Commit Graph

53944 Commits

Author SHA1 Message Date
David Taylor 594026d65f
FIX: Include HTML content for authenticated users with crawler UA (#26757)
e05628c0 introduced an optimization to remove basic-HTML content for authenticated users. The assumption is that, if they were able to log in, they must have a JS capable browser and do not need the basic HTML.

However, there are use-cases where an API-key is used to crawl a private site, or private categories of a public site. This commit re-enables those use cases by keeping the basic-html in place for crawler/bot user agents.
2024-04-25 22:41:57 +01:00
Daniel Waterworth e0e0e0506f
DEV: Limit the number of category sidebar links a user can have (#26756) 2024-04-25 13:21:39 -05:00
Régis Hanol 989d6f921a UX: loading spinner when clicking an item
This fixes the UX when clicking a checklist item to toggle its state.
2024-04-25 18:45:38 +02:00
Daniel Waterworth c77d109362
FIX: Selecting categories for new admin webhooks (#26746) 2024-04-25 09:43:16 -05:00
Joffrey JAFFEUX 0f2067b363
DEV: drop ignored columns (#26755)
chat_channels - last_message_sent_at
2024-04-25 16:35:23 +02:00
Bianca Nenciu dbe923d26e
FIX: Fetch categories for "+subcategories" option (#26622)
Selecting the +subcategories option does not work sometimes when "lazy
load categories" is enabled because the subcategories may not be
fetched. This ensures that subcategories are loaded by requesting them
before being used.
2024-04-25 16:47:45 +03:00
Osama Sayegh 2215fa0c8e
FIX: Pass values of objects typed settings to theme migrations (#26751)
This commit fixes a bug in theme settings migrations where values of `objects` typed theme settings aren't passed to migrations even when there are overriding values for those settings. What causes this bug is that, when creating the hash that contains all the overridden settings and will be passed to migrations, the values of `objects` typed settings are incorrectly retrieved from the `value` column (which is always nil for `objects` type) instead of `json_value`. `objects` settings are different from all other types in that they store their values in the `json_value` column and they need to be special-cased when retrieving their values.
2024-04-25 16:39:22 +03:00
Joffrey JAFFEUX 9d3ab91517
UX:minor tweaks to user notifications dropdown (#26754)
- changes mute icon to bell-slash
- changed mute text
- changed ignore text
2024-04-25 15:22:41 +02:00
Natalie Tay 00a9369ca2
FIX: Move user reindexing into a job (#26753)
In a large forum with millions of users and millions of user_fields
updating the list of dropdown user field options will result in a
502 now due to the large number of fields.

This commit moves the indexing into a job.
2024-04-25 20:58:34 +08:00
David Battersby c62d3610c6
PERF: Reduce overhead from chat message excerpt (#26712)
This change moves the chat message excerpt into a new database column (string) on the chat_messages table.

As part of this change, we will now set the excerpt within the `Chat::CreateMessage` service, and update it within the `Chat::UpdateMessage` service.
2024-04-25 14:29:00 +02:00
dependabot[bot] 14fc029a30
Build(deps-dev): Bump selenium-devtools from 0.123.0 to 0.124.0 (#26748)
Bumps [selenium-devtools](https://github.com/SeleniumHQ/selenium) from 0.123.0 to 0.124.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES)
- [Commits](https://github.com/SeleniumHQ/selenium/commits)

---
updated-dependencies:
- dependency-name: selenium-devtools
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-25 12:03:14 +02:00
dependabot[bot] 79941473c6
Build(deps-dev): Bump selenium-webdriver from 4.19.0 to 4.20.0 (#26747)
Bumps [selenium-webdriver](https://github.com/SeleniumHQ/selenium) from 4.19.0 to 4.20.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES)
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.19.0...selenium-4.20.0)

---
updated-dependencies:
- dependency-name: selenium-webdriver
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-25 12:02:56 +02:00
David Taylor 2f2da72747
FEATURE: Add experimental tracking of 'real browser' pageviews (#26647)
Our 'page_view_crawler' / 'page_view_anon' metrics are based purely on the User Agent sent by clients. This means that 'badly behaved' bots which are imitating real user agents are counted towards 'anon' page views.

This commit introduces a new method of tracking visitors. When an initial HTML request is made, we assume it is a 'non-browser' request (i.e. a bot). Then, once the JS application has booted, we notify the server to count it as a 'browser' request. This reliance on a JavaScript-capable browser matches up more closely to dedicated analytics systems like Google Analytics.

Existing data collection and graphs are unchanged. Data collected via the new technique is available in a new 'experimental' report.
2024-04-25 11:00:01 +01:00
Joffrey JAFFEUX 52e8d57293
FEATURE: implements last read message for threads (#26702)
This commit will now allow us to track read position in a thread and returns to this position when you open the thread.

Note this commit is also extracting the following components to make it possible:
- `<ChatMessagesScroller />`
- `<ChatMessagesContainer />`

The `UpdateUserThreadLastRead` has been updated to allow this.

Various refactorings have also been done to the code and specs to improve the support of last read.
2024-04-25 10:47:54 +02:00
Alan Guo Xiang Tan 35bc27a36d
FIX: `themes:update` rake task not rolling back transaction on error (#26750)
This commit fixes a bug in the `themes:update` rake task which resulted
in the ActiveRecord transaction not being rolled back when an error was
encountered. The transaction was first introduced in
7f0682f4f2 which changed a `begin..rescue`
block to `transaction do..rescue`. The problem with that change
prevented the transaction from ever rolling back as the code block
looks something like this:

```
transaction do
  begin
    update_theme
  rescue => e
    # surpress error
  end
end
```

From the transaction's point of view now, it will never rollback even if
an error was encountered when updating the remote theme because it will
never see the error.

Instead we should have done something like this if we wanted to surpress
the errors encountered while still ensuring that the transaction is
rolled back.

```
begin
  transaction do
    update_theme
  end
rescue => e
  # surpress error
end
```
2024-04-25 15:19:23 +08:00
Alan Guo Xiang Tan 9b829216b2
DEV: Add site's DB name in `themes:update` rake task when printing error (#26749)
This is essential for us to determine which site is encountering an
error while updating remote themes. We are also including the theme's id
because themes can have the same name.
2024-04-25 12:41:14 +08:00
Penar Musaraj 1f73e7d039
FIX: Allow deleting avatars from the selectable avatars setting (#26720)
Fixes two issues:

- frontend was reloading the page when clicking-to-remove avatar
- backend wasn't allowing resetting the setting by deleting all avatars
2024-04-24 16:07:12 -04:00
Keegan George 963647c734
DEV: Add experimental `ember-instantsearch` add-on (#26667) 2024-04-24 11:49:05 -07:00
Régis Hanol 7dcd707c59 PERF: introduce a basic api key serializer
For better performances when listing all the API keys.

Loading all the "api key scopes" is slow and not required when showing the list of all the api keys.
2024-04-24 19:16:10 +02:00
Joffrey JAFFEUX 2bab1df461
FIX: ensures we close modal on reaction (#26745)
It's important to close the modal or we will just remove it from screen without calling callbacks, which will cause the body to be locked on iOS.

It's hard to test this behavior, as it only happens on iOS and the modal will disappear anyways, it's only a matter of ensuring it's closed correctly.
2024-04-24 19:06:11 +02:00
Joffrey JAFFEUX be96295c25
DEV: supports inline for d-menu (#26742)
`<DMenu @inline={{true}} ...>...</DMenu>` will render the body relative to the trigger instead of rendering it in a portal.
2024-04-24 18:29:26 +02:00
Joffrey JAFFEUX 9f8091abf0
FIX: prevents error due to property override (#26741)
The `secondFactorMethod` property is defined as a @discourseComputed` which means it can't be overridden. Yet, we do override it in `app/assets/javascripts/discourse/app/components/security-key-form.js` and `app/assets/javascripts/discourse/app/components/second-factor-form.js` by doing `this.set("secondFactorMethod", ...)`.

This commit sets a default property `secondFactorMethod` on the `email-login` controller after the model has been loaded. Given this property is no longer computed, it can be set again at other places.

Followups:
- Ideally we would follow DDAU pattern but this is quite a significant refactor.
- The test I added is very limited, ideally we should start writing system specs for this, but it means having to deal with the email, it's a significant work.
2024-04-24 17:54:16 +02:00
Joffrey JAFFEUX 21ef033e86
UX: changes normal level icon for user-notifications (#26740)
The icon has been changed from "user" to "bell" to make this level more clear.
2024-04-24 16:07:21 +02:00
Kris dcf9ca054b
DEV: add topic-area-bottom plugin outlet (#26721) 2024-04-24 09:56:59 -04:00
Tobias Eigen 72b83b6435
improved description of personal_message_enabled_groups (#26680)
Made another effort to improve the description of the personal_message_enabled _groups site setting, to clarify who can already create and reply to messages no matter which groups are specified in this setting.
2024-04-24 05:52:03 -07:00
David Taylor 26a387c9c6
Revert "DEV: Add pry-stack_explorer plugin gem (#26732)" (#26739)
This reverts commit 09f5af608f.

Moving all the `pry` gems to the development group broke `rails c` functionality in production
2024-04-24 13:03:35 +01:00
dependabot[bot] 23c0a06a0f
Build(deps-dev): Bump test-prof from 1.3.2 to 1.3.3 (#26695)
Bumps [test-prof](https://github.com/test-prof/test-prof) from 1.3.2 to 1.3.3.
- [Release notes](https://github.com/test-prof/test-prof/releases)
- [Changelog](https://github.com/test-prof/test-prof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/test-prof/test-prof/compare/v1.3.2...v1.3.3)

---
updated-dependencies:
- dependency-name: test-prof
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-24 12:01:51 +02:00
David Taylor dcd994a9f1
DEV: Drop workbox dependency (#26735)
This service-worker caching functionality was disabled by default in 1c58395bca, and the setting to re-enable was marked as experimental. Now we are dropping all the related logic.
2024-04-24 10:19:12 +01:00
dependabot[bot] b5b2f80955
Build(deps-dev): Bump rubocop from 1.63.2 to 1.63.3 (#26705)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.63.2 to 1.63.3.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.63.2...v1.63.3)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-24 09:57:45 +01:00
dependabot[bot] a1be9a8968
Build(deps-dev): Bump puppeteer-core from 22.6.5 to 22.7.0 (#26725)
Bumps [puppeteer-core](https://github.com/puppeteer/puppeteer) from 22.6.5 to 22.7.0.
- [Release notes](https://github.com/puppeteer/puppeteer/releases)
- [Changelog](https://github.com/puppeteer/puppeteer/blob/main/release-please-config.json)
- [Commits](https://github.com/puppeteer/puppeteer/compare/puppeteer-core-v22.6.5...puppeteer-core-v22.7.0)

---
updated-dependencies:
- dependency-name: puppeteer-core
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-24 09:55:31 +01:00
David Taylor 9b2628e469
DEV: Group workbox updates in dependabot (#26734) 2024-04-24 09:48:47 +01:00
dependabot[bot] 3b07b6e4ca
Build(deps-dev): Bump qunit-dom from 3.1.1 to 3.1.2 (#26724)
Bumps [qunit-dom](https://github.com/mainmatter/qunit-dom) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/mainmatter/qunit-dom/releases)
- [Commits](https://github.com/mainmatter/qunit-dom/compare/v3.1.1...v3.1.2)

---
updated-dependencies:
- dependency-name: qunit-dom
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-24 09:42:32 +01:00
dependabot[bot] 1d78aa209c
Build(deps-dev): Bump parallel_tests from 4.6.1 to 4.7.0 (#26722)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 4.6.1 to 4.7.0.
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md)
- [Commits](https://github.com/grosser/parallel_tests/compare/v4.6.1...v4.7.0)

---
updated-dependencies:
- dependency-name: parallel_tests
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-24 09:42:08 +01:00
David Taylor bca855f239
FIX: Improve handling of 'PublicExceptions' when bootstrap_error_pages enabled (#26700)
- Run the CSP-nonce-related middlewares on the generated response

- Fix the readonly mode checking to avoid empty strings being passed (the `check_readonly_mode` before_action will not execute in the case of these re-dispatched exceptions)

- Move the BlockRequestsMiddleware cookie-setting to the middleware, so that it is included even for unusual HTML responses like these exceptions
2024-04-24 09:40:13 +01:00
Alan Guo Xiang Tan 25bcee43c6
FIX: 404 when visiting theme setting objects editor for theme component (#26733)
This commit fixes a bug where the server returns a 404 response code if
a user visits the URL to edit a objects type theme setting directly.
2024-04-24 15:34:57 +08:00
Martin Brennan 09f5af608f
DEV: Add pry-stack_explorer plugin gem (#26732)
This is only required in rails_helper, otherwise it is
not loaded. Allows for better debugging by allowing
navigation of the call stack from the point of `binding.pry`

c.f. https://github.com/pry/pry-stack_explorer
2024-04-24 14:35:21 +10:00
Krzysztof Kotlarek 0cd4d7ddd1
FEATURE: include themes and components keywords to the admin sidebar (#26708)
Include themes and component keywords to make the filter more accurate.
2024-04-24 12:34:38 +10:00
Martin Brennan c791346088
FEATURE: Rate limit common AI bots crawlers by default (#26731)
This commit adds the most common AI bot crawlers seen
on our hosting (claudebot, gptbot, anthropic-ai, brightbot)
to our `slow_down_crawler_user_agents` and `crawler_user_agents`
site settings by default.

This means these AI bots will be rate limited by default instead
of site admins having to remember to do it for themselves.
2024-04-24 12:01:42 +10:00
Daniel Waterworth d2a52c3c35
FIX: Use serialized subcategories in subcategory-with-featured-topics (#26718) 2024-04-23 15:27:12 -05:00
Vinoth Kannan 859b55366f
DEV: don't send moderator welcome message to first admin. (#26719)
We already skipping the admin welcome message for the first admin user. We should also skip the moderator message.
2024-04-24 00:20:14 +05:30
Kris efc31387e2
UX: bookmark button in topic footer should have btn-default class (#26717) 2024-04-23 13:11:13 -04:00
Arkshine c3fb050988
FIX: Automatic code highlighting not applied in fullscreen modal (#26710) 2024-04-23 13:04:17 -04:00
Discourse Translator Bot dde1132a28
Update translations (#26713) 2024-04-23 16:22:27 +02:00
Penar Musaraj 98d400f7b5
DEV: Refactor discover setting reporting (#26706) 2024-04-23 09:52:01 -04:00
Krzysztof Kotlarek e1d9fd479f
FEATURE: after wizard admin is redirected to the guide page (#26696)
After the wizard is completed, the admin should be redirected to the admin guide topic.

Also tooltip from "Getting started" button was removed.
2024-04-23 10:04:15 +10:00
dependabot[bot] ada3588860
Build(deps): Bump terser from 5.30.3 to 5.30.4 (#26703)
Bumps [terser](https://github.com/terser/terser) from 5.30.3 to 5.30.4.
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.30.3...v5.30.4)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-23 08:55:51 +10:00
Penar Musaraj 30e3f291f8
UX: Fix styling for focused row (#26698) 2024-04-22 13:17:00 -04:00
Kris b971efed8c
UX: dynamic spacing for summarization buttons (#26690) 2024-04-22 09:49:00 -04:00
Alan Guo Xiang Tan b3f1192312
DEV: Add `getCategoryIdByName` helper function to theme migrations (#26601)
This commit adds a `getCategoryIdByName` helper function to the context in
which theme migrations are ran in. The purpose of this commit is to
allow themes which may have stored category names in theme settings to
migrate to objects typed theme settings which supports properties of
categories typed which stores the category ids in the value of the
property.
2024-04-22 09:01:53 +08:00
Joffrey JAFFEUX a564274ba2
FIX: messages are already reversed (#26692)
This is reverting part of 08ff0bac29 to only have the call on exit channel. This was causing incorrect unread update. I will refactor this in another commit.
2024-04-20 12:33:09 +02:00