Commit Graph

31973 Commits

Author SHA1 Message Date
Penar Musaraj 62ea382247
SECURITY: Limit invites params length 2024-03-15 14:24:07 +08:00
Daniel Waterworth 8cade1e825
SECURITY: Prevent large staff actions causing DoS
This commit operates at three levels of abstraction:

 1. We want to prevent user history rows from being unbounded in size.
    This commit adds rails validations to limit the sizes of columns on
    user_histories,

 2. However, we don't want to prevent certain actions from being
    completed if these columns are too long. In those cases, we truncate
    the values that are given and store the truncated versions,

 3. For endpoints that perform staff actions, we can further control
    what is permitted by explicitly validating the params that are given
    before attempting the action,
2024-03-15 14:24:04 +08:00
Alan Guo Xiang Tan 003b80e62f
SECURITY: Add rate limits for uploads 2024-03-15 14:24:00 +08:00
Daniel Waterworth 819361ba28
SECURITY: Don't disclose the existence of secret subcategories 2024-03-15 14:23:55 +08:00
Alan Guo Xiang Tan cdba864598
DEV: Support description for properties in objects schema (#26172)
Why this change?

When editing a objects typed theme setting, the input fields which are
rendered should include a description so that the user knows the purpose
of the field which they are changing.

What does this change do?

This change adds support for adding description to each property in the
schema for an object by following a given convention in the locale file.

For a schema like this:

```
objects_setting:
  type: objects
  schema:
    name: section
    properties:
      name:
        type: string
        required: true
      links:
        type: objects
        schema:
          name: link
          properties:
            name:
              type: string
              required: true
              validations:
                max_length: 20
            url:
              type: string
```

Description for each property in the object can be added like so:

```
en:
  theme_metadata:
    settings:
      objects_setting:
        description: <description> for the setting
        schema:
          properties:
            name: <description for the name property>
            links:
              name: <description for the name property in link>
              url: <description for the url property in link>
```

If the a description is not present, the input field will simply not
have an description.

Also note that a description for a theme setting can now be added like
so:

```
en:
  theme_metadata:
    settings:
      some_other_setting: <This will be used as the description>
      objects_setting:
        description: <This will also be used as the description>
```
2024-03-15 07:47:42 +08:00
dependabot[bot] ede6118f69
Build(deps): Bump terser from 5.29.1 to 5.29.2 (#26186)
Bumps [terser](https://github.com/terser/terser) from 5.29.1 to 5.29.2.
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.29.1...v5.29.2)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-15 06:36:08 +08:00
Blake Erickson 70c23f11a9
DEV: Add API scopes for post revisions (#26183)
This commit adds API scopes for reading, modifying, and deleting post
revisions.
2024-03-14 15:24:54 -06:00
Joffrey JAFFEUX c986f9a947
DEV: adds details/location options to downloadCalendar (#26177)
This will now only be used for google to pre-fill the associated fields in: https://calendar.google.com/calendar/u/0/r/eventedit
2024-03-14 21:32:15 +01:00
Penar Musaraj a71f68afdd
DEV: Improve localizability for a few labels (#26178)
Using separate prefix + date elements makes it harder to translate in
some languages. This moves a few dates inside i18n strings.
2024-03-14 15:01:43 -04:00
David Taylor b16f212c47
DEV: Add discourse prefix to d-popover deprecations (#26181) 2024-03-14 18:50:00 +00:00
Régis Hanol 5213bba672
FIX: support [code] in blockquotes (#26182)
> [code]
> line1
> line2
> [/code]

would render as

| line1
| > line2

instead of the correct

| line1
| line2

That was due to the `bbcode-block` code using a `slice` to get the content of a block and not taking into account it being nested in a quote block for example.

The fix was to get the content using the `getLines` utils method.

Context: https://meta.discourse.org/t/markdown-bbcode-code-quote-bug/299047
2024-03-14 19:31:22 +01:00
Régis Hanol c662a99db3
FIX: clicking "more..." in emoji autocomplete (#26176)
This reverts the "fix" made in 44f6b24e34 since it wasn't the correct fix and the emoji picker wasn't showing in chat 🤦‍♂️

The proper fix is to `stopPropagation()` on the `click` event since the click handler has been made `async`. `preventDefault()` isn't enough.
2024-03-14 18:15:02 +01:00
Andrei Prigorshnev dedf1a5e03
Correct versions (#26175)
This is a follow-up to https://github.com/discourse/discourse/pull/25883. 
Somehow I forgot to address this comment –https://github.com/discourse/discourse/pull/25883#discussion_r1503234622
2024-03-14 20:36:56 +04:00
Kris 9376a2e755
FEATURE: optionally show "Powered by Discourse" link to discourse.org (#26162) 2024-03-14 10:30:12 -04:00
Jan Cernik 83495f656d
DEV: Convert time-gap widget to a component (#26165)
* DEV: Convert time-gap widget to a component

* inline timegap component

* Remove top level wrapper

---------

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2024-03-14 10:01:38 -03:00
David Taylor 6da176580b
DEV: Unsilence header-related deprecations (#26173)
https://meta.discourse.org/t/296544
2024-03-14 11:03:03 +00:00
Régis Hanol 44f6b24e34
FIX: clicking "more..." in emoji autocomplete (#26160)
Should open the emoji picker. But it wasn't 😅

The `handleOutsideClick` event was listening too early and would catch the click on the "more..." option in the autocomplete as a click outside the emoji picker and would immediately close it 🤦

The fix was to defer registering to this event.
2024-03-14 09:31:49 +01:00
Sam e05628c079
PERF: omit HTML view from sessions by logged on users. (#26170)
You need JS to log on to Discourse anyway, HTML only serves for debugging
purpose, no need to send it
2024-03-14 15:48:29 +11:00
Krzysztof Kotlarek e12d32a876
FIX: improvements for the admin sidebar (#26168)
- add all settings link
- hide the customize header menu when the admin sidebar
2024-03-14 15:01:47 +11:00
Ted Johansson ea5c3a3bdc
DEV: Move non scheduled problem checks to classes (#26122)
In AdminDashboardData we have a bunch of problem checks implemented as methods on that class. This PR absolves it of the responsibility by promoting each of those checks to a first class ProblemCheck. This way each of them can have their own priority and arbitrary functionality can be isolated in its own class.

Think "extract class" refactoring over and over. Since they were all moved we can also get rid of the @@problem_syms class variable which was basically the old version of the registry now replaced by ProblemCheck.realtime.

In addition AdminDashboardData::Problem value object has been entirely replaced with the new ProblemCheck::Problem (with compatible API).

Lastly, I added some RSpec matchers to simplify testing of problem checks and provide helpful error messages when assertions fail.
2024-03-14 10:55:01 +08:00
Krzysztof Kotlarek 9afb0b29f8
FEATURE: filter additional keywords for the sidebar (#26148)
With the new admin sidebar restructure, we have a link to "Installed plugins". We would like to ensure that when the admin is searching for a plugin name like "akismet" or "automation" this link will be visible. Also when entering the plugins page, related plugins should be highlighted.
2024-03-14 12:28:08 +11:00
David Taylor bbb18fa2ce
UX: Update glimmer header with new dnd icon (#26166)
Followup to f2ac9e4c12
2024-03-13 23:02:44 +00:00
dependabot[bot] 23d9724671
Build(deps-dev): Bump sass from 1.71.1 to 1.72.0 (#26164)
Bumps [sass](https://github.com/sass/dart-sass) from 1.71.1 to 1.72.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.71.1...1.72.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-13 22:52:49 +01:00
Jan Cernik 2d074ad4a5
FIX: Hide suggestion to send PMs when PMs are disabled for user (#26157) 2024-03-13 16:29:22 -03:00
Joffrey JAFFEUX ce3f592275
DEV: remove do-not-disturb widget (#26156)
It seems like this is a legacy widget which was used here f899652422/app/assets/javascripts/discourse/app/widgets/quick-access-panel.js (L106) but usage got removed in https://github.com/discourse/discourse/pull/21308/files#diff-9f7a1e3cde1ef93d38ba40ebf295749fb217eee81b95e95c34f98721274cdca9 and the widget didn't get removed.
2024-03-13 11:37:25 +01:00
Alan Guo Xiang Tan e7f539df10
UX: Display setting description for objects typed theme setting (#26152)
Why this change?

Prior to this change, there is no description being displayed for
objects typed theme setting because we were rendering a button instead
of the components for the various setting types which will render the
setting's description.

What does this change do?

1. Introduce `SiteSettings::Description` compoment to centralise the HTML
being rendered across all settings component.

2. Renders the `SiteSettings::Description` component after the edit
   button in `site_setting.hbs`.
2024-03-13 12:38:21 +08:00
Martin Brennan 4e7a75a7ec
DEV: Single admin plugin page for consistent admin plugin UX (#26024)
This commit adds new plugin show routes (`/admin/plugins/:plugin_id`) as we move
towards every plugin having a consistent UI/landing page.

As part of this, we are introducing a consistent way for plugins
to show an inner sidebar in their config page, via a new plugin
API `register_admin_config_nav_routes`

This accepts an array of links with a label/text, and an
ember route. Once this commit is merged we can start the process
of conforming other plugins to follow this pattern, as well
as supporting a single-page version of this for simpler plugins
that don't require an inner sidebar.

Part of /t/122841 internally
2024-03-13 13:15:12 +10:00
Natalie Tay 0b41b236d7
FIX: Avoid sending user emails if @ mentioning a staged user in a topic (#26102)
Avoid sending user emails if @ mentioning a staged user

Some cases, unknowingly mentioning a staged user would invite
them into topics, sending them an email about it.
2024-03-13 11:05:34 +08:00
Alan Guo Xiang Tan 63dd08ad59
DEV: Fix build due to 3a4f4abdc9 (#26151) 2024-03-13 10:32:45 +08:00
David Taylor e5020617c1
FEATURE: Use browser `dir="auto"` for support_mixed_text_direction (#26129)
* FEATURE: Use browser `dir="auto"` for support_mixed_text_direction

Previously we were using regex to parse all sorts of user input and guess the direction. All out target browsers now support this behavior out-the-box using `dir=auto`, which should be significantly faster.

https://meta.discourse.org/t/dir-auto-for-composer-and-elsewhere/276330

* test

* Update app/assets/javascripts/discourse/tests/integration/components/text-field-test.js

Co-authored-by: Jarek Radosz <jradosz@gmail.com>

---------

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2024-03-13 12:47:39 +11:00
Kelv 0353d9fb0d
DEV: refactor topic map to glimmer component (#26119)
* DEV: add toggle to switch to glimmer TopicMap and rename imported hbs-compiler

* DEV: refactor topic-map tests to use assert.dom

* DEV: add topic-map glimmer component

* DEV: remove topic-map widget and switch summary-box to use explicitly passed-in actions

---------

Co-authored-by: David Taylor <david@taylorhq.com>
2024-03-13 09:26:34 +08:00
Osama Sayegh 3a4f4abdc9
DEV: Support category, float, group and tag inputs for objects theme setting (#26113)
Continue from https://github.com/discourse/discourse/pull/25673 and https://github.com/discourse/discourse/pull/25811.

This PR adds support for category, float, group and tag types for schema theme settings.
2024-03-13 09:08:50 +08:00
Krzysztof Kotlarek de00c9a3d3
EXPERIMENTAL: restructure admin sidebar menu (#26047)
New admin sidebar menu
2024-03-13 10:18:08 +11:00
Alan Guo Xiang Tan 5b8652965a
DEV: Add save button to editing typed objects theme setting route (#26133)
Why this change?

This is still a work in progress but allows objects type theme setting
to be saved.
2024-03-13 06:52:46 +08:00
David Taylor a24c16c911
FIX: Wait for async `Topic.apply_transformations` during `loadMore` (#26143)
`apply_transformations` is an async function, and plugins/themes using it expect their transformations to be applied before the loadMore logic continues. This should resolve issues with unencrypted topics when scrolling down topic lists in discourse-encrypt.
2024-03-12 21:31:39 +00:00
David Taylor 127214c613
UX: Improve error handling for DiscourseConnect (#26140)
Previously, if the sso= payload was invalid Base64, but signed correctly, there would be no useful log or error. This commit improves things by:

- moving the base64 check before the signature checking so that it's properly surfaced
- split the ParseError exception into PayloadParseError and SignatureError
- add user-facing errors for both of those
- add/improve spec for both
2024-03-12 16:16:04 +00:00
Régis Hanol ee3ccc5b67
FIX: lookbehind assertions aren't available in < iOS 16.4 (#26139)
This would generate an error and prevent the page from loading on "older" iOSes
2024-03-12 15:23:14 +01:00
Jarek Radosz a65e3c5870
FIX: Close user menu on navigation (#26131) 2024-03-11 20:46:11 +01:00
Régis Hanol 47d1703b67
FIX: code "block" detection before showing autocomplete (#26023)
**TL;DR:** Refactor autocomplete to use async markdown parsing for code block detection.

Previously, the `inCodeBlock` function in `discourse/app/lib/utilities.js` used regular expressions to determine if a given position in the text was inside a code block. This approach had some limitations and could lead to incorrect behavior in certain edge cases.

This commit refactors `inCodeBlock` to use a more robust algorithm that leverages Discourse's markdown parsing library.

The new approach works as follows:

1. Check if the text contains any code block markers using a regular expression.
   If not, return `false` since the cursor can't be in a code block.
1. If potential code blocks exist, find a unique marker character that doesn't appear in the text.
1. Insert the unique marker character into the text at the cursor position.
1. Parse the modified text using Discourse's markdown parser, which converts the markdown into a tree of tokens.
1. Traverse the token tree to find the token that contains the unique marker character.
1. Check if the token's type is one of the types representing code blocks ("code_inline", "code_block", or "fence").
   If so, return `true`, indicating that the cursor is inside a code block.
   Otherwise, return `false`.

This algorithm provides a more accurate way to determine the cursor's position in relation to code blocks, accounting for the various ways code blocks can be represented in markdown.

To accommodate this change, the autocomplete `triggerRule` option is now an async function.

The autocomplete logic in `composer-editor.js`, `d-editor.js`, and `hashtag-autocomplete.js` has been updated to handle the async nature of `inCodeBlock`.

Additionally, many of the tests have been refactored to handle async behavior. The test helpers now simulate typing and autocomplete selection in a more realistic, step-by-step manner. This should make the tests more robust and reflective of real-world usage.

This is a significant refactor that touches multiple parts of the codebase, but it should lead to more accurate and reliable autocomplete behavior, especially when dealing with code blocks in the editor.

> Written by an 🤖 LLM. Edited by a 🧑‍💻 human.
2024-03-11 17:35:50 +01:00
Jarek Radosz dcf1c2bc04
FIX: Correctly detect RTL (#26127) 2024-03-11 15:53:52 +01:00
David Taylor eba0131561
FIX: Ensure header topic info updates immediately when navigating away (#26128)
Changing an `@tracked` value in a `willDestroyElement` hook will not immediately trigger a re-render. Instead, it seems to update on the next natural runloop iteration, which may be significantly later depending on what else is happening.

Instead, these kinds of 'data' changes should be made based on the lifecycle of the component instance (init / willDestroy). Making changes to tracked properties here does seem to cause immediate invalidation & re-render.
2024-03-11 14:06:07 +00:00
Kris 8b4730e52c
DEV: unused CSS cleanup, variable updates, simplification (#26111) 2024-03-11 09:07:53 -04:00
David Taylor f52dafe3cc
FIX: Correct pm icon link in glimmer header (#26125) 2024-03-11 12:56:03 +00:00
Jarek Radosz 296af7310a
FIX: Don't prevent opening regular links in 🍔wrapper (#26126) 2024-03-11 13:44:10 +01:00
Jarek Radosz 4f8ded5ce4
DEV: Fix glimmer node deprecations (#26124)
* DEV: Fix the `escaped` glimmer deprecation
* DEV: Fix `original` glimmer deprecations
2024-03-11 13:10:05 +01:00
Jarek Radosz b6819fd8c1
DEV: Convert IframedHtml to gjs (#24836)
* DEV: Convert IframedHtml to gjs
* disable lint
* didUpdate
* no className
2024-03-11 11:55:32 +01:00
dependabot[bot] 0e3a8b15f5
Build(deps): Bump @glimmer/syntax from 0.88.1 to 0.89.0 (#26114)
Bumps [@glimmer/syntax](https://github.com/glimmerjs/glimmer-vm) from 0.88.1 to 0.89.0.
- [Release notes](https://github.com/glimmerjs/glimmer-vm/releases)
- [Changelog](https://github.com/glimmerjs/glimmer-vm/blob/main/CHANGELOG.md)
- [Commits](https://github.com/glimmerjs/glimmer-vm/compare/v0.88.1...v0.89.0)

---
updated-dependencies:
- dependency-name: "@glimmer/syntax"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-11 10:50:01 +01:00
Arpit Jalan 1bd803d360
FIX: store registration ip address when creating user via SSO (#26121) 2024-03-11 15:19:37 +05:30
Ted Johansson 2211ffa851
DEV: Move problem checks to app directory (#26120)
There are a couple of reasons for this.

The first one is practical, and related to eager loading. Since /lib is not eager loaded, when the application boots, ProblemCheck["identifier"] will be nil because the child classes aren't loaded.

The second one is more conceptual. There turns out to be a lot of inter-dependencies between the part of the problem check system that live in /app and the parts that live in /lib, which probably suggests it should all go in /app.
2024-03-11 13:36:22 +08:00
Alan Guo Xiang Tan 8d4f405da4
DEV: Allow typed objects theme settings to be saved via settings editor (#26100)
Why this change?

On the `/admin/customize/themes/<:id>` route, we allow admins to edit
all settings via a settings editor. Prior to this change, trying to edit
and save a typed objects theme settings will result in an error on the
server.
2024-03-11 08:42:12 +08:00
Krzysztof Kotlarek 17a60be189
UX: styles for back to the forum link on the hamburger menu (#26118)
Fix styles for back to the forum link on the hamburger menu.
2024-03-11 11:08:44 +11:00
Alan Guo Xiang Tan 7d8dd0d8e3
UX: Show loading spinner while loading dependencies for ace-editor (#26099)
Why this change?

On a slow network, using the `AceEditor` component will result in a blob
of text being shown first before being swapped out with the `ace.js`
editor after it has completed loading.

There is also a problem when setting the theme for the editor which
would result in a "flash" as reported in
https://github.com/ajaxorg/ace/issues/3286. To avoid this, we need to
load the theme js file before displaying the editor.

What does this change do?

1. Adds a loading spinner and set the `div.ace` with a `.hidden` class.
2. Once all the relevant scripts and initialization is done, we will
   then remove the loading spinner and remove `div.ace`.
2024-03-11 06:56:17 +08:00
Isaac Janzen 9484174f32
DEV: Close search menu after advanced search is clicked (#26108) 2024-03-08 15:34:11 -07:00
Blake Erickson f71e9aad60
FEATURE: Silence Close Notifications User Setting (#26072)
This change creates a user setting that they can toggle if
they don't want to receive unread notifications when someone closes a
topic they have read and are watching/tracking it.
2024-03-08 15:14:46 -07:00
Mark VanLandingham 5f8cbb9d83
FIX: Bug in desktopNotifications service not allowing unsubscription (#26103) 2024-03-08 13:53:16 -06:00
Kris 4c7d58a883
UX: update Facebook blue hex, add comment about button color (#26105) 2024-03-08 11:47:59 -05:00
Kris d46e247973
DEV: remove dead export archive action (#25932) 2024-03-08 10:23:14 -05:00
Penar Musaraj 32e1eda3fa
A11Y: Update bulk selection keyboard shortcuts (#26069)
* A11Y: Update bulk selection keyboard shortcuts

Still a draft, but in current state this:

- adds `shift+b` as a keyboard shortcut to toggle bulk select
- adds `shift+d` as a keyboard shortcut to dismiss selected topic(s) (this
replaces `x r` and `x t` shortcuts)
- adds `x` as a keyboard shortcut to toggle selection (while in bulk select mode)
- fixes a bug with the `shift+a` shortcut, which was not working properly

Note that there is a breaking change here. Previously we had:

- `x r` to dismiss new topics
- `x t` to dismiss unread topics

However, this meant that we couldn't use `x` for selection, because the
itsatrap library does not allow the same character to be used both as a
single character shortcut and as the start of a sequence. The proposed
solution here is more consistent with other apps (Gmail, Github) that use
`x` to toggle selection.

Also, we never show both "Dismiss New" and "Dismiss Unread" in the same
screen, hence it makes sense to consolidate both actions under `shift+d`.

* Address review
2024-03-08 09:54:10 -05:00
David Taylor 766e0f7b36
DEV: Add model transformation hooks in more locations (#24547)
Motivation is https://github.com/discourse/discourse-encrypt/pull/294
2024-03-08 13:28:41 +00:00
Alan Guo Xiang Tan 26df6dfc5f
UX: Don't hide new navigation item in experimental new new view (#26094)
Why this change?

Before this change, the new navigation item in the topic list will be
hidden when there are no new or unread topics for the user. We have
started to find this behaviour confusing UX wise so we decided to stop
hiding it.
2024-03-08 09:26:09 +08:00
Alan Guo Xiang Tan 05653e11cb
FIX: Dismissing unread not dismissing correctly (#26096)
Why this change?

This is a regression from introduced in
5c1147adf3 where dismissing unread topics
was changing the notification level of the topics instead of just
dismissing the unread posts.

What does this change do?

1. Bring back the previous implementation of the action
2. Fix the system test that was supposed to catch the problem but did
   not.
2024-03-08 09:02:35 +08:00
Kris 1db8e7a94d
UX: add optional grid-area below-content (#26091) 2024-03-07 16:19:47 -05:00
David Taylor 8a13667a8a
DEV: Introduce second home-logo wrapper plugin outlet (#26080)
The `home-logo-wrapper` outlet is used by chat, which means it is unavailable for use by any other themes/plugins. This commit introduces a second nested outlet called `home-logo` which can be used to replace the logo without affecting chat's header logic.
2024-03-08 06:45:48 +11:00
Isaac Janzen 91f52e79ab
DEV: Convert header buttons to use new `headerButtons` API (#26014) 2024-03-07 12:15:47 -07:00
Keegan George 0bc0efbd0a
DEV: Move `noResults` to search service (#26084) 2024-03-07 10:57:25 -08:00
Bianca Nenciu 2a6e4a7ba0
FEATURE: Improve "+ subcategories" option (#26086)
This commit improves the "+ X subcategories" option that shows sometimes
in the category selector. It used to show when there was a single match,
but now it also shows up on exact matches even though there are multiple
results.

It also makes it work when lazy_load_categories is enabled by searching
the subcategories before rendering them.
2024-03-07 20:46:45 +02:00
Isaac Janzen c7b2369bfa
FIX: In topic search for glimmer header (#26040)
- Fix cmd + f keyboard shortcut that opens up the search menu or browser search
2024-03-07 11:14:43 -07:00
dependabot[bot] 67065d1c7b
Build(deps-dev): Bump the embroider group with 3 updates (#26083)
Bumps the embroider group with 3 updates: [@embroider/compat](https://github.com/embroider-build/embroider/tree/HEAD/packages/compat), [@embroider/core](https://github.com/embroider-build/embroider/tree/HEAD/packages/core) and [@embroider/macros](https://github.com/embroider-build/embroider/tree/HEAD/packages/macros).


Updates `@embroider/compat` from 3.4.5 to 3.4.6
- [Release notes](https://github.com/embroider-build/embroider/releases)
- [Changelog](https://github.com/embroider-build/embroider/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/embroider/commits/HEAD/packages/compat)

Updates `@embroider/core` from 3.4.5 to 3.4.6
- [Release notes](https://github.com/embroider-build/embroider/releases)
- [Changelog](https://github.com/embroider-build/embroider/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/embroider/commits/HEAD/packages/core)

Updates `@embroider/macros` from 1.14.0 to 1.15.0
- [Release notes](https://github.com/embroider-build/embroider/releases)
- [Changelog](https://github.com/embroider-build/embroider/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/embroider/commits/HEAD/packages/macros)

---
updated-dependencies:
- dependency-name: "@embroider/compat"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: embroider
- dependency-name: "@embroider/core"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: embroider
- dependency-name: "@embroider/macros"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: embroider
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-07 18:38:14 +01:00
Kris f65a5c5f02
UX: clean up invite buttons (#26068) 2024-03-07 10:50:11 -05:00
Mark VanLandingham 3b0b4e118c
DEV: Include group_name in push notification payload for group mentions (#26081) 2024-03-07 09:47:21 -06:00
Bianca Nenciu e89bdea830
FEATURE: Show remaining count in category-drop (#25938)
When "lazy load categories" is enabled, the CategoryDrop component will
render at most 15 categories. If there are more categories, a "Show
more" link pointing to the categories page will be displayed.
2024-03-07 16:14:50 +02:00
Ted Johansson 6e95c152ed
DEV: Rename problem check jobs to avoid namespace clashes (#26073)
Doing the following renames:

Jobs::ProblemChecks → Jobs::RunProblemChecks
Jobs::ProblemCheck → Jobs::RunProblemCheck

This is to disambiguate the ProblemCheck class name, ease fuzzy finding, and avoid needing to use :: in a bunch of places.
2024-03-07 12:26:58 +08:00
Krzysztof Kotlarek 15ff33ae9e
FEATURE: move back to the forum link above the filter (#26070)
Before, the `back to forum` link was part of experimental admin navigation. It means that the link could be filtered out.

Because it is essential navigation, it should not be part of sidebar links and should be moved above the filter.
2024-03-07 14:48:16 +11:00
dependabot[bot] a52ca0c932
Build(deps): Bump terser from 5.28.1 to 5.29.1 (#26067)
Bumps [terser](https://github.com/terser/terser) from 5.28.1 to 5.29.1.
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.28.1...v5.29.1)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-07 01:05:32 +01:00
Kris 6f5356669e
FIX: check for `options` in dismissRead (#26065) 2024-03-06 16:45:13 -05:00
Isaac Janzen 819bc63c47
DEV: Update home logo click action location (#26062) 2024-03-06 14:29:50 -07:00
Blake Erickson 0464ddcd9b
FEATURE: Bulk Silent Close Topics (#26043)
Using the new bulk select dropdown you can now choose to bulk close
topics silently.
2024-03-06 14:08:49 -07:00
Jarek Radosz e01f75cb32
DEV: Convert edit-topic-timer-form to glimmer (#25995) 2024-03-06 21:13:38 +01:00
dependabot[bot] d96b7b14ce
Build(deps-dev): Bump ember-cli from 5.6.0 to 5.7.0 (#26039)
* Build(deps-dev): Bump ember-cli from 5.6.0 to 5.7.0

Bumps [ember-cli](https://github.com/ember-cli/ember-cli) from 5.6.0 to 5.7.0.
- [Release notes](https://github.com/ember-cli/ember-cli/releases)
- [Changelog](https://github.com/ember-cli/ember-cli/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ember-cli/ember-cli/compare/v5.6.0...v5.7.0)

---
updated-dependencies:
- dependency-name: ember-cli
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Enable no-implicit-route-model

See: https://github.com/ember-cli/ember-new-output/compare/v5.6.0...v5.7.0

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2024-03-06 21:05:09 +01:00
Bianca Nenciu 8dbcfef3fd
FEATURE: Add "+ subcategories" option back (#26035)
This option was introduced at some point in the past, but was removed
during the work necessary to make Discourse work with a large number of
categories.

Follow up to commit 2e68ead45b.
2024-03-06 20:14:36 +02:00
Mark VanLandingham 4e80ad0724
DEV: Return meaningful values from desktop noti enable/disable fns (#26061) 2024-03-06 11:31:42 -06:00
Jarek Radosz 5d90332cfc
DEV: Use the "new" service import (#26059) 2024-03-06 18:05:11 +01:00
Jarek Radosz 11067c73d0
DEV: Use fn+mut instead of action+mut (#26057)
One step closer to removing all `action` helper usage
2024-03-06 18:05:03 +01:00
Kris ac083ffca6
UX: left align suggested topics header and footer text (#26058) 2024-03-06 11:26:02 -05:00
David Taylor d1a2596889
DEV: Allow CSP nonce_placeholder to be generated outside Rails (#26052)
Sometimes we add scripts outside of Rails. This commit provides a way to generate a nonce placeholder even if you don't have access to an ApplicationController instance.
2024-03-06 13:01:32 +00:00
David Taylor 30a3e21463
DEV: update theme-qunit to work with strict-dynamic CSP (#26053) 2024-03-06 13:01:23 +00:00
Alan Guo Xiang Tan 898b71da88
PERF: Add indexes to speed up notifications queries by user menu (#26048)
Why this change?

There are two problematic queries in question here when loading
notifications in various tabs in the user menu:

```
SELECT "notifications".*
FROM "notifications"
LEFT JOIN topics ON notifications.topic_id = topics.id
WHERE "notifications"."user_id" = 1338 AND (topics.id IS NULL OR topics.deleted_at IS NULL)
ORDER BY notifications.high_priority AND NOT notifications.read DESC,
  NOT notifications.read AND notifications.notification_type NOT IN (5,19,25) DESC,
  notifications.created_at DESC
LIMIT 30;
```

and

```
EXPLAIN ANALYZE SELECT "notifications".*
FROM "notifications"
LEFT JOIN topics ON notifications.topic_id = topics.id
WHERE "notifications"."user_id" = 1338
AND (topics.id IS NULL OR topics.deleted_at IS NULL)
AND "notifications"."notification_type" IN (5, 19, 25)
ORDER BY notifications.high_priority AND NOT notifications.read DESC, NOT notifications.read DESC, notifications.created_at DESC LIMIT 30;
```

For a particular user, the queries takes about 40ms and 26ms
respectively on one of our production instance where the user has 10K notifications while the site has 600K notifications in total.

What does this change do?

1. Adds the `index_notifications_user_menu_ordering` index to the `notifications` table which is
   indexed on `(user_id, (high_priority AND NOT read) DESC, (NOT read)
DESC, created_at DESC)`.

1. Adds a second index `index_notifications_user_menu_ordering_deprioritized_likes` to the `notifications`
   table which is indexed on `(user_id, (high_priority AND NOT read) DESC, (NOT read AND notification_type NOT IN (5,19,25)) DESC, created_at DESC)`. Note that we have to hardcode the like typed notifications type here as it is being used in an ordering clause.

With the two indexes above, both queries complete in roughly 0.2ms. While I acknowledge that there will be some overhead in insert,update or delete operations. I believe this trade-off is worth it since viewing notifications in the user menu is something that is at the core of using a Discourse forum so we should optimise this experience as much as possible.
2024-03-06 16:52:19 +08:00
Kelv 6b46b9ab78
DEV: convert TopicMapExpanded widget to glimmer component (#26027)
* DEV: add topic-map-expanded glimmer component

* DEV: remove topic-map-expanded widgets from topic-map

* DEV: add noreferrer for _blank target and add table grouping to template

* DEV: negate base styling of tbody element so expanded topic map retains current look

* DEV: pass in title to TopicParticipants as internationalized string instead of renderable HTML and set TRUNCATED_LINKS_LIMIT constant
2024-03-06 08:38:35 +08:00
Alan Guo Xiang Tan 94b09f3331
DEV: Open theme settings objects editor from admin customize theme page (#26006)
Why this change?

The `/admin/customize/themes/:id/schema/name` route is a work in
progress but we want to be able to start navigating to it from the
`/admin/customize/themes/:id` route.

What does this change do?

1. Move `adminCustomizeThemes.schema` to a child route of
   `adminCustomizeThemes.show`. This is because we need the model
   from the parent route and if it isn't a child route we end up
   having to load the theme model again from the server.

1. Add the `objects_schema` attribute to `ThemeSettingsSerializer`

1. Refactor `SiteSettingComponent` to be able to render a button
   so that we don't have to hardcode the button rendering into the
   `SiteSettings::String` component
2024-03-06 08:24:29 +08:00
dependabot[bot] 74db5b3232
Build(deps-dev): Bump html-entities from 2.4.0 to 2.5.2 (#26021)
Bumps [html-entities](https://github.com/mdevils/html-entities) from 2.4.0 to 2.5.2.
- [Release notes](https://github.com/mdevils/html-entities/releases)
- [Changelog](https://github.com/mdevils/html-entities/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mdevils/html-entities/compare/v2.4.0...v2.5.2)

---
updated-dependencies:
- dependency-name: html-entities
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-05 22:56:43 +01:00
Ella E 822ebb9642
FIX: <td> spacing on expanded table (#26037) 2024-03-05 14:36:00 -07:00
Kris 5c1147adf3
UX: Move top dismiss button from `topics` to `d-navigation` (#26032) 2024-03-05 15:43:07 -05:00
Blake Erickson 6702babd5e
DEV: More bulk select modal enhancements (#25979)
* Add cancel button

* Add loading spinner

* Add toast message
2024-03-05 08:30:26 -07:00
David Taylor ccf0b61fe3
DEV: Convert truth-helpers to a v2 addon and simplify imports (#26029)
No need for a build step here, since the helpers are all simple js.
2024-03-05 15:24:47 +00:00
chapoi 180e6c6188
UX: chat message creator scss cleanup + design tweak to username display (#25928)
* UX: chat message creator scss cleanup + design tweak to username display

* add user status with live updates to modal

* show user status description in modal

* add tests for user status

* UX: add user-status styling to chat message creator


---------

Co-authored-by: David Battersby <info@davidbattersby.com>
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2024-03-05 12:49:29 +01:00
David Taylor 2f9db62e1c
DEV: Skip babel for qunit and sinon (#26028)
Skipping babel for qunit is part of the default embroider blueprint. Adding these doesn't seem to have a measurable effect on build time, but it does stop this message from being printed in the build log:

```
The code generator has deoptimised the styling of /Users/david/discourse/discourse/node_modules/sinon/pkg/sinon-esm.js as it exceeds the max of 500KB
```
2024-03-05 11:34:51 +00:00
Jeff Wong 00e76efb7c
FEATURE: site setting to include post in penalty messages (#26025)
Adds a site setting to include a post's content in penalty message.
When silencing/suspending a user from a post, or a reviewable with
a post, adds an option to include a post's content in the email
message by default.
2024-03-04 18:35:21 -08:00
Krzysztof Kotlarek 28af4031ae
FIX: active webhook types exclude inactive plugins (#26022)
Bug introduced when webhooks were granularized in this PR - c468110929

Only active webhooks should be available when webhooks is configured.

https://meta.discourse.org/t/i18n-keys-showing-on-webhooks-edit-page/297701
2024-03-05 12:47:04 +11:00
Kris ce3ff7d7f5
UX: always show image controls on touch devices (#26018) 2024-03-04 17:19:09 -05:00
Blake Erickson 40b707a690
FEATURE: Add onebox for loom (#26016)
Loom share links will now onebox and use the embedded loom player.
2024-03-04 15:12:08 -07:00
David Taylor b788c08712
FEATURE: Introduce APIs for manipulating header icons (#25916) 2024-03-04 12:51:49 -07:00
Isaac Janzen 405bfba3c0
DEV: Convert `home-logo` widget to a glimmer component (#25989)
Part of the larger effort to upgrade the header from widgets to glimmer components: https://github.com/discourse/discourse/pull/25214
2024-03-04 10:02:23 -07:00
Michael Fitz-Payne f880f1a42f
DEV: add topic_id index to incoming_emails table (#26004)
This table may grow to be large, and an index on this column improves
performance for SELECT queries.
2024-03-04 13:50:01 +10:00
Martin Brennan eca10e56b8
FEATURE: Allow specific groups to view raw email (#26003)
When a post is created by an incoming email, we show
an envelope icon on it which then opens a modal with the
raw email contents. Previously this was staff (admin+mod)
only, but now this commit adds the `view_raw_email_allowed_groups`
site setting, so any group can be added to give users permission
to see this.
2024-03-04 13:48:16 +10:00
Kelv 1a76c4e099
DEV: convert PrivateMessageMap widget to glimmer components (#25837)
* DEV: add map system test for private message map
* DEV: convert PrivateMessageMap to glimmer components
2024-03-04 10:24:25 +08:00
dependabot[bot] 70748cf276
Build(deps-dev): Bump xss from 1.0.14 to 1.0.15 (#26001)
Bumps [xss](https://github.com/leizongmin/js-xss) from 1.0.14 to 1.0.15.
- [Changelog](https://github.com/leizongmin/js-xss/blob/master/CHANGELOG.md)
- [Commits](https://github.com/leizongmin/js-xss/compare/v1.0.14...v1.0.15)

---
updated-dependencies:
- dependency-name: xss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-04 09:04:07 +08:00
Kris e408f4ff95
DEV: remove various unused CSS (#25994) 2024-03-01 16:51:26 -05:00
Kris 653b2e4678
DEV: remove unneeded buttons mobile CSS (#25992) 2024-03-01 16:42:02 -05:00
Kris 9421997866
DEV: remove old bootstrap alert CSS (#25991) 2024-03-01 16:03:34 -05:00
Kris 84882ad25f
UX: disable the image preview controls while invisible (#25990) 2024-03-01 15:06:43 -05:00
Kris ccf0fdaa81
UX: improve group email setting wrap, cleanup styles (#25985) 2024-03-01 12:34:55 -05:00
Jarek Radosz 5dc95eaacc
DEV: Update ExpandingTextArea component (#25890) 2024-03-01 17:20:15 +01:00
Kelv 29458c436c
FIX: return missing href attribute for topic map participants avatars (#25981) 2024-03-01 11:14:57 +08:00
Kris 8503d3afe1
UX: improve advanced search wrapping, remove mobile stylesheet (#25975) 2024-02-29 18:07:18 -05:00
Blake Erickson 2d890d73a2
FEATURE: Add recover api scopes (#25978)
This commit adds two new api scopes. One for recovering topics, and the
other for recovering posts.
2024-02-29 15:49:29 -07:00
Kris 40eea40d69
UX: clean up tag info styles, remove mobile stylesheet (#25973) 2024-02-29 17:48:47 -05:00
dependabot[bot] 1e666ddfd7
Build(deps-dev): Bump express from 4.18.2 to 4.18.3 (#25974)
Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.18.3.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.18.2...4.18.3)

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-29 22:53:08 +01:00
Kris db2f5ae51b
UX: simplify styles for image uploader (#25970) 2024-02-29 14:39:00 -05:00
Kris 47b8e98cf7
UX: enable badge title on mobile, style cleanup (#25968) 2024-02-29 13:55:13 -05:00
Isaac Janzen 841b353d38
DEV: Close user menu after clicking view-all notifications (#25966)
We needed to call closeUserMenu after navigating to the show all notifications url.
2024-02-29 11:52:51 -07:00
Mark VanLandingham 6c2c690479
DEV: Add push notification filtering to MessageBus alerts (#25965) 2024-02-29 12:49:46 -06:00
Andrei Prigorshnev 7aa3e15440
DEV: Deprecate FoundUserWithStatusSerializer (#25883)
A followup to b3a11994.
2024-02-29 20:20:48 +04:00
Mark VanLandingham 0a58b18970
DEV: Move DiscourseEvent trigger in PostAlerter#push_notification (#25931) 2024-02-29 08:33:38 -06:00
Jarek Radosz 03de0421af
DEV: Convert share-source to gjs (#25964) 2024-02-29 15:12:17 +01:00
Bianca Nenciu e74a9efee1
FIX: Show "no category" in category-chooser (#25917)
CategoryChooser component usually displays just categories, but
sometimes it can show two none values: a "no category" or Uncategorized.
This commit makes sure that these are rendered correctly.

The problem was that the "none" item was automatically inserted in the
list of options, but that should not always happen. Toggling option
`autoInsertNoneItem` requires setting `none` too.
2024-02-29 13:48:20 +02:00
Jarek Radosz 49e67d32fb
DEV: Convert second-factor-input to gjs (#25946) 2024-02-29 12:27:12 +01:00
Jarek Radosz 5c54fbfdb1
DEV: Fix random typos (#25957)
February 2024 edition
2024-02-29 12:24:37 +01:00
Kris 8c22831672
UX: update appropriate `btn-flat` instances to `btn-transparent` (#25945)
With the adjustments of `btn-transparent` in https://github.com/discourse/discourse/pull/24666, there are more buttons that could use this class instead of `btn-flat`. This mostly relates to `x` close buttons, but also includes composer and chat toggles.

The primary difference between these styles is that `btn-transparent` never has a background, where `btn-flat` may have a hover or focus background.
2024-02-29 11:47:07 +01:00
Osama Sayegh 8bec0ca083
FEATURE: Support boolean, enum and integer fields for schema theme settings (#25933)
Continue from https://github.com/discourse/discourse/pull/25673 and https://github.com/discourse/discourse/pull/25811.

This commit adds support for boolean, integer and enum types for schema theme settings.
2024-02-29 11:11:32 +03:00
Alan Guo Xiang Tan f562da3150
PERF: Reduce ActiveRecord allocations in `CategoryList#find_relevant_topics` (#25950)
Why this change?

Prior to this change, the `CategoryList#find_relevant_topics` method was
loading and allocating all `CategoryFeaturedTopic` records in the
database to eventually only just use its `category_id` and `topic_id`
column. On a site with many `CategoryFeaturedTopic` records, the loading
of the ActiveRecord objects is a source of bottleneck.

The other problem with the `CategoryList#find_relevant_topics` method is
that it is unconditionally loading all records from the database even if
the user does not have access to the category. This again is wasteful.

What does this change do?

This commit makes it such that `CategoryList#find_relevant_topics` is
called only after `CategoryList#find_categories` in the `CategoryList#initialize`
method so that we can filter featured topics against categories that the
user has access to.

The second change is that Instead of loading `CategoryFeaturedTopic` records, we make an
inner join agains the `topics` table instead and skip any allocation of
`CatgoryFeaturedTopic` ActiveRecord objects.
2024-02-29 12:19:04 +08:00
David Taylor 53069fcb8e
DEV: Silence header upgrade deprecations for now (#25947)
We'll unsilence once we've published a clear upgrade path.
2024-02-29 00:36:23 +00:00
dependabot[bot] 9acb4f55f2
Build(deps): Bump the babel group with 2 updates (#25939)
* Build(deps): Bump the babel group with 2 updates

Bumps the babel group with 2 updates: [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) and [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone).


Updates `@babel/core` from 7.23.9 to 7.24.0
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.24.0/packages/babel-core)

Updates `@babel/standalone` from 7.23.10 to 7.24.0
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.24.0/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: babel
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: babel
...

Signed-off-by: dependabot[bot] <support@github.com>

* Clean up accidentally duplicated deps

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2024-02-29 00:27:17 +01:00
Martin Brennan df4197c8b8
FIX: Show deleted bookmark reminders in user bookmarks menu (#25905)
When we send a bookmark reminder, there is an option to delete
the underlying bookmark. The Notification record stays around.
However, if you want to filter your notifications user menu
to only bookmark-based notifications, we were not showing unread
bookmark notifications for deleted bookmarks.

This commit fixes the issue _going forward_ by adding the
bookmarkable_id and bookmarkable_type to the Notification data,
so we can look up the underlying Post/Topic/Chat::Message
for a deleted bookmark and check user access in this way. Then,
it doesn't matter if the bookmark was deleted.
2024-02-29 09:03:49 +10:00
dependabot[bot] 62e5c96487
Build(deps-dev): Bump the embroider group with 3 updates (#25940)
Bumps the embroider group with 3 updates: [@embroider/compat](https://github.com/embroider-build/embroider/tree/HEAD/packages/compat), [@embroider/core](https://github.com/embroider-build/embroider/tree/HEAD/packages/core) and [@embroider/macros](https://github.com/embroider-build/embroider/tree/HEAD/packages/macros).


Updates `@embroider/compat` from 3.4.4 to 3.4.5
- [Release notes](https://github.com/embroider-build/embroider/releases)
- [Changelog](https://github.com/embroider-build/embroider/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/embroider/commits/HEAD/packages/compat)

Updates `@embroider/core` from 3.4.4 to 3.4.5
- [Release notes](https://github.com/embroider-build/embroider/releases)
- [Changelog](https://github.com/embroider-build/embroider/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/embroider/commits/HEAD/packages/core)

Updates `@embroider/macros` from 1.13.5 to 1.14.0
- [Release notes](https://github.com/embroider-build/embroider/releases)
- [Changelog](https://github.com/embroider-build/embroider/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/embroider/commits/HEAD/packages/macros)

---
updated-dependencies:
- dependency-name: "@embroider/compat"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: embroider
- dependency-name: "@embroider/core"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: embroider
- dependency-name: "@embroider/macros"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: embroider
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-28 23:40:46 +01:00
Keegan George faec73e1e0
DEV: Override jsuites CSS in core (#25944) 2024-02-28 14:35:08 -08:00
Kris b532c780c6
A11Y: markup sidebar form errors as live regions (#25937) 2024-02-28 15:31:57 -05:00
Isaac Janzen 0e5307d8e2
DEV: Add glimmer header deprecation notice (#25891)
- Remove `_customHeaderClasses`. It was not supposed to have been a part of the glimmer header PR
- Add deprecation notice to `addHeaderPanel`

# Example

<img width="437" alt="Screenshot 2024-02-26 at 2 50 39 PM" src="https://github.com/discourse/discourse/assets/50783505/23fce1ee-fff9-4071-8c34-a480cec7e2e7">
2024-02-28 11:59:44 -07:00
Jarek Radosz 36a9b5d0fa
DEV: Introduce a helper for handling events (#25433)
Instead of

```hbs
{{on "input" (action this.foo value="target.value")}}
{{on "input" (action (mut this.bar) value="target.value")}}
```

you can use:

```hbs
{{on "input" (with-event-value this.foo)}}
{{on "input" (with-event-value (fn (mut this.bar)))}}
```

or in gjs:

```gjs
import { fn } from "@ember/helper";
import { on } from "@ember/modifier";
import withEventValue from "discourse/helpers/with-event-value";
…
{{on "input" (withEventValue (fn (mut this.bar)))}}
```
2024-02-28 14:00:53 +01:00
David Taylor 4116bd9595
DEV: Drop ember-functions-as-helper-polyfill (#25926)
No longer required on recent Ember
2024-02-28 10:06:36 +00:00
John L. Clark 9a07a9872f
FEATURE: Allow `rowspan` and `colspan` attributes on HTML tables (#20973)
Augment the `allowList` for HTML tables to allow the `rowspan` and
`colspan` attributes on `th` and `td` elements.
2024-02-28 16:59:36 +11:00
Krzysztof Kotlarek 9e9673fac5
DEV: save/restore the previous sidebar panel state (#25899)
In this PR, the admin panel remembers the previous state and restores it when the admin panel is deactivated.
https://github.com/discourse/discourse/pull/25781

However, it would be better to have a more generic solution. When the panel is changed, the previous state is saved in the sidebarState. When a user returns to the specific panel, a previously remembered state is restored.
2024-02-28 12:33:59 +11:00
Krzysztof Kotlarek 8b5204579c
FEATURE: filter admin sidebar (#25853)
Ability to filter admin sidebar. The filter can be cleared. In addition, it can be accessed with ctrl+/ shortcut
2024-02-28 12:15:02 +11:00
Kris ffce2dd04f
A11Y: when adding custom sidebar link, first input of new row should get focus (#25920)
* A11Y: when adding custom sidebar links, ensure first input of new row gets focus

* switch to afterRender decorator
2024-02-28 11:39:25 +11:00
Mark VanLandingham b426f85a81
DEV: Add modifiers for plugins to customize push notification translation arguments (#25889) 2024-02-27 14:03:55 -06:00
Jarek Radosz f44bee1333
DEV: Use `autocomplete="new-password"` (#25913)
And normalize `<PasswordField />` arguments

(we were getting `[DOM] Input elements should have autocomplete attributes (suggested: "current-password")` in smoke test logs, this may or may not fix that 😛)
2024-02-27 13:29:12 +01:00
Natalie Tay a8a39d86b4
UX: Improve invite error message when a user uses an email that has already redeemed (#25695)
Improve invite error message when a user uses an email that has already redeemed
2024-02-27 18:24:20 +08:00
Jarek Radosz 7a14831695
DEV: Remove ember-router-service-refresh-polyfill (#25910) 2024-02-27 11:10:19 +01:00
Jarek Radosz 299b323d9a
DEV: Update ember-cli to 5.6.0 (#25886) 2024-02-27 10:48:30 +01:00
David Battersby 8bfa2bcf3a
UX: flexible autocomplete width (#25900)
When tagging a user in composer, the autocomplete div has a fixed width, causing longer names and usernames to get cut off.  This change allows the div to expand up until a max-width of 600px on desktop.
2024-02-27 17:17:30 +08:00
Ted Johansson 1bcb521fbf
DEV: Add DB backed problem checks to support perform_every config (#25834)
As part of problem checks refactoring, we're moving some data to be DB backed. In this PR it's the tracking of problem check execution. When was it last run, when was the last problem, when should it run next, how many consecutive checks had problems, etc.

This allows us to implement the perform_every feature in scheduled problem checks for checks that don't need to be run every 10 minutes.
2024-02-27 11:17:39 +08:00
Kris 4df4584396
DEV: adds `topic-below-suggested` plugin outlet (#25896) 2024-02-26 18:53:13 -05:00
Osama Sayegh 3f4537eeb5
FEATURE: Schema theme setting input fields (#25811)
Continue from https://github.com/discourse/discourse/pull/25673.

This commit starts building the inputs pane of schema theme settings. At the moment only string fields are rendered, but more types will be added in future commits.
2024-02-27 01:07:32 +03:00
Blake Erickson 52d357c1d1
DEV: Add loading spinner to install theme modal (#25888)
This commit adds a loading spinner when installing a theme as sometimes
installing a theme can take quite a bit of time this way we have some
indication that things are still working as the theme is being
installed.
2024-02-26 14:14:21 -07:00
Isaac Janzen 8805a34001
DEV: Add before / after header-buttons plugin outlets (#25887) 2024-02-26 12:56:21 -07:00
dependabot[bot] a85e4adc85
Build(deps-dev): Bump ember-qunit from 6.2.0 to 8.0.2 (#25880)
* Build(deps-dev): Bump ember-qunit from 6.2.0 to 8.0.2

Bumps [ember-qunit](https://github.com/emberjs/ember-qunit) from 6.2.0 to 8.0.2.
- [Release notes](https://github.com/emberjs/ember-qunit/releases)
- [Commits](https://github.com/emberjs/ember-qunit/compare/v6.2.0...v8.0.2)

---
updated-dependencies:
- dependency-name: ember-qunit
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* shim for plugins/themes

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: David Taylor <david@taylorhq.com>
2024-02-26 16:18:33 +00:00
chapoi 9ce2c20ab0
UX: make sure a-tag uses border radius var (#25882) 2024-02-26 16:17:04 +01:00
Mark VanLandingham 7adedfa37a
DEV: appEvents when desktop/push JS notifications are opened (#25823) 2024-02-26 09:00:39 -06:00
dependabot[bot] aee6f1d0fb
Build(deps): Bump @glimmer/syntax from 0.84.3 to 0.88.1 (#25879)
Bumps [@glimmer/syntax](https://github.com/glimmerjs/glimmer-vm) from 0.84.3 to 0.88.1.
- [Release notes](https://github.com/glimmerjs/glimmer-vm/releases)
- [Changelog](https://github.com/glimmerjs/glimmer-vm/blob/main/CHANGELOG.md)
- [Commits](https://github.com/glimmerjs/glimmer-vm/compare/v0.84.3...v0.88.1)

---
updated-dependencies:
- dependency-name: "@glimmer/syntax"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-26 15:20:26 +01:00
dependabot[bot] 03af9a796e
Build(deps): Bump ember-resolver from 10.1.1 to 11.0.1 (#25865)
Bumps [ember-resolver](https://github.com/ember-cli/ember-resolver) from 10.1.1 to 11.0.1.
- [Release notes](https://github.com/ember-cli/ember-resolver/releases)
- [Changelog](https://github.com/ember-cli/ember-resolver/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ember-cli/ember-resolver/compare/v10.1.1...v11.0.1)

---
updated-dependencies:
- dependency-name: ember-resolver
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-26 15:15:51 +01:00
David Taylor 588a79c80c
DEV: Merge root JS packages (#25857)
Before this commit, we had a yarn package set up in the root directory and also in `app/assets/javascripts`. That meant two `yarn install` calls and two `node_modules` directories. This commit merges them both into the root location, and updates references to node_modules.

A previous attempt can be found at https://github.com/discourse/discourse/pull/21172. This commit re-uses that script to merge the `yarn.lock` files.

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2024-02-26 13:45:58 +00:00
Andrei Prigorshnev b3a1199493
FEATURE: Hide user status when user is hiding public profile and presence (#24300)
Users can hide their public profile and presence information by checking 
“Hide my public profile and presence features” on the 
`u/{username}/preferences/interface` page. In that case, we also don't 
want to return user status from the server.

This work has been started in https://github.com/discourse/discourse/pull/23946. 
The current PR fixes all the remaining places in Core.

Note that the actual fix is quite simple – a5802f484d. 
But we had a fair amount of duplication in the code responsible for 
the user status serialization, so I had to dry that up first. The refactoring 
as well as adding some additional tests is the main part of this PR.
2024-02-26 17:40:48 +04:00
David Taylor 794ef67268 DEV: Remove package.json and yarn.lock symlinks
These were part of the Ember 3/5 feature-flagging system, which is no longer required.
2024-02-26 12:22:05 +00:00
David Taylor 542cb22fd4 DEV: Drop Ember 3 feature flag 2024-02-26 12:22:05 +00:00
dependabot[bot] 1d5f7f92e8
Build(deps): Bump terser from 5.27.2 to 5.28.1 in /app/assets/javascripts (#25849)
* Build(deps): Bump terser in /app/assets/javascripts

Bumps [terser](https://github.com/terser/terser) from 5.27.2 to 5.28.1.
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.27.2...v5.28.1)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-26 12:36:55 +08:00
Isaac Janzen 23bce774d7
DEV: Update user dropdown aria-label (#25845) 2024-02-23 16:11:47 -07:00
Isaac Janzen 21f23cc032
DEV: Convert header to glimmer (#25214)
Here is a breakdown of the changes that will be implemented in this PR.

# Widgets -> Glimmer

Obviously, the intention of the todo here is to convert the header from widgets to glimmer. This PR splits the respective widgets as so:

### widgets/site-header.js
```mermaid height=200
flowchart TB
    A[widgets/site-header.js] 
    A-->B[components/glimmer-site-header.gjs]
```

### widgets/header.js and children
```mermaid height=200
flowchart TB
    A[widgets/header.js] 
    A-->B[components/glimmer-header.gjs]
    B-->C[glimmer-header/contents.gjs]
    C-->D[./auth-buttons.gjs]
    C-->E[./icons.gjs]
    C-->F[./user-menu-wrapper.gjs]
    C-->G[./hamburger-dropdown-wrapper.gjs]
    C-->H[./user-menu-wrapper.gjs]
    C-->I[./sidebar-toggle.gjs]
    C-->J[./topic/info.gjs]
```

There are additional components rendered within the `glimmer-header/*` components, but I will leave those out for now. From this view you can see that we split apart the logic of `widgets/header.js` into 10+ components. Breaking apart these mega files has many benefits (readability, etc).

# Services

I have introduced a [header](cdb42caa04/app/assets/javascripts/discourse/app/services/header.js) service. This simplifies how we pass around data in the header, as well as fixes a bug we have with "swiping" menu panels.


# Modifiers
Added a [close-on-click-outside](cdb42caa04/app/assets/javascripts/discourse/app/modifiers/close-on-click-outside.js) modifier that is built upon the [close-on-click-outside modifier](https://github.com/discourse/discourse/blob/main/app/assets/javascripts/float-kit/addon/modifiers/close-on-click-outside.js) that @jjaffeux built for float-kit. I think we could replace float-kit's implementation with mine and have it in a centralized location as they are extremely similar.

# Tests
Rewrote the existing header tests ([1](https://github.com/discourse/discourse/blob/main/app/assets/javascripts/discourse/tests/integration/components/widgets/header-test.js), [2](https://github.com/discourse/discourse/blob/main/app/assets/javascripts/discourse/tests/integration/components/site-header-test.js)) as system tests. 

# Other
- Converted `widgets/user-status-bubble.js` to a gjs component
- Converted `widgets/sidebar-toggle.js` to a gjs component
- Converted `topicFeaturedLinkNode()` to a gjs component
- Deprecated the [docking mixin](https://github.com/discourse/discourse/blob/main/app/assets/javascripts/discourse/app/mixins/docking.js)
2024-02-23 11:08:15 -07:00
Penar Musaraj d10b1aaedd
Revert "FIX: Show Uncategorized in category-chooser (#25794)" (#25843)
This reverts commit 1df473b530.
2024-02-23 12:21:44 -05:00
Penar Musaraj b205abadfc
Revert "UX: allow fullscreen composer on mobile (#25787)" (#25842)
This reverts commit 13eabff739.
2024-02-23 12:21:26 -05:00
Joffrey JAFFEUX dd292b31cc
FIX: do not raise error on transition aborted (#25841) 2024-02-23 16:44:50 +01:00
David Taylor 20a36f0b8f
DEV: Include deprecation link in warning banner (#25839) 2024-02-23 14:28:23 +00:00
Kris 1ac8922013
DEV: update classes, remove unused CSS (#25825) 2024-02-23 09:14:37 -05:00
chapoi 28fc4010b0
UX: remove hardcoded value (#25499) 2024-02-23 11:58:12 +01:00
Martin Brennan cd6fd515fe
FIX: Prevent admin sidebar errors in safe mode (#25832)
In safe mode plugins are not loaded, so the plugin admin
routes are not loaded. This was causing errors in the
admin sidebar because we are trying to show links to the plugin
admin routes.

This fixes the issue by just not adding the plugin links if
we are in safe mode.
2024-02-23 17:04:42 +10:00
Vinoth Kannan b3238bfc34
FEATURE: call hub API to update Discourse discover enrollment. (#25634)
Now forums can enroll their sites to be showcased in the Discourse [Discover](https://discourse.org/discover) directory. Once they enable the site setting `include_in_discourse_discover` to enroll their forum the `CallDiscourseHub` job will ping the `api.discourse.org/api/discover/enroll` endpoint. Then the Discourse Hub will fetch the basic details from the forum and add it to the review queue. If the site is approved then the forum details will be displayed in the `/discover` page.
2024-02-23 11:42:28 +05:30
Sam 207cb2052f
FIX: muted tags breaking hot page when filtered to tags (#25824)
Also, remove experimental setting and simply use top_menu for feature detection

This means that when people eventually enable the hot top menu, there will
be topics in it


Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2024-02-23 17:11:39 +11:00
Ted Johansson a72dc2f420
DEV: Introduce a problem checks API (#25783)
Previously, problem checks were all added as either class methods or blocks in AdminDashboardData. Another set of class methods were used to add and run problem checks.

As of this PR, problem checks are promoted to first-class citizens. Each problem check receives their own class. This class of course contains the implementation for running the check, but also configuration items like retry strategies (for scheduled checks.)

In addition, the parent class ProblemCheck also serves as a registry for checks. For example we can get a list of all existing check classes through ProblemCheck.checks, or just the ones running on a schedule through ProblemCheck.scheduled.

After this refactor, the task of adding a new check is significantly simplified. You add a class that inherits ProblemCheck, you implement it, add a test, and you're good to go.
2024-02-23 11:20:32 +08:00
Martin Brennan 1ad8e85b37
FIX: Do not double-highlight admin plugin links in sidebar (#25808)
I was using adminPlugins instead of adminPlugins.index for the Installed Plugins
link in admin sidebar, which was causing Ember to highlight the main link and a plugin
link at the same time.

We only want to highlight the top level Installed Plugins link if we are on that page,
not if we are on e.g. the chat plugin admin route.
2024-02-23 09:56:17 +10:00
Kris 59fccfc4a1
UX: group names shouldn't always be capitalized (#25820) 2024-02-22 15:56:40 -05:00
Kris 9005a14508
UX: fix topic map link expansion hover (#25822) 2024-02-22 15:47:38 -05:00
Keegan George 10c83a80aa
FIX: Regression with `onFilesPicked` action (#25819) 2024-02-22 12:03:05 -08:00
Bianca Nenciu 35adf6046e
FIX: Make category-drop search subcategories (#25817)
Subcategories were not returned when lazy loaded categories are enabled.
This commit implements the old behavior which displayed only top level
categories when there was no search term, but when there was one, it
searched subcategories too.

This commit also removes the client-side ordering of categories, because
the results are already ordered on the server-side.
2024-02-22 21:35:35 +02:00
Sérgio Saquetim 57ab42d4ca
FEATURE: Add automatic `before` and `after` outlets to wrapper plugin outlets (#24254)
Recently, Discourse introduced the concept of wrapper plugin outlets, which enables plugins and theme-components lo replace the wrapped content:

```
        <PluginOutlet @name="wrapper-outlet-example" @outletArgs={{hash model=@model}}>
          <div>Overridable content</div>
        </PluginOutlet>
```

This commit adds automatic outlets that are placed `before` and `after wrapper plugin outlets. Connectors them can leverage these new automatic outlets to mount content at these positions, which greatly enhances the use case of the wrapper outlets.

These new auto outlets can be used in two ways:

- Using the standard folder base structure: the folder name that identifies the outlet in which the connector must be mounted must add the suffixes `__before`or `__after` to the outlet name. For the outlet in the example above, the connector should be placed into the `.../connectors/wrapper-outlet-example__before`or `.../connectors/wrapper-outlet-example__after`folders.

- Using API calls: this commit also introduces two new plugin APIs, `api.renderBeforeWrapperOutlet` and `renderAfterWrapperOutlet`. These new APIs can be used in the same way as `api.renderInOutlet`but will only work for wrapper outlets.

  For the outlet above when using these new APIs alongside the gjs file format, one could define a component to be placed before the content of the outlet like:

  ```
  api.renderBeforeWrapperOutlet('wrapper-outlet-example', <template>Hello from before the content</template>);
  ```

  or after:

  ```
  api.renderAfterWrapperOutlet('wrapper-outlet-example', <template>Hello from after the content</template>);
  ```
2024-02-22 15:25:34 -03:00
Bianca Nenciu 1df473b530
FIX: Show Uncategorized in category-chooser (#25794)
The uncategorized category was not rendered correctly and it was also
sometimes displayed twice. This commit is a similar bug fix to commit
76647d3a34 and is a follow up to commit
63a50b12fd.
2024-02-22 19:30:55 +02:00
Joffrey JAFFEUX 5ea1882e17
FIX: followRedirects when changing sidebar panel (#25814)
It was necessary in chat as we will for example:

- transition to `/chat`
- and then attempt to transition to ideal first channel, eg: `/chat/-/1`
- and then redirect to `/chat/browse` if no channels exist

Prior to this fix, clicking on `chat` button in the sidebar from the homepage would work but generate an error in the console:

```
Uncaught (in promise) TransitionAborted: TransitionAborted
    at buildTransitionAborted (http://127.0.0.1:4200/assets/vendor.js:42895:17)
    at logAbort (http://127.0.0.1:4200/assets/vendor.js:43345:12)
    at PrivateRouter.transitionDidError (http://127.0.0.1:4200/assets/vendor.js:24561:44)
    at http://127.0.0.1:4200/assets/vendor.js:43129:35
    at invokeCallback (http://127.0.0.1:4200/assets/vendor.js:45239:17)
    at publish (http://127.0.0.1:4200/assets/vendor.js:45225:9)
    at publishRejection (http://127.0.0.1:4200/assets/vendor.js:45174:5)
    at http://127.0.0.1:4200/assets/vendor.js:40914:52
    at invoke (http://127.0.0.1:4200/assets/vendor.js:39539:16)
    at Queue.flush (http://127.0.0.1:4200/assets/vendor.js:39455:13)
    at DeferredActionQueues.flush (http://127.0.0.1:4200/assets/vendor.js:39611:21)
    at Backburner._end (http://127.0.0.1:4200/assets/vendor.js:40040:34)
    at Backburner._boundAutorunEnd (http://127.0.0.1:4200/assets/vendor.js:39776:14)
```

As explained above, this was only redproducible when no channels are present.
2024-02-22 14:19:32 +01:00
David Taylor 502eceb570
DEV: Replace add-archetype-class mixin with body-class helper (#25813) 2024-02-22 13:11:24 +00:00
chapoi 13eabff739
UX: allow fullscreen composer on mobile (#25787) 2024-02-22 13:01:27 +01:00
Alan Guo Xiang Tan c56c3adfde
DEV: Fix invalid test in 5dba5c4208 (#25810)
Why this change?

The previous test setup did not actually act as a regression test
because the test will still pass even when the fix is removed. This
commit uses a rendering test instead to ensure that Ember is tracking
the property change.
2024-02-22 19:10:23 +08:00
Keegan George 3b87a174e7
FIX: Customize form template view modal footer buttons (#25804) 2024-02-21 22:20:56 -08:00
Alan Guo Xiang Tan 867c2989d7
FEATURE: Add plugin-outlet before/after sidebar sections (#25807)
Why this change?

We have been getting customisation requests about adding stuff
before/after the sidebar sections so we are adding plugin outlets to
support those requests.
2024-02-22 12:58:13 +08:00
Blake Erickson 368bd2697a
DEV: Add more bulk-select-dropdown options (#25574)
This change updates the experimental bulk-select-dropdown (that is
currently feature-flagged) with more options.
2024-02-21 20:56:27 -07:00
Alan Guo Xiang Tan 5dba5c4208
DEV: Set `ExtraNavItem` count property to be a tracked property (#25806)
Why this change?

This regressed in b797434376 where
the count property in `ExtraNavItem` needs to be tracked as plugins can
be updating the count property directly.
2024-02-22 11:52:49 +08:00
Kris 94199715cd
UX: fix sidebar section modal styles (#25803) 2024-02-21 18:22:03 -05:00
Jarek Radosz 43583772d5
DEV: Remove a duplicated file (#25802) 2024-02-21 23:50:36 +01:00
dependabot[bot] a0a18b5b4a
Build(deps-dev): Bump @ember/optional-features from 2.0.0 to 2.1.0 in /app/assets/javascripts (#25799)
* Build(deps-dev): Bump @ember/optional-features

Bumps [@ember/optional-features](https://github.com/emberjs/ember-optional-features) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/emberjs/ember-optional-features/releases)
- [Changelog](https://github.com/emberjs/ember-optional-features/blob/master/CHANGELOG.md)
- [Commits](https://github.com/emberjs/ember-optional-features/commits)

---
updated-dependencies:
- dependency-name: "@ember/optional-features"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-21 23:17:02 +01:00
dependabot[bot] 54eb7ae561
Build(deps-dev): Bump sass from 1.71.0 to 1.71.1 in /app/assets/javascripts (#25800)
* Build(deps-dev): Bump sass in /app/assets/javascripts

Bumps [sass](https://github.com/sass/dart-sass) from 1.71.0 to 1.71.1.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.71.0...1.71.1)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-21 23:16:35 +01:00
Daniel Waterworth 9db009bf96
DEV: Reorder categories in sidebar edit modal (#25792)
Sort categories by relevance instead of alphabetically.
2024-02-21 14:35:04 -06:00
Daniel Waterworth 087712c1a6
DEV: Reduce duplication with DistributedMutex#clear_regex (#25795) 2024-02-21 14:19:04 -06:00
Daniel Waterworth bf7470e93b
FIX: Make /categories/search order deterministic (#25793) 2024-02-21 12:20:40 -06:00
Bianca Nenciu 47623e1214
FIX: Ensure model properties are set (#25790)
New models do not have all properties set yet which caused issues when
trying to access them.
2024-02-21 20:08:47 +02:00
Daniel Waterworth 13291dc5ef
FIX: Cache keys should be strings (#25791)
* FIX: Cache keys should be strings

Otherwise, there are subtle bugs that don't show up with a single
process.
2024-02-21 10:55:48 -06:00
Jarek Radosz 428db40deb
DEV: Minor refactor of screen-track service (#25699)
Set/Map, async/await, inline vars, updated tests
2024-02-21 17:17:10 +01:00
Bianca Nenciu 9199c52e5e
FIX: Load categories with search topic results (#25700)
Add categories to the serialized search results together with the topics
when lazy load categories is enabled. This is necessary in order for the
results to be rendered correctly and display the category information.
2024-02-21 17:29:47 +02:00
Bianca Nenciu d8c3924213
FIX: Category results should be ordered by term (#25771)
The two criteria used to order the results are if the category name
starts with the term and if the category is a top level category or not.
2024-02-21 16:32:58 +02:00
chapoi a9f8009801
UX: Modal mobile fixes (#25788)
* UX: remove discourse-touch class wrapper

* UX: keep modal close btn in right position
2024-02-21 13:49:42 +01:00
David Taylor a30b54be87
DEV: Update deprecation banner to include id and remove Ember 5 link (#25786)
We're starting to use this system for non-ember-5 deprecations, so linking to the Ember 5 topic doesn't make sense. Instead, we can include the deprecation ID to help with identifying the issue.
2024-02-21 10:59:09 +00:00
Kelv 0f5d5403ea
dev: add bootbox to deprecation warnings to admins (#25765) 2024-02-21 17:34:02 +08:00
Ella E 05f6d9be7b
UX: Change the color of the overriden dot to be slightly visible in dark mode (#25782) 2024-02-21 12:49:20 +08:00
Martin Brennan ac92cc526d
FIX: Admin sidebar was hiding chat/forum toggle button (#25781)
We have separated and combined modes for sidebar panels.
Separated means the panels show only their own sections,
combined means sections from all panels are shown.

The admin sidebar only shows its own panels, so it must set
the mode to separated; however when we navigate to chat or
home we must revert to the initial mode setttings.
2024-02-21 14:44:09 +10:00
Martin Brennan 95014e9ab8
FIX: Do not duplicate admin sidebar plugin links (#25780)
When hiding/showing the sidebar, as is the case on mobile
and using the toggle in the top left on desktop, we delete
and recreate the ember component on the page. This causes
the `sections` for each sidebar panel to get re-evaluated
every time.

For the admin sidebar, this means that we were constantly
re-adding the plugin links to the sidebar, causing duplication.
This can be fixed by just adding @cached to the getter for
sections.
2024-02-21 12:58:31 +10:00
Ted Johansson 533b91dec6
FEATURE: Add a checkbox for users to confirm before flagging as illegal (#25762)
The Digital Services Act requires a checkbox for any user who's flagging a post as illegal to confirm that they are flagging in good faith. This PR adds that.
2024-02-21 10:49:19 +08:00
Alan Guo Xiang Tan a4305cd69c
Revert "Build(deps): Bump @uppy/drop-target from 2.0.1 to 2.0.4 in /app/assets/javascripts (#25772)" (#25779)
This reverts commit ec63f2b876.

Broke the build
2024-02-21 08:13:25 +08:00
Alan Guo Xiang Tan 3e331b1725
DEV: Set a bytesize limit for `ThemeSetting#json_value` (#25761)
Why this change?

Firstly, note that this is not a security commit because this feature is
still in development and should not be used anywhere.

The reason we want to set a limit here is to greatly reduce the
possibility of a DoS attack in the future via `ThemeSetting` where
someone would set an arbituary large json string in
`ThemeSetting#json_value` and causing the server to run out of resources
trying to serialize/deserialize the value.

What does this change do?

Adds an ActiveRecord validation to ensure that the bytesize of the json
string being stored is smaller than or equal to 0.5mb. We believe 0.5mb
is a decent limit for now but we can review the limit in the future if
we believe it is too small.
2024-02-21 08:09:37 +08:00
Alan Guo Xiang Tan 6ca2396b12
DEV: Centralise logic for validating a theme setting value (#25764)
Why this change?

The logic for validating a theme setting's value and default value was
not consistent as each part of the code would implement its own logic.
This is not ideal as the default value may be validated differently than
when we are setting a new value. Therefore, this commit seeks to
refactor all the validation logic for a theme setting's value into a
single service class.

What does this change do?

Introduce the `ThemeSettingsValidator` service class which holds all the
necessary helper methods required to validate a theme setting's value
2024-02-21 08:08:26 +08:00
dependabot[bot] ec63f2b876
Build(deps): Bump @uppy/drop-target from 2.0.1 to 2.0.4 in /app/assets/javascripts (#25772)
* Build(deps): Bump @uppy/drop-target in /app/assets/javascripts

Bumps [@uppy/drop-target](https://github.com/transloadit/uppy) from 2.0.1 to 2.0.4.
- [Release notes](https://github.com/transloadit/uppy/releases)
- [Changelog](https://github.com/transloadit/uppy/blob/main/CHANGELOG.md)
- [Commits](https://github.com/transloadit/uppy/compare/@uppy/drop-target@2.0.1...@uppy/drop-target@2.0.4)

---
updated-dependencies:
- dependency-name: "@uppy/drop-target"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-21 08:04:38 +08:00
Krzysztof Kotlarek ee393a7953
UX: hide the draggable icon in the sidebar form on mobile (#25738)
Drag and drop link works only on desktop. Therefore, the drag icon should be hidden on mobile.
2024-02-21 09:16:49 +11:00
Martin Brennan ed47b55026
DEV: Increase default SMTP read timeout to 30s (#25763)
A while ago we increased group SMTP read and open timeouts
to address issues we were seeing with Gmail sometimes giving
really long timeouts for these values. The commit was:

3e639e4aa7

Now, we want to increase all SMTP read timeouts to 30s,
since the 5s is too low sometimes, and the ruby Net::SMTP
stdlib also defaults to 30s.

Also, we want to slightly tweak the group smtp email job
not to fail if the IncomingEmail log fails to create, or if
a ReadTimeout is encountered, to avoid retrying the job in sidekiq
again and sending the same email out.
2024-02-21 07:13:18 +10:00
Jarek Radosz 5817156499
UX: Fix the video spinner css (#25770)
A followup to 62e36145c5
2024-02-20 20:44:23 +01:00
Daniel Waterworth 13083d03ae
DEV: Async category search for sidebar modal (#25686) 2024-02-20 11:24:30 -06:00
Jarek Radosz 62e36145c5
UX: Tweak play button css (#25754)
* Remove unnecessary properties
* Use rem unit
* Add a drop shadow
* Make the "box shadow" slightly more subtle
* Use --d-border-radius
* Don't scale the "box shadow" on hover
* Scale down the on-hover size
* Make the button slightly larger
* Respect prefers-reduced-motion
* Use white rather than --secondary-or-primary
* Don't animate on-hover on mobile
2024-02-20 12:13:20 +01:00
Osama Sayegh 866193e8f3
FEATURE: Back button for schema theme settings (#25743)
Continue from https://github.com/discourse/discourse/pull/25673.

This commit adds a back button to the navigation tree of the schema.
2024-02-20 13:43:18 +03:00
Sam b057f1b2b4
FEATURE: add a `.topic` attribute to transformedPost (#25757)
During extensibility when we add post menu buttons we very much want access
to the topic.

The transformer does not include a `topic` attribute due to historical reasons.

Given we are going to move away from transforming long term and need to give
plugins access to topic when they are adding buttons, just add the extra
property
2024-02-20 13:44:43 +11:00
Martin Brennan 86183fea37
FIX: Admin nav active link in dark mode (#25759)
Followup e4b6142d6a,
the link was still black in dark mode.
2024-02-20 11:25:35 +10:00
Martin Brennan 0b3180c86f
DEV: Add SecureUploadEndpointHelpers for controllers (#25758)
This commit moves some code out of UploadController#show_secure
so it can be reused in other controllers if a secure upload
needs to have permission checks run.
2024-02-20 11:19:22 +10:00
Martin Brennan 3894ee6cb6
DEV: Add post_action_users_list modifier for PostActionUsersController (#25740)
This commit adds another plugin modifier related to post
actions, similar to ae24e04a5e.

This will be used to exclude users who liked _and_ reacted to
the post, since now in discourse-reactions we make a Like when
a user reacts too. This will affect the display of the post footer.
2024-02-20 09:48:09 +10:00
Jarek Radosz 09b1db8c3c
Revert "Build(deps): Bump @uppy/drop-target from 2.0.1 to 2.0.3 in /app/assets/javascripts (#25747)" (#25756)
This reverts commit 9e4e085666.
2024-02-20 09:31:09 +10:00
dependabot[bot] f1740de62e
Build(deps): Bump terser from 5.27.1 to 5.27.2 in /app/assets/javascripts (#25748)
* Build(deps): Bump terser in /app/assets/javascripts

Bumps [terser](https://github.com/terser/terser) from 5.27.1 to 5.27.2.
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.27.1...v5.27.2)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-19 23:14:15 +01:00
dependabot[bot] 385401d75c
Build(deps-dev): Bump webpack from 5.90.2 to 5.90.3 in /app/assets/javascripts (#25746)
* Build(deps-dev): Bump webpack in /app/assets/javascripts

Bumps [webpack](https://github.com/webpack/webpack) from 5.90.2 to 5.90.3.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.90.2...v5.90.3)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-19 23:13:34 +01:00
dependabot[bot] 9e4e085666
Build(deps): Bump @uppy/drop-target from 2.0.1 to 2.0.3 in /app/assets/javascripts (#25747)
* Build(deps): Bump @uppy/drop-target in /app/assets/javascripts

Bumps [@uppy/drop-target](https://github.com/transloadit/uppy) from 2.0.1 to 2.0.3.
- [Release notes](https://github.com/transloadit/uppy/releases)
- [Changelog](https://github.com/transloadit/uppy/blob/main/CHANGELOG.md)
- [Commits](https://github.com/transloadit/uppy/compare/@uppy/drop-target@2.0.1...@uppy/drop-target@2.0.3)

---
updated-dependencies:
- dependency-name: "@uppy/drop-target"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-19 23:13:12 +01:00
Krzysztof Kotlarek b215aac317
DEV: remove unused isInAnyGroups function (#25741)
Recently we changed the code to check permission in the backend. Example PR https://github.com/discourse/discourse/pull/25735

After those changes, `isInAnyGroups` and `userInAnyGroups` functions are not used anymore.
2024-02-20 09:08:46 +11:00
Blake Erickson 5ebe91a9a4
FIX: Set the video background to be black (#25744)
If you upload a portrait video or just a video that doesn't fit in the
normal video dimensions we want it to have a black background instead of
trying to render parts of the placeholder image as the video background.

This change removes the placeholder image for the video background when
the play button is clicked and replaces it with an all black background.
2024-02-19 12:46:45 -07:00
Krzysztof Kotlarek fc9648578b
DEV: Make more group-based settings client: false (#25735)
Affects the following settings:

delete_all_posts_and_topics_allowed_groups
experimental_new_new_view_groups
enable_experimental_admin_ui_groups
custom_summarization_allowed_groups
pm_tags_allowed_for_groups
chat_allowed_groups
direct_message_enabled_groups
chat_message_flag_allowed_groups

This turns off client: true for these group-based settings,
because there is no guarantee that the current user gets all
their group memberships serialized to the client. Better to check
server-side first.
2024-02-19 13:25:59 +11:00
dependabot[bot] 4462635dff
Build(deps-dev): Bump sass from 1.70.0 to 1.71.0 in /app/assets/javascripts (#25729)
* Build(deps-dev): Bump sass in /app/assets/javascripts

Bumps [sass](https://github.com/sass/dart-sass) from 1.70.0 to 1.71.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.70.0...1.71.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-19 09:13:04 +08:00
dependabot[bot] 700045b449
Build(deps-dev): Bump qunit from 2.20.0 to 2.20.1 in /app/assets/javascripts (#25730)
* Build(deps-dev): Bump qunit in /app/assets/javascripts

Bumps [qunit](https://github.com/qunitjs/qunit) from 2.20.0 to 2.20.1.
- [Release notes](https://github.com/qunitjs/qunit/releases)
- [Changelog](https://github.com/qunitjs/qunit/blob/main/History.md)
- [Commits](https://github.com/qunitjs/qunit/compare/2.20.0...2.20.1)

---
updated-dependencies:
- dependency-name: qunit
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-19 09:12:42 +08:00
Sam 9372404a31
FIX: full post jump not working (#25734)
Full post jump "SHIFT+K/J" not working if related topics are displayed

Amended logic so we unconditionally use full post jump on topic pages by
checking for .post-stream
2024-02-19 09:16:46 +11:00
Ella E e4b6142d6a
UX: Tweaks on the admin sidebar (#25717) 2024-02-16 14:28:25 -07:00
Blake Erickson ffac012bbc
FIX: Add a boarder around the video placeholder play button (#25727)
The video placeholder play button is white, so on a video placeholder
that is also white it is very hard to see where the play button is, so
this change adds a dark grey transparent background to the play button
so that it stands out. This is similar to how we have done the
play/pause button on animated gifs.
2024-02-16 13:48:57 -07:00
Penar Musaraj e497f6bf9b
UX: Allow resetting password when confirming session (#25708)
This is particularly useful in scenarios where 2FA is enforced and users have forgotten their password.
2024-02-16 12:18:07 -05:00
Bianca Nenciu a24d110258
FIX: Preload parent categories for sidebar (#25726)
When "lazy load categories" is enabled, only the categories present in
the sidebar are preloaded. This is insufficient because the parent
categories are necessary too for the sidebar to be rendered properly.
2024-02-16 16:39:18 +02:00
David Taylor 1672a24490
DEV: Memoize CSP nonce placeholder on response (#25724)
That way, the same value is used even if the helper is called in the context of different controllers

Followup to c8a1b49ddd
2024-02-16 12:15:55 +00:00
David Taylor b1f74ab59e
FEATURE: Add experimental option for strict-dynamic CSP (#25664)
The strict-dynamic CSP directive is supported in all our target browsers, and makes for a much simpler configuration. Instead of allowlisting paths, we use a per-request nonce to authorize `<script>` tags, and then those scripts are allowed to load additional scripts (or add additional inline scripts) without restriction.

This becomes especially useful when admins want to add external scripts like Google Tag Manager, or advertising scripts, which then go on to load a ton of other scripts.

All script tags introduced via themes will automatically have the nonce attribute applied, so it should be zero-effort for theme developers. Plugins *may* need some changes if they are inserting their own script tags.

This commit introduces a strict-dynamic-based CSP behind an experimental `content_security_policy_strict_dynamic` site setting.
2024-02-16 11:16:54 +00:00
Osama Sayegh 9329a5395a
FEATURE: Groundwork for schema theme settings UI (#25673)
This commit is the first of a series of commits that will allow themes to define complex settings types by declaring a schema of the setting structure that Discourse core will use to build a UI for the setting automatically. We implement the navigation logic and support for multiple levels of nesting in this commit and we'll continue building this new system gradually in future commits.

Internal topic: t/116870.
2024-02-16 09:31:49 +03:00
Martin Brennan 5935148bd8
FIX: Respect homepage prefs on admin sidebar Back to Forum link (#25642) 2024-02-16 14:31:42 +10:00
Martin Brennan ae24e04a5e
DEV: Add a plugin modifier for user_action_stream_builder (#25691)
Reactions needs this to be able to filter out likes received
actions, where there is also an associated reaction, since
now most reactions also count as a like.
2024-02-16 10:24:39 +10:00
Alan Guo Xiang Tan cc9480b24a
PERF: Use `-ping` option to ImageMagick `identify` command (#25713)
Why this change?

This adds the `-ping` option to the spots we missed in
cfdb461e9a.
2024-02-16 07:39:49 +08:00
Sam 9e5e5d4078
FEATURE: shift+j and shift+k will scroll entire posts (#25684)
* FEATURE: shift+j and shift+k will scroll entire posts

When scrolling through topics with very long posts we would like to use
`shift+j` and `shift+k` to quickly move between posts.

This allows users to bypass the scroll within post behavior when zooming
through topics with keyboard shortcuts

This overloads the behavior of shift+k and j which can be used to scroll
through sections (new/latest/etc...)

* remove useless tests

These tests are testing nothing, no point carrying them around
2024-02-16 08:50:29 +11:00
dependabot[bot] ef59fcea68
Build(deps): Bump terser from 5.27.0 to 5.27.1 in /app/assets/javascripts (#25711)
* Build(deps): Bump terser in /app/assets/javascripts

Bumps [terser](https://github.com/terser/terser) from 5.27.0 to 5.27.1.
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.27.0...v5.27.1)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-15 22:34:05 +01:00
dependabot[bot] fe0a36eee0
Build(deps-dev): Bump webpack from 5.90.1 to 5.90.2 in /app/assets/javascripts (#25710)
* Build(deps-dev): Bump webpack in /app/assets/javascripts

Bumps [webpack](https://github.com/webpack/webpack) from 5.90.1 to 5.90.2.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.90.1...v5.90.2)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-15 22:33:45 +01:00
Kris 5e59f1f22f
DEV: add matching plugin outlet to mobile template (#25706) 2024-02-15 16:01:56 -05:00
Isaac Janzen 5a67c8f0ca
UX: Show search history for more contexts (#25705)
Add search history to 👇 contexts:

  - "topic",
  - "category",
  - "tag",
  - "tagIntersection",
  - "user",
  
  We display the search history when no search term is present.
  
  # Demo

https://github.com/discourse/discourse/assets/50783505/c720f70e-0c4c-4dbd-9f28-8b046deef674
  
  ## Topic
<img width="1003" alt="Screenshot 2024-02-15 at 12 36 37 PM" src="https://github.com/discourse/discourse/assets/50783505/5a254d94-2489-4c0f-976d-0eb1e2d6d775">


  ## Category
<img width="1003" alt="Screenshot 2024-02-15 at 12 36 23 PM" src="https://github.com/discourse/discourse/assets/50783505/247ec625-0bc2-431b-ae4f-b4e664647cfe">


  ## Tag  
<img width="1020" alt="Screenshot 2024-02-15 at 12 35 50 PM" src="https://github.com/discourse/discourse/assets/50783505/e416a935-00c2-4e8a-aef4-8de6903864bf">


  ## Tag Intersection
<img width="1004" alt="Screenshot 2024-02-15 at 12 35 28 PM" src="https://github.com/discourse/discourse/assets/50783505/d06cb287-52dd-4df4-ade8-75f30f67f07e">

  
  ## User
  <img width="1001" alt="Screenshot 2024-02-15 at 12 34 51 PM" src="https://github.com/discourse/discourse/assets/50783505/85a7a682-46f5-404c-a441-affb6bad05b6">
2024-02-15 13:25:50 -07:00
Isaac Janzen 45a130e696
FIX: Make recent search items populate input with value (#25704)
- Make clicking a recent search item populate the search input with said value
- Don't add empty search strings to recent search history.
2024-02-15 12:18:35 -07:00