Commit Graph

532 Commits

Author SHA1 Message Date
Guo Xiang Tan 8027096c09 Partially revert "Upgrade mail gem to remove dependency on mime-types."
Still seeing heap_live_count spikes.

This reverts commit 58b8ea4f41.
2018-03-14 20:21:45 +08:00
Guo Xiang Tan 58b8ea4f41 Upgrade mail gem to remove dependency on mime-types.
* Use a EmailValidator.email_regexp for `Email.is_valid?`
  check as we're seeing an increase in allocation when
  parsing email addresses wih `Mail::Address`.
2018-03-14 14:37:55 +08:00
Sam 39e679d3cb FEATURE: allow themes to live in private git repos
This feature allows themes sourced from git to live on private
servers, it automatically generates key pairs.
2018-03-09 16:14:38 +11:00
Régis Hanol ae9b1e8554 FEATURE: IP.Board 3 importer 2018-03-01 09:43:32 +01:00
Gerhard Schlager 56bacb1c2f Bump onebox 2018-02-27 12:07:16 +01:00
Sam c234a14f0d Make bootsnap MRI only for now 2018-02-26 10:29:25 +11:00
Sam b301c9f6c1 more prep work for jRuby 2018-02-26 10:25:58 +11:00
Sam 79e0cd7f52 update onebox 2018-02-26 10:15:14 +11:00
Jeff Wong f4f8a293e7 FEATURE: Implement 2factor login TOTP
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Sam 80ec6ce4fd bump onebox 2018-02-21 10:06:17 +11:00
Arpit Jalan 9bb7c3dcf0 bump onebox version 2018-02-16 21:32:25 +05:30
Sam e456ae1b6c Revert "Upgrade mail gem to drop dependency on `mime-types`."
This reverts commit 498cc15aa9.

Noticed a certain amount of extra allocations due to this upgrade,
reverting to confirm if this is the case
2018-02-16 07:04:22 +11:00
Guo Xiang Tan 498cc15aa9 Upgrade mail gem to drop dependency on `mime-types`.
Boot Memory Usage

```
Total allocated: 225695379 bytes (1990663 objects)
Total retained:  32795116 bytes (291607 objects)
```

```
Total allocated: 218342892 bytes (1897350 objects)
Total retained:  30123426 bytes (261198 objects)
```
2018-02-15 16:24:26 +08:00
Sam 94b2c70c0d PERF: remove oga gem
oga gem is automatically required by the aws gem
the oga gem retains about 1mb of memory, aws now uses nokogiri

This also removes the html normalize from the pretty text specs that was
a fair bit buggy as the polls test shows.
2018-02-15 14:36:40 +11:00
Rafael dos Santos Silva c3606fdef6 Update onebox 2018-02-14 17:43:13 -02:00
Régis Hanol 508a8e29ab update email_reply_trimmer to latest version 2018-02-06 01:04:45 +01:00
Ori Pekelman b2b85dc694 Lock down gem versions so bundle update can be run (#5531) 2018-01-29 18:13:39 +11:00
Gerhard Schlager 5d7a33cd6d Update email_reply_trimmer to improve performance 2018-01-17 12:04:56 +01:00
Arpit Jalan a0f0ed576a bump onebox version 2018-01-11 23:15:25 +05:30
Arpit Jalan afb18a5c41 bump onebox version 2018-01-11 14:30:35 +05:30
Régis Hanol e3f8182125 FIX: Google Calendar oneboxes weren't working 2018-01-07 19:15:11 +01:00
Jano Suchal 05ec1be101 Drop the fork usage of fastimage (#5461)
Fork is not needed anymore since fastimage 2.1.1 has been released with the needed PR merged in.
2018-01-04 09:53:53 +01:00
Sam 030a0cd698 bump onebox for vimeo private link support 2017-12-29 09:38:25 +11:00
Arpit Jalan b74e933cfb bump onebox version 2017-12-23 01:17:30 +05:30
Arpit Jalan 16076f9ab8 bump onebox version 2017-12-21 14:49:59 +05:30
Arpit Jalan f9990eeb13 bump onebox version 2017-12-07 12:05:19 +05:30
Kyle Zhao 5f318a5241 FEATURE: Replace SimpleRSS with Ruby RSS module (#5311)
* SPEC: PollFeedJob parsing atom feed

* add FeedItemAccessor

It is to provide a consistent interface to access a feed item's tag
content.

* add FeedElementInstaller

to install non-standard and non-namespaced feed elements

* FEATURE: replace SimpleRSS with Ruby RSS module

* get FinalDestination and download with Excon

* support namespaced element with FeedElementInstaller
2017-12-06 10:45:09 +11:00
Arpit Jalan 7bbf137238 bump onebox version 2017-12-05 07:28:45 +05:30
Guo Xiang Tan 8491c5fba5 UX: Replace heuristic solution for extracting root domain. 2017-11-29 16:26:46 +08:00
Arpit Jalan 64cdb4f7e8 bump onebox version 2017-11-27 12:21:47 +05:30
Guo Xiang Tan c8157f6b07 Update seed-fu with PG10 support.
https://meta.discourse.org/t/discourse-appears-to-be-broken-with-postgres-10/71723
2017-11-27 10:26:59 +08:00
Arpit Jalan abbb2b28eb bump onebox version 2017-11-25 15:53:18 +05:30
Arpit Jalan 961a09ff14 bump onebox version 2017-11-23 17:45:08 +05:30
Arpit Jalan 211dac6f71 bump onebox version 2017-11-22 14:55:47 +05:30
Arpit Jalan b8c9975429 bump onebox version 2017-11-21 11:10:44 +05:30
Guo Xiang Tan 89d9ffa884 EXPERIMENTAL: Allow logs to be shipped via different methods.
See https://github.com/dwbutler/logstash-logger#uri-configuration for
a list of available methods.
2017-11-15 09:11:33 +08:00
Sam 86e6732f78 FEATURE: update rails multisite
always allow /srv/status through even if host does not match
2017-11-09 15:40:56 +11:00
Sam fc7dca58fe UX: oneboxes with avatars now display consistently
Onebox avatar size is reduced to 60px

Also fixes regression with some oneboxes not cooking after post
2017-11-08 11:50:01 +11:00
Arpit Jalan 253de41166 bump onebox gem version 2017-11-03 22:38:36 +05:30
Arpit Jalan 91438849d2 bump onebox version 2017-11-02 00:51:21 +05:30
Arpit Jalan 6b5bb9d664 bump onebox gem version 2017-11-01 15:50:23 +05:30
Guo Xiang Tan d888d3c54c EXPERIMENTAL: Allow Logstash formatter to be enable for lograge logs. 2017-11-01 08:38:06 +08:00
Guo Xiang Tan 58bb3c14f6 Remove gem that is no longer used. 2017-10-31 14:13:54 +08:00
Guo Xiang Tan d487be759c EXPERIMENTAL: Allow app to Logstash directly. 2017-10-27 22:56:32 +08:00
Guo Xiang Tan 90d6677d97 EXPERIMENTAL: Allow lograge to be selected as the logging library. 2017-10-27 17:54:45 +08:00
Sam ac01885b60 FEATURE: rake tasks for uploading assets to S3
This opens the door to serving application.js and so on from s3.

Also updates s3 gem for some tagging support
2017-10-03 18:00:53 +11:00
Guo Xiang Tan 898ee93547 Upgrade to Rails 5. 2017-09-25 10:01:22 +08:00
Guo Xiang Tan d58de2b484 Install Ruby-Prof. 2017-09-25 10:01:22 +08:00
Gerhard Schlager 0960e2dd67 bump onebox version 2017-09-18 14:25:56 +02:00
Gerhard Schlager 619864bc70 update email_reply_trimmer to latest 2017-09-14 17:20:55 +02:00
Guo Xiang Tan 531cbc77c6 Run lint in a parallel job on Travis. 2017-08-18 15:25:59 +09:00
Bianca Nenciu 1c079bec33 Remove Spork dependency. 2017-08-10 22:54:52 +01:00
Régis Hanol 9aa49e922c let's use the latest omniauth-github gem 2017-08-07 10:43:54 +02:00
Régis Hanol ad20f59897 FIX: couldn't upload SVG with a DOCTYPE 2017-08-07 10:32:35 +02:00
Arpit Jalan 061cc17a65 fix the build 2017-08-03 21:30:05 +05:30
Arpit Jalan 2d909f7894 new phpBB PostgreSQL bulk import script 2017-08-03 21:21:58 +05:30
Guo Xiang Tan 54f09ca59d Install rubocop in development mode. 2017-08-01 10:51:44 +09:00
Erick Guan f1eccd113c Replace rmmseg gem for cppjieba_rb since better dictionary (#5006)
* Rename locale to ts config in search module to make it clear

* Replace rmmese-cpp for cppjieba_rb
2017-07-31 15:28:48 -04:00
Régis Hanol cae437850e update email_reply_trimmer to latest 2017-07-31 11:21:41 +02:00
Guo Xiang Tan 5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Sam Saffron 045a2abcec FEATURE: remove the timecop gem
We should only have one way of mocking time, misuse of timecop
was causing build stability issues
2017-07-24 12:11:10 -04:00
Robin Ward 2f480e21a0 Stop using Babel source gem, which is no longer updated 2017-07-05 14:19:16 -04:00
Sam 234694b50f Feature: CommonMark support
This adds the markdown.it engine to Discourse.
https://github.com/markdown-it/markdown-it

As the migration is going to take a while the new engine is default
disabled. To enable it you must change the hidden site setting:
enable_experimental_markdown_it.

This commit is a squash of many other commits, it also includes some
improvements to autospec (ability to run plugins), and a dev dependency
on the og gem for html normalization.
2017-06-23 12:01:33 -04:00
Sam 2181e995f1 remove sinatra 2017-06-19 13:49:11 -04:00
Guo Xiang Tan d82dbd565b FIX: Remove dependency on `rest-client`. 2017-06-16 09:42:41 +09:00
Régis Hanol 5d63a7f4a6 FIX: pull hotlinked images even when they have no extension 2017-06-13 13:27:05 +02:00
Robin Ward 369bb78f8e FIX: Support for cookies in onebox redirects 2017-06-06 15:02:11 -04:00
Gerhard Schlager 8299e7e8c3
Add new, experimental version of mbox importer 2017-05-29 20:59:18 +02:00
Sam 3384a7dd2a proper bootsnap release 2017-05-26 13:26:45 -04:00
Sam 076f079d17 bootsnap upgrade
see: https://github.com/Shopify/bootsnap/pull/43#issuecomment-304281474
2017-05-26 09:37:18 -04:00
Robin Ward 29755be139 Remove bundle-audit, it is not updated frequently enough 2017-05-18 12:31:19 -04:00
Robin Ward e865a44b93 FIX: Forgot to lock gem 2017-05-15 13:35:28 -04:00
Robin Ward e6c6ea79fa Add bundle-audit for security auditing 2017-05-15 13:24:37 -04:00
Sam 704101253d add bootsnap to speed up test and dev 2017-05-11 13:51:38 -04:00
Régis Hanol 9641d2413d REFACTOR: upload workflow creation into UploadCreator
- Automatically convert large-ish PNG/BMP to JPEG
- Updated fast_image to latest version
2017-05-11 00:16:57 +02:00
Régis Hanol 4b9cc1ad17 import likes & bookmarks in JIVE API importer 2017-05-03 16:00:23 +02:00
Guo Xiang Tan b00886f5c1 Remove sidekiq-statistic gem.
* We don't really use it and there is an on-going issue
  with the gem not expiring keys in a Redis list which
  hasn't been fully resolved.

  https://github.com/davydovanton/sidekiq-statistic/issues/73
2017-04-26 14:54:47 +08:00
Sam Saffron 587653ad73 remove bootsnap till we sort out linux 2017-04-25 14:55:18 -07:00
Sam Saffron 1ae67a21f5 FEATURE: add support for bootsnap in dev
To use bootsnap which speeds up rails boot add

BOOTSNAP=1 to your env
2017-04-25 10:15:12 -07:00
Régis Hanol e6f22725c8 Add some gems only used by imports 2017-04-24 22:59:41 +02:00
Guo Xiang Tan d7b446c174 Install `discourse_image_optim` gem for now. 2017-04-20 15:14:39 +08:00
Guo Xiang Tan 04016f0dec Support Ruby 2.4. 2017-04-15 12:29:00 +08:00
Sam 22214f5e5c Upgrade the Listen gem 2017-04-13 10:39:36 -04:00
Sam a3e8c3cd7b FEATURE: Native theme support
This feature introduces the concept of themes. Themes are an evolution
of site customizations.

Themes introduce two very big conceptual changes:

- A theme may include other "child themes", children can include grand
children and so on.

- A theme may specify a color scheme

The change does away with the idea of "enabled" color schemes.

It also adds a bunch of big niceties like

- You can source a theme from a git repo

- History for themes is much improved

- You can only have a single enabled theme. Themes can be selected by
    users, if you opt for it.

On a technical level this change comes with a whole bunch of goodies

- All CSS is now compiled using a custom pipeline that uses libsass
    see /lib/stylesheet

- There is a single pipeline for css compilation (in the past we used
    one for customizations and another one for the rest of the app

- The stylesheet pipeline is now divorced of sprockets, there is no
   reliance on sprockets for CSS bundling

- CSS is generated with source maps everywhere (including themes) this
    makes debugging much easier

- Our "live reloader" is smarter and avoid a flash of unstyled content
   we run a file watcher in "puma" in dev so you no longer need to run
   rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
Guo Xiang Tan 4cb6880766 Upgrade image_optim. 2017-04-12 10:38:17 -04:00
Guo Xiang Tan 9f299b6842 Use `after_commit` since `after_save` runs within the transaction as well. 2017-03-16 16:02:34 +08:00
Guo Xiang Tan 89f056203e Don't load `thor` in our Rails processes. 2017-03-03 10:14:35 +08:00
Robin Ward 890f1bde89 FIX: Add `thor` to Gemfile. We need it for our CLI tool. 2017-03-02 13:36:06 -05:00
Sam Saffron 1a45fe94a2 drop thin, it is no longer supported 2017-01-20 08:11:36 -05:00
Guo Xiang Tan b5d65d8dda Remove lines that are no longer valid. 2017-01-13 09:51:09 +08:00
Robin Ward 6b4f265a8c Revert "Experimental feature to load gemfiles from plugins"
This reverts commit 64652f98ab.
2017-01-09 16:08:35 -05:00
Robin Ward 64652f98ab Experimental feature to load gemfiles from plugins 2017-01-09 12:49:55 -05:00
Sam Saffron 920050c3ec remove conditional support for ruby 2.0 2016-12-29 16:32:23 +11:00
Sam c531f4ded5 remove rails-observers
Rails yanked out observers many many years ago, instead the functionality
was yanked out to a gem that is very lightly maintained.

For example: if we want to upgrade to rails 5 there is no published gem

Internally the usage of observers had quite a few problem.

The series of refactors renamed a bunch of classes to give us more clarity
and removed some magic.
2016-12-22 16:46:53 +11:00
Sam ea9f7a41af remove gctools (no longer used) add gctracer for debugging 2016-12-20 15:07:30 +11:00
Robin Ward e03d5e2140 Reapply Ember 2.10 for good this time!
This reverts commit ddd299f4aa.
2016-12-19 11:19:10 -05:00
Robin Ward ddd299f4aa Revert "Revert "Revert Ember 2.10+ for a short while""
This reverts commit 76bbc481cb.
2016-12-16 10:29:30 -05:00
Robin Ward 76bbc481cb Revert "Revert Ember 2.10+ for a short while"
This reverts commit 21682fd60b.
2016-12-16 09:52:29 -05:00
Robin Ward 21682fd60b Revert Ember 2.10+ for a short while 2016-12-15 16:43:38 -05:00
Robin Ward a149913c4d FIX: Template compilation was broken 2016-12-15 10:28:15 -05:00
Robin Ward 28699e66d8 Revert "REVERT: Ember 2.10 -- it's not building properly"
This reverts commit 600541c623.
2016-12-15 10:28:15 -05:00
Guo Xiang Tan 18f400e652 Remove RSpec given. 2016-12-14 10:29:22 +08:00
Robin Ward 600541c623 REVERT: Ember 2.10 -- it's not building properly 2016-12-12 16:19:05 -05:00
Robin Ward a808bcb0b8 Upgrade to Ember 2.10 2016-12-12 14:44:29 -05:00
Robin Ward 765e5e9186 Upgrade to Ember 2.9 2016-12-12 14:44:29 -05:00
Robin Ward 2d3518f475 Enable newer version of Ember 2016-11-25 10:09:58 -05:00
Régis Hanol 343396e182 bump email_reply_trimmer 2016-11-17 23:33:16 +01:00
Régis Hanol 17f2be9f88 FEATURE: new 'enable_forwarded_email' site setting 2016-11-16 19:42:11 +01:00
Guo Xiang Tan 3277fb1c78 Remove unused gem. 2016-11-04 08:30:49 +08:00
Guo Xiang Tan b825a6bc7f Move timecop to test group. 2016-11-03 17:17:45 +08:00
Sam a6ad762189 Revert "why are we loading all these test gems in debug?"
This reverts commit bd4f07b721.
2016-10-19 14:30:43 +11:00
Sam bd4f07b721 why are we loading all these test gems in debug? 2016-10-19 14:29:58 +11:00
Régis Hanol 726eb7bdca bump email_reply_trimmer to latest version 2016-10-12 19:57:05 +02:00
Sam 473363e0fa only enable bullet on demand 2016-07-05 11:10:42 +10:00
Guo Xiang Tan 9ed79d8ecd
Add Bullet gem to detect N+1 queries. 2016-06-28 09:29:42 +08:00
Sam 7f78cf3f1a update message bus to release gem 2016-06-21 10:10:54 +10:00
Régis Hanol 5e2545a578 FEATURE: improve support for (whitelisted) SVGs as images 2016-06-20 10:22:13 +02:00
Sam b9c92a1678 update nokogiri to released version 2016-06-07 16:51:39 +10:00
Régis Hanol 11e303e278 update discourse_fastimage to latest (add support for SVG with doctype) 2016-06-06 17:11:16 +02:00
Guo Xiang Tan cb5be1fe8f
Upgrade rspec to 3.4.0. 2016-05-30 11:38:38 +08:00
Sam f06266f31e execjs 2.7 was just released to support mini_racer 2016-05-23 09:57:37 +10:00
Sam 695773db1c FEATURE: upgrade from therubyracer to mini_racer
This pushes our internal V8 JavaScript engine from Chrome 32 to 50.

It also resolves some long standing issues we had with the old wrapper.
2016-05-23 09:57:15 +10:00
Sam 75d8e6f1ec We need latest nokogiri so it compiles with Ruby 2.3.1 2016-05-17 16:12:06 +10:00
Sam a13b48e001 upgrade profiling gems 2016-05-13 18:30:03 +10:00
Sam Saffron fb513fc936 another messagebus upgrade to work around rubygems bug 2016-05-11 12:01:00 +10:00
Sam Saffron d0b9b69cba FIX: message_bus upgrade to correct CORS issue 2016-05-11 10:42:34 +10:00
Régis Hanol df14926e42 SECURITY: check magic bytes before using ImageMagick tools 2016-05-03 21:54:07 +02:00
Guo Xiang Tan 44868c9e77
Update message_bus. 2016-05-03 13:37:35 +08:00
Guo Xiang Tan 256d7a00e9 Update sprockets. (#4167)
* Update sass-rails.

* FIX: Tilt dependency has been removed from Ember::Handlebars::Template.

* Update `DiscourseIIFE` to new Sprockets API.

* `Rails.application.assets` returns `nil` in production.

* Move sprockets-rails out of the assets group.

* Pin ember-rails to 0.18.5 which works with Sprockets 3.x.

* Update sprockets to 3.6.0.

* Make `DiscourseSassCompiler` work with Sprockets 3.

* Use `Sass::Rails::SassImporterGlobbing` instead of haxxing our own.

* Moneky patch so that we don't add dependencies for our custom css.

* FIX: Missing class.

* Upgrade ember-handlebars-template.

* FIX: require path needs to share the same root as the folder's path.

* Bump discourse-qunit-rails.

* Update ember-template-compiler.js to 1.12.2.

* `prepend` is private in Ruby 2.0.0.
2016-04-18 10:47:52 +08:00
Régis Hanol 59a2720b2a update email_reply_trimmer 2016-03-31 19:06:36 +02:00
Régis Hanol 480e8d0dc7 update 'email_reply_trimmer' to latest version 2016-03-29 12:35:50 +02:00
Sam 963d558bee update message bus 2016-03-11 14:17:06 +11:00
Régis Hanol 6e3dcdeea1 update email_reply_trimmer to latest 2016-03-07 19:17:14 +01:00
Sam fe6ea48123 Merge pull request #4038 from markbiegel/instagram-login
FEATURE: Instagram OmniAuth login methods
2016-03-07 14:05:07 +11:00
Sam Saffron 7598037080 Only pull in gem if it is being used, remove middleware 2016-03-04 23:17:14 +11:00
Régis Hanol 1135d2094a Merge pull request #4006 from scossar/set-locale-from-header
Feature: (WIP) Set locale from Accept-Language header
2016-03-04 09:12:30 +01:00
Sam 5dd746d61f Upgrade message bus to latest 2016-02-29 10:54:40 +11:00
scossar 0a396583ed set locale for anonymous from header
set locale on signup

update spec

add locale option
2016-02-26 13:45:00 -08:00
Ubuntu 5c603bf8ec Added Instagram login method 2016-02-25 12:13:59 +10:00
Régis Hanol 3b9223c5da bump email_reply_trimmer to latest version 2016-02-18 16:56:45 +01:00
Régis Hanol 1beb6070aa update email_reply_trimmer to latest version 2016-02-08 18:29:49 +01:00
Régis Hanol e8969b0c34 use bug-free version of email_reply_trimmer gem 2016-02-04 17:06:12 +01:00
Régis Hanol 5ee845fc5f update email_reply_trimmer to latest version 2016-02-04 16:39:57 +01:00
Régis Hanol 46b6c55197 FIX: replace 'discourse_email_parser' with 'email_reply_trimmer' to better trim replies from plain text emails
FIX: undefined method `number_to_human_size' when email contains attachments
2016-01-30 01:29:31 +01:00
Guo Xiang Tan 9b9f0ab4af Upgrade omniauth-google-oauth2. 2016-01-29 23:14:51 +08:00
Guo Xiang Tan 0e73660c8d Remove addressable from Discourse. 2016-01-25 18:34:58 +08:00
Robin Ward 4bbbdd8dc4 SECURITY: Upgrade Ember to fix CVE-2015-7565. Also upgrade Handlebars 2016-01-15 13:57:45 -05:00
Robin Ward 7a28338a07 Revert "SECURITY: Upgrade Ember to fix CVE-2015-7565"
This reverts commit 211521df4f.
2016-01-15 11:39:07 -05:00
Robin Ward 211521df4f SECURITY: Upgrade Ember to fix CVE-2015-7565 2016-01-15 11:31:02 -05:00
Sam Saffron 38c63c2185 update google oauth
early versions are not working with omniauth so we are stuck with this and addressable
2016-01-11 23:48:31 +11:00