Sam Saffron
57a3d4e0d2
FEATURE: whitelist theme repo mode (experimental)
...
In some restricted setups all JS payloads need tight control.
This setting bans admins from making changes to JS on the site and
requires all themes be whitelisted to be used.
There are edge cases we still need to work through in this mode
hence this is still not supported in production and experimental.
Use an example like this to enable:
`DISCOURSE_WHITELISTED_THEME_REPOS="https://repo.com/repo.git,https://repo.com/repo2.git "`
By default this feature is not enabled and no changes are made.
One exception is that default theme id was missing a security check
this was added for correctness.
2020-06-03 13:19:57 +10:00
Guo Xiang Tan
062db10c52
FIX: `EmailValidator` needs to validate format of email.
2020-06-03 10:34:37 +08:00
Kris
1b5a505930
Small fixes to image uploaders
2020-06-02 20:36:01 -04:00
Sam Saffron
10e321a96f
Revert "DEV: makes autocomplete debounced ( #9941 )"
...
This reverts commit f9e715672b
.
Sadly this debounce fix appears to break @mention autocomplete,
reverting for now.
2020-06-03 08:40:21 +10:00
Kris
688d9428fe
Use an em-based width for better scaling with font-size changes
2020-06-02 17:14:04 -04:00
Kris
9e9ff01e86
Add missing text back in
2020-06-02 16:39:18 -04:00
Gerhard Schlager
9c42c0fe9a
FIX: Broken MessageFormat string
2020-06-02 21:42:39 +02:00
Gerhard Schlager
fc640f31df
DEV: Skip interpolation key specs until build scripts can be fixed
...
Currently the build fails because it runs the specs for all plugins even though the current source of those plugins isn't pulled from git.
2020-06-02 19:51:47 +02:00
Gerhard Schlager
0cf297725f
DEV: Use consistent interpolation key format in translations
...
From now on client strings can easily be reused on the server and you don’t have to think about choosing the right format anymore.
2020-06-02 19:05:10 +02:00
Mark VanLandingham
b3c8d36412
DEV: Plugin api for adding extra header icons ( #9964 )
2020-06-02 11:39:12 -05:00
Robin Ward
4e3a84c687
FIX: If creating a flag for a watched word, include the reason
2020-06-02 11:49:02 -04:00
Jarek Radosz
3e8d548d35
FIX: Prevent clipping user mentions ( #9962 )
2020-06-02 16:30:34 +02:00
Guo Xiang Tan
439db7ca1e
DEV: Add `REDIS_RAILS_FAILOVER` env to test our new redis failover.
2020-06-02 17:24:14 +08:00
Guo Xiang Tan
deb84017f2
Update `rails_failover`.
2020-06-02 17:01:45 +08:00
Guo Xiang Tan
4120ef7305
Bump rails_multisite to 2.2.2.
2020-06-02 16:49:33 +08:00
David Taylor
75b1298e99
DEV: Drop unused image_url column from posts and topics ( #9953 )
...
This has been superseded by image_upload_id. The image_url value in API responses is now generated dynamically from the upload record.
2020-06-02 16:21:38 +10:00
Bianca Nenciu
d76ea9fa6b
FIX: Do not destroy $.fileupload element ( #9888 )
...
conditional-loading-section component rerendered the <input> element
and lost the necessary event handlers for jQuery-File-Upload.
2020-06-02 16:14:41 +10:00
Dan Ungureanu
ef3e3077d0
FIX: Staff users can bypass tag validation rule ( #9924 )
2020-06-02 16:11:25 +10:00
Joffrey JAFFEUX
f9e715672b
DEV: makes autocomplete debounced ( #9941 )
...
* DEV: makes autocomplete debounced
* better wording
2020-06-02 15:20:14 +10:00
Aman Gupta Karmani
6358e79f0f
FIX: catch NoMethodError during precompile_css too ( #9940 )
...
Ran into this on heroku:
NoMethodError: undefined method `enabled?' for #<Theme:0x0000558f069e7718>
vendor/bundle/ruby/2.6.0/gems/activemodel-6.0.1/lib/active_model/attribute_methods.rb:431:in `method_missing'
app/models/theme.rb:155:in `block (2 levels) in transform_ids'
vendor/bundle/ruby/2.6.0/gems/activerecord-6.0.1/lib/active_record/relation/delegation.rb:85:in `each'
vendor/bundle/ruby/2.6.0/gems/activerecord-6.0.1/lib/active_record/relation/delegation.rb:85:in `each'
vendor/bundle/ruby/2.6.0/gems/activerecord-6.0.1/lib/active_record/relation/query_methods.rb:260:in `select'
vendor/bundle/ruby/2.6.0/gems/activerecord-6.0.1/lib/active_record/relation/query_methods.rb:260:in `select'
app/models/theme.rb:155:in `block in transform_ids'
app/models/theme.rb:105:in `get_set_cache'
app/models/theme.rb:140:in `transform_ids'
app/models/theme.rb:321:in `list_baked_fields'
app/models/theme.rb:317:in `resolve_baked_field'
lib/stylesheet/manager.rb:289:in `theme_digest'
2020-06-02 15:18:03 +10:00
dependabot-preview[bot]
111e8dec10
DEV: Bump rubocop from 0.84.0 to 0.85.0 ( #9960 )
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.84.0 to 0.85.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.84.0...v0.85.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Change looks safe, everything is still passing lint
2020-06-02 15:11:33 +10:00
Guo Xiang Tan
426b62a04a
DEV: Add silencer for verbose query logs in development.
2020-06-02 12:15:31 +08:00
Guo Xiang Tan
3dd1778199
PERF: Reduce number of queries from 3 -> 1 when fetching web manifest.
2020-06-02 12:04:02 +08:00
Guo Xiang Tan
e4cd4f7e0b
DEV: Avoid reaching for `Redis#_client` which is considered deprecated.
2020-06-02 11:46:55 +08:00
Guo Xiang Tan
fe9c82994d
DEV: Actually disconnect from Redis connections after fork.
2020-06-02 11:40:16 +08:00
Guo Xiang Tan
ade60b0cbc
DEV: Enable readonly mode for all multisite sites when PG goes down.
...
The risk here is that the database for one site goes down in the multisite setup and we drop everything to readonly mode. However, I discussed this with Sam and we agree that one database having problem is very rare. Most of the time, it is the entire DB cluster that goes down.
2020-06-02 11:32:07 +08:00
Guo Xiang Tan
7897010dfd
Fix lint.
2020-06-02 10:45:18 +08:00
Guo Xiang Tan
370cba451d
DEV: Refactor away conditionals that we don't need.
2020-06-02 10:40:29 +08:00
Guo Xiang Tan
c21e3bbd1b
DEV: Prefer `create!` over `create` when not checking return value.
...
We don't want stuff to silently fail.
2020-06-02 10:34:05 +08:00
Penar Musaraj
2a0a689442
UX: prevent devices from miscalculating fullscreen composer height
...
Fixes issue seen in some Chromebooks that flip between tablet and regular notebook window size
2020-06-01 22:24:16 -04:00
Sam Saffron
7e52106812
DEV: when synchornizing state pull tags
...
In some cases we may want topic tracking state to keep track of tags
this small change ensures we do not remove them if they are already in place
2020-06-02 11:42:00 +10:00
Guo Xiang Tan
326d6d5b0f
DEV: Pause Sidekiq when forcing pg readonly mode.
2020-06-02 09:20:03 +08:00
Penar Musaraj
fa6aa7f627
FIX: Digest frequency issue on user creation
...
If `default email digest frequency` was set to "Never", users would get
a `digest_after_minutes` set to `nil` which triggered this error
in the logs if/when the site eventually changed that setting and
enabled digests:
```
NoMethodError (undefined method `>=' for nil:NilClass)
/var/www/discourse/app/mailers/user_notifications.rb:227:in `digest'
```
2020-06-01 17:39:16 -04:00
Robin Ward
a95826f60c
Remove discourse constants ( #9958 )
...
* DEV: `Discourse.baseUri` does not exist
This never could have worked - should have been `Discourse.BaseUri` if
anything.
* DEV: Remove Discourse.Environment
* DEV: Remove `Discourse.disableMissingIconWarning`
* DEV: A bunch more missing environment checks
2020-06-01 16:33:43 -04:00
Kane York
9162cd8f3d
FIX: Only render group card if user title is from group ( #9946 )
...
This was failing when a user with a primary_group chose to display a title coming from a badge.
2020-06-01 11:44:41 -07:00
Neil Lalonde
09dc5eb5ea
Version bump to v2.5.0.beta6
2020-06-01 14:13:48 -04:00
Neil Lalonde
72c09ab4ae
Update translations
2020-06-01 13:58:51 -04:00
Mark VanLandingham
b6709f0dda
DEV: Add option to only show icons to header widget ( #9935 )
2020-06-01 12:26:59 -05:00
David Taylor
3106f85983
FIX: Support exporting reports which reference topics ( #9957 )
2020-06-01 18:23:58 +01:00
David Taylor
7b9d207175
DEV: Restore default_list_filter column migration
...
This migration was added to master temporarily, then removed. This resulted in some sites being in an inconsistent state. Adding the migration back for now. If we decide the column is unneeded, then we should add a second migration to remove the column.
This reverts part of commit e1af91f5ae
.
2020-06-01 18:16:00 +01:00
tshenry
0d6b638dac
FEATURE: New plugin outlet under badges page title ( #9936 )
2020-06-01 08:55:51 -07:00
tshenry
c01a994263
DEV: Better error handling for destroy:users task ( #9939 )
2020-06-01 08:55:08 -07:00
David Taylor
13d00eaad0
Drop support for outdated browsers ( #9956 )
...
In particular, this includes Internet Explorer 11. Code which existed to support old browsers will be removed over the coming weeks.
https://meta.discourse.org/t/discourse-is-ending-support-for-internet-explorer-11-ie11-on-june-1-2020/137984
2020-06-01 16:38:44 +01:00
Jarek Radosz
e19d907f0f
FIX: Correct the misalignment of popover arrows ( #9947 )
...
* Fixes position of the top arrow, and border width of both
* Merged top and transform properties
* .5px values are required to make arrow border appear the same with as overall popover border width
I did have a chance to try it out on a Windows machine with a non-high DPI display and there were no issues. And I just re-tested it with Firefox on macOS using the "Open in Low Resolution" option and it looked more or less ok (bearing in mind that it the whole app is then a blurry mess, and that using custom zoom levels causes the arrow to break slightly, but that was also the case on Firefox before this change)
2020-06-01 16:31:53 +02:00
dependabot-preview[bot]
d8b258b4e5
Build(deps): Bump ffi from 1.12.2 to 1.13.0 ( #9954 )
...
Bumps [ffi](https://github.com/ffi/ffi ) from 1.12.2 to 1.13.0.
- [Release notes](https://github.com/ffi/ffi/releases )
- [Changelog](https://github.com/ffi/ffi/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ffi/ffi/compare/1.12.2...1.13.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-01 10:29:34 -04:00
dependabot-preview[bot]
2c43c21abc
Build(deps): Bump coderay from 1.1.2 to 1.1.3 ( #9943 )
...
Bumps [coderay](https://github.com/rubychan/coderay ) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/rubychan/coderay/releases )
- [Changelog](https://github.com/rubychan/coderay/blob/master/Changes.textile )
- [Commits](https://github.com/rubychan/coderay/compare/v1.1.2...v1.1.3 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-01 10:21:46 -04:00
Penar Musaraj
c2abf88a61
UX: Adjustments to topic admin menu on mobile ( #9945 )
2020-06-01 09:39:38 -04:00
Jarek Radosz
921751f128
UX: Remove box-shadow from kbd, unify styling ( #9948 )
...
Having many elements with multiple box-shadows (e.g. in keyboard shortcuts modal) was tanking scrolling performance in some browsers.
2020-06-01 15:00:56 +02:00
Jarek Radosz
ef8e44af73
FIX: Don't change the button height when spinner appears
...
on the exception page.
2020-06-01 14:15:41 +02:00
Joffrey JAFFEUX
57e587f39f
DEV: removes dead code of dropdown-menu ( #9942 )
2020-06-01 11:22:35 +02:00