Commit Graph

188 Commits

Author SHA1 Message Date
Joffrey JAFFEUX 564e8566d7
SECURITY: updates juqery to 3.5.0 (#9708)
https://github.com/advisories/GHSA-gxr4-xjj5-5px2
2020-05-08 21:12:04 +02:00
Martin Brennan 7e303f9320
DEV: Upgrade sinon and fix time based bookmark tests (#9647)
Update sinon.js to 9.0.2 to access async fake timers https://sinonjs.org/releases/v9.0.2/fake-timers/ which can then be used with acceptance tests (previously useFakeTimers didn't work with await, e.g. for visit).

Fix the bookmark acceptance test that was time based to use these new fake timers.

Add a fakeTime function that uses moment and the provided date string + timezone to freeze time using useFakeTimers and return a clock.

Add a timeStep function that accepts a clock from fakeTime and a function to run. Once the function is run we call clock.tickAsync(1000) to progress the fake clock forward 1s to progress promises/callbacks.
2020-05-07 09:10:32 +10:00
Robin Ward f182e61def DEV: Remove global Handlebars 2020-05-01 14:12:09 -04:00
Penar Musaraj ec2943c5bc
DEV: Update jquery.fileupload and dependencies (#9466) 2020-04-28 10:39:29 -04:00
Guo Xiang Tan 13956017da Update lefthook.
Support for `LEFTHOOK=0` was broken in the old version. See commit 3a6522ed6307e995a86179488b01dab22146502d of lefthook.
2020-04-22 14:58:48 +08:00
dependabot[bot] 9c40c42bb5
Build(deps): Bump https-proxy-agent from 2.2.1 to 2.2.4 (#9453)
Bumps [https-proxy-agent](https://github.com/TooTallNate/node-https-proxy-agent) from 2.2.1 to 2.2.4.
- [Release notes](https://github.com/TooTallNate/node-https-proxy-agent/releases)
- [Commits](https://github.com/TooTallNate/node-https-proxy-agent/compare/2.2.1...2.2.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-04-17 11:31:11 -04:00
Joffrey JAFFEUX 7d1c90e5eb
DEV: upgrades ember-template-lint 2.5.2 (#9411) 2020-04-14 00:43:55 +02:00
Joffrey JAFFEUX 09145e68cd
DEV: upgrades vendored handlebars to 4.7.6 (#9371) 2020-04-07 17:01:02 +02:00
Joffrey JAFFEUX 6fdb4c33a6
DEV: popperjs 2.0.6 (#9171) 2020-03-11 10:34:58 +01:00
Roman Rizzi 665d8564d8
DEV: Use the updated version of our mousetrap fork (#9111) 2020-03-06 11:19:34 -03:00
Robin Ward f7c0cd1982 Support for Ember Template linting 2020-02-05 11:33:15 -05:00
Mark VanLandingham 499b57a9ed
DEV: Ember linting - disallow Ember.* variable usage (#8782) 2020-02-05 10:14:42 -06:00
Joffrey JAFFEUX 87e92da085
DEV: makes popper.js part of javascript rake task (#8847) 2020-02-04 15:34:46 +01:00
Robin Ward abff3716ba
Upgrade handlebars (#8675)
* Upgrade Handlebars to 4.3.0

* Upgrade Handlebars to the latest version
2020-01-07 15:37:37 -05:00
Kris 0b7e1f95d2 DEV: Upgrade FontAwesome to 5.11.2 2019-11-22 14:54:00 -05:00
Penar Musaraj 9c4e1541d3
DEV: Use eslint-config-discourse as source of truth for linting dependencies (#8388) 2019-11-22 13:16:11 -05:00
Robin Ward d7b710194d Revert "REVERT: Use 1.0.6 for linting for now"
This reverts commit 457986d52a.
2019-11-21 10:35:57 -05:00
Robin Ward 457986d52a REVERT: Use 1.0.6 for linting for now
Plugins have not been updated and our build fails.
2019-11-20 16:06:39 -05:00
Robin Ward d7ae052efe DEV: Don't allow `Promise` unless imported from `"rsvp"`
We want to make sure we are using the correct promise implementation so
let's lint out the browser version.
2019-11-20 15:24:59 -05:00
Joffrey JAFFEUX fa317becc8
DEV: upgrades chart.js from 2.7.3 to 2.9.3 (#8374) 2019-11-20 11:08:26 +01:00
Penar Musaraj 97dad94bfd DEV: Bump eslint-config-discourse to 1.0.6
Also fixes an inconsistency in Prettier version number.
2019-11-18 10:14:21 -05:00
Roman Rizzi 4cf3c9cccb
FEATURE: Filter reviewables by date range (#8354) 2019-11-15 15:29:59 -03:00
Martin Brennan abf215a0e4 Bump prettier to 1.19.1 and lock dependency (#8350) 2019-11-15 10:07:45 -05:00
Dan Ungureanu 03bba8c7e0
DEV: Update chrome-launcher (#8318)
This version is compatible with macOS Catalina
2019-11-08 17:50:41 +02:00
Gerhard Schlager e4718f1910 DEV: Update puppeteer 2019-10-24 17:41:40 +02:00
Gerhard Schlager 51ecbeef4d DEV: Upgrade lefthook
`yarn install` didn't work on a fresh system
2019-10-22 18:00:20 +02:00
Jarek Radosz 20514f2e44
DEV: Update markdown-it from 8.4.1 to 10.0.0 (#8164) 2019-10-08 13:00:22 +02:00
Joffrey JAFFEUX 3f172deab5 DEV: uses central eslint-config-discourse (#8150)
* DEV: uses centrain eslint-config-discourse

Discourse project or plugins can now have a central configuration by doing:

`yarn add  --dev eslint-config-discourse@latest`

* adds postinstall script
2019-10-08 11:56:24 +11:00
Robin Ward ddd45d1419 FIX: Broken spec 2019-09-09 15:07:40 -04:00
Penar Musaraj 7453e19c68 DEV: Update set-value dependency to 2.0.1 2019-09-09 12:17:28 -04:00
dependabot[bot] 34ac199be7 Build(deps): Bump mixin-deep from 1.3.1 to 1.3.2 (#8050)
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/jonschlinkert/mixin-deep/releases)
- [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2)

Signed-off-by: dependabot[bot] <support@github.com>
2019-08-30 13:46:57 -04:00
Penar Musaraj 514aaacdf4 DEV: Set version to 4.17.14 for lodash-cli
Lodash-cli uses lodash 4.17.15, which is not yet published on yarn/npm.
2019-07-17 15:19:24 -04:00
Penar Musaraj 95182be970 DEV: Use updated lodash-cli commit hash in yarn.lock
Previous commit hash in yarn.lock looks to have been deleted, this should fix our builds.
2019-07-17 15:05:56 -04:00
Rafael dos Santos Silva 1221d34284
FEATURE: Make Discourse work offline with WorkboxJS (#7870) 2019-07-15 13:05:55 -03:00
Joffrey JAFFEUX c584a4569b
DEV: pulls lodash-cli from git, package is not pushed to npm (#7882) 2019-07-11 18:27:58 +02:00
Joffrey JAFFEUX 550e811652
DEV: allows lodash to be updated with `rake javascript:update` (#7881) 2019-07-11 16:57:03 +02:00
Robin Ward 9b0be303b4 SECURITY: Upgrade lodash
There is a security hole in lodash with prototype pollution. It's not
clear if Discourse is affected but to be on the safe side we will
upgrade right away.

Note that the front end Discourse does not appear to use `defaultsDeep`
in our custom build and should be protected.
2019-07-11 10:50:30 -04:00
Robin Ward 2e548d3e7f Revert "Build(deps): Bump lodash from 4.17.11 to 4.17.14 (#7880)"
This reverts commit 5224abee94.

- In retrospect a bot cannot sign the CLA. I will create a similar
commit
2019-07-11 10:37:18 -04:00
dependabot[bot] 5224abee94 Build(deps): Bump lodash from 4.17.11 to 4.17.14 (#7880)
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.14.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.14)

Signed-off-by: dependabot[bot] <support@github.com>
2019-07-11 10:35:15 -04:00
Joffrey JAFFEUX e9bb13c630
DEV: updates jquery-color to prevent it to pull old jquery version (#7857) 2019-07-04 15:03:21 +02:00
Abroskin Alexander 0872a1182d DEV: Replace Overcommit with Lefthook (#7826)
Overcommit uses prebuilt hooks and require global installation.
To avoid this issues replace it with Lefthook.
Lefthook will be installed with npm packages. New contributors
will have fully consistent git hooks.
2019-07-02 11:29:52 +02:00
Joffrey JAFFEUX c63268467e
DEV: prettier 1.18.2 (#7810) 2019-06-26 17:09:52 +02:00
dependabot[bot] 4be54d5ae1 Build(deps): Bump js-yaml from 3.12.0 to 3.13.1 (#7712)
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.12.0 to 3.13.1.
- [Release notes](https://github.com/nodeca/js-yaml/releases)
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/3.12.0...3.13.1)

Signed-off-by: dependabot[bot] <support@github.com>
2019-06-06 09:40:46 -04:00
Penar Musaraj f0e73cb126 SECURITY: Bump Handlebars to version 4.1.2
WS-2019-0064: Versions of handlebars prior to 4.0.14 are vulnerable to Prototype Pollution. Templates may alter an Objects prototype, thus allowing an attacker to execute arbitrary code on the server.
2019-06-05 13:54:52 -04:00
Gerhard Schlager e8de30939d DEV: Fix the smoke test 2019-05-21 19:02:19 +02:00
Joffrey JAFFEUX 3912d6f806
DEV: pikaday 1.8.0 (#7536) 2019-05-13 15:09:04 +02:00
Joffrey JAFFEUX 4c444592d6
DEV: jquery 3.4.1 (#7470) 2019-05-02 12:18:32 +02:00
Joffrey JAFFEUX 9f07ced698
DEV: jquery 3.4.0 2019-04-26 15:01:26 +02:00
Joffrey JAFFEUX 5a40b3b478
DEV: updates moment.js and moment-timezone.js 2019-04-26 15:00:57 +02:00
Robin Ward adb9009374 SECURITY: Update Handlebars to 4.1
This is to address: https://www.npmjs.com/advisories/755

It is a low priority fix, as Discourse does not allow end users to input
raw handlebars templates.
2019-04-10 15:38:21 -04:00
Penar Musaraj 4452332077 DEV: Update Mousetrap to 1.6.3 2019-03-25 10:01:55 -04:00
Joffrey JAFFEUX c18a6069c2
DEV: upgrades bootstrap-modal (#7235) 2019-03-21 14:18:12 +01:00
Penar Musaraj 6d2708c3fb Bump FontAwesome icons to 5.7.2 2019-03-06 09:21:31 -05:00
Penar Musaraj bf0c855287 DEV: Update Sinon to 7.2.5, Prettier to 1.16.4
Sinon update fixes a low severity vulnerability with "just-extend"

Prettier update fixes intermittent issues running Prettier in Sublime Text
2019-02-28 16:32:54 -05:00
Penar Musaraj 9bf11a7c02
FEATURE: Add localized timezone names (#7004)
Uses github.com/discourse/moment-timezone-names-translations to translate timezone names.
Plugins can also provide their own timezone name translations.
2019-02-25 14:40:02 -05:00
Penar Musaraj e55c19d8ce DEV: update ACE Editor to 1.4.2
Remove duplicate "src-min" folder and fix rake task

Remove unused "snippets" folder
2019-02-14 11:05:28 -05:00
Penar Musaraj 5cef5b34ef DEV: Yarn-manage moment and moment-timezone libraries 2019-02-12 13:57:52 -05:00
Joffrey JAFFEUX 3c4e6da391
DEV: bump Chart.js lib to 2.7.3 (#6901) 2019-01-18 12:03:59 +01:00
Penar Musaraj 3501533a2b DEV: unpin Prettier version, apply to YAML files
We had Prettier pinned because of https://github.com/prettier/prettier/issues/5529. Since that bug is fixed, unpinning.

Prettier now supports YAML, so this applies Prettier to all .yml except for translations, which should not be edited directly anyway.
2019-01-17 13:05:39 -05:00
Penar Musaraj c8c84f462b FIX: use Handlebars 4.0.12
Use 4.0.12 for both versions of Handlebars (runtime and not)
2019-01-14 12:56:14 -05:00
Penar Musaraj b28d68efbf DEV: Use yarn to manage Highlight.js dependency
Moves Highlight.js files to vendor/assets/javascripts

Adds Highlight.js in yarn package management

Removes old rake task and reliance on NPM to build Highlight.js

Highlight.js is now integrated in the "javascript:update" rake task
2019-01-14 12:46:35 -05:00
Joffrey JAFFEUX f9648de897
DEV: upgrades from Ember 2.13 to Ember 3.5.1 (#6808)
Co-Authored-By: Bianca Nenciu <nbianca@users.noreply.github.com>
Co-Authored-By: David Taylor <david@taylorhq.com>
2019-01-10 11:06:01 +01:00
Sam 0ca61242b8 FEATURE: polyfill intersection observer for IE11 / iOS Safari
This feature is used for defer loading of images and in future for post cloaking

This gives us a polyfill so we can safely use the feature in problem browsers

The polyfill supports "polling" but it does not appear we need it yet.

If we discover anything odd here, consider setting poll interval per:

https://github.com/w3c/IntersectionObserver/tree/master/polyfill

```
var io = new IntersectionObserver(callback);
io.POLL_INTERVAL = 100; // Time in milliseconds.
```

Keeping the mutation observer cause we often mutate the DOM
2018-12-12 15:36:08 +11:00
Penar Musaraj 03deda2147
Upgrade to FontAwesome 5 (take two) (#6673)
* Add missing icons to set

* Revert FA5 revert

 This reverts commit 42572ff

* use new SVG syntax in locales

* Noscript page changes (remove login button, center "powered by" footer text)

* Cast wider net for SVG icons in settings

- include any _icon setting for SVG registry (offers better support for plugin settings)

- let themes store multiple pipe-delimited icons in a setting

- also replaces broken onebox image icon with SVG reference in cooked post processor

* interpolate icons in locales

* Fix composer whisper icon alignment

* Add support for stacked icons

* SECURITY: enforce hostname to match discourse hostname

This ensures that the hostname rails uses for various helpers always matches
the Discourse hostname

* load SVG sprite with pre-initializers

* FIX: enable caching on SVG sprites

* PERF: use JSONP for SVG sprites so they are served from CDN

This avoids needing to deal with CORS for loading of the SVG

Note, added the svg- prefix to the filename so we can quickly tell in
dev tools what the file is

* Add missing SVG sprite JSONP script to CSP

* Upgrade to FA 5.5.0

* Add support for all FA4.7 icons

- adds complete frontend and backend for renamed FA4.7 icons

- improves performance of SvgSprite.bundle and SvgSprite.all_icons

* Fix group avatar flair preview

- adds an endpoint at /svg-sprites/search/:keyword

- adds frontend ajax call that pulls icon in avatar flair preview even when it is not in subset

* Remove FA 4.7 font files
2018-11-26 16:49:57 -05:00
Penar Musaraj 7fd9e9e320 Pin Prettier to 1.14.3 2018-11-22 15:51:04 -05:00
Sam 42572ff138 Revert font awesome 5 changes
We are still pushing ahead on this 100% just need a bit longer to prepare
all plugins
2018-11-08 16:12:18 +11:00
Penar Musaraj 005e1ecb9b
FEATURE: Update Font Awesome to v5.4.1 and SVGs (#6557)
* First take on subsetting svg icons

* FontAwesome 5 svg subset WIP

* Include icons from plugins/badges into svg sprite subset

* add svg icon support to themes

* Add spec for SvgSprite

* Misc. SVG icon fixes

* Use FA5 svgs in local-dates plugin

* CSS adjustments, fix SVG icons in group flair

* Use SVG icons in poll plugin

* Add SVG icons to /wizard
2018-11-07 13:05:43 -05:00
Penar Musaraj cd82107976 use yarn to manage test vendor dependencies, upgrade sinon to v6.3.5 2018-10-04 11:06:14 -04:00
Gerhard Schlager d902bb90ae Update yarn.lock with integrity hashes
This should prevent the stable version of yarn from rewriting the lock file all the time.
2018-10-04 11:21:13 +02:00
Penar Musaraj dc8a16b43b
Use Yarn to manage dependencies, cleanup unused bootstrap libs (#6436) 2018-10-03 10:15:43 -04:00
Guo Xiang Tan a033327b93 Manage qunit via yarn. 2018-09-11 15:07:28 +08:00
Guo Xiang Tan 244948497a Lock puppeteer to 1.4.x.
1.8 doesn't seem to be able to click reliably.
2018-09-11 09:52:39 +08:00
Guo Xiang Tan 8c374f339c DEV: Don't pin JS packages to a particular patch version. 2018-09-10 15:30:28 +08:00
Guo Xiang Tan 81003a0f99 Pin prettier to 1.13. 2018-09-07 16:24:18 +08:00
Guo Xiang Tan d788555994 DEV: Manage pretender with yarn. 2018-09-07 16:01:49 +08:00
Joffrey JAFFEUX 536f88b95b Revert "DEV: prettier 1.14.0"
This reverts commit 1f899bec21.
2018-07-30 11:52:05 -04:00
Joffrey JAFFEUX 1f899bec21
DEV: prettier 1.14.0 2018-07-30 11:09:08 -04:00
Guo Xiang Tan 2a98907346 Revert "Bump prettier to 1.13.7."
This reverts commit e47e33e162.
2018-07-19 18:03:35 +08:00
Guo Xiang Tan e47e33e162 Bump prettier to 1.13.7. 2018-07-19 17:52:18 +08:00
Régis Hanol cbfa7f0112 revert prettier update 2018-07-06 18:54:29 +02:00
Régis Hanol dca1ba9a4c properly update prettier 2018-07-06 18:10:44 +02:00
Régis Hanol 3deccfec46 update prettier 2018-07-06 18:05:31 +02:00
Joffrey JAFFEUX 174d392e5a
DEV: adds prettier (#5956)
Run `prettier --write "app/assets/stylesheets/**/*.scss" "plugins/**/*.scss"` after making sure you installed it with `yarn`

It's recommended to configure your editor to run prettier on file save.
2018-06-08 11:49:31 +02:00
Guo Xiang Tan e51b8d3198 Upgrade puppeteer which was accidentally downgraded. 2018-06-07 14:22:44 +08:00
Guo Xiang Tan 478c86e0a4 DEV: Update preview step to be more reliable. 2018-06-05 16:58:15 +08:00
Guo Xiang Tan 80eb492c07 Add eslint and babel-eslint to yarn dev dependencies. 2017-12-22 13:24:39 +08:00
Guo Xiang Tan 8d44642b97 Add smoke test script that runs in chrome headless. 2017-12-18 16:39:01 +08:00
Guo Xiang Tan 0a863dd031 Run JS test in chrome headless on Travis. 2017-12-15 12:29:45 +08:00