Commit Graph

35540 Commits

Author SHA1 Message Date
dependabot-preview[bot]
510047c5df Build(deps): Bump ruby-openid from 2.7.0 to 2.9.2 (#8476)
Bumps [ruby-openid](https://github.com/openid/ruby-openid) from 2.7.0 to 2.9.2.
- [Release notes](https://github.com/openid/ruby-openid/releases)
- [Changelog](https://github.com/openid/ruby-openid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/openid/ruby-openid/compare/v2.7.0...v2.9.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-09 10:40:50 +00:00
Joe
e89fa7202d
UX: Removes avatar animation for mobile-user cards (#8483) 2019-12-09 18:19:37 +08:00
Sam Saffron
ed6d3b493c DEV: update dependencies
This updates some low risk dependencies. Mostly minor changes.

Public suffix now requires Ruby 2.3 and up which is not a problem for us.
2019-12-09 19:20:45 +11:00
Sam Saffron
494fe335d3 DEV: allow handling crawler reqs with no user agent
Followup to e440ec25 we treat no user agent as crawler reqs.
2019-12-09 18:40:10 +11:00
Sam Saffron
e440ec2519 FIX: crawler requests not tracked for non UTF-8 user agents
Non UTF-8 user_agent requests were bypassing logging due to PG always
wanting UTF-8 strings.

This adds some conversion to ensure we are always dealing with UTF-8
2019-12-09 17:43:51 +11:00
dependabot-preview[bot]
9b30922109 Build(deps): Bump rotp from 3.3.1 to 5.1.0 (#8477)
* Build(deps): Bump rotp from 3.3.1 to 5.1.0

Bumps [rotp](https://github.com/mdp/rotp) from 3.3.1 to 5.1.0.
- [Release notes](https://github.com/mdp/rotp/releases)
- [Changelog](https://github.com/mdp/rotp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mdp/rotp/compare/v3.3.1...v5.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Fix breaking ROTP changes
2019-12-09 14:29:48 +10:00
jwjwyoung
5cef71e885 DEV: remove uneeded distinct from relation
No need to call `.distinct` when a unique index already exists.
2019-12-09 14:24:38 +11:00
dependabot-preview[bot]
fca727fd92 DEV: Bump tilt from 2.0.9 to 2.0.10 (#8479)
Minor update, removes a Ruby 2.7 deprecation.
2019-12-09 14:22:55 +11:00
dependabot-preview[bot]
c853051edb DEV: Bump mustache from 1.1.0 to 1.1.1 (#8478)
Minor update, removes one warning which we have not seen yet.
2019-12-09 14:21:55 +11:00
Jarek Radosz
067c4a7c10 DEV: Fix CookedPostProcessor specs
Broken in #8480
2019-12-09 03:16:25 +01:00
dependabot-preview[bot]
7aa3233bcb DEV: Bump puma from 3.12.2 to 4.3.1 (#8475)
The downside here is that we are now going to require nio4r which requires some native code.

It is reasonably low risk though cause puma is very well tested. We use puma mostly in test environments, not in production.
2019-12-09 12:51:41 +11:00
dependabot-preview[bot]
d198e824ce DEV: Bump fastimage from 2.1.5 to 2.1.7
This library is used to detect size of images, upgrading a minor version here should be low risk, we have integration tests to detect issues.
2019-12-09 12:49:53 +11:00
Jarek Radosz
02ca6fa6c8 DEV: See if the store is external before checking disk space (#8480)
`available_disk_space` calls `df` which exits with an error if the `uploads` path doesn't exist. That's often the case when the `Discourse.store.external?` is true.

By doing the `external?` check first the `disable_if_low_on_disk_space` does less work and doesn't output any errors to the console.
2019-12-09 12:48:45 +11:00
Jeff Wong
e7bd288d7b FIX: Skip validation on enforcing second factor change if the value is "no"
Without this, this site setting breaks plugin tests if local logins are
disabled in the plugin.
2019-12-06 16:42:15 -08:00
Blake Erickson
da66950cf5 DEV: Remove buffered rendering from backup upload progress
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: 54e4559aea in this
series.

This commit affects the display of the backup upload progress bar. It is
just a refactor and does not change any functionality.
2019-12-06 17:11:25 -07:00
Neil Lalonde
d0e191a9d5 REFACTOR: changes from tag synonym feedback 2019-12-06 15:42:22 -05:00
Penar Musaraj
68124caae2 FIX: Avoid unpinning composer on iOS when invoking emojis
Specifically when invoking emoji dropdown using a colon and pressing Return.
2019-12-06 14:08:59 -05:00
Penar Musaraj
78969d7719 DEV: Support custom log level in dev
See https://guides.rubyonrails.org/debugging_rails_applications.html#log-levels
Can be used to reduce noise when running "bundle exec rails server" in dev.

Setting DISCOURSE_DEV_LOG_LEVEL="warn" will make for easier puts debugging with unicorn.
2019-12-06 10:57:10 -05:00
Vinoth Kannan
e51091f199 REFACTOR: do X-Frame-Options header removal in application controller.
Co-authored-by: Sam <sam.saffron@gmail.com>
Previous commit: f7084a4339
2019-12-06 18:25:32 +05:30
Gerhard Schlager
c88797bf0e FIX: Ignore DMARC for emails sent to mailing list mirror 2019-12-06 13:29:39 +01:00
Sam Saffron
8a6421565e DEV: upgrade low risk gems
This updates a bunch of gems that have very low risk of breaking anything
or are mostly used in dev. Overall our goal is to be on latest gems with
latest bug fixes so this is us working in that direction.
2019-12-06 17:12:43 +11:00
Blake Erickson
6617015bb5 DEV: Remove commented out code
Forgot to remove this.

Follow up to: 54e4559aea
2019-12-05 20:32:27 -07:00
Blake Erickson
54e4559aea DEV: Remove buffered rendering from topic timers
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: f269e45978 in this
series.

This commit affects the display of topic timers. It is just a refactor
and does not change any functionality.
2019-12-05 20:28:27 -07:00
dependabot[bot]
cc92aa9e71 SECURITY: Bump puma from 3.12.1 to 3.12.2 (#8464)
Bumps [puma](https://github.com/puma/puma) from 3.12.1 to 3.12.2.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v3.12.1...v3.12.2)

Signed-off-by: dependabot[bot] <support@github.com>
2019-12-06 14:09:29 +11:00
Sam Saffron
a06fccae1b DEV: update dependencies and add notes about exceptions
Previously it was unclear why certain gems are being held back cause Gemfile
had no comment explaining it.

I tried to add some explanation from memory and remove some exceptions that
seemed to be superfluous.

This upgrades shoulda to latest, it appears to work once a couple of assertions
are removed

Also update http accept language used to auto detect language from http header
this is tested

Zeitwerk small update seems fine
2019-12-06 13:00:28 +11:00
Martin Brennan
e4881290be
FIX: Image file names with dots were showing incorrectly in composer markdown (#8465)
When uploading an image file with dots in the filename we were splitting the string on dots and getting the last of the split items as the extension-less filename. However this did not work with filenames that have dots. We now  just remove the extension using substr.
2019-12-06 10:58:47 +10:00
Vinoth Kannan
da2b0b2882 UX: remove the double-encoding of user titles.
`{{}}` in handlebars are already escaping the HTML elements.
2019-12-06 04:07:47 +05:30
Vinoth Kannan
f7084a4339 FEATURE: add site setting to remove X-Frame-Options header. 2019-12-06 03:15:09 +05:30
Gerhard Schlager
00985559e4 FIX: Login page that redirects to preferences was broken 2019-12-05 22:36:11 +01:00
Gerhard Schlager
86186de1e3 FIX: Redirect to /login-preferences didn't work for subfolders 2019-12-05 22:34:44 +01:00
Robin Ward
895d5cb592 FIX: Anonymous cache regression 2019-12-05 15:07:48 -05:00
Rafael dos Santos Silva
dbee72e92b FIX: Export poll UI should only show for admins 2019-12-05 17:03:06 -03:00
Robin Ward
532fea1460
DEV: Provide API for anonymous cache segments (#8455)
This can be used from a plugin that needs to establish something new in
the anonymous cache. For example `is_ie` for an internet explorer
plugin.
2019-12-05 14:57:18 -05:00
Neil Lalonde
2987a46f48 Version bump to v2.4.0.beta8 2019-12-05 13:50:33 -05:00
Blake Erickson
f269e45978 DEV: Remove buffered rendering from popup-input-tips
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: fe9293b8b5 in this
series.

This commit affects the display of popup input tips, like in the
composer when the title is too short or too long. It is just a refactor
and does not change any functionality.
2019-12-05 10:59:36 -07:00
Neil Lalonde
891b71bdf5 Fix release notes rake task
It breaks when a commit message is "FIX:"
2019-12-05 11:53:10 -05:00
Neil Lalonde
50b98a47ac Update translations 2019-12-05 11:20:52 -05:00
Vinoth Kannan
aa5d4e9f6e FIX: keep ruby & rt tags in html to markdown conversion. 2019-12-05 21:18:00 +05:30
Vinoth Kannan
11c4d5eda7 Fix the build - take 3.
754e1238b0
2019-12-05 20:35:39 +05:30
Vinoth Kannan
754e1238b0 Fix the build - take 2.
b0e3062fdf
2019-12-05 19:36:52 +05:30
Vinoth Kannan
b0e3062fdf Fix the 'PostMover' spec. 2019-12-05 19:09:50 +05:30
Vinoth Kannan
e6dfcda0bc DEV: handle all notification consolidations in new 'NotificationConsolidator' class.
481c8314f0
2019-12-05 14:36:06 +05:30
Blake Erickson
fe9293b8b5 DEV: Remove buffered rendering from input tips
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: 2290ec9e87 in this
series.

This commit affects the display of input tips. It is just a refactor and
does not change any functionality.
2019-12-04 18:11:00 -07:00
Jarek Radosz
d07f039468 FIX: Secure Upload URLs in lightbox (#8451)
This fixes the following issues:

* The link element on the lightbox which pops open the lightbox was linking to the S3 URL with a private ACL instead of the secure media URL for the image
* Change to use `@post.with_secure_media?` in `CookedPostProcessor` for URL cooking, as in some cases, like when a post is edited and an upload is added, `upload.secure?` can be false which resulted in `srcset` URLs not being cooked correctly to secure media upload urls.
2019-12-05 09:13:09 +10:00
Blake Erickson
2290ec9e87 DEV: Remove buffered rendering from i18n count
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: 80f4b9e227 in this
series.

This commit affects the display of translated counts that is used in
multiple places like showing how many posts are selected using the
select posts feature on a topic. It is just a refactor and does not
change any functionality.
2019-12-04 15:39:05 -07:00
Krzysztof Kotlarek
fa52ed3b16
FIX: bufferedValuesString.split is not a function (#8463)
Fix an error `bufferedValuesString.split is not a function`.
It is happening when bufferedValue is a positive boolean (checkbox value)
2019-12-05 08:25:49 +11:00
Mark VanLandingham
a54aaeeb79
REFACTOR: post_destroyer destroy method (#8462) 2019-12-04 14:13:31 -06:00
romanrizzi
b13f427450 DEV: Drop uglifyJS V2 support 2019-12-04 15:58:38 -03:00
Neil Lalonde
875f0d8fd8
FEATURE: Tag synonyms
This feature adds the ability to define synonyms for tags, and the ability to merge one tag into another while keeping it as a synonym. For example, tags named "js" and "java-script" can be synonyms of "javascript". When searching and creating topics using synonyms, they will be mapped to the base tag.

Along with this change is a new UI found on each tag's page (for example, `/tags/javascript`) where more information about the tag can be shown. It will list the synonyms, which categories it's restricted to (if any), and which tag groups it belongs to (if tag group names are public on the `/tags` page by enabling the "tags listed by group" setting). Staff users will be able to manage tags in this UI, merge tags, and add/remove synonyms.
2019-12-04 13:33:51 -05:00
Vinoth Kannan
15c2755b7b Fix the WebHookPostSerializer spec.
400f79cffc
2019-12-04 23:30:04 +05:30