Commit Graph

93 Commits

Author SHA1 Message Date
David Taylor
6c7e9d3255
DEV: Remove htmlparser dependency (#9981)
We stopped using htmlparser in b5008586. There is no need to list it as a dependency
2020-06-05 13:29:50 +01:00
Joffrey JAFFEUX
f3dee5863f
FIX: pins down highlight.js to the last commit of the v9 tree (#9921)
The 10+ version has actually a bug with bash. We will wait a little bit before upgrading to 10, we should also make sure any of the breaking changes listed here https://github.com/highlightjs/highlight.js/blob/master/VERSION_10_BREAKING_CHANGES.md are not impacting us.
2020-05-29 10:21:21 +02:00
Robin Ward
f1d5630d79
Update javascripts (#9907) 2020-05-28 12:15:13 -04:00
Joffrey JAFFEUX
9ad3f4401a
DEV: always pull latest coding standard dependencies (#9782) 2020-05-14 19:31:38 +02:00
Robin Ward
aa2d040526 DEV: Update ESLint to remove I18n global
Also fixes missed imports in core.
2020-05-14 10:18:12 -04:00
Joffrey JAFFEUX
564e8566d7
SECURITY: updates juqery to 3.5.0 (#9708)
https://github.com/advisories/GHSA-gxr4-xjj5-5px2
2020-05-08 21:12:04 +02:00
Martin Brennan
7e303f9320
DEV: Upgrade sinon and fix time based bookmark tests (#9647)
Update sinon.js to 9.0.2 to access async fake timers https://sinonjs.org/releases/v9.0.2/fake-timers/ which can then be used with acceptance tests (previously useFakeTimers didn't work with await, e.g. for visit).

Fix the bookmark acceptance test that was time based to use these new fake timers.

Add a fakeTime function that uses moment and the provided date string + timezone to freeze time using useFakeTimers and return a clock.

Add a timeStep function that accepts a clock from fakeTime and a function to run. Once the function is run we call clock.tickAsync(1000) to progress the fake clock forward 1s to progress promises/callbacks.
2020-05-07 09:10:32 +10:00
Robin Ward
f182e61def DEV: Remove global Handlebars 2020-05-01 14:12:09 -04:00
Penar Musaraj
ec2943c5bc
DEV: Update jquery.fileupload and dependencies (#9466) 2020-04-28 10:39:29 -04:00
Guo Xiang Tan
13956017da Update lefthook.
Support for `LEFTHOOK=0` was broken in the old version. See commit 3a6522ed6307e995a86179488b01dab22146502d of lefthook.
2020-04-22 14:58:48 +08:00
dependabot[bot]
9c40c42bb5
Build(deps): Bump https-proxy-agent from 2.2.1 to 2.2.4 (#9453)
Bumps [https-proxy-agent](https://github.com/TooTallNate/node-https-proxy-agent) from 2.2.1 to 2.2.4.
- [Release notes](https://github.com/TooTallNate/node-https-proxy-agent/releases)
- [Commits](https://github.com/TooTallNate/node-https-proxy-agent/compare/2.2.1...2.2.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-04-17 11:31:11 -04:00
Joffrey JAFFEUX
7d1c90e5eb
DEV: upgrades ember-template-lint 2.5.2 (#9411) 2020-04-14 00:43:55 +02:00
Joffrey JAFFEUX
09145e68cd
DEV: upgrades vendored handlebars to 4.7.6 (#9371) 2020-04-07 17:01:02 +02:00
Joffrey JAFFEUX
6fdb4c33a6
DEV: popperjs 2.0.6 (#9171) 2020-03-11 10:34:58 +01:00
Roman Rizzi
665d8564d8
DEV: Use the updated version of our mousetrap fork (#9111) 2020-03-06 11:19:34 -03:00
Robin Ward
f7c0cd1982 Support for Ember Template linting 2020-02-05 11:33:15 -05:00
Mark VanLandingham
499b57a9ed
DEV: Ember linting - disallow Ember.* variable usage (#8782) 2020-02-05 10:14:42 -06:00
Joffrey JAFFEUX
87e92da085
DEV: makes popper.js part of javascript rake task (#8847) 2020-02-04 15:34:46 +01:00
Robin Ward
abff3716ba
Upgrade handlebars (#8675)
* Upgrade Handlebars to 4.3.0

* Upgrade Handlebars to the latest version
2020-01-07 15:37:37 -05:00
Kris
0b7e1f95d2 DEV: Upgrade FontAwesome to 5.11.2 2019-11-22 14:54:00 -05:00
Penar Musaraj
9c4e1541d3
DEV: Use eslint-config-discourse as source of truth for linting dependencies (#8388) 2019-11-22 13:16:11 -05:00
Robin Ward
d7b710194d Revert "REVERT: Use 1.0.6 for linting for now"
This reverts commit 457986d52a.
2019-11-21 10:35:57 -05:00
Robin Ward
457986d52a REVERT: Use 1.0.6 for linting for now
Plugins have not been updated and our build fails.
2019-11-20 16:06:39 -05:00
Robin Ward
d7ae052efe DEV: Don't allow Promise unless imported from "rsvp"
We want to make sure we are using the correct promise implementation so
let's lint out the browser version.
2019-11-20 15:24:59 -05:00
Joffrey JAFFEUX
fa317becc8
DEV: upgrades chart.js from 2.7.3 to 2.9.3 (#8374) 2019-11-20 11:08:26 +01:00
Penar Musaraj
97dad94bfd DEV: Bump eslint-config-discourse to 1.0.6
Also fixes an inconsistency in Prettier version number.
2019-11-18 10:14:21 -05:00
Roman Rizzi
4cf3c9cccb
FEATURE: Filter reviewables by date range (#8354) 2019-11-15 15:29:59 -03:00
Martin Brennan
abf215a0e4 Bump prettier to 1.19.1 and lock dependency (#8350) 2019-11-15 10:07:45 -05:00
Dan Ungureanu
03bba8c7e0
DEV: Update chrome-launcher (#8318)
This version is compatible with macOS Catalina
2019-11-08 17:50:41 +02:00
Gerhard Schlager
e4718f1910 DEV: Update puppeteer 2019-10-24 17:41:40 +02:00
Gerhard Schlager
51ecbeef4d DEV: Upgrade lefthook
`yarn install` didn't work on a fresh system
2019-10-22 18:00:20 +02:00
Jarek Radosz
20514f2e44
DEV: Update markdown-it from 8.4.1 to 10.0.0 (#8164) 2019-10-08 13:00:22 +02:00
Joffrey JAFFEUX
3f172deab5 DEV: uses central eslint-config-discourse (#8150)
* DEV: uses centrain eslint-config-discourse

Discourse project or plugins can now have a central configuration by doing:

`yarn add  --dev eslint-config-discourse@latest`

* adds postinstall script
2019-10-08 11:56:24 +11:00
Robin Ward
ddd45d1419 FIX: Broken spec 2019-09-09 15:07:40 -04:00
Penar Musaraj
7453e19c68 DEV: Update set-value dependency to 2.0.1 2019-09-09 12:17:28 -04:00
dependabot[bot]
34ac199be7 Build(deps): Bump mixin-deep from 1.3.1 to 1.3.2 (#8050)
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/jonschlinkert/mixin-deep/releases)
- [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2)

Signed-off-by: dependabot[bot] <support@github.com>
2019-08-30 13:46:57 -04:00
Penar Musaraj
514aaacdf4 DEV: Set version to 4.17.14 for lodash-cli
Lodash-cli uses lodash 4.17.15, which is not yet published on yarn/npm.
2019-07-17 15:19:24 -04:00
Penar Musaraj
95182be970 DEV: Use updated lodash-cli commit hash in yarn.lock
Previous commit hash in yarn.lock looks to have been deleted, this should fix our builds.
2019-07-17 15:05:56 -04:00
Rafael dos Santos Silva
1221d34284
FEATURE: Make Discourse work offline with WorkboxJS (#7870) 2019-07-15 13:05:55 -03:00
Joffrey JAFFEUX
c584a4569b
DEV: pulls lodash-cli from git, package is not pushed to npm (#7882) 2019-07-11 18:27:58 +02:00
Joffrey JAFFEUX
550e811652
DEV: allows lodash to be updated with rake javascript:update (#7881) 2019-07-11 16:57:03 +02:00
Robin Ward
9b0be303b4 SECURITY: Upgrade lodash
There is a security hole in lodash with prototype pollution. It's not
clear if Discourse is affected but to be on the safe side we will
upgrade right away.

Note that the front end Discourse does not appear to use `defaultsDeep`
in our custom build and should be protected.
2019-07-11 10:50:30 -04:00
Robin Ward
2e548d3e7f Revert "Build(deps): Bump lodash from 4.17.11 to 4.17.14 (#7880)"
This reverts commit 5224abee94.

- In retrospect a bot cannot sign the CLA. I will create a similar
commit
2019-07-11 10:37:18 -04:00
dependabot[bot]
5224abee94 Build(deps): Bump lodash from 4.17.11 to 4.17.14 (#7880)
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.14.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.14)

Signed-off-by: dependabot[bot] <support@github.com>
2019-07-11 10:35:15 -04:00
Joffrey JAFFEUX
e9bb13c630
DEV: updates jquery-color to prevent it to pull old jquery version (#7857) 2019-07-04 15:03:21 +02:00
Abroskin Alexander
0872a1182d DEV: Replace Overcommit with Lefthook (#7826)
Overcommit uses prebuilt hooks and require global installation.
To avoid this issues replace it with Lefthook.
Lefthook will be installed with npm packages. New contributors
will have fully consistent git hooks.
2019-07-02 11:29:52 +02:00
Joffrey JAFFEUX
c63268467e
DEV: prettier 1.18.2 (#7810) 2019-06-26 17:09:52 +02:00
dependabot[bot]
4be54d5ae1 Build(deps): Bump js-yaml from 3.12.0 to 3.13.1 (#7712)
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.12.0 to 3.13.1.
- [Release notes](https://github.com/nodeca/js-yaml/releases)
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/3.12.0...3.13.1)

Signed-off-by: dependabot[bot] <support@github.com>
2019-06-06 09:40:46 -04:00
Penar Musaraj
f0e73cb126 SECURITY: Bump Handlebars to version 4.1.2
WS-2019-0064: Versions of handlebars prior to 4.0.14 are vulnerable to Prototype Pollution. Templates may alter an Objects prototype, thus allowing an attacker to execute arbitrary code on the server.
2019-06-05 13:54:52 -04:00
Gerhard Schlager
e8de30939d DEV: Fix the smoke test 2019-05-21 19:02:19 +02:00