bbddce4d3a
DEV: updates js transpiler to use babel 7 ( #10627 )
...
Updates our js transpiler code to use Babel 7.11.6
List of changes in this commit:
- Updates plugins, babel plugins all have a new version which doesn't contain -es2015- anymore
- Drops [transform-es2015-classes](https://babeljs.io/docs/en/babel-plugin-transform-classes ) this plugin shouldn't be needed now that we don't support IE
- Drops check-es2015-constants, checking constants is now part of babel and the check-constants plugin is deprecated. As a result the behavior slightly changed, and is now wrapping every const call in a readOnlyError function which would throw if assigned a new value. This explains the modified spec.
- Adds [proposal-optional-chaining](https://babeljs.io/docs/en/babel-plugin-proposal-optional-chaining )
```javascript
const obj = {
foo: {
bar: {
baz: 42,
},
},
};
const baz = obj?.foo?.bar?.baz; // 42
```
- Adds [proposal-json-strings](https://babeljs.io/docs/en/babel-plugin-proposal-json-strings )
```javascript
// IN
const ex = "before
after";
// ^ There's a U+2028 char between 'before' and 'after'
// OUT
const ex = "before\u2028after";
// ^ There's a U+2028 char between 'before' and 'after'
```
- Adds [proposal-nullish-coalescing-operator](https://babeljs.io/docs/en/babel-plugin-proposal-nullish-coalescing-operator )
```javascript
var object = {};
var foo = object.foo ?? "default"; // default
```
- Adds [proposal-logical-assignment-operators](https://babeljs.io/docs/en/babel-plugin-proposal-logical-assignment-operators )
```javascript
let a;
let b = 2;
a ||= b; // 2
```
- Adds [proposal-numeric-separator](https://babeljs.io/docs/en/babel-plugin-proposal-numeric-separator )
```javascript
let budget = 1_000_000_000_000;
console.log(budget === 10 ** 12); // true
```
- Adds proposal-object-rest-spread https://babeljs.io/docs/en/babel-plugin-proposal-object-rest-spread
```javascript
let { x, y, ...z } = { x: 1, y: 2, a: 3, b: 4 };
console.log(x); // 1
console.log(y); // 2
console.log(z); // { a: 3, b: 4 }
```
- Adds proposal-optional-catch-binding https://babeljs.io/docs/en/babel-plugin-proposal-optional-catch-binding
```javascript
try {
} catch {
} finally {
// ensures finally is available in every browsers
}
```
- Adds improved regex support for firefox through (transform-dotall-regex](https://babeljs.io/docs/en/next/babel-plugin-transform-dotall-regex.html ) and (proposal-unicode-property-regex](https://babeljs.io/docs/en/babel-plugin-proposal-unicode-property-regex )
- Drops async/generator stuff, the browser we target should allow to use this (excepts iterable async)
2020-09-15 09:26:33 +02:00
49f53bdc50
DEV: Fix another `MessageBus::InvalidMessageTarget` error.
...
Follow-up to c2f2b57a9b
2020-09-15 14:25:10 +08:00
f7438fc64b
DEV: Fix `MessageBus::InvalidMessageTarget` error after upgrading mb.
...
Follow-up to c2f2b57a9b
2020-09-15 14:15:42 +08:00
c2f2b57a9b
Update message_bus to 3.3.2.
2020-09-15 13:33:11 +08:00
2ff16b3650
FIX: `TopicQuery.list_private_messages_unread` ignore notification level
2020-09-15 13:33:11 +08:00
d83e3f9ce8
FIX: improvements after code review
2020-09-15 13:29:35 +08:00
145814d29c
FIX: spec for oversized images security fix
...
Spec to cover solution presented here - 333ddd4011
2020-09-15 13:29:35 +08:00
e3b4632f04
Revert "Create proper shim for xss library"
...
This reverts commit 30e9112535
2020-09-15 11:38:40 +08:00
b2f556232f
REFACTOR: improve readability of cacheBuster
2020-09-14 16:46:17 -04:00
30e9112535
Create proper shim for xss library
2020-09-14 15:57:32 -04:00
7699b90f1a
FIX: Wizard does not include `discourse-shims`
...
This allowed tests to pass even when wizard was broken, which is
obviously very bad.
2020-09-14 12:34:16 -04:00
9238a9e427
FIX: adds shims for popper in wizard ( #10658 )
2020-09-14 12:33:14 -04:00
663d696095
Build(deps-dev): Bump webmock from 3.9.0 to 3.9.1 ( #10667 )
...
Bumps [webmock](https://github.com/bblimke/webmock ) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/bblimke/webmock/releases )
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md )
- [Commits](https://github.com/bblimke/webmock/compare/v3.9.0...v3.9.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-14 11:25:06 -04:00
06b4ca5dc7
FIX: Mark only uploads as verified/unverified in S3 inventory
2020-09-14 10:21:34 -04:00
66eda8c9df
DEV: Add include_pms option to TopicQuery ( #10647 )
...
This is intended for use by plugins which are building their own topic lists, and want to include PMs alongside regular topics (e.g. discourse-assign). It does not get used directly in core.
2020-09-14 12:07:35 +01:00
21adc07057
FIX: upload errors were sometimes not displayed properly ( #10605 )
2020-09-14 00:13:38 -07:00
e169e5a32f
Build(deps): Bump sprockets-rails from 3.2.1 to 3.2.2
...
Bumps [sprockets-rails](https://github.com/rails/sprockets-rails ) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/rails/sprockets-rails/releases )
- [Commits](https://github.com/rails/sprockets-rails/compare/v3.2.1...v3.2.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-14 14:35:03 +08:00
11a15cb28e
Build(deps): Bump rails_failover from 0.5.5 to 0.5.6
...
Bumps rails_failover from 0.5.5 to 0.5.6.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-14 14:34:43 +08:00
e02da64091
FIX: Make form use /u/admin-login instead of /users/admin-login ( #10663 )
2020-09-14 12:27:06 +10:00
cb58cbbc2c
FEATURE: allow to extend topic_eager_loads in Search ( #10625 )
...
This additional interface is required by encrypt plugin
2020-09-14 11:58:28 +10:00
15f7fa801d
DEV: remove stubs from silencer spec
...
Overall stubs lead to long term instability, this helps stabilize them.
Also fixed flaky spec around plugin hooks.
It was relying you `.posts` on system_user which could be loaded already
and invalid. Instead we now load it by hand.
2020-09-14 11:48:48 +10:00
8abf77b43f
Build(deps-dev): Bump webmock from 3.8.3 to 3.9.0
...
Bumps [webmock](https://github.com/bblimke/webmock ) from 3.8.3 to 3.9.0.
- [Release notes](https://github.com/bblimke/webmock/releases )
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md )
- [Commits](https://github.com/bblimke/webmock/compare/v3.8.3...v3.9.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-14 09:39:01 +08:00
5268568d23
FEATURE: Remove user topic timers and migrate to bookmarks with reminders ( #10474 )
...
This PR removes the user reminder topic timers, because that system has been supplanted and improved by bookmark reminders. The option is removed from the UI and all existing user reminder topic timers are migrated to bookmark reminders.
Migration does this:
* Get all topic_timers with status_type 5 (reminders)
* Gets all bookmarks where the user ID and topic ID match
* Loops through the found topic timers
* If there is no bookmark for the OP of the topic, then we just create a bookmark with a reminder
* If there is a bookmark for the OP of the topic and it does **not** have a reminder set, then just
update it with the topic timer reminder
* If there is a bookmark for the OP of the topic with a reminder then just discard the topic timer
* Cancels all outstanding user reminder topic timers
* **Trashes (not deletes) all user reminder topic timers**
Notes:
* For now I have left the user reminder topic timer job class in place; this is so the jobs can be cancelled in the migration. It and the specs will be deleted in the next PR.
* At a later date I will write a migration to delete all trashed user topic timers. They are not deleted here in case there are data issues and they need to be recovered.
* A future PR will change the UI of the topic timer modal to make it look more like the bookmark modal.
2020-09-14 11:11:55 +10:00
333ddd4011
SECURITY: return error on oversized images
2020-09-14 10:45:11 +10:00
0a4a273ccc
FEATURE: adds support for mobile view on page publishing ( #10662 )
2020-09-13 13:50:23 +02:00
e8053d17f6
FIX: selected diversity was off by one ( #10659 )
2020-09-12 09:44:45 +02:00
539eb63904
DEV: heisentest cause by a post not created yet ( #10656 )
2020-09-12 08:47:06 +02:00
24f19e8372
Revert "FIX: Was using a global `Popper` variable"
...
This reverts commit 05831c2b42
2020-09-11 17:30:53 -04:00
450c731b54
DEV: Add discourse-algolia to official plugins ( #10657 )
2020-09-11 15:44:06 -05:00
7887aaf587
FIX: `isVisible` is no longer allowed even if used properly
...
This changes it to `shouldShow` instead.
2020-09-11 15:05:50 -04:00
05831c2b42
FIX: Was using a global `Popper` variable
2020-09-11 15:02:12 -04:00
ac08dfac45
FIX: Ember has deprecated `isVisible` in newer versions
2020-09-11 14:53:44 -04:00
07d7adb8b4
UX: makes emoji picker case insensitive ( #10655 )
2020-09-11 19:54:19 +02:00
033cebf978
DEV - versions of JS files written to a JS file to be included by loa… ( #10649 )
...
* DEV - versions of JS files written to a JS file to be included by load-script and appended as params to URLs
* Formatting
* Incorporate feedback from PR
* Update filename of public-js-versions
2020-09-11 13:53:56 -04:00
2348143e68
Build(deps): Bump rubocop-ast from 0.3.0 to 0.4.0 ( #10654 )
...
Bumps [rubocop-ast](https://github.com/rubocop-hq/rubocop-ast ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-ast/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop-ast/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop-ast/compare/v0.3.0...v0.4.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-11 13:04:36 -04:00
10bdf36a24
FIX: ensures focus is dropped before focus hyperlink input ( #10653 )
2020-09-11 16:45:51 +02:00
0972994c7e
DEV: Upgrade Lefthook
...
Git hooks didn't work when `npx` isn't installed, but `yarn` is.
2020-09-11 16:43:00 +02:00
58e7b6eb82
Build(deps): Bump exifr from 1.3.6 to 1.3.7 ( #10650 )
...
Bumps [exifr](https://github.com/remvee/exifr ) from 1.3.6 to 1.3.7.
- [Release notes](https://github.com/remvee/exifr/releases )
- [Changelog](https://github.com/remvee/exifr/blob/master/CHANGELOG )
- [Commits](https://github.com/remvee/exifr/compare/release-1.3.6...release-1.3.7 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-11 10:27:09 -04:00
d9aa105c8e
FIX: wrap modal onShow inside next ( #10651 )
...
Before this commit, onShow code could be impacted by code happening after the onShow call. This should ensure this code works for example:
```
onShow() {
afterRender(() => {
someInput.focus();
})
}
```
2020-09-11 16:00:31 +02:00
636a3be827
UX: Make the api-keys new and show page a little more responsive ( #10629 )
2020-09-11 10:38:28 -03:00
81395be4c1
FIX: Ensure uploads are linked to post when revising a post
...
Editing a post didn't update the `post_uploads` right away. Instead it relied on the `CookedPostProcessor`. This can lead to an inconsistent state if uploads are added or removed during an edit and, for some reason, the `ProcessPost` job doesn't run (successfully). This inconsistency leads to missing uploads, because the newly added uploads appear to be unused and will be deleted by the `CleanUpUploads` job. In addition to that, uploads, which got removed during the edit, appear to be still in use and won't be deleted by the background job.
This commit ensures that the `post_uploads` are updated during the edit without relying on a background job.
2020-09-11 11:49:15 +02:00
543e972fec
PERF: Remove category_user lookup when loading private messages.
...
Private messages do not belong to categories so the query is unnecessary
overhead.
2020-09-11 16:26:38 +08:00
cd78bcee3a
DEV: Avoid creating the same object repeatedly.
...
Less objects created per request means less objects for the GC to
collect.
2020-09-11 15:51:11 +08:00
dbc630f45b
PERF: Fix N+1 queries on private messages route.
2020-09-11 15:20:27 +08:00
44fba9463b
FEATURE: Add support for not persistent sessions
...
In some cases Discourse admins may opt for sessions not to persist when a
browser is closed.
This is particularly useful in healthcare and education settings where
computers are shared among multiple workers.
By default `persistent_sessions` site setting is enabled, to opt out you
must disable the site setting.
2020-09-11 15:11:24 +10:00
9e4ed03b8f
FEATURE: moderators allowed to view groups which members can see.
...
Currently, if a group's visibility is set to "Group owners, members" then the mods can't view those group pages. The same rule is applied for members visibility setting too.
This reverts commit 7fc7090
2020-09-11 08:20:13 +05:30
245d29e5a3
SECURITY: Mod should not see `group_users` and `second_factor_enabled`.
...
Moderators should not be able to see `UserSerializer#group_users` and `UserSerializer#second_factor_enabled` of other users.
Impact of leaking this is low because the information leaked is not
exploitable.
2020-09-11 10:23:35 +08:00
468417a716
PERF: Fix broken memoization in `GroupShowSerializer`.
2020-09-11 10:08:06 +08:00
7fc70900d2
Revert "FEATURE: moderators allowed to view groups which members can see."
...
Build is broken.
This reverts commit 2bf0c4188b
2020-09-11 10:04:54 +08:00
e0a0928420
FEATURE: Add bookmarks to the user export ( #10591 )
2020-09-11 11:03:22 +10:00
Joffrey JAFFEUX
Guo Xiang Tan
Krzysztof Kotlarek
jbrw
Robin Ward
dependabot-preview[bot]
Penar Musaraj
David Taylor
Faizaan Gagan
Sam Saffron
Martin Brennan
Justin DiRose
jbrw
Gerhard Schlager
Roman Rizzi
Vinoth Kannan
Kane York