Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
47,874 Commits 185 Branches 500 Tags 869 MiB
Commit Graph

19839 Commits

Author SHA1 Message Date
Zachary Huff 0a8387ecd2
FIX: Validate asset url before replacing base url (#16438) 
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
 2023-01-30 07:32:48 +08:00
dependabot[bot] 8410b25f3c
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#20055) 
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.20.13 to 7.20.14.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.14/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-29 22:44:40 +01:00
dependabot[bot] 15e854f0f7
Build(deps): Bump eslint in /app/assets/javascripts (#20054) 
Bumps [eslint](https://github.com/eslint/eslint) from 8.32.0 to 8.33.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.32.0...v8.33.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-29 22:44:14 +01:00
Keegan George a4c68d4a2e
FIX: Failing system spec for rate limited search (#20046) 2023-01-27 12:14:29 -08:00
Kris 39eec37e75
A11Y: post avatars should not be tabbable (#20045) 2023-01-27 14:39:55 -05:00
Sam 2c8dfc3dbc
FEATURE: rate limit anon searches per second (#19708) 2023-01-27 10:05:27 -08:00
chapoi 5f90790110
Revert "Select-kit > use new color vars" (#20042) 
This reverts commit 8534391044.
 2023-01-27 18:09:50 +01:00
chapoi e03f6057ec
UX: Highlight var refactor (#20026) 
* Add new color vars

* Select-kit > use new color vars

* update all color schemes with values for new hover/select vars

* Add variable yml names
 2023-01-27 15:50:36 +01:00
Bianca Nenciu 8fc11215e1
FIX: Ensure soft-deleted topics can be deleted (#19802) 
* FIX: Ensure soft-deleted topics can be deleted

The topic was not found during the deletion process because it was
deleted and `@post.topic` was nil.

* DEV: Use @topic instead of finding the topic every time
 2023-01-27 16:15:33 +02:00
Kris 0c967e6aa3
A11Y: add accessible label for bookmark name input (#20036) 2023-01-26 17:35:19 -05:00
dependabot[bot] 13e9f5054c
Build(deps-dev): Bump @embroider/test-setup in /app/assets/javascripts (#20017) 
Bumps [@embroider/test-setup](https://github.com/embroider-build/embroider/tree/HEAD/packages/test-setup) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/embroider-build/embroider/releases)
- [Changelog](https://github.com/embroider-build/embroider/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/embroider/commits/HEAD/packages/test-setup)

---
updated-dependencies:
- dependency-name: "@embroider/test-setup"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-26 18:45:22 +01:00
Bianca Nenciu 2c9d76e510
FIX: Use specified limit option in user search (#20020) 2023-01-26 16:17:15 +02:00
Natalie Tay d5745d34c2
SECURITY: Limit the character count of group membership requests (#19993) 
When creating a group membership request, there is no character
limit on the 'reason' field. This can be potentially be used by
an attacker to create enormous amount of data in the database.

Co-authored-by: Ted Johansson <ted@discourse.org>
 2023-01-25 13:50:33 +02:00
dependabot[bot] 3866867e45
Build(deps-dev): Bump @embroider/test-setup in /app/assets/javascripts (#19982) 2023-01-24 22:51:23 +01:00
dependabot[bot] 69c7f676ea
Build(deps): Bump ember-auto-import in /app/assets/javascripts (#19981) 2023-01-24 22:50:05 +01:00
Kris 75032f4752
UX: remove extra whitespace in search helper (#19980) 2023-01-24 15:27:05 -05:00
Kris e71bf672cb
UX: prevent user card status overflow (#19979) 2023-01-24 13:58:24 -05:00
Kris 4da8e15801
A11Y: discourse-tags should have a role and label (#19977) 2023-01-24 13:04:32 -05:00
Kris a57d6a0f75
A11Y: add aria-labels for flagging textareas (#19938) 2023-01-24 09:49:15 -05:00
Kris 7683b4bbfa
UX: improve bulk button layout and alignment (#19966) 2023-01-24 09:47:35 -05:00
Jarek Radosz 17deb79fcb
DEV: Fix random typos (#19973) 2023-01-24 15:41:01 +01:00
Aleksey Bogdanov 1bc39c1a4f
FIX: text selection breaks opening of links in new tabs (#19867) 
When a user checks "Open all external links in a new tab" preference
he expects not to be overruled by unrelated text selections.
Yet if text is selected during a link click the link is followed on
the same tab. This change corrects that.
 2023-01-24 14:17:03 +01:00
David Taylor 48713653df
DEV: Add failing test for `api.modifyClass` with native getters (#19911) 
https://meta.discourse.org/t/251793/8
 2023-01-24 10:41:48 +00:00
Krzysztof Kotlarek ac4ee1a3d4
FIX: TL4 user is not redirected to latest when delete topic (#19967) 
Continue of https://github.com/discourse/discourse/pull/19766

When TL4 is allowed to delete topic, they should not be redirected to / after that action.
 2023-01-24 11:28:04 +11:00
dependabot[bot] bc9874033f
Build(deps): Bump qunit from 2.19.3 to 2.19.4 in /app/assets/javascripts (#19962) 2023-01-23 23:52:22 +01:00
Kris 239815c4a4
UX: fixes and adjustments for user nav (#19954) 2023-01-23 14:28:55 -05:00
Jordan Vidrine 1d7b50a0d3
FIX: Fix margin on mini-tag-chooser (#19953) 2023-01-23 10:39:57 -06:00
Jordan Vidrine b26e0dcf35
UX: Set penalty history to sticky (#19933) 2023-01-23 07:14:23 -06:00
dependabot[bot] 54e5a2e4c4
Build(deps): Bump sass from 1.57.0 to 1.57.1 in /app/assets/javascripts (#19538) 
Bumps [sass](https://github.com/sass/dart-sass) from 1.57.0 to 1.57.1.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.57.0...1.57.1)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-22 23:36:16 +01:00
dependabot[bot] f81c94637a
Build(deps): Bump ember-rfc176-data in /app/assets/javascripts (#19925) 
Bumps [ember-rfc176-data](https://github.com/ember-cli/ember-rfc176-data) from 0.3.17 to 0.3.18.
- [Release notes](https://github.com/ember-cli/ember-rfc176-data/releases)
- [Changelog](https://github.com/ember-cli/ember-rfc176-data/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ember-cli/ember-rfc176-data/compare/v0.3.17...v0.3.18)

---
updated-dependencies:
- dependency-name: ember-rfc176-data
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-22 22:56:17 +01:00
dependabot[bot] 9be9f97373
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#19945) 
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.20.12 to 7.20.13.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.13/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-22 22:53:57 +01:00
dependabot[bot] 36447fb043
Build(deps): Bump jsdom from 21.0.0 to 21.1.0 in /app/assets/javascripts (#19944) 
Bumps [jsdom](https://github.com/jsdom/jsdom) from 21.0.0 to 21.1.0.
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Changelog](https://github.com/jsdom/jsdom/blob/master/Changelog.md)
- [Commits](https://github.com/jsdom/jsdom/compare/21.0.0...21.1.0)

---
updated-dependencies:
- dependency-name: jsdom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-22 22:39:36 +01:00
Kris f7907a3645
A11Y: remove heading tags from user profile (#19935) 2023-01-20 12:27:07 -05:00
Kris 1521bace4f
A11Y: add secondary skip link to user profiles (#19926) 2023-01-20 10:30:57 -05:00
Kris 7ebd8a44f5
UX: hide date in timeline when wrapping (#19912) 2023-01-20 10:05:16 -05:00
Jordan Vidrine b412f03b29
UX: Remove left margin (#19932) 2023-01-20 07:59:25 -06:00
Jordan Vidrine 62aa2adc74
UX: Add margin to search keyword (#19931) 2023-01-20 07:40:48 -06:00
Osama Sayegh 0c30f31f17
FIX: Allow modals to scroll on mobile when keyboard is open (#19930) 
Meta topic: https://meta.discourse.org/t/android-keyboard-overlaps-text-when-flagging-with-something-else/249687?u=osama

On Android, it's currently not possible to scroll modals that take input from the user (such as the flagging modal) when the keyboard is open which means that the keyboard can cover up part of the modal with no way for the user to see the covered part without closing the keyboard. This commit adds some CSS to make these modals scrollable when the keyboard is open.
 2023-01-20 14:23:19 +03:00
Ted Johansson 90d452ab6c
FIX: Don't display staff-only options to non-staff in group member bulk menu (#19907) 
In the group member bulk edit menu we are displaying staff-only options
to non-staff. The requests are blocked by the back-end, so there is no
harm other than to the user experience.

Notably the individual user edit menu is correctly filtering out
unavailable options. This change brings the bulk edit menu in line with
that.
 2023-01-20 11:16:04 +08:00
Krzysztof Kotlarek b05f193cf0
FIX: move min tag setting to tags section in edit category (#19789) 
`Minimum number of tags required in a topic` should be in `Tags` panel instead of `Settings`
 2023-01-20 13:30:39 +11:00
Isaac Janzen 292d3677e9
FEATURE: Allow admins to permanently delete revisions (#19913) 
# Context
This PR introduces the ability to permanently delete revisions from a post while maintaining the changes implemented by the revisions.
Additional Context: /t/90301

# Functionality
In the case a staff member wants to _remove the visual cue_ that a post has been edited eg.

<img width="86" alt="Screenshot 2023-01-18 at 2 59 12 PM" src="https://user-images.githubusercontent.com/50783505/213293333-9c881229-ab18-4591-b39b-e3419a67907d.png">

while maintaining the changes made in the edits, they can enable the (hidden) site setting of `can_permanently_delete`.
When this is enabled, after _hiding_ the revisions

<img width="149" alt="Screenshot 2023-01-19 at 1 53 35 PM" src="https://user-images.githubusercontent.com/50783505/213546080-2a9e9c55-b3ef-428e-a93d-1b6ba287dfae.png">

there will be an additional button in the history modal to <kbd>Delete revisions</kbd> on a post.

<img width="997" alt="Screenshot 2023-01-19 at 1 49 51 PM" src="https://user-images.githubusercontent.com/50783505/213546333-49042558-50ab-4724-9da7-08bacc68d38d.png">

Since this action is permanent, we display a confirmation dialog prior to triggering the destroy call

<img width="722" alt="Screenshot 2023-01-19 at 1 55 59 PM" src="https://user-images.githubusercontent.com/50783505/213546487-96ea6e89-ac49-4892-b4b0-28996e3c867f.png">

Once confirmed the history modal will close and the post will `rebake` to display an _unedited_ post.

<img width="868" alt="Screenshot 2023-01-19 at 1 56 35 PM" src="https://user-images.githubusercontent.com/50783505/213546608-d6436717-8484-4132-a1a8-b7a348d92728.png">
 
see that there is not a visual que for _revision have been made on this post_ for a post that **HAS** been edited. In addition to this, a user history log for `purge_post_revisions` will be added for each action completed.

# Limits
- Admins are rate limited to 20 posts per minute
 2023-01-19 15:09:01 -06:00
Kris 2fb2b0a538
UX: switch categories-boxes layouts from flexbox to grid (#19501) 2023-01-19 12:48:58 -05:00
Kris f66e798ed7
A11Y: more descriptive user page titles (#19819) 2023-01-19 12:45:45 -05:00
Kris 2b36a9f7b8
UX: prevent search context btn text from wrapping (#19904) 2023-01-18 09:40:56 -05:00
Kris 20f5a69427
UX: add missing space and other minor search adjustments (#19899) 2023-01-18 09:40:38 -05:00
Kris 3483285b89
UX: restyle quote/share popup, fix hover jitter (#19561) 2023-01-17 12:28:33 -05:00
Kris 145d2baa14
A11Y: add aria tags to the new user nav (#19774) 2023-01-17 12:18:16 -05:00
Penar Musaraj 86b4f4d664
UX: Refactor alignment of tag icon in Discourse onebox (#19880) 
Followup to 1ce9582a6c
 2023-01-17 11:13:55 -05:00
David Taylor 011c9b9973
DEV: Use message-bus chunked encoding in development (#19878) 
This was previously disabled because of incompatibility with the ember-cli proxy. This commit fixes that incompatibility, and restores the development behaviour to match production.

There were three issues at play:

1. Our bootstrap-js addon handles the forwarding of most requests in the ember-cli proxy. This is not built to handle streaming responses. Solution: skip our custom request processing for `/message-bus/*` and use ember-cli's default `http-proxy`.

2. The request/response size-limiting middleware (`rawMiddleware`) would apply even to unhandled paths, causing request and response bodies to be buffered. Solution: skip it for any paths which are not handled by our custom addon.

3. Expressjs servers will buffer/compress responses. Solution: add `Cache-Control: no-transform` to message-bus responses. For now I've done this in development only, but it may be useful to add it to message-bus's default headers in future
 2023-01-17 09:54:33 +00:00
David Taylor 624f4a7de9
Drop support for iOS < 15.7 (#19847) 
https://meta.discourse.org/t/224747
 2023-01-16 17:28:59 +00:00