Commit Graph

1162 Commits

Author SHA1 Message Date
Arpit Jalan 2af4002817 Bump onebox version.
- Add a placeholder icon for Twitch onebox preview
- Add CSS for showing fontawesome play icon for placeholder class
2019-06-26 13:40:14 +05:30
Sam Saffron 4c89f7f881 DEV: bump version on mini_scheduler
This corrects a catastrophic state that can ensue if redis becomes readonly

It also adds support for multiple queues and minor cleanup
2019-06-24 16:56:16 +10:00
Guo Xiang Tan 29259b46ae DEV: Verbose mode for `posts:inline_uploads` rake task. 2019-06-10 08:59:11 +08:00
Guo Xiang Tan 1991af2abb DEV: Switch `InlineUploads` to a regexp based implementation. 2019-06-04 15:54:25 +08:00
Guo Xiang Tan d93e5fb00d DEV: Class that converts MD with old attachment links to new MD. 2019-06-04 15:54:25 +08:00
Vinoth Kannan 787ccb5746 revert the bundler version
871fcf1117
2019-06-04 08:45:30 +05:30
Vinoth Kannan 871fcf1117 PERF: omit user profile and private message stats in web hook serializer. 2019-06-04 08:44:10 +05:30
David Taylor 8511bfe583 Bump omniauth-google-oauth2 gem version
Pinning to an old version is no longer required following 8b4d6dafea
2019-06-03 19:17:00 +01:00
Joffrey JAFFEUX ee43b36b64
Bump onebox version. (#7666)
Fixes multiple possible sources of exceptions due to frozen strings. Wikipedia onebox was definitely failing before this patch.
2019-05-31 17:04:34 +02:00
Joffrey JAFFEUX 75d413ad11
Bump onebox version. (#7665)
Fixes a regression with soundclound onebox due to frozen string literal.
2019-05-31 16:41:33 +02:00
Arpit Jalan bf3c781f26 Bump onebox version.
- add frozen string literal to all the files
2019-05-28 17:39:42 +05:30
Daniel Waterworth f46d2ad086 DEV: Update test-prof (#7572)
* Updated test-prof

* Made rails_helper.rb use new test-prof APIs

Instead of the previous temporary hacks.

* Added environment option to disable prefabrication

It was removed mistakenly
2019-05-21 22:07:40 +10:00
Arpit Jalan ce89f19250 Bump onebox version.
- use Vimeo engine for private links only
- if og:video_url is missing, make one using Vimeo ID
2019-05-20 12:24:43 +05:30
Sam Saffron a4627c3d82 DEV: revert bundler to 1.7.3
At the moment bundler 2.0 is not compatible with:

https://github.com/discourse/discourse-backup-uploads-to-s3

We plan to get this fixed but in the mean time do not upgrade.

followup to 2a7065c5
2019-05-20 11:23:28 +10:00
Vinoth Kannan 2a7065c505 FIX: skip uploads without etag in s3 inventory check. 2019-05-20 00:09:52 +05:30
Régis Hanol 081eb76308 DEV: update rubocop - take 2 2019-05-17 14:13:25 +02:00
Régis Hanol 88102ce13d DEV: update rubocop 2019-05-17 14:08:58 +02:00
Sam Saffron bbcc39e66c FEATURE: update mini_racer to version including heap dump support
We recently noticed a leak, this introduces a new method on MiniRacer::Context

```
context.write_heap_snapshot(path)
```

To dump current memory in v8 context to a file, this can then be analyzed
in chrome and other similar tools

Can be triggered in production using rbtrace
2019-05-14 18:01:15 +10:00
Gerhard Schlager 73da9c171a DEV: Upgrade unicorn
The gem has minor bug fixes. One of those stopped the RubyMine debugger from working.
2019-05-07 17:03:27 +02:00
Arpit Jalan d679c4e0eb Bump onebox version.
- FIX: encode the URL per RFC 3986 spec
2019-05-06 18:17:42 +05:30
Vinoth Kannan 28547c6f08 revert bundler version change
73418aaf73
2019-05-02 04:37:55 +05:30
Vinoth Kannan 73418aaf73 DEV: Add bucket folder path to inventory id 2019-05-02 04:35:35 +05:30
romanrizzi 2ebe9e3a8b Bump onebox version 2019-04-30 10:07:48 -03:00
Guo Xiang Tan 09b3d0c2a0
DEV: Only install danger on Travis. (#7452) 2019-04-29 14:45:24 +08:00
Sam Saffron fa313564d7 DEV: update rails multisite
This gives us Rails 6 support, should not impact existing behavior
2019-04-29 16:24:47 +10:00
Sam Saffron c0a5a07eda DEV: missing change from prev commit 2019-04-29 15:52:47 +10:00
Sam Saffron 7ea5c8a5f5 DEV: update AWS dependency
AWS is a big moving target, this fills gaps in the API. Technically we
use such a tiny surface area that it probably does not matter, but it is
good to be up to date here.
2019-04-29 15:39:19 +10:00
Sam Saffron 2d9c8581ce DEV: low risk gem updates
This updates another batch of gems that are lowish risk

Most of the gem changes are here for Rails 6 / Ruby 2.6.3 support

Excon did some stuff around better cipher ordering
2019-04-29 15:33:01 +10:00
Sam Saffron 9797073de0 DEV: update mini_sql and some other gems
Big one is mini_sql, only noticeable change is that the internals now
support jruby!
2019-04-29 15:04:19 +10:00
Sam Saffron 75c1506cb0 DEV: update minor dependencies
These gems have very minor changes, and are low risk updates
2019-04-29 15:00:58 +10:00
Sam Saffron b3d91ea541 DEV: update rubocop
No changes required in core Discourse.
2019-04-29 14:57:30 +10:00
Sam Saffron 6449170e15 DEV: update mini racer version
Mini Racer 0.2.5 provides support for libv8 7.3 (so we just upgraded from
Chrome 67 -> 73 JS engine wise)
2019-04-29 10:22:27 +10:00
Maja Komel 4b455e741e DEV: Ember 3.8.0
Co-Authored-By: majakomel <maja.komel@gmail.com>
2019-04-26 12:16:21 +02:00
Sam Saffron 68d7b4023b FIX: update mini scheduler
The UX was not showing any durations longer than 1 minute for scheduled
jobs

Also updates sidekiq and rack minor versions which are low risk
2019-04-26 11:24:17 +10:00
Vinoth Kannan 1724c27713 FIX: reload the 'post' model to retrive raw field value. 2019-04-25 02:09:27 +05:30
Vinoth Kannan aed683390c FIX: Don't treat 'upload_patterns' as constant to make the rake task compatible with multisite 2019-04-25 02:06:20 +05:30
Gerhard Schlager 01a3311ffb SECURITY: Update nokogiri 2019-04-24 10:42:24 +02:00
Arpit Jalan e8f51815e5 Bump onebox version.
- Update github_blob engine to support displaying stl files
- FEATURE: add `data-original-href` attribute to Vimeo iframes
- Add poster image for video oneboxes
2019-04-24 13:59:14 +05:30
Guo Xiang Tan 8c8d3bea31 Remove unncessary gems installed due to Rails 5.2.3 upgrade.
Follow up to b3dcaacdf4.
2019-04-23 17:44:49 +08:00
Guo Xiang Tan b3dcaacdf4 Update Rails to 5.2.3. 2019-04-20 10:49:54 +09:00
Daniel Waterworth 7e3628d11f Added test-prof as a dependency (#7395)
test-prof is a collection of tools for analyzing test-suite performance.
2019-04-19 10:52:31 +02:00
Nicolas Sebastian Vidal 2b8487b0ea Removed "shoulda" gem in favor of "shoulda-matchers" and update (#7387)
* Update shoulda gem

* Remove shoulda gem in favor of shoulda-matchers only
2019-04-18 07:41:37 +10:00
Guo Xiang Tan e50494bcde Revert "DEV: Upgradae to Bundler 2."
This reverts commit f65c8a7ba1.

I can't deal with this now.
2019-04-15 11:05:51 +08:00
Guo Xiang Tan f65c8a7ba1 DEV: Upgradae to Bundler 2. 2019-04-15 09:02:02 +08:00
Vinoth Kannan 70fef8e0c3 FIX: change to correct bundled version 2019-04-14 14:46:56 +05:30
Vinoth Kannan 87b53e170b FIX: skip <br> inside <p> if next character is \n 2019-04-14 14:44:54 +05:30
Roman Rizzi 76e76140e1 Bump onebox version 2019-04-12 10:28:36 -03:00
Arpit Jalan 9c1d1777db Bump onebox version
- adds support for oneboxing google drive files
- add styling for google drive onebox favicon
2019-04-10 13:37:24 +05:30
Maja Komel b0053f3a1c FEATURE: bump onebox version, add styling for new reddit image onebox 2019-04-04 11:24:30 +02:00
David Taylor b375dcb14a DEV: Introduce parallel rspec testing
Adds the parallel_tests gem, and redis/postgres configuration for running rspec tests in parallel. To use:

```
rake parallel:rake[db:create]
rake parallel:rake[db:migrate]
rake parallel:spec
```

This brings the test suite from 12m20s to 3m11s on my macOS machine
2019-04-01 11:06:47 -04:00
Gerhard Schlager cadd1d670f DEV: Add simplecov as test dependency (#7271) 2019-04-01 16:00:11 +11:00
Osama Sayegh 6ea14b591f
Bump logster to 2.3.0 (#7251)
Introduces a new feature that keeps track of number of logs that have been suppressed by each pattern. 

![image](https://user-images.githubusercontent.com/17474474/54972259-e3b00680-4f9b-11e9-96cd-e2c12d2c239f.png)

d3146c0fe1
2019-03-26 07:51:58 +03:00
David Taylor 59491f3047 FIX: Add `sassc-rails` for plugins using sprockets to compile scss
This did not affect core because we have a custom stylesheet pipeline
2019-03-21 23:23:29 +00:00
David Taylor 56b4ee43d3 DEV: Update sassc gem 2019-03-20 16:04:26 +00:00
Maja Komel f3d0d8fe7d Upgrade to Ember 3.7.0 2019-03-20 14:43:25 +01:00
Osama Sayegh 14c1af0a9e Bump logster version to 2.2.0 (#7200) 2019-03-19 09:39:16 +01:00
Roman Rizzi bd8e46a9c1 SECURITY: Upgrading Rails version to 5.2.2.1 2019-03-13 16:24:54 -03:00
Roman Rizzi 77931b70c3
Revert "DEV: Upgrade to Ember 3.7.0 (#6977)" (#7165)
This reverts commit 3eebf8be73.
2019-03-13 15:49:47 -03:00
Maja Komel 3eebf8be73
DEV: Upgrade to Ember 3.7.0 (#6977)
* Upgrade to Ember 3.7.0

* use ember source 3.7.0.2

* fix mobile header

* fix navigation
2019-03-13 12:16:06 +01:00
Vinoth Kannan d4d67386c9 FIX: change to correct bundled version 2019-03-13 16:43:45 +05:30
Vinoth Kannan 1b454c73ae FIX: 'topic' can have null value 2019-03-13 16:34:47 +05:30
Arpit Jalan a9648e8fd1 onebox version bump
- FIX: respect code indentation
2019-03-07 17:55:47 +05:30
Vinoth Kannan 1b1f9831b0 Bump onebox version
discourse/onebox@4dd5a62
2019-03-06 11:58:41 +05:30
Gerhard Schlager 33129efdb5 Revert "Bump onebox version"
This reverts commit 345f6237cb.
2019-03-05 22:51:02 +01:00
Gerhard Schlager 345f6237cb Bump onebox version
f2b361fc28
2019-03-05 22:18:49 +01:00
Arpit Jalan 2d247cc4e9 Bump onebox version
- deafult to dedicated vimeo and gfycat engine
2019-02-26 10:50:27 +05:30
Sam 9faf058120 FEATURE: mini_sql upgrade
- Fixes deprecation regarding usage of BigDecimal in dev
- Handle edge case where query_hash would clear a non existent result
- Minor perf improvement to query_single

Most important thing though is that we are now on the latest gem
2019-02-25 16:02:32 +11:00
Sam 3aabb9825f Revert "DEV: update mini_sql to remove deprecation"
This reverts commit e8e61535eb.

Turns out some other changes happened to MiniSql which require Discourse
changes
2019-02-25 15:14:16 +11:00
Sam e8e61535eb DEV: update mini_sql to remove deprecation
The only reason this was done was to remove this deprecation when running
tests.

```
/home/sam/.rbenv/versions/2.6.1/lib/ruby/gems/2.6.0/gems/mini_sql-0.1.10/lib/mini_sql/coders.rb:5: warning: BigDecimal.new is deprecated; use BigDecimal() method instead.
```
2019-02-25 14:31:43 +11:00
Osama Sayegh f86ca5631a
Bump logster to v 2.1.2 (#7052) 2019-02-21 18:59:33 +03:00
Sam 8745f78277 DEV: disable async logging in development on broken Ruby
Ruby 2.5.3 has an upatched issue that crashes unicorn after fork:

https://bugs.ruby-lang.org/issues/14634

This will be patched in 2.5.4 however for now just warn people dev is slower
and disable async logging on the older rubies
2019-02-21 17:20:58 +11:00
Sam Saffron 83f13ecf82 FEATURE: bump onebox dependency
- Adds support of kaltura oneboxes
- Adds support for typeform oneboxes
2019-02-19 15:22:43 +11:00
Régis Hanol a3e9b809b2 Update aws-sdk-* gems to latest versions 2019-02-14 11:04:35 +01:00
Régis Hanol 4d674acc25 FEATURE: AWS SNS bounce notifications webhooks 2019-02-13 21:26:40 +01:00
Osama Sayegh 1c00e8a755 Bump logster to 2.1.0 (#7000) 2019-02-13 10:57:22 +01:00
Vinoth Kannan fb911766ee FIX: Bump onebox version to include imgur security fix 2019-02-13 01:14:06 +05:30
Sam 4cfc201604 DEV: update logster to stable release
This update logster to the stable 2.0.1 release instead of running a pre
release
2019-02-06 16:54:42 +11:00
Sam 0098b3072e DEV: update rack-mini-profiler
This gem update fixes an issue with upcoming Rails 6

(without this fix mini profiler will not work on rails 6 and simply renders
text)
2019-02-06 16:51:45 +11:00
Sam 1748ec421e DEV: gem updates
Another group of gems updated, better_errors is fairly safe as its for dev
chunky_png fairly safe, used for getting image info from pngs, erubi update
is very safe. Sanitize is used by onebox and should always be on latest.

Long term we should think of making sanitize an optional dependency on onebox
cause we are happy to just provide methods from core to do this and it would
remove nokogumbo and sanitize deps.
2019-02-05 12:35:42 +11:00
Sam 27c8688f02 DEV: update dependencies
This updates some more low risk gems, maxmind, hiredis (c wrapper for
redis), puma, rbtrace and stackprof.
2019-02-05 11:23:21 +11:00
Sam 635bc72ec5 DEV: pin redis to version 4.0.1
Version 4.1.0 returns frozen hashes which conflict with our monkey patch

We will follow up unpinning this later
2019-02-05 09:08:44 +11:00
Sam be24220e95 DEV: update low risk gems
This follows up on 03376224 which reverted the redis update which is not
supported, rest of the gems should be fine.(unicorn / nokogiri / sidekiq /
pg)
2019-02-05 06:54:10 +11:00
Sam 0337622420 Revert "DEV: more low risk gem updates"
This reverts commit 2c53dde918

Turns out redis upgrade breaks our usage of redis, more internal fixes
are required
2019-02-04 18:11:09 +11:00
Sam 2c57b65bfc DEV: update more gems including i18n
This updates a few more lower risk gems, the main goal here is to have
nothing outdated. Avoiding a giant commit is going to make it slightly
easier to partially roll back if something goes wrong
2019-02-04 17:54:39 +11:00
Sam ab23615077 DEV: update rubocop gem to latest
not much to say here, the new version seems compatible with Discourse,
no changes appear to be needed
2019-02-04 17:52:10 +11:00
Sam 2c53dde918 DEV: more low risk gem updates
redis/sidekiq/unicorn/nokogiri and pg all are fairly safe to update
2019-02-04 17:48:31 +11:00
Sam 9f5bbd663d DEV: update mini_racer and message_bus
Two very low risk updates, message_bus has been released no need to depend
on pre-release.

mini_racer update is for a very minor change (shared isolates are not used
in discourse so it is not a fix we technically need)
2019-02-04 17:46:38 +11:00
Sam 1816bdf46e DEV: upgrade mail gem from pre-release
2.7.1 version of the mail gem was released! We no longer need to depend on
the pre-release.
2019-02-04 16:10:13 +11:00
Sam ab52241d32 DEV: upgrade thor gem
0.19.4 was no longer compatible with Rails 6, this prepares us for Rails 6
support.
2019-02-04 15:09:15 +11:00
Sam 377f3efb60 DEV: remove foreman gem and unsupported Procfile
Launching Discourse no longer should require foreman in dev. We can simply
use `bin/unicorn` which automatically launches a sidekiq worker.

The foreman gem depends on thor ~> 0.19.1 which is no longer supported in
rails 6. So this pre-emptively prepares us for it.
2019-02-04 15:05:54 +11:00
Guo Xiang Tan 49b21727ee Update `rails_multisite` to 2.0.6. 2019-01-23 17:42:59 +08:00
Guo Xiang Tan 53c0ad9388 Revert "DEV: Only install danger on Travis."
This reverts commit 792dd033e6.
2019-01-21 11:31:16 +08:00
Guo Xiang Tan d7f11be575 Bump mini_scheduler. 2019-01-21 10:57:30 +08:00
Guo Xiang Tan 792dd033e6 DEV: Only install danger on Travis. 2019-01-21 09:46:32 +08:00
Joffrey JAFFEUX 502b1316d0
DEV: s/this._super()/this._super(...arguments) (#6908) 2019-01-19 10:05:51 +01:00
Guo Xiang Tan ee7ab3e2ec Pause MiniScheduler when Sidekiq is paused. 2019-01-18 17:50:24 +08:00
Osama Sayegh d0dc674875
Bump logster to 2.0.0.pre (#6897) 2019-01-17 18:13:47 +03:00
Sam 0890078993 Revert "Bump logster to 1.4.0.pre (#6866)"
This temporary revert is here cause a certain immune system in logster
when a large number of events are groupes is no longer working in
production.

What this means is that if you have 10 thousand errors grouped it can
impose an very large amount of load on redis.

This reverts commit abee39ecd0.
2019-01-11 11:25:48 +11:00
Joffrey JAFFEUX f9648de897
DEV: upgrades from Ember 2.13 to Ember 3.5.1 (#6808)
Co-Authored-By: Bianca Nenciu <nbianca@users.noreply.github.com>
Co-Authored-By: David Taylor <david@taylorhq.com>
2019-01-10 11:06:01 +01:00
Gerhard Schlager 6f867660bc FIX: Push notifications didn't work anymore 2019-01-09 22:47:38 +01:00
David Taylor af227cada5 FIX: Bump onebox version for gfycat aspect ratio fix
Including the `Gemfile.lock` changes this time
2019-01-09 18:08:46 +00:00
David Taylor 286cc72c8b FIX: Gyfcat onebox should have fixed aspect ratio videos
(Fixed upstream in the onebox gem)
2019-01-09 17:15:15 +00:00
Osama Sayegh abee39ecd0
Bump logster to 1.4.0.pre (#6866)
2 new features and a few fixes. More details here:

https://github.com/discourse/logster/pull/76

https://github.com/discourse/logster/pull/77
2019-01-09 13:50:48 +03:00
David Taylor fe20cb4b56 FIX: Enforce a fixed height on generic oneboxed videos
This prevents 'jumping' as the video loads. This change will require posts to be rebaked before it takes effect.
2019-01-08 16:22:03 +00:00
Arpit Jalan c76c44bc66 bump onebox version
- FEATURE: Add support for Twitter cards.
- FIX: add more https hosts
2019-01-08 09:20:08 +05:30
Joshua Rosenfeld 2fc7d2c56d Bump omniauth-google-oauth2 version 2019-01-02 10:42:39 +00:00
sau226 828c07b658 Build(deps-dev): Bump rubocop from 0.60.0 to 0.61.1 (#6835) 2019-01-02 05:44:19 +08:00
Joshua Rosenfeld 9878274427 Revert "Bump omniauth-google-oauth2 version"
This reverts commit 8ac0b721c5.
2018-12-31 14:59:09 -05:00
Joshua Rosenfeld 8ac0b721c5 Bump omniauth-google-oauth2 version 2018-12-31 14:07:18 -05:00
Osama Sayegh 8bd5c90b0c
Bump logster to version 1.3.4 (#6834)
Fixes linear-gradient CSS issue on iOS
Increases z-index for the actions menu to prevent the screen divider/splitter from obstructing the menu

e43e98dc61
2018-12-31 06:58:46 +03:00
Osama Sayegh 8f65e4fb01
Bump logster to 1.3.3 (#6813)
Fixes a UI issue
2018-12-26 18:21:52 +03:00
Osama Sayegh 2ab02d6642 Bump logster version to 1.3.2 (#6811)
Logster 1.3.2 improves UX on mobile
2018-12-26 14:09:00 +08:00
Arpit Jalan a8a0f97157 bump onebox version
- FEATURE: support YouTube `rel` parameter
2018-12-25 06:36:51 +05:30
Joffrey JAFFEUX 7b253dbe4a
FIX: gfycat oneboxing 2018-12-22 11:16:18 +01:00
Arpit Jalan 59cb907f25 Bump onebox version
- update Twitter status icons
2018-12-13 06:25:50 +05:30
Sam a34bc92e1a DEV: update mini profiler
This provides us with instrumentation missing after rails upgrade

Latest version of rails uses exec_params internally which is no longer
routed to intercepted methods in mini profiler 1.0.0
2018-12-10 14:29:20 +11:00
Sam fcb3f1e219 DEV: upgrade Rails to version 5.2.2 2018-12-10 11:29:28 +11:00
Régis Hanol 3c9c95ac83 Update Rubocop to 0.60 2018-12-04 10:48:16 +01:00
Sam 8868cfd2e4 FIX: redis leak when visiting large amounts of topics
Message bus uses a key to keep track of the last id for each channel
this key was never expired even if channel data expired

This change ensures we also expire the tracking key, it means a lot to us
cause each topic has a channel, so if you have 1 million topics that is
1 million keys that may persist forever
2018-11-30 14:41:15 +11:00
Arpit Jalan 597f170995 bump onebox version
- FIX: show Google video preview on iOS devices
- FIX: convert relative image url to absolute url
2018-11-17 13:45:55 +05:30
Sam 296928ec04 FIX: update logster to handle logging of invalid encoding strings
Previously if a string had invalid encoding we would explode and log
to STDERR, this often goes lost, instead logster now scrubs as needed
2018-11-13 16:06:06 +11:00
Osama Sayegh dd0b4c565b Bump logster version (#6584) 2018-11-12 08:49:00 +08:00
Arpit Jalan cf0acad1e4 bump onebox version (again)
- Improve google photos album title
2018-11-09 18:31:25 +05:30
Arpit Jalan 1151c093ad bump onebox version
- Better Google Photos oneboxing
2018-11-09 15:44:06 +05:30
Sam 81ccfa5a8a there is a new bundler 2018-11-07 10:05:22 +11:00
Sam 3951e9b528 SECURITY: update rack from 2.0.5 to 2.0.6
This release contains security fixes to the underlying rack library
used by Discourse.

Impact is not too high as we do not use request.scheme in our templates
2018-11-07 10:05:22 +11:00
Kyle Zhao 57ab6bcba1 SECURITY: update loofah for CVE-2018-16468 2018-10-30 10:51:03 -04:00
Arpit Jalan 7fe3491bc0 bump onebox version
- UX: make title on Instagram less redundant
2018-10-25 12:18:16 +05:30
Penar Musaraj d20fd66286 bump onebox to 1.8.64 2018-10-16 11:10:11 -04:00
Sam 3aceda2dfd Update to latest version of message bus
This includes DistributedCache which we will be using and perf fixes
2018-10-15 13:49:04 +11:00
Bianca Nenciu 1d26a473e7 FEATURE: Show "Recently used devices" in user preferences (#6335)
* FEATURE: Added MaxMindDb to resolve IP information.

* FEATURE: Added browser detection based on user agent.

* FEATURE: Added recently used devices in user preferences.

* DEV: Added acceptance test for recently used devices.

* UX: Do not show 'Show more' button if there aren't more tokens.

* DEV: Fix unit tests.

* DEV: Make changes after code review.

* Add more detailed unit tests.

* Improve logging messages.

* Minor coding style fixes.

* DEV: Use DropdownSelectBoxComponent and run Prettier.

* DEV: Fix unit tests.
2018-10-09 22:21:41 +08:00
Guo Xiang Tan 893c0e9d5f Don't run the pre-release for bundler. 2018-10-08 09:23:39 +08:00
Grey Baker 6995fd12c6 build(deps): [security] bump nokogiri from 1.8.3 to 1.8.5 (#6455)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.8.3 to 1.8.5. **This update includes security fixes.**
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.8.3...v1.8.5)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-05 09:43:17 -04:00
Sam 378584fdc0 correct under reporting of memory in memory profiler 2018-10-04 17:02:53 +10:00
Arpit Jalan 420e7bccca bump onebox version (take 2)
- better detection of zero dollar amazon price
2018-10-03 17:54:56 +05:30
Arpit Jalan b56d0026b9 bump onebox version
- do not display zero dollar price on Amazon onebox
- fix google play store onebox
2018-10-03 17:05:51 +05:30
Sam Saffron a2b6eed284 FIX: correct compilation issues on clang 10
In MacOS we need different compilation flags now that some are
deprecated in clang 10, this is not specific to mojave which was
the previous fix
2018-09-28 09:42:06 +08:00
Sam Saffron afd2edabe4 DEV: update mini_racer for Mojave support
MacOS Mojave deprecates some libraries making it a bit
harder to compile Mini Racer, this release adds support
2018-09-26 07:43:34 +08:00
Arpit Jalan 80229668f9 bump onebox version
- FIX: user correct steam placeholder image url
- catch up Ruby 2.6
2018-09-19 10:06:43 +05:30
Gerhard Schlager fb9e3e6423 Update aws-sdk-s3
In preparation for https://github.com/discourse/discourse/pull/6345
2018-09-17 17:39:46 +02:00
Sam 5bb7cc8710 FIX: update PG gem
We need the newer PG gem to fix issues around rb_wait_for_single_fd that
pop up in rare conditions
2018-09-13 21:57:20 +10:00
Gerhard Schlager 0d8c72d8c4 DEV: Add rake task to check locale files for errors 2018-09-05 00:47:39 +02:00
Arpit Jalan 8ce8edaf40 bump onebox version 2018-08-31 15:10:11 +05:30
Arpit Jalan 6b9aeeea73 bump onebox version 2018-08-31 08:40:36 +05:30
Guo Xiang Tan a928bf4300 Revert `rails_multisite` back to `2.0.4`. 2018-08-30 15:42:51 +08:00
Arpit Jalan 2872b100dc bump onebox version 2018-08-29 16:55:06 +05:30
Sam b760f66523 Upgrade PG gem to latest
This unlocks some performance improvements
2018-08-27 10:58:19 +10:00
Guo Xiang Tan 6acba44ed9 Revert "Install `mailcatcher` in development."
This reverts commit 914ce34e5b.

* requires sqlite3 to be installed.
2018-08-21 15:40:50 +08:00
Guo Xiang Tan 914ce34e5b Install `mailcatcher` in development. 2018-08-21 15:28:02 +08:00
Sam 168ffd8384 FEATURE: group warnings about IP level rate limiting 2018-08-13 14:38:20 +10:00
Neil Lalonde b829452c75
Merge pull request #6209 from discourse/mini_scheduler
REFACTOR: extract scheduler to the mini_scheduler gem
2018-08-01 10:28:24 -04:00
Gerhard Schlager a115aae45f Use rchardet instead of charlock_holmes gem 2018-08-01 10:41:20 +02:00
Gerhard Schlager ff942ed2f3 FIX: Try detecting encoding of RSS feed 2018-08-01 10:41:20 +02:00
Neil Lalonde 4ad7ce70ce REFACTOR: extract scheduler to the mini_scheduler gem 2018-07-31 17:12:55 -04:00
Arpit Jalan 458d9cd17a bump onebox version 2018-07-31 22:52:03 +05:30
Joffrey JAFFEUX b4a2f3fe2f
DEV: implementing danger for travis 2018-07-24 10:12:15 -04:00
Arpit Jalan 22dad7f0e8 bump onebox version 2018-07-17 13:55:00 +05:30
Arpit Jalan 39299fdd8c bump onebox version 2018-07-16 11:43:32 +05:30
Arpit Jalan 2a5a57a87e bump onebox version 2018-07-12 21:29:34 +05:30
Guo Xiang Tan 72a3457379 Bump `discourse_image_optim` which uses a global timeout.
Our previous solution has the timeout set at the worker level
which means the total timeout would be X timeout secs * N number of
workers.
2018-07-09 10:30:18 +08:00
Sam 564e7e6898 FEATURE: update libv8 to version 6.7
This has parity with stable Chrome!
2018-07-09 09:08:25 +10:00
Sam f662d1135e FIX: update mini_racer corrects erratic segfaults
In some conditions mini_racer would segfault causing sidekiq crash or
web crash, this was automatically recovered from but not ideal.
2018-07-06 11:00:07 +10:00
Guo Xiang Tan 3d2f3ef8ae Update discourse_image_optim gem. 2018-07-03 15:22:54 +08:00
Arpit Jalan 55a963252d bump onebox version 2018-07-02 10:36:26 +05:30
Joffrey JAFFEUX ebd2be9e02
DEV: lower highline requirement 2018-06-27 22:50:00 +02:00
Arpit Jalan 2f5b7beace bump onebox version 2018-06-25 11:22:06 +05:30
Sam da8c6e9ac0 bump mini_sql for faster/more correct time conversions 2018-06-24 15:17:47 +10:00
Arpit Jalan a171464a55 bump onebox version 2018-06-20 16:47:55 +05:30
Guo Xiang Tan bb959e85e6 Pin exifr to 1.2.5. 2018-06-20 17:27:46 +08:00
Sam cb824a6b33 DEV: remove all calls to SqlBuilder use DB.build instead
This is part of the migration to mini_sql, SqlBuilder.new is being
deprecated and replaced with DB.build
2018-06-20 17:53:49 +10:00
Guo Xiang Tan 76707eec1b Update rails_multisite. 2018-06-20 15:11:41 +08:00
Arpit Jalan ccb57e609f bump onebox version 2018-06-20 11:06:56 +05:30
Sam 2a8e7a5d4e upgrade gems 2018-06-20 10:07:56 +10:00
Sam 8ea29c51ae SECURITY: update sprockets for CVE-2018-3760 2018-06-20 09:49:26 +10:00
Sam b8e5989201 correct rake db:create, which needs a defer DB object 2018-06-19 16:43:50 +10:00
Sam 5f64fd0a21 DEV: remove exec_sql and replace with mini_sql
Introduce new patterns for direct sql that are safe and fast.

MiniSql is not prone to memory bloat that can happen with direct PG usage.
It also has an extremely fast materializer and very a convenient API

- DB.exec(sql, *params) => runs sql returns row count
- DB.query(sql, *params) => runs sql returns usable objects (not a hash)
- DB.query_hash(sql, *params) => runs sql returns an array of hashes
- DB.query_single(sql, *params) => runs sql and returns a flat one dimensional array
- DB.build(sql) => returns a sql builder

See more at: https://github.com/discourse/mini_sql
2018-06-19 16:13:36 +10:00
Guo Xiang Tan f4fdcda502 Upgrade to Rails 5.2 take 2. 2018-06-08 09:33:50 +08:00
Gerhard Schlager c6bf8f6e24 FIX: Uploading JPEG files didn't work anymore 2018-06-07 17:39:27 +02:00
Sam 1834417e2f downgrade rails properly 2018-06-07 20:38:22 +10:00
Sam d3b8ee761c revert to rails 5.1 for now 2018-06-07 19:47:53 +10:00
Sam 89ad2b5900 DEV: Rails 5.2 upgrade and global gem upgrade
This updates tests to use latest rails 5 practice
and updates ALL dependencies that could be updated

Performance testing shows that performance has not regressed
if anything it is marginally faster now.
2018-06-07 14:21:33 +10:00
Guo Xiang Tan 2bd905c632 Revert "Upgrade Rails to 5.1.6."
This reverts commit ab66215f5c.
2018-06-07 09:49:38 +08:00
Guo Xiang Tan ab66215f5c Upgrade Rails to 5.1.6. 2018-06-07 08:34:36 +08:00
Régis Hanol 685083491e FEATURE: StackOverflow importer 2018-06-04 16:57:12 +02:00
Guo Xiang Tan 2bafd2a355 Don't pin version of `Fabrication` gem. 2018-05-28 15:09:02 +08:00
Arpit Jalan 1c61117cbc bump onebox version 2018-05-23 17:44:01 +05:30
Régis Hanol 8238097d0f bump email_reply_trimmer 2018-05-17 10:22:53 +02:00
Sam fc54238726 FIX: message bus had corrupt internal state for first 30 secs
This upgrades message bus to latest and corrects an issue where
it did not track the fact it was polling for the first 30 seconds

It corrected internal state after, but this caused some odd issues
2018-05-16 12:19:16 +10:00
Guo Xiang Tan b18e0825b5 Update Gemfile.lock. 2018-05-07 17:10:34 +08:00
Jeff Wong 91b31860a1
Feature: Push notifications for Android (#5792)
* Feature: Push notifications for Android

Notification config for desktop and mobile are merged.

Desktop notifications stay as they are for desktop views.

If mobile mode, push notifications are enabled.

Added push notification subscriptions in their own table, rather than through
custom fields.

Notification banner prompts appear for both mobile and desktop when enabled.
2018-05-04 15:31:48 -07:00
Arpit Jalan c718c59b5d bump onebox version 2018-05-03 16:14:16 +05:30
Régis Hanol ddb092f397 FIX: update mail gem to fix UTF-8 parsing issue 2018-04-25 21:53:37 +02:00
Arpit Jalan 256545ca2c bump onebox version 2018-04-23 15:18:19 +05:30
Sam 050ce48bd0 Update message bus to correct issue where too many reqs are performed 2018-04-20 15:52:24 +10:00
Guo Xiang Tan 9c9fa4537c Update Redis gems. 2018-04-20 12:49:36 +08:00
Guo Xiang Tan 56b3527eb8 Upgrade Sidekiq. 2018-04-20 11:47:40 +08:00
Sam 284c946128 revert puma upgrade for now
it does not work right in dev
2018-04-11 14:36:10 +10:00
dependabot[bot] a89d7ef851 Bump puma from 3.9.1 to 3.11.3
Bumps [puma](https://github.com/puma/puma) from 3.9.1 to 3.11.3.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v3.9.1...v3.11.3)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-04-10 16:09:30 +10:00
Guo Xiang Tan 689144b2bf Upgrade Mail gem. 2018-04-04 18:35:40 +08:00
Sam 98faf2878e FEATURE: bump rack-mini-profiler version
This corrects a warning in chrome console and provides better jQuery 3 compatability
2018-03-29 11:12:09 +11:00
Régis Hanol 2c1ede6e5f update email_reply_trimmer 2018-03-28 13:12:50 +02:00
Robin Ward 2ca37602d9 Update rack-protection 2018-03-26 12:49:54 -04:00
Robin Ward 84e1ffd141 Update rails-html-sanitizer 2018-03-26 12:48:28 -04:00
Arpit Jalan 3a62eba299 bump onebox version 2018-03-22 11:38:01 +05:30
Régis Hanol 25284d2340 update loofah gem 2018-03-21 13:32:28 +01:00
Régis Hanol 9c4936ec9c update sanitize gem 2018-03-21 13:27:17 +01:00
Arpit Jalan 3e32ab1523 UX: css for Instagram onebox 2018-03-19 13:32:36 +05:30
Guo Xiang Tan 8027096c09 Partially revert "Upgrade mail gem to remove dependency on mime-types."
Still seeing heap_live_count spikes.

This reverts commit 58b8ea4f41.
2018-03-14 20:21:45 +08:00
Guo Xiang Tan 58b8ea4f41 Upgrade mail gem to remove dependency on mime-types.
* Use a EmailValidator.email_regexp for `Email.is_valid?`
  check as we're seeing an increase in allocation when
  parsing email addresses wih `Mail::Address`.
2018-03-14 14:37:55 +08:00
Sam 685406b1bb try updating rubocop so it does not crash 2018-03-13 17:58:23 +11:00
Sam 39e679d3cb FEATURE: allow themes to live in private git repos
This feature allows themes sourced from git to live on private
servers, it automatically generates key pairs.
2018-03-09 16:14:38 +11:00
Guo Xiang Tan bdb25338e5 Update bootsnap. 2018-03-06 17:37:02 +08:00
Gerhard Schlager 56bacb1c2f Bump onebox 2018-02-27 12:07:16 +01:00
Sam 79e0cd7f52 update onebox 2018-02-26 10:15:14 +11:00
Jeff Wong f4f8a293e7 FEATURE: Implement 2factor login TOTP
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Sam 80ec6ce4fd bump onebox 2018-02-21 10:06:17 +11:00
Sam 107eb5d830 FIX: binding_of_caller not working on Ruby 2.5 2018-02-19 11:37:16 +11:00
Sam 9d8df812dd PERF: upgrade Oj gem 2018-02-19 11:37:16 +11:00
Arpit Jalan 9bb7c3dcf0 bump onebox version 2018-02-16 21:32:25 +05:30
Sam e456ae1b6c Revert "Upgrade mail gem to drop dependency on `mime-types`."
This reverts commit 498cc15aa9.

Noticed a certain amount of extra allocations due to this upgrade,
reverting to confirm if this is the case
2018-02-16 07:04:22 +11:00
Guo Xiang Tan 498cc15aa9 Upgrade mail gem to drop dependency on `mime-types`.
Boot Memory Usage

```
Total allocated: 225695379 bytes (1990663 objects)
Total retained:  32795116 bytes (291607 objects)
```

```
Total allocated: 218342892 bytes (1897350 objects)
Total retained:  30123426 bytes (261198 objects)
```
2018-02-15 16:24:26 +08:00
Sam 94b2c70c0d PERF: remove oga gem
oga gem is automatically required by the aws gem
the oga gem retains about 1mb of memory, aws now uses nokogiri

This also removes the html normalize from the pretty text specs that was
a fair bit buggy as the polls test shows.
2018-02-15 14:36:40 +11:00
Sam c89b42c488 PERF: only require the rss library if used
Before:

Total allocated: 257909321 bytes (2514134 objects)
Total retained:  39681579 bytes (343387 objects)

allocated memory by gem
-----------------------------------
  42875979  rss

retained memory by gem
-----------------------------------
   2080188  rss

retained objects by gem
-----------------------------------
     13052  rss

After:

Total allocated: 210562047 bytes (2252030 objects)
Total retained:  37433816 bytes (328635 objects)

----

So, 2 less megabytes on boot and 13000 objects stuck in ruby heaps forever.
2018-02-15 13:11:33 +11:00
Rafael dos Santos Silva 218c8e8623
Merge pull request #5595 from discourse/new-gfycat-onebox
New gfycat onebox
2018-02-14 19:03:28 -02:00
Rafael dos Santos Silva c3606fdef6 Update onebox 2018-02-14 17:43:13 -02:00
Robin Ward 0b13b82e94 Update nokogiri to latest version 2018-02-13 19:36:19 -05:00
Guo Xiang Tan 19b4116416 Bump `rails_multisite` to 2.0.4. 2018-02-12 15:39:21 +08:00
Guo Xiang Tan 5dabcc9081 Fix Gemfile.lock. 2018-02-12 14:08:02 +08:00
Guo Xiang Tan 87b0cc382b Bump `rails_multisite` to 2.0.3. 2018-02-12 14:03:04 +08:00
Régis Hanol 508a8e29ab update email_reply_trimmer to latest version 2018-02-06 01:04:45 +01:00
Sam 073d072aa6 correct lockfile 2018-01-29 18:28:59 +11:00
Sam d2025e33cf FEATURE: bump rbtrace to latest 2018-01-23 15:36:47 +11:00
Sam 36ed8f5176 Correct regression where /sidekiq/scheduler was not working 2018-01-22 10:48:35 +11:00
Guo Xiang Tan 54dc191a91 Update `rails_multisite` to 2.0.1. 2018-01-19 10:19:16 +08:00
Sam 12872d03be PERF: run post timings in background
This means that if a very large amount of registered users hit
a single topic we will handle it gracefully, even if db gets slow.
2018-01-19 08:27:29 +11:00
Gerhard Schlager 5d7a33cd6d Update email_reply_trimmer to improve performance 2018-01-17 12:04:56 +01:00
Sam 8c47eb2951 update coderay 2018-01-17 15:50:41 +11:00
Arpit Jalan a0f0ed576a bump onebox version 2018-01-11 23:15:25 +05:30
Arpit Jalan afb18a5c41 bump onebox version 2018-01-11 14:30:35 +05:30
Sam d5fd6d2639 PERF: defer message bus on hidden tabs so only one in 1.5 seconds happens 2018-01-09 12:39:17 +11:00
Guo Xiang Tan 74ec100aff Upgrade `pg` gem. 2018-01-08 10:27:19 +08:00
Régis Hanol e3f8182125 FIX: Google Calendar oneboxes weren't working 2018-01-07 19:15:11 +01:00
Sam 8d4cd57662 Update libv8 from 5.9 to 6.3 2018-01-05 17:12:04 +11:00
Jano Suchal 05ec1be101 Drop the fork usage of fastimage (#5461)
Fork is not needed anymore since fastimage 2.1.1 has been released with the needed PR merged in.
2018-01-04 09:53:53 +01:00
Sam 030a0cd698 bump onebox for vimeo private link support 2017-12-29 09:38:25 +11:00
Arpit Jalan b74e933cfb bump onebox version 2017-12-23 01:17:30 +05:30
Arpit Jalan 16076f9ab8 bump onebox version 2017-12-21 14:49:59 +05:30
Sam fd67508497 FIX: don't count users as replying long after they are done typing
Also, don't leak a large amount of redis usage for presence stuff
2017-12-18 15:41:32 +11:00
Arpit Jalan f9990eeb13 bump onebox version 2017-12-07 12:05:19 +05:30
Kyle Zhao 5f318a5241 FEATURE: Replace SimpleRSS with Ruby RSS module (#5311)
* SPEC: PollFeedJob parsing atom feed

* add FeedItemAccessor

It is to provide a consistent interface to access a feed item's tag
content.

* add FeedElementInstaller

to install non-standard and non-namespaced feed elements

* FEATURE: replace SimpleRSS with Ruby RSS module

* get FinalDestination and download with Excon

* support namespaced element with FeedElementInstaller
2017-12-06 10:45:09 +11:00