Another group of gems updated, better_errors is fairly safe as its for dev
chunky_png fairly safe, used for getting image info from pngs, erubi update
is very safe. Sanitize is used by onebox and should always be on latest.
Long term we should think of making sanitize an optional dependency on onebox
cause we are happy to just provide methods from core to do this and it would
remove nokogumbo and sanitize deps.
This follows up on 03376224 which reverted the redis update which is not
supported, rest of the gems should be fine.(unicorn / nokogiri / sidekiq /
pg)
This updates a few more lower risk gems, the main goal here is to have
nothing outdated. Avoiding a giant commit is going to make it slightly
easier to partially roll back if something goes wrong
Two very low risk updates, message_bus has been released no need to depend
on pre-release.
mini_racer update is for a very minor change (shared isolates are not used
in discourse so it is not a fix we technically need)
Launching Discourse no longer should require foreman in dev. We can simply
use `bin/unicorn` which automatically launches a sidekiq worker.
The foreman gem depends on thor ~> 0.19.1 which is no longer supported in
rails 6. So this pre-emptively prepares us for it.
This temporary revert is here cause a certain immune system in logster
when a large number of events are groupes is no longer working in
production.
What this means is that if you have 10 thousand errors grouped it can
impose an very large amount of load on redis.
This reverts commit abee39ecd0.
Fixes linear-gradient CSS issue on iOS
Increases z-index for the actions menu to prevent the screen divider/splitter from obstructing the menu
e43e98dc61
This provides us with instrumentation missing after rails upgrade
Latest version of rails uses exec_params internally which is no longer
routed to intercepted methods in mini profiler 1.0.0
Message bus uses a key to keep track of the last id for each channel
this key was never expired even if channel data expired
This change ensures we also expire the tracking key, it means a lot to us
cause each topic has a channel, so if you have 1 million topics that is
1 million keys that may persist forever
This release contains security fixes to the underlying rack library
used by Discourse.
Impact is not too high as we do not use request.scheme in our templates
Sam
Guo Xiang Tan
Joffrey JAFFEUX
Osama Sayegh
Gerhard Schlager
David Taylor
Arpit Jalan
Joshua Rosenfeld
sau226
Régis Hanol