github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-13 16:43:45 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
40,714 Commits 214 Branches 500 Tags 960 MiB
eb9f15a94a
Commit Graph

40714 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Neil Lalonde
eb9f15a94a
Version bump to v2.6.2 2021-02-18 12:53:47 -05:00
David Taylor
5489a1c4d9
SECURITY: Attach DiscourseConnect (SSO) nonce to current session (#12124) 2021-02-18 10:57:36 +00:00
Arpit Jalan
a4a37b671a FIX: process new invites when existing users are already group members (#11971) 
If a list of email addresses is pasted into a group’s Add Members form
that has one or more email addresses of users who already belong to the
group and all other email addresses are for users who do not yet exist
on the forum then no invites were being sent. This commit ensures that
we send invites to new users.
 2021-02-05 10:04:35 +05:30
Martin Brennan
946f4b82fa
DEV: Move logic for rate limiting user second factor to one place (#11941) 
This moves all the rate limiting for user second factor (based on `params[:second_factor_token]` existing) to the one place, which rate limits by IP and also by username if a user is found.
 2021-02-04 09:06:11 +10:00
Robin Ward
98f775506d
SECURITY: Rate limit MFA by login if possible (#11938) 
This ensures we rate limit on logins where possible, we also normalize logins for the rate limiters centrally.
 2021-02-03 10:32:08 +11:00
Neil Lalonde
d8627cf43f
Version bump to v2.6.1 2021-01-21 14:13:35 -05:00
Arpit Jalan
5130f73bad Bump onebox gem to 2.2.1 
- do not show title only oneboxes
- allow oneboxes with title and image
 2020-12-24 11:14:21 +05:30
Rafael dos Santos Silva
3a4bd80d8a
FIX: Autoplay videos must always be muted (#11533) 
This automatically adds the muted attribute if it's missing in a video
tag.

Co-authored-by: David Taylor <david@taylorhq.com>
 2020-12-21 18:09:41 -03:00
Neil Lalonde
d6121249d3
Version bump to v2.6.0 2020-11-30 16:48:47 -05:00
Neil Lalonde
a502a47197
Merge diffs from master 2020-11-30 16:42:54 -05:00
Neil Lalonde
fef0a0c429
Merge master 2020-11-30 16:41:58 -05:00
dependabot[bot]
c60084a8f1 Build(deps-dev): Bump simplecov from 0.19.1 to 0.20.0 
Bumps [simplecov](https://github.com/simplecov-ruby/simplecov) from 0.19.1 to 0.20.0.
- [Release notes](https://github.com/simplecov-ruby/simplecov/releases)
- [Changelog](https://github.com/simplecov-ruby/simplecov/blob/main/CHANGELOG.md)
- [Commits](https://github.com/simplecov-ruby/simplecov/compare/v0.19.1...v0.20.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-11-30 13:07:19 -05:00
David Taylor
e7bad9f05d
FIX: Ensure directory items appear in a consistent order (#11370) 
User directory items are sorted by some activity metric. If those metrics have the same value, postgres does not guarantee the order in which they will be returned. This can cause issues in pagination - some users may appear twice, and some may be missed. To illustrate

```
pry(main)> query = DirectoryItem.where(period_type: DirectoryItem.period_types[:weekly]).order(:likes_received).limit(50);
pry(main)> page1 = query.offset(0).pluck(:id);
pry(main)> page2 = query.offset(50).pluck(:id);
pry(main)> (page1 & page2).count # users on both pages
=> 29
```

If we use the primary key to tie-break matching metrics, things are much more reliable

```
pry(main)> query = DirectoryItem.where(period_type: DirectoryItem.period_types[:weekly]).order(:likes_received, :id).limit(50);
pry(main)> page1 = query.offset(0).pluck(:id);
pry(main)> page2 = query.offset(50).pluck(:id);
pry(main)> (page1 & page2).count # users on both pages
=> 0
```

This most commonly effects new sites where all the directory metrics are zero.

The fact that the ordering is indeterminate makes it difficult to write a reliable test case for this.
 2020-11-27 18:12:49 +00:00
Robin Ward
65eec147fc FEATURE: Add plugin js / plugin test js to bootstrap.json 
This allows 3rd party clients (such as Ember CLI) to run plugins and
their tests.
 2020-11-27 12:31:17 -05:00
dependabot[bot]
7af663ca63 Build(deps): Bump loofah from 2.7.0 to 2.8.0 
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/flavorjones/loofah/releases)
- [Changelog](https://github.com/flavorjones/loofah/blob/master/CHANGELOG.md)
- [Commits](https://github.com/flavorjones/loofah/compare/v2.7.0...v2.8.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-11-27 10:50:19 -05:00
Roman Rizzi
5448f3ed9e
Hide imports commit from blame (#11367) 2020-11-27 11:46:27 -03:00
Roman Rizzi
1c2358ba16
DEV: Tidy up imports. (#11364) 
Only allow one import definition per file and add a new eslint rule to enforce it.
 2020-11-27 11:30:16 -03:00
Gerhard Schlager
2e5e4dbf19
DEV: Make it easier to customize link attributes in quick access menu (#11365) 
This allows themes to customize link attributes:

```
api.reopenWidget("quick-access-item", {
  _linkAttributes(href) {
    const attributes = this._super(...arguments);
    // do stuff
    return attributes;
  }
}
```
 2020-11-27 12:26:47 +01:00
Bianca Nenciu
eeae657ca5
FIX: No tags should be set if tag chooser is hidden (#11362) 
If a user could not set tags because they had a trust level lower than
min_trust_level_to_tag_topics site setting, the "Create Topic" button
from a tag page would still show up and be enabled. Clicking it caused
the composer model to silently have the tags set.
 2020-11-27 13:03:37 +02:00
Krzysztof Kotlarek
a0c457120a
Revert "FIX: bump nokogumbo to 2.0.3 with patch (#11357)" (#11366) 
This reverts commit 2fee4ee7f3.
 2020-11-27 17:14:12 +11:00
Krzysztof Kotlarek
2fee4ee7f3
FIX: bump nokogumbo to 2.0.3 with patch (#11357) 
PR lodged to nokogumbo so later we should be able to drop freedom patch - https://github.com/rubys/nokogumbo/pull/158
 2020-11-27 08:32:18 +11:00
Robin Ward
dab2f2fdf4 REFACTOR: We can't use Ember.HTMLBars.compile in Ember CLI 
Instead we use the inline `hbs` helper. Note in the non-Ember CLI
version this will not actually inline compile, but it will still work
for all our tests.
 2020-11-26 09:27:20 -05:00
dependabot[bot]
6ac270aa94 Build(deps): Bump regexp_parser from 1.8.2 to 2.0.0 
Bumps [regexp_parser](https://github.com/ammar/regexp_parser) from 1.8.2 to 2.0.0.
- [Release notes](https://github.com/ammar/regexp_parser/releases)
- [Changelog](https://github.com/ammar/regexp_parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ammar/regexp_parser/compare/v1.8.2...v2.0.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-11-26 09:26:57 -05:00
Joe
eecff3d15b
DEV: Ensures mobile RTL stylesheets are loaded (#11360) 
This PR only makes CSS changes that have no visual impact, but they fix an issue in the compiler that causes some stylesheets not to load on mobile RTL.

Full context here

https://meta.discourse.org/t/user-card-will-not-open-on-the-mobile/171268/6?u=johani
 2020-11-26 21:03:25 +08:00
David Taylor
f56c4b78da
FEATURE: Add users:log_out API key scope (#11359) 2020-11-26 10:39:38 +00:00
Sam
97eae4e3ad
PERF: avoid using destroy_all when removing stats (#11358) 
destroy_all will load all the active record relation and iterate, this
can get extremely expensive.
 2020-11-26 15:29:39 +10:00
Roman Rizzi
c9df679ba1
FIX: Only use full slugs when compiling category backgrounds. (#11353) 
If a category and a sub-category have the same slug, adding a background to one of them will also show it on the other one. This was introduced in 8e3f667 to fix a discrepancy, which was later fixed in 214b4c3.
 2020-11-25 15:40:16 -03:00
Robin Ward
059e9cb1d2 REFACTOR: Remove .erb from emoji-picker 
We can't use erb in ember-cli, and it seems the emoji groups rarely
change anyway. This commit migrates the ERB to pre-rendered javascript
that is updated via the `rake javascript:update_constants` task.
 2020-11-25 11:23:02 -05:00
dependabot[bot]
9ec0359022
Build(deps): Bump rubocop from 1.4.1 to 1.4.2 (#11349) 
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 1.4.1 to 1.4.2.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v1.4.1...v1.4.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-11-25 12:42:36 +01:00
dependabot[bot]
834d71d1f7
Build(deps): Bump rails_failover from 0.6.1 to 0.6.2 (#11350) 
Bumps rails_failover from 0.6.1 to 0.6.2.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-11-25 11:21:50 +00:00
Sam
f5945efae7
DEV: watch more test directories (#11346) 
Much has moved and autospec stopped picking up certain tests.
 2020-11-25 11:12:23 +00:00
Joffrey JAFFEUX
abb89475a3
FIX: issues with frowning/grinning (#11235) 
- frowning was using slighty_frowning
- slightly_frowning was using frowning
- grinning_face_with_smiling_eyes was not defined
- fronwing_face_with_open_mouth was not defined
 2020-11-25 09:09:35 +01:00
Martin Brennan
5028aaf446
FIX: Add secure media url to SERVER_SIDE_ONLY list (#11348) 2020-11-25 15:31:31 +11:00
Martin Brennan
2348a7972e
FIX: When quoting an attachment, keep the |attachment in markdown (#11347) 2020-11-25 15:31:14 +11:00
Sam
3e1b94c227
PERF: avoid checking card background and user background when not supplied (#11299) 
Previously we were performing a bunch of needless work when SSO failed
to supply profile and card backgrounds.
 2020-11-25 10:53:44 +11:00
jbrw
51f9a56137
FEATURE: Onebox local categories (#11311) 
* FEATURE: onebox for local categories

This commit adjusts the category onebox to look more like the category boxes do on the category page.

Co-authored-by: Jordan Vidrine <jordan@jordanvidrine.com>
 2020-11-25 10:53:05 +11:00
jbrw
416f984c5e
FEATURE: Update onebox and add styling for githubfolder onebox (#11313) 2020-11-25 10:51:29 +11:00
Robin Ward
436d68d54f
UX: Don't show selected posts interface twice on mobile (#11328) 
Note to reproduce you need a topic with over 3 posts.
 2020-11-25 10:50:05 +11:00
Bianca Nenciu
f9ff51870b
FIX: Rebake theme fields if upload changes (#11341) 
Updating SVG sprites of a theme did not take effect immediately because
the cache was not cleared.
 2020-11-25 10:49:12 +11:00
dependabot[bot]
e527741577
Build(deps): Bump rubocop-ast from 1.1.1 to 1.2.0 (#11343) 
Bumps [rubocop-ast](https://github.com/rubocop-hq/rubocop-ast) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-ast/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-ast/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-ast/compare/v1.1.1...v1.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-11-25 09:17:55 +11:00
Joffrey JAFFEUX
ad1a10e6e9
FIX: hides votes from regular users when poll is staff only (#11342) 2020-11-24 22:19:06 +01:00
Rafael dos Santos Silva
a6613d15f4
Adds discourse-gifs to suggested components (#11339) 2020-11-24 14:58:45 -03:00
Discourse Translator Bot
9c901ee978
Update translations (#11336) 2020-11-24 17:25:37 +01:00
Robin Ward
0e0c70019b FIX: Suggested Topics was being set inside a computed property 
This is bad because changing the `suggested_topics` proeprty could cause
a `set` on `suggested_topics`.
 2020-11-24 11:08:11 -05:00
Penar Musaraj
67979b2b21
Remove "Alternative Logos" from popular themes list (#11337) 
Core has had support for dark theme logos for a while now.
 2020-11-24 10:13:16 -05:00
David Taylor
0c685a46de
FEATURE: Add user update, anonymize and delete API scopes (#11335) 2020-11-24 12:54:24 +00:00
Roman Rizzi
7ad2c2bdd8
FIX: Exclude muted results when suggested related topics at random. (#11290) 
We already do this for new and unread results, but not for randomly suggested topics.
 2020-11-24 09:16:10 -03:00
Dan Ungureanu
123107c28f
UX: Add group name to error message (#11333) 
The group name used to be part of the error message, but was removed
in a past commit.
 2020-11-24 13:06:52 +02:00
Dan Ungureanu
2742595b00
FIX: Checkbox value should not leak between themes (#11327) 
This commit includes a hack to ensure didInsertElement is called only
once.
 2020-11-24 12:10:28 +02:00
Sam
225d94d8b8
FIX: correct cdn path (#11324) 
This was a typo in a118ec13
 2020-11-24 14:17:55 +11:00