefix deprecation notices and api warnings with theme name/id 2022-02-10 22:56:11 +00:00
David Taylor
c81d369ab6 DEV: Improve theme error handling UX
- Update UI to improve contrast
- Make it clear that the message is only shown to administrators
- Add theme name and id to the console output
- Parse the error backtrace to identify the theme-id for post-decoration errors
- Improve console output to include the theme name / URL
- Add `?safe_mode=no_custom` to the admin panel link, so that it will work even if the theme is causing the site to break
2022-02-10 22:56:11 +00:00
Kris
35697c6076
Add classes to user stats, move likes received (#15892) 2022-02-10 16:18:55 -05:00
Bianca Nenciu
3170577ee1
FIX: Defer upload extension check for iOS (#15890)
accept HTML attribute is not fully supported on iOS yet and can contain
only MIME types. This changes the input to allow all files and the
extension check is performed later in JavaScript.
2022-02-10 21:48:22 +02:00
David Taylor
51b88c0e2c
DEV: Ensure Ember CLI sourcemaps are uploaded to S3 (#15893)
Ember CLI gives sourcemaps their own digest. Our `s3.rake` logic assumes that the digest portion of sourcemap filenames remains the same.

The Ember CLI sourcemaps are included in the manifest file, so we can ensure they are uploaded by letting them past the MiniMime check.

Followup to abefb1beff
2022-02-10 19:00:47 +00:00
Jordan Vidrine
b07c70d843
UX: Search spacing & position changes (#15882) 2022-02-10 12:32:21 -06:00