dependabot-preview[bot]
ac4cbfb61d
Build(deps): Bump onebox from 2.1.1 to 2.1.2 ( #10635 )
...
Bumps [onebox](https://github.com/discourse/onebox ) from 2.1.1 to 2.1.2.
- [Release notes](https://github.com/discourse/onebox/releases )
- [Changelog](https://github.com/discourse/onebox/blob/master/CHANGELOG.md )
- [Commits](https://github.com/discourse/onebox/compare/v2.1.1...v2.1.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-09 19:24:23 +05:30
Joffrey JAFFEUX
38c934e1e1
UX: prevents auto capitalize/correct in the emoji picker ( #10636 )
2020-09-09 15:43:18 +02:00
Guo Xiang Tan
611d9f61fd
Fix the build.
2020-09-09 15:43:38 +08:00
Guo Xiang Tan
4994b0ed34
PERF: Remove an unncessary query when check for dark mode.
2020-09-09 15:18:52 +08:00
Guo Xiang Tan
fb7bbae3f4
PERF: Memoize calls to `ApplicationHelper#scheme_id`.
...
The same query was executed 4 times per full page load.
2020-09-09 15:15:15 +08:00
Guo Xiang Tan
9b75d95fc6
PERF: Keep track of first unread PM and first unread group PM for user.
...
This optimization helps to filter away topics so that the joins on
related tables when querying for unread messages is not expensive.
2020-09-09 14:05:41 +08:00
Guo Xiang Tan
0398271f87
FIX: Admin should always be able to view group messages.
...
Follow-up to b0f22f2523
.
Before this fix, `SiteSetting.enable_personal_messages = false` will
prevent admin from viewing group messages.
2020-09-09 08:58:21 +08:00
Blake Erickson
cce41f32b8
DEV: Switch over to a fork of ember-rails ( #10603 )
...
We are switching over to a fork because we are currently on a pinned
version of ember-rails 0.18.5 which is pretty old. Upgrading to the
latest version causes many things to break which isn't really worth the
time to debug while we plan to completely switch over to ember-cli
somewhat soonish. Our fork contains a single cherry-pick commit
https://github.com/emberjs/ember-rails/pull/534
which will fix an issue when running the `rails g migration` command and
it spits out a bunch of deprecation warnings.
2020-09-08 13:23:40 -06:00
Blake Erickson
4dfdfeaafd
DEV: Resolve this child category pending request spec ( #10604 )
...
There is a request spec that was ignored with the `xit` flag almost a
year ago and every time you generate the api docs with
```
rake rswag:specs:swaggerize
```
it shows the output of this pending test and I guess I finally got sick
of looking at it, so here is a fix for it.
Original Commit: d84c34ad75
2020-09-08 13:23:11 -06:00
Penar Musaraj
d4a7058cb1
DEV: Strip unicode from color scheme stylesheet filenames ( #10628 )
2020-09-08 15:00:16 -04:00
Robin Ward
4dd07843c6
FIX: We have changed the way `__widget_helpers` are resolved
2020-09-08 12:10:59 -04:00
Joffrey JAFFEUX
8413d27cf2
FIX: handles different cases of canInvite/canRemove states in PM ( #10607 )
2020-09-08 16:35:59 +02:00
dependabot-preview[bot]
2c66698470
Build(deps): Bump unicorn from 5.6.0 to 5.7.0
...
Bumps [unicorn](https://yhbt.net/unicorn/ ) from 5.6.0 to 5.7.0.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-08 10:34:02 -04:00
dependabot-preview[bot]
6847b6a566
Build(deps): Bump sidekiq from 6.1.1 to 6.1.2
...
Bumps [sidekiq](https://github.com/mperham/sidekiq ) from 6.1.1 to 6.1.2.
- [Release notes](https://github.com/mperham/sidekiq/releases )
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md )
- [Commits](https://github.com/mperham/sidekiq/compare/v6.1.1...v6.1.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-08 10:30:23 -04:00
dependabot-preview[bot]
3da4ff4611
Build(deps): Bump redis from 4.2.1 to 4.2.2
...
Bumps [redis](https://github.com/redis/redis-rb ) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/redis/redis-rb/releases )
- [Changelog](https://github.com/redis/redis-rb/blob/master/CHANGELOG.md )
- [Commits](https://github.com/redis/redis-rb/compare/v4.2.1...v4.2.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-08 10:30:08 -04:00
dependabot[bot]
d21119ee4f
Build(deps): Bump lodash in /app/assets/javascripts/pretty-text
...
Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.15 to 4.17.20.
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.20 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-09-08 10:25:45 -04:00
dependabot[bot]
00e2339e82
Build(deps): Bump lodash in /app/assets/javascripts/discourse-common
...
Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.15 to 4.17.20.
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.20 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-09-08 10:25:31 -04:00
dependabot-preview[bot]
d10e3b0461
Build(deps): Bump oj from 3.10.13 to 3.10.14
...
Bumps [oj](https://github.com/ohler55/oj ) from 3.10.13 to 3.10.14.
- [Release notes](https://github.com/ohler55/oj/releases )
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/oj/compare/v3.10.13...v3.10.14 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-08 10:21:01 -04:00
dependabot-preview[bot]
2edbfe49b2
Build(deps): Bump puma from 4.3.5 to 4.3.6
...
Bumps [puma](https://github.com/puma/puma ) from 4.3.5 to 4.3.6.
- [Release notes](https://github.com/puma/puma/releases )
- [Changelog](https://github.com/puma/puma/blob/master/History.md )
- [Commits](https://github.com/puma/puma/compare/v4.3.5...v4.3.6 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-08 10:19:46 -04:00
dependabot-preview[bot]
71a7ac365e
Build(deps): Bump rack-protection from 2.0.8.1 to 2.1.0
...
Bumps [rack-protection](https://github.com/sinatra/sinatra ) from 2.0.8.1 to 2.1.0.
- [Release notes](https://github.com/sinatra/sinatra/releases )
- [Changelog](https://github.com/sinatra/sinatra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sinatra/sinatra/compare/v2.0.8.1...v2.1.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-08 10:13:32 -04:00
Joffrey JAFFEUX
02495510e8
FIX: workaround constructor name not available after transpilation ( #10623 )
...
This is only reproducible en production build. In this case, constructor.name could be any value like "i" for example.
2020-09-08 10:14:41 +02:00
Guo Xiang Tan
a1d135f12a
DEV: Correct use of `sanitize_sql_array` in `TopicQuery`.
2020-09-08 12:30:09 +08:00
Guo Xiang Tan
d3ebaa41ce
DEV: Address review comments for 5ed84d9885
.
2020-09-08 11:17:35 +08:00
Guo Xiang Tan
b0f22f2523
SECURITY: Remove indication that a group exists if user can't see it.
...
Minor security fix but we should not leak any hints that a group exists
even if a user does not have access to the group.
2020-09-08 10:53:48 +08:00
Guo Xiang Tan
5ed84d9885
SECURITY: Don't allow moderators to list PMs of all groups.
...
* Also return 404 when a user is trying to list PMs of a group that
cannot be accessed by the user.
2020-09-08 10:37:00 +08:00
Guo Xiang Tan
0d3239bf21
Revert "SECURITY: Don't allow moderators to view the admins inbox"
...
Superseeded by d9a5280f5665d12bf46efd8cdcc6200da2cdedd8
This reverts commit 18d35bf64a
.
2020-09-08 10:36:49 +08:00
Daniel Waterworth
18d35bf64a
SECURITY: Don't allow moderators to view the admins inbox
2020-09-07 18:02:41 +01:00
Joffrey JAFFEUX
0b8e7d88fe
FIX: wraps popper call in afterRender and uses createPopper ( #10621 )
...
Before this fix, popper was sometimes not applied.
2020-09-07 13:33:52 +02:00
dependabot[bot]
27751ca69f
Build(deps): Bump websocket-extensions ( #10617 )
...
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node ) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases )
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md )
- [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:02:38 +02:00
dependabot[bot]
b191ea4f59
Build(deps): Bump websocket-extensions ( #10615 )
...
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node ) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases )
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md )
- [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:02:27 +02:00
dependabot[bot]
2cb0f013cc
Build(deps): Bump elliptic in /app/assets/javascripts/pretty-text ( #10611 )
...
Bumps [elliptic](https://github.com/indutny/elliptic ) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases )
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:02:09 +02:00
dependabot[bot]
6bff8636e2
Build(deps): Bump elliptic in /app/assets/javascripts/discourse-common ( #10612 )
...
Bumps [elliptic](https://github.com/indutny/elliptic ) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases )
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:01:37 +02:00
dependabot[bot]
9b187b7e11
Build(deps): Bump http-proxy in /app/assets/javascripts/discourse-common ( #10613 )
...
Bumps [http-proxy](https://github.com/http-party/node-http-proxy ) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases )
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md )
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:00:25 +02:00
dependabot[bot]
c119c07fa4
Build(deps): Bump http-proxy in /app/assets/javascripts/pretty-text ( #10614 )
...
Bumps [http-proxy](https://github.com/http-party/node-http-proxy ) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases )
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md )
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:00:10 +02:00
dependabot-preview[bot]
7b889c6201
Build(deps): Bump nio4r from 2.5.2 to 2.5.3 ( #10620 )
...
Bumps [nio4r](https://github.com/socketry/nio4r ) from 2.5.2 to 2.5.3.
- [Release notes](https://github.com/socketry/nio4r/releases )
- [Changelog](https://github.com/socketry/nio4r/blob/master/CHANGES.md )
- [Commits](https://github.com/socketry/nio4r/compare/v2.5.2...v2.5.3 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-07 11:59:25 +02:00
Martin Brennan
431bd84dec
FIX: Make deleted topic post bookmarks more resilient ( #10619 )
...
This PR ensures that new bookmarks cannot be created for deleted posts and topics, and also makes sure that if a bookmark was created and then the topic deleted that the show topic page does not error from trying to retrieve the bookmark reminder at.
2020-09-07 14:52:14 +10:00
Daniel Waterworth
f2842490d3
PERF: Don't load all poll_votes for a poll
2020-09-05 18:42:11 +01:00
awesomerobot
13c9d7e704
UX: Add missing labels to mobile composer buttons
2020-09-04 22:18:29 -04:00
Blake Erickson
a14c9078d3
DEV: Document `/u/{username}.json` API endpoint
...
Added some more specs that will be used to auto generate the api docs.
2020-09-04 16:24:43 -06:00
Blake Erickson
b16915d166
DEV: Switch over to a fork of ember-rails
...
We are switching over to a fork because we are currently on a pinned
version of ember-rails 0.18.5 which is pretty old. Upgrading to the
latest version causes many things to break which isn't really worth the
time to debug while we plan to completely switch over to ember-cli
somewhat soonish. Our fork contains a single cherry-pick commit
https://github.com/emberjs/ember-rails/pull/534
which will fix an issue when running the `rails g migration` command and
it spits out a bunch of deprecation warnings.
2020-09-04 14:47:56 -06:00
Jordan Vidrine
e73ff68f75
FEATURE: Add css classes to stylesheet link elements ( #10598 )
...
Adding these classes to the stylesheet link elements in order to toggle dark/light schemes via this theme-component. Eventually this theme-component could possible be merged into core.
2020-09-04 15:40:40 -05:00
Roman Rizzi
726bae8f0c
DEV: Pass the for_export flag to the before_upload_creation event ( #10599 )
2020-09-04 17:24:40 -03:00
Robin Ward
da918ac43e
FIX: Allow us to call `script_asset_url` in controllers
...
Without this patch fingerprinting was not applied in production.
2020-09-04 15:23:01 -04:00
Robin Ward
0f9a58e06f
FEATURE: Add stylesheets to bootstrap.json endpoint
...
This allows API consumers (such as Ember CLI) to dynamically get a list
of styles to embed.
2020-09-04 14:12:49 -04:00
Joffrey JAFFEUX
110f6ec6dd
DEV: fixes eslint/prettier on github actions ( #10601 )
2020-09-04 20:01:14 +02:00
Joffrey JAFFEUX
c5b8a47901
FIX: ensures we don't attempt to concat an empty list ( #10600 )
2020-09-04 19:08:07 +02:00
Joffrey JAFFEUX
34c2dfccb7
DEV: specific ext and remove I18n global
2020-09-04 18:59:53 +02:00
Bianca Nenciu
d4471e0316
FIX: Preload bold fonts in wizard
...
The bold fonts are used in previews for topic title.
2020-09-04 19:23:46 +03:00
Joffrey JAFFEUX
ed05839dfc
FIX: prevents error when opening a composer from a tag page ( #10596 )
2020-09-04 15:47:22 +02:00
Bianca Nenciu
58b97ace23
DEV: Use a special import to declare font faces ( #10583 )
...
Update discourse-fonts to v0.0.3.
Follow-up to 7b7357147e
.
2020-09-04 16:25:50 +03:00