Commit Graph

39348 Commits

Author SHA1 Message Date
dependabot-preview[bot] ac4cbfb61d
Build(deps): Bump onebox from 2.1.1 to 2.1.2 (#10635)
Bumps [onebox](https://github.com/discourse/onebox) from 2.1.1 to 2.1.2.
- [Release notes](https://github.com/discourse/onebox/releases)
- [Changelog](https://github.com/discourse/onebox/blob/master/CHANGELOG.md)
- [Commits](https://github.com/discourse/onebox/compare/v2.1.1...v2.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-09 19:24:23 +05:30
Joffrey JAFFEUX 38c934e1e1
UX: prevents auto capitalize/correct in the emoji picker (#10636) 2020-09-09 15:43:18 +02:00
Guo Xiang Tan 611d9f61fd
Fix the build. 2020-09-09 15:43:38 +08:00
Guo Xiang Tan 4994b0ed34
PERF: Remove an unncessary query when check for dark mode. 2020-09-09 15:18:52 +08:00
Guo Xiang Tan fb7bbae3f4
PERF: Memoize calls to `ApplicationHelper#scheme_id`.
The same query was executed 4 times per full page load.
2020-09-09 15:15:15 +08:00
Guo Xiang Tan 9b75d95fc6 PERF: Keep track of first unread PM and first unread group PM for user.
This optimization helps to filter away topics so that the joins on
related tables when querying for unread messages is not expensive.
2020-09-09 14:05:41 +08:00
Guo Xiang Tan 0398271f87
FIX: Admin should always be able to view group messages.
Follow-up to b0f22f2523.

Before this fix, `SiteSetting.enable_personal_messages = false` will
prevent admin from viewing group messages.
2020-09-09 08:58:21 +08:00
Blake Erickson cce41f32b8
DEV: Switch over to a fork of ember-rails (#10603)
We are switching over to a fork because we are currently on a pinned
version of ember-rails 0.18.5 which is pretty old. Upgrading to the
latest version causes many things to break which isn't really worth the
time to debug while we plan to completely switch over to ember-cli
somewhat soonish. Our fork contains a single cherry-pick commit

https://github.com/emberjs/ember-rails/pull/534

which will fix an issue when running the `rails g migration` command and
it spits out a bunch of deprecation warnings.
2020-09-08 13:23:40 -06:00
Blake Erickson 4dfdfeaafd
DEV: Resolve this child category pending request spec (#10604)
There is a request spec that was ignored with the `xit` flag almost a
year ago and every time you generate the api docs with

```
rake rswag:specs:swaggerize
```

it shows the output of this pending test and I guess I finally got sick
of looking at it, so here is a fix for it.

Original Commit: d84c34ad75
2020-09-08 13:23:11 -06:00
Penar Musaraj d4a7058cb1
DEV: Strip unicode from color scheme stylesheet filenames (#10628) 2020-09-08 15:00:16 -04:00
Robin Ward 4dd07843c6 FIX: We have changed the way `__widget_helpers` are resolved 2020-09-08 12:10:59 -04:00
Joffrey JAFFEUX 8413d27cf2
FIX: handles different cases of canInvite/canRemove states in PM (#10607) 2020-09-08 16:35:59 +02:00
dependabot-preview[bot] 2c66698470 Build(deps): Bump unicorn from 5.6.0 to 5.7.0
Bumps [unicorn](https://yhbt.net/unicorn/) from 5.6.0 to 5.7.0.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-08 10:34:02 -04:00
dependabot-preview[bot] 6847b6a566 Build(deps): Bump sidekiq from 6.1.1 to 6.1.2
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.1.1 to 6.1.2.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.1.1...v6.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-08 10:30:23 -04:00
dependabot-preview[bot] 3da4ff4611 Build(deps): Bump redis from 4.2.1 to 4.2.2
Bumps [redis](https://github.com/redis/redis-rb) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/redis/redis-rb/releases)
- [Changelog](https://github.com/redis/redis-rb/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/redis-rb/compare/v4.2.1...v4.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-08 10:30:08 -04:00
dependabot[bot] d21119ee4f Build(deps): Bump lodash in /app/assets/javascripts/pretty-text
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.20.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.20)

Signed-off-by: dependabot[bot] <support@github.com>
2020-09-08 10:25:45 -04:00
dependabot[bot] 00e2339e82 Build(deps): Bump lodash in /app/assets/javascripts/discourse-common
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.20.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.20)

Signed-off-by: dependabot[bot] <support@github.com>
2020-09-08 10:25:31 -04:00
dependabot-preview[bot] d10e3b0461 Build(deps): Bump oj from 3.10.13 to 3.10.14
Bumps [oj](https://github.com/ohler55/oj) from 3.10.13 to 3.10.14.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.13...v3.10.14)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-08 10:21:01 -04:00
dependabot-preview[bot] 2edbfe49b2 Build(deps): Bump puma from 4.3.5 to 4.3.6
Bumps [puma](https://github.com/puma/puma) from 4.3.5 to 4.3.6.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.5...v4.3.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-08 10:19:46 -04:00
dependabot-preview[bot] 71a7ac365e Build(deps): Bump rack-protection from 2.0.8.1 to 2.1.0
Bumps [rack-protection](https://github.com/sinatra/sinatra) from 2.0.8.1 to 2.1.0.
- [Release notes](https://github.com/sinatra/sinatra/releases)
- [Changelog](https://github.com/sinatra/sinatra/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sinatra/sinatra/compare/v2.0.8.1...v2.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-08 10:13:32 -04:00
Joffrey JAFFEUX 02495510e8
FIX: workaround constructor name not available after transpilation (#10623)
This is only reproducible en production build. In this case, constructor.name could be any value like "i" for example.
2020-09-08 10:14:41 +02:00
Guo Xiang Tan a1d135f12a
DEV: Correct use of `sanitize_sql_array` in `TopicQuery`. 2020-09-08 12:30:09 +08:00
Guo Xiang Tan d3ebaa41ce
DEV: Address review comments for 5ed84d9885. 2020-09-08 11:17:35 +08:00
Guo Xiang Tan b0f22f2523
SECURITY: Remove indication that a group exists if user can't see it.
Minor security fix but we should not leak any hints that a group exists
even if a user does not have access to the group.
2020-09-08 10:53:48 +08:00
Guo Xiang Tan 5ed84d9885
SECURITY: Don't allow moderators to list PMs of all groups.
* Also return 404 when a user is trying to list PMs of a group that
cannot be accessed by the user.
2020-09-08 10:37:00 +08:00
Guo Xiang Tan 0d3239bf21
Revert "SECURITY: Don't allow moderators to view the admins inbox"
Superseeded by d9a5280f5665d12bf46efd8cdcc6200da2cdedd8

This reverts commit 18d35bf64a.
2020-09-08 10:36:49 +08:00
Daniel Waterworth 18d35bf64a SECURITY: Don't allow moderators to view the admins inbox 2020-09-07 18:02:41 +01:00
Joffrey JAFFEUX 0b8e7d88fe
FIX: wraps popper call in afterRender and uses createPopper (#10621)
Before this fix, popper was sometimes not applied.
2020-09-07 13:33:52 +02:00
dependabot[bot] 27751ca69f
Build(deps): Bump websocket-extensions (#10617)
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases)
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:02:38 +02:00
dependabot[bot] b191ea4f59
Build(deps): Bump websocket-extensions (#10615)
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases)
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:02:27 +02:00
dependabot[bot] 2cb0f013cc
Build(deps): Bump elliptic in /app/assets/javascripts/pretty-text (#10611)
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:02:09 +02:00
dependabot[bot] 6bff8636e2
Build(deps): Bump elliptic in /app/assets/javascripts/discourse-common (#10612)
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:01:37 +02:00
dependabot[bot] 9b187b7e11
Build(deps): Bump http-proxy in /app/assets/javascripts/discourse-common (#10613)
Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases)
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:00:25 +02:00
dependabot[bot] c119c07fa4
Build(deps): Bump http-proxy in /app/assets/javascripts/pretty-text (#10614)
Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases)
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:00:10 +02:00
dependabot-preview[bot] 7b889c6201
Build(deps): Bump nio4r from 2.5.2 to 2.5.3 (#10620)
Bumps [nio4r](https://github.com/socketry/nio4r) from 2.5.2 to 2.5.3.
- [Release notes](https://github.com/socketry/nio4r/releases)
- [Changelog](https://github.com/socketry/nio4r/blob/master/CHANGES.md)
- [Commits](https://github.com/socketry/nio4r/compare/v2.5.2...v2.5.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-07 11:59:25 +02:00
Martin Brennan 431bd84dec
FIX: Make deleted topic post bookmarks more resilient (#10619)
This PR ensures that new bookmarks cannot be created for deleted posts and topics, and also makes sure that if a bookmark was created and then the topic deleted that the show topic page does not error from trying to retrieve the bookmark reminder at.
2020-09-07 14:52:14 +10:00
Daniel Waterworth f2842490d3 PERF: Don't load all poll_votes for a poll 2020-09-05 18:42:11 +01:00
awesomerobot 13c9d7e704 UX: Add missing labels to mobile composer buttons 2020-09-04 22:18:29 -04:00
Blake Erickson a14c9078d3 DEV: Document `/u/{username}.json` API endpoint
Added some more specs that will be used to auto generate the api docs.
2020-09-04 16:24:43 -06:00
Blake Erickson b16915d166 DEV: Switch over to a fork of ember-rails
We are switching over to a fork because we are currently on a pinned
version of ember-rails 0.18.5 which is pretty old. Upgrading to the
latest version causes many things to break which isn't really worth the
time to debug while we plan to completely switch over to ember-cli
somewhat soonish. Our fork contains a single cherry-pick commit

https://github.com/emberjs/ember-rails/pull/534

which will fix an issue when running the `rails g migration` command and
it spits out a bunch of deprecation warnings.
2020-09-04 14:47:56 -06:00
Jordan Vidrine e73ff68f75
FEATURE: Add css classes to stylesheet link elements (#10598)
Adding these classes to the stylesheet link elements in order to toggle dark/light schemes via this theme-component. Eventually this theme-component could possible be merged into core.
2020-09-04 15:40:40 -05:00
Roman Rizzi 726bae8f0c
DEV: Pass the for_export flag to the before_upload_creation event (#10599) 2020-09-04 17:24:40 -03:00
Robin Ward da918ac43e FIX: Allow us to call `script_asset_url` in controllers
Without this patch fingerprinting was not applied in production.
2020-09-04 15:23:01 -04:00
Robin Ward 0f9a58e06f FEATURE: Add stylesheets to bootstrap.json endpoint
This allows API consumers (such as Ember CLI) to dynamically get a list
of styles to embed.
2020-09-04 14:12:49 -04:00
Joffrey JAFFEUX 110f6ec6dd
DEV: fixes eslint/prettier on github actions (#10601) 2020-09-04 20:01:14 +02:00
Joffrey JAFFEUX c5b8a47901
FIX: ensures we don't attempt to concat an empty list (#10600) 2020-09-04 19:08:07 +02:00
Joffrey JAFFEUX 34c2dfccb7
DEV: specific ext and remove I18n global 2020-09-04 18:59:53 +02:00
Bianca Nenciu d4471e0316
FIX: Preload bold fonts in wizard
The bold fonts are used in previews for topic title.
2020-09-04 19:23:46 +03:00
Joffrey JAFFEUX ed05839dfc
FIX: prevents error when opening a composer from a tag page (#10596) 2020-09-04 15:47:22 +02:00
Bianca Nenciu 58b97ace23
DEV: Use a special import to declare font faces (#10583)
Update discourse-fonts to v0.0.3.

Follow-up to 7b7357147e.
2020-09-04 16:25:50 +03:00