1fd04b2546
Build(deps-dev): Bump rouge from 4.1.2 to 4.1.3 ( #22889 )
...
Bumps [rouge](https://github.com/rouge-ruby/rouge ) from 4.1.2 to 4.1.3.
- [Release notes](https://github.com/rouge-ruby/rouge/releases )
- [Changelog](https://github.com/rouge-ruby/rouge/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rouge-ruby/rouge/compare/v4.1.2...v4.1.3 )
---
updated-dependencies:
- dependency-name: rouge
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-01 00:33:06 +02:00
d2f7df3bd2
Build(deps): Bump oj from 3.15.0 to 3.15.1 ( #22885 )
...
Bumps [oj](https://github.com/ohler55/oj ) from 3.15.0 to 3.15.1.
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/oj/compare/v3.15.0...v3.15.1 )
---
updated-dependencies:
- dependency-name: oj
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-01 00:18:18 +02:00
53e1af9ccb
Build(deps): Bump zeitwerk from 2.6.9 to 2.6.10 ( #22866 )
...
Bumps [zeitwerk](https://github.com/fxn/zeitwerk ) from 2.6.9 to 2.6.10.
- [Changelog](https://github.com/fxn/zeitwerk/blob/main/CHANGELOG.md )
- [Commits](https://github.com/fxn/zeitwerk/compare/v2.6.9...v2.6.10 )
---
updated-dependencies:
- dependency-name: zeitwerk
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-31 09:18:21 +08:00
4cc895ed40
Build(deps-dev): Bump mocha from 2.0.4 to 2.1.0 ( #22841 )
...
Bumps [mocha](https://github.com/freerange/mocha ) from 2.0.4 to 2.1.0.
- [Changelog](https://github.com/freerange/mocha/blob/main/RELEASE.md )
- [Commits](https://github.com/freerange/mocha/compare/v2.0.4...v2.1.0 )
---
updated-dependencies:
- dependency-name: mocha
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-28 00:42:39 +02:00
028cd2a79e
Build(deps): Bump lograge from 0.12.0 to 0.13.0 ( #22842 )
...
Bumps [lograge](https://github.com/roidrage/lograge ) from 0.12.0 to 0.13.0.
- [Release notes](https://github.com/roidrage/lograge/releases )
- [Changelog](https://github.com/roidrage/lograge/blob/master/CHANGELOG.md )
- [Commits](https://github.com/roidrage/lograge/compare/v0.12.0...v0.13.0 )
---
updated-dependencies:
- dependency-name: lograge
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-28 00:42:18 +02:00
3a11c82547
DEV: Update minitest to 5.19.0 ( #22821 )
2023-07-27 12:18:40 +02:00
05aa55e172
DEV: moves logic from job to a service ( #22691 )
...
`Jobs::AutoJoinChannelBatch` was holding a lot of logic which should be in a service. Moreover, this refactoring is the opportunity to address a bug which could cause a duplicate key error.
From now when trying to insert a new membership it won't fail if a membership is already present.
Example error:
```
Job exception: ERROR: duplicate key value violates unique constraint "user_chat_channel_unique_memberships"
DETAIL: Key (user_id, chat_channel_id)=(1, 2) already exists.
Backtrace
rack-mini-profiler-3.1.0/lib/patches/db/pg.rb:110:in `exec'
rack-mini-profiler-3.1.0/lib/patches/db/pg.rb:110:in `async_exec'
(eval):29:in `async_exec'
mini_sql-1.4.0/lib/mini_sql/postgres/connection.rb:209:in `run'
mini_sql-1.4.0/lib/mini_sql/active_record_postgres/connection.rb:38:in `block in run'
mini_sql-1.4.0/lib/mini_sql/active_record_postgres/connection.rb:34:in `block in with_lock'
activesupport-7.0.5.1/lib/active_support/concurrency/load_interlock_aware_monitor.rb:25:in `handle_interrupt'
activesupport-7.0.5.1/lib/active_support/concurrency/load_interlock_aware_monitor.rb:25:in `block in synchronize'
activesupport-7.0.5.1/lib/active_support/concurrency/load_interlock_aware_monitor.rb:21:in `handle_interrupt'
activesupport-7.0.5.1/lib/active_support/concurrency/load_interlock_aware_monitor.rb:21:in `synchronize'
mini_sql-1.4.0/lib/mini_sql/active_record_postgres/connection.rb:34:in `with_lock'
mini_sql-1.4.0/lib/mini_sql/active_record_postgres/connection.rb:38:in `run'
mini_sql-1.4.0/lib/mini_sql/postgres/connection.rb:64:in `query_single'
/var/www/discourse/plugins/chat/app/jobs/regular/chat/auto_join_channel_batch.rb:38:in `execute'
```
Note this commit is also using main branch of `shoulda-matchers` as the gem has not been released yet.
Co-authored-by: Loïc Guitaut <5648+Flink@users.noreply.github.com>
2023-07-27 10:25:41 +02:00
aac0743bfa
Build(deps): Bump net-imap from 0.3.6 to 0.3.7 ( #22814 )
...
Bumps [net-imap](https://github.com/ruby/net-imap ) from 0.3.6 to 0.3.7.
- [Release notes](https://github.com/ruby/net-imap/releases )
- [Commits](https://github.com/ruby/net-imap/compare/v0.3.6...v0.3.7 )
---
updated-dependencies:
- dependency-name: net-imap
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-27 10:55:49 +08:00
0354370937
Build(deps-dev): Bump rubocop from 1.54.2 to 1.55.0 ( #22790 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.54.2 to 1.55.0.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.54.2...v1.55.0 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-26 09:21:12 +08:00
a57254687f
Build(deps): Bump zeitwerk from 2.6.8 to 2.6.9 ( #22791 )
...
Bumps [zeitwerk](https://github.com/fxn/zeitwerk ) from 2.6.8 to 2.6.9.
- [Changelog](https://github.com/fxn/zeitwerk/blob/main/CHANGELOG.md )
- [Commits](https://github.com/fxn/zeitwerk/compare/v2.6.8...v2.6.9 )
---
updated-dependencies:
- dependency-name: zeitwerk
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-26 09:20:59 +08:00
25a948c892
Build(deps): Bump optimist from 3.0.1 to 3.1.0 ( #22769 )
...
Bumps [optimist](https://github.com/ManageIQ/optimist ) from 3.0.1 to 3.1.0.
- [Changelog](https://github.com/ManageIQ/optimist/blob/master/History.txt )
- [Commits](https://github.com/ManageIQ/optimist/compare/v3.0.1...v3.1.0 )
---
updated-dependencies:
- dependency-name: optimist
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-25 10:31:50 +08:00
309e752255
Build(deps): Bump sass-embedded from 1.64.0 to 1.64.1 ( #22749 )
...
Bumps [sass-embedded](https://github.com/ntkme/sass-embedded-host-ruby ) from 1.64.0 to 1.64.1.
- [Commits](https://github.com/ntkme/sass-embedded-host-ruby/compare/v1.64.0...v1.64.1 )
---
updated-dependencies:
- dependency-name: sass-embedded
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-24 00:23:57 +02:00
384068f4c7
DEV: Remove webrick dependency which we no longer need ( #22738 )
...
The `discourse-prometheus` plugin has since specificed the depedency on
webrick in the plugin so we no longer need to carry this in core.
See c4b675f0fe
2023-07-21 13:12:32 +08:00
a53e900671
Build(deps): Bump sass-embedded from 1.63.6 to 1.64.0 ( #22725 )
...
Bumps [sass-embedded](https://github.com/ntkme/sass-embedded-host-ruby ) from 1.63.6 to 1.64.0.
- [Commits](https://github.com/ntkme/sass-embedded-host-ruby/compare/v1.63.6...v1.64.0 )
---
updated-dependencies:
- dependency-name: sass-embedded
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-21 00:28:43 +02:00
bf799fb1e7
Build(deps): Bump msgpack from 1.7.1 to 1.7.2 ( #22676 )
...
Bumps [msgpack](https://github.com/msgpack/msgpack-ruby ) from 1.7.1 to 1.7.2.
- [Changelog](https://github.com/msgpack/msgpack-ruby/blob/master/ChangeLog )
- [Commits](https://github.com/msgpack/msgpack-ruby/compare/v1.7.1...v1.7.2 )
---
updated-dependencies:
- dependency-name: msgpack
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-19 01:08:34 +02:00
21a4489732
Build(deps): Bump mini_portile2 from 2.8.2 to 2.8.4 ( #22675 )
...
Bumps [mini_portile2](https://github.com/flavorjones/mini_portile ) from 2.8.2 to 2.8.4.
- [Release notes](https://github.com/flavorjones/mini_portile/releases )
- [Changelog](https://github.com/flavorjones/mini_portile/blob/main/CHANGELOG.md )
- [Commits](https://github.com/flavorjones/mini_portile/compare/v2.8.2...v2.8.4 )
---
updated-dependencies:
- dependency-name: mini_portile2
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-19 01:06:59 +02:00
8b985cbc88
Build(deps): Bump rubocop from 1.54.1 to 1.54.2 ( #22608 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.54.1 to 1.54.2.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.54.1...v1.54.2 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-14 12:44:54 +02:00
29425a3998
Build(deps-dev): Bump rswag-specs from 2.9.0 to 2.10.1 ( #22607 )
...
Bumps [rswag-specs](https://github.com/rswag/rswag ) from 2.9.0 to 2.10.1.
- [Release notes](https://github.com/rswag/rswag/releases )
- [Changelog](https://github.com/rswag/rswag/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rswag/rswag/compare/2.9.0...2.10.1 )
---
updated-dependencies:
- dependency-name: rswag-specs
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-14 12:44:20 +02:00
b697cf9dc2
Build(deps): Bump rspec-mocks from 3.12.5 to 3.12.6 ( #22576 )
...
Bumps [rspec-mocks](https://github.com/rspec/rspec-mocks ) from 3.12.5 to 3.12.6.
- [Release notes](https://github.com/rspec/rspec-mocks/releases )
- [Changelog](https://github.com/rspec/rspec-mocks/blob/main/Changelog.md )
- [Commits](https://github.com/rspec/rspec-mocks/compare/v3.12.5...v3.12.6 )
---
updated-dependencies:
- dependency-name: rspec-mocks
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-13 06:49:43 +08:00
409437c6d3
Build(deps): Bump public_suffix from 5.0.1 to 5.0.3 ( #22554 )
...
Bumps [public_suffix](https://github.com/weppos/publicsuffix-ruby ) from 5.0.1 to 5.0.3.
- [Changelog](https://github.com/weppos/publicsuffix-ruby/blob/main/CHANGELOG.md )
- [Commits](https://github.com/weppos/publicsuffix-ruby/compare/v5.0.1...v5.0.3 )
---
updated-dependencies:
- dependency-name: public_suffix
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-12 07:37:03 +08:00
442f6ed43c
Build(deps): Bump sanitize from 6.0.1 to 6.0.2 ( #22473 )
...
Bumps [sanitize](https://github.com/rgrove/sanitize ) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/rgrove/sanitize/releases )
- [Changelog](https://github.com/rgrove/sanitize/blob/main/HISTORY.md )
- [Commits](https://github.com/rgrove/sanitize/compare/v6.0.1...v6.0.2 )
---
updated-dependencies:
- dependency-name: sanitize
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-07 07:00:20 +08:00
30ccabfb4a
Build(deps): Bump faraday from 2.7.9 to 2.7.10 ( #22477 )
...
Bumps [faraday](https://github.com/lostisland/faraday ) from 2.7.9 to 2.7.10.
- [Release notes](https://github.com/lostisland/faraday/releases )
- [Changelog](https://github.com/lostisland/faraday/blob/main/CHANGELOG.md )
- [Commits](https://github.com/lostisland/faraday/compare/v2.7.9...v2.7.10 )
---
updated-dependencies:
- dependency-name: faraday
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-07 06:53:13 +08:00
a032a675c4
Build(deps): Bump google-protobuf from 3.23.3 to 3.23.4 ( #22478 )
...
Bumps [google-protobuf](https://github.com/protocolbuffers/protobuf ) from 3.23.3 to 3.23.4.
- [Release notes](https://github.com/protocolbuffers/protobuf/releases )
- [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl )
- [Commits](https://github.com/protocolbuffers/protobuf/compare/v3.23.3...v3.23.4 )
---
updated-dependencies:
- dependency-name: google-protobuf
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-07 06:39:53 +08:00
eabceaefbe
Build(deps): Bump nokogiri from 1.15.2 to 1.15.3 ( #22447 )
...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.15.2 to 1.15.3.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.15.2...v1.15.3 )
---
updated-dependencies:
- dependency-name: nokogiri
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-06 07:03:57 +08:00
16673c920d
Build(deps): Bump rubocop from 1.54.0 to 1.54.1 ( #22420 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.54.0 to 1.54.1.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.54.0...v1.54.1 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-05 07:32:46 +08:00
047c76e477
Build(deps): Bump faraday from 2.7.8 to 2.7.9 ( #22373 )
...
Bumps [faraday](https://github.com/lostisland/faraday ) from 2.7.8 to 2.7.9.
- [Release notes](https://github.com/lostisland/faraday/releases )
- [Changelog](https://github.com/lostisland/faraday/blob/main/CHANGELOG.md )
- [Commits](https://github.com/lostisland/faraday/compare/v2.7.8...v2.7.9 )
---
updated-dependencies:
- dependency-name: faraday
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-03 07:09:48 +08:00
c66afd88f9
Build(deps-dev): Bump rails-dom-testing from 2.0.3 to 2.1.1 ( #22374 )
...
Bumps [rails-dom-testing](https://github.com/rails/rails-dom-testing ) from 2.0.3 to 2.1.1.
- [Release notes](https://github.com/rails/rails-dom-testing/releases )
- [Commits](https://github.com/rails/rails-dom-testing/compare/v2.0.3...v2.1.1 )
---
updated-dependencies:
- dependency-name: rails-dom-testing
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-03 07:09:34 +08:00
b780305353
Build(deps): Bump rubocop from 1.53.1 to 1.54.0 ( #22375 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.53.1 to 1.54.0.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.53.1...v1.54.0 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-03 07:08:14 +08:00
fd7b534a49
DEV: Update MessageBus to 4.3.7 ( #22357 )
...
Follow-up to 351005ef1b
2023-06-30 10:32:25 +08:00
351005ef1b
DEV: Upgrade MessageBus to latest version. ( #22355 )
...
Previously it was pinned to 4.3.2 because 4.3.3 was broken. This has now
been resolved so we no longer need to pin MessageBus.
2023-06-30 08:14:16 +08:00
50f710bcae
DEV: Bump oj from 3.13.14 to 3.15.0 ( #22352 )
...
https://github.com/ohler55/oj/issues/789 has been fixed and SSE4.2 is disabled by default.
2023-06-30 07:39:55 +08:00
37e7d0639b
Build(deps): Bump faraday from 2.7.7 to 2.7.8 ( #22338 )
...
Bumps [faraday](https://github.com/lostisland/faraday ) from 2.7.7 to 2.7.8.
- [Release notes](https://github.com/lostisland/faraday/releases )
- [Changelog](https://github.com/lostisland/faraday/blob/main/CHANGELOG.md )
- [Commits](https://github.com/lostisland/faraday/compare/v2.7.7...v2.7.8 )
---
updated-dependencies:
- dependency-name: faraday
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-30 07:36:16 +08:00
f2fe5bc84e
Build(deps): Bump uri from 0.12.1 to 0.12.2 ( #22348 )
...
Bumps [uri](https://github.com/ruby/uri ) from 0.12.1 to 0.12.2.
- [Release notes](https://github.com/ruby/uri/releases )
- [Commits](https://github.com/ruby/uri/compare/v0.12.1...v0.12.2 )
---
updated-dependencies:
- dependency-name: uri
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-29 17:46:23 +02:00
78bc42be2e
Build(deps-dev): Bump test-prof from 1.2.1 to 1.2.2 ( #22314 )
...
Bumps [test-prof](https://github.com/test-prof/test-prof ) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/test-prof/test-prof/releases )
- [Changelog](https://github.com/test-prof/test-prof/blob/master/CHANGELOG.md )
- [Commits](https://github.com/test-prof/test-prof/compare/v1.2.1...v1.2.2 )
---
updated-dependencies:
- dependency-name: test-prof
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-28 09:42:37 +08:00
4d3999de10
DEV: Upgrade Rails to 7.0.5.1 ( #22305 )
...
See discuss.rubyonrails.org/t/cve-2023-28362-possible-xss-via-user-supplied-values-to/83132
Impact of this vulnerability has been assess to be very low for Discourse since XSS attacks are mitigated by Discourse's default CSP.
2023-06-28 07:18:49 +08:00
6b9c497a58
Build(deps): Bump timeout from 0.3.2 to 0.4.0 ( #22267 )
...
Bumps [timeout](https://github.com/ruby/timeout ) from 0.3.2 to 0.4.0.
- [Release notes](https://github.com/ruby/timeout/releases )
- [Commits](https://github.com/ruby/timeout/compare/v0.3.2...v0.4.0 )
---
updated-dependencies:
- dependency-name: timeout
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-27 08:05:30 +08:00
343f09a152
Build(deps): Bump rspec-support from 3.12.0 to 3.12.1 ( #22286 )
...
Bumps [rspec-support](https://github.com/rspec/rspec-support ) from 3.12.0 to 3.12.1.
- [Changelog](https://github.com/rspec/rspec-support/blob/main/Changelog.md )
- [Commits](https://github.com/rspec/rspec-support/compare/v3.12.0...v3.12.1 )
---
updated-dependencies:
- dependency-name: rspec-support
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-27 01:22:18 +02:00
0cd7ec923e
Build(deps): Bump rubocop from 1.53.0 to 1.53.1 ( #22288 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.53.0 to 1.53.1.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.53.0...v1.53.1 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-27 01:21:36 +02:00
0f4beab0fb
DEV: Update the rubocop-discourse gem
...
This enables cops related to RSpec `subject`.
See https://github.com/discourse/rubocop-discourse/pull/32
2023-06-26 11:41:52 +02:00
4e5575c065
Build(deps): Bump sass-embedded from 1.63.5 to 1.63.6 ( #22249 )
2023-06-23 15:03:22 +02:00
b25225f704
Build(deps): Bump sass-embedded from 1.63.4 to 1.63.5 ( #22234 )
...
Bumps [sass-embedded](https://github.com/ntkme/sass-embedded-host-ruby ) from 1.63.4 to 1.63.5.
- [Commits](https://github.com/ntkme/sass-embedded-host-ruby/compare/v1.63.4...v1.63.5 )
---
updated-dependencies:
- dependency-name: sass-embedded
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-22 09:45:32 +08:00
36a830047c
Build(deps): Bump faraday from 2.7.6 to 2.7.7 ( #22210 )
...
Bumps [faraday](https://github.com/lostisland/faraday ) from 2.7.6 to 2.7.7.
- [Release notes](https://github.com/lostisland/faraday/releases )
- [Changelog](https://github.com/lostisland/faraday/blob/main/CHANGELOG.md )
- [Commits](https://github.com/lostisland/faraday/compare/v2.7.6...v2.7.7 )
---
updated-dependencies:
- dependency-name: faraday
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-21 07:23:27 +08:00
9e241e82e9
DEV: use HTML5 version of loofah ( #21522 )
...
https://meta.discourse.org/t/markdown-preview-and-result-differ/263878
The result of this markdown had different results in the composer preview and the post. This is solved by updating Loofah to the latest version and using html5 fragments like our user had reported. While the change was only needed in cooked_post_processor.rb for this fix, other areas also had to be updated due to various side effects.
2023-06-20 09:49:22 +08:00
a510de1f6e
DEV: Roll back MessageBus version ( #22199 )
...
We are having issues with a lot of MessageBus updates not coming
through, it seems like the poll is not reconnecting after hanging
up. Pinning to the version before this commit to check:
a2a46fde87
2023-06-20 10:24:47 +10:00
c7a9da1f10
Build(deps): Bump message_bus from 4.3.2 to 4.3.3 ( #22188 )
...
Bumps [message_bus](https://github.com/discourse/message_bus ) from 4.3.2 to 4.3.3.
- [Changelog](https://github.com/discourse/message_bus/blob/main/CHANGELOG )
- [Commits](https://github.com/discourse/message_bus/compare/v4.3.2...v4.3.3 )
---
updated-dependencies:
- dependency-name: message_bus
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-20 08:46:32 +10:00
97f44a5b0b
Build(deps-dev): Bump minitest from 5.18.0 to 5.18.1 ( #22177 )
...
Bumps [minitest](https://github.com/minitest/minitest ) from 5.18.0 to 5.18.1.
- [Changelog](https://github.com/minitest/minitest/blob/master/History.rdoc )
- [Commits](https://github.com/minitest/minitest/compare/v5.18.0...v5.18.1 )
---
updated-dependencies:
- dependency-name: minitest
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-19 09:11:53 +08:00
4b35653854
Build(deps): Bump sass-embedded from 1.63.3 to 1.63.4 ( #22135 )
...
Bumps [sass-embedded](https://github.com/ntkme/sass-embedded-host-ruby ) from 1.63.3 to 1.63.4.
- [Commits](https://github.com/ntkme/sass-embedded-host-ruby/compare/v1.63.3...v1.63.4 )
---
updated-dependencies:
- dependency-name: sass-embedded
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-16 01:38:10 +02:00
897b6d86c7
Build(deps-dev): Bump better_errors from 2.10.0 to 2.10.1 ( #22123 )
...
Bumps [better_errors](https://github.com/BetterErrors/better_errors ) from 2.10.0 to 2.10.1.
- [Release notes](https://github.com/BetterErrors/better_errors/releases )
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.10.0...v2.10.1 )
---
updated-dependencies:
- dependency-name: better_errors
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-15 08:34:56 +08:00
28cb3300bc
Build(deps): Bump racc from 1.7.0 to 1.7.1 ( #22120 )
...
Bumps [racc](https://github.com/tenderlove/racc ) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/tenderlove/racc/releases )
- [Changelog](https://github.com/ruby/racc/blob/master/ChangeLog )
- [Commits](https://github.com/tenderlove/racc/compare/v1.7.0...v1.7.1 )
---
updated-dependencies:
- dependency-name: racc
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-15 08:34:03 +08:00
b11685f74b
Build(deps): Bump json_schemer from 1.0.2 to 1.0.3 ( #22124 )
...
Bumps [json_schemer](https://github.com/davishmcclurg/json_schemer ) from 1.0.2 to 1.0.3.
- [Changelog](https://github.com/davishmcclurg/json_schemer/blob/master/CHANGELOG.md )
- [Commits](https://github.com/davishmcclurg/json_schemer/compare/v1.0.2...v1.0.3 )
---
updated-dependencies:
- dependency-name: json_schemer
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-15 08:33:44 +08:00
dependabot[bot]
Jarek Radosz
Joffrey JAFFEUX
Alan Guo Xiang Tan
Gerhard Schlager
Greg Molnar
Loïc Guitaut
Sam
Martin Brennan