Commit Graph

28201 Commits

Author SHA1 Message Date
dependabot[bot] ac2ef0bd9d
bump @babel/core from 7.19.6 to 7.20.2 in /app/assets/javascripts (#18925)
---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-08 01:25:15 +01:00
Martin Brennan 59da6c6ea2
DEV: Load JS site settings in theme qunit HTML (#18934)
Follow up to ac7bf98ad1
2022-11-08 10:23:43 +10:00
dependabot[bot] 2427cd5b2a
Build(deps): Bump sass from 1.55.0 to 1.56.0 in /app/assets/javascripts (#18932)
Bumps [sass](https://github.com/sass/dart-sass) from 1.55.0 to 1.56.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.55.0...1.56.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-08 01:21:43 +01:00
dependabot[bot] 86876a9bb1
Build(deps): Bump loader-utils in /app/assets/javascripts (#18931)
Bumps [loader-utils](https://github.com/webpack/loader-utils) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/webpack/loader-utils/releases)
- [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.1/CHANGELOG.md)
- [Commits](https://github.com/webpack/loader-utils/compare/v1.4.0...v1.4.1)

---
updated-dependencies:
- dependency-name: loader-utils
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-08 01:02:13 +01:00
dependabot[bot] 1c8bdfd309
Build(deps): Bump loader-utils (#18930)
Bumps [loader-utils](https://github.com/webpack/loader-utils) from 2.0.2 to 2.0.3.
- [Release notes](https://github.com/webpack/loader-utils/releases)
- [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.3/CHANGELOG.md)
- [Commits](https://github.com/webpack/loader-utils/compare/v2.0.2...v2.0.3)

---
updated-dependencies:
- dependency-name: loader-utils
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-08 01:02:00 +01:00
Martin Brennan 98d0501cdc
DEV: Fix text util test (#18929)
Follow up to ac7bf98ad1
2022-11-08 09:52:11 +10:00
dependabot[bot] 6f8e2c1f14
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#18924)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.20.1 to 7.20.3.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.3/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-08 00:48:37 +01:00
dependabot[bot] a1e1b16b80
bump sinon from 14.0.1 to 14.0.2 in /app/assets/javascripts (#18926)
---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-08 00:48:15 +01:00
Blake Erickson cb8746c7e7
FIX: Update sidebar links when promoted to admin (#18928)
It is likely that a new admin user was created as just a regular user
before being promoted to admin so this change will update the sidebar
link records for any users that are promoted to admin. This way if any
of the default side bar categories or tags are restricted to admins
these new admins will have those added to their sidebar as well.

You can easily replicate this issue locally (prior to this fix) by using
`rails admin:create` where it creates a user first, then it is promoted
to admin. This means it would receive the default categories of regular
user, but never receive the ones they should have access to as an admin.

As part of this change I did drop the `!` from
`SidebarSectionLink.insert_all` so that it would add any new records
that were missing, but not throw a unique constraint error trying to add
any existing records.

Follow up to: 1b56a55f50

And: e320bbe513
2022-11-07 16:39:24 -07:00
Martin Brennan ac7bf98ad1
DEV: Load client site settings YML into JS tests (#18413)
Our method of loading a subset of client settings into tests via
tests/helpers/site-settings.js can be improved upon. Currently we have a
hardcoded subset of the client settings, which may get out of date and not have
the correct defaults. As well as this plugins do not get their settings into the
tests, so whenever you need a setting from a plugin, even if it has a default,
you have to do needs.setting({ ... }) which is inconvenient.

This commit introduces an ember CLI build step to take the site_settings.yml and
all the plugin settings.yml files, pull out the client settings, and dump them
into a variable in a single JS file we can load in our tests, so we have the
correct selection of settings and default values in our JS tests. It also fixes
many, many tests that were operating under incorrect assumptions or old
settings.

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2022-11-08 09:17:43 +10:00
Krzysztof Kotlarek ff21651d64
FIX: topic tracking stage error when no tags (#18901)
When topic Tag is tracked and payload doesn't contain tags, it was throwing an error.
2022-11-08 10:16:05 +11:00
David Taylor 20dc27232e
PERF: Disable auto-import sourcemaps in production (#18923)
Even with the `chunkFilename` change, the sourcemaps are non-deterministic because they include references to the broccoli cache directory which has a different name for each build. This commit disables auto-import sourcemaps in production to improve caching performance.

Followup to 3673d3359c
2022-11-07 22:28:55 +00:00
David Taylor 782f43cc55
Improve route error handling in admin/plugins (#18911)
Previously if a specific plugin route was not available (e.g. there was an error loading the plugin's JS due to an ad blocker), the entire page would fail to load. This commit updates the behavior to catch this kind of issue and display a user-friendly message at the top of the screen.
2022-11-07 16:39:27 +00:00
Blake Erickson fd207f8730
FIX: Welcome topic should be hidden on the /categories page as well (#18869)
* FIX: Welcome topic should be hidden on the /categories page as well

* add tests
2022-11-07 09:24:55 -07:00
Bianca Nenciu 4b3e5133b0
FIX: Correctly render link title in draft preview (#18906)
The additional unescaping could cause link titles to be rendered
incorrectly.
2022-11-07 16:22:35 +02:00
David Taylor 3673d3359c
PERF: Ensure JS chunk content and filenames are deterministic (#18907)
This commit works around a couple of issues in `ember-auto-import` which were causing non-deterministic chunk filenames and content. Deterministic output should improve cache-reusability across deploys.

Refs:
https://github.com/ef4/ember-auto-import/issues/519
https://github.com/ef4/ember-auto-import/pull/548
https://github.com/ef4/ember-auto-import/issues/478
2022-11-07 12:43:49 +00:00
kaden-stytch 29a32f9566
Meta topic: https://meta.discourse.org/t/meta-theme-color-is-not-respecting-current-color-scheme/239815 (#18832)
Meta topic: https://meta.discourse.org/t/meta-theme-color-is-not-respecting-current-color-scheme/239815

Currently, the dark mode theme-color `<meta>` tag doesn't apply because the light mode tag has `media="all"`. This means that the dark mode `<meta>` tag with `media="(prefers-color-scheme: dark)"` won't override it. This PR updates the light mode tag to `media="(prefers-color-scheme: light)"` if `dark_scheme_id` is defined and leaves it as `media="all"` otherwise.
2022-11-07 10:06:26 +03:00
Martin Brennan d6bd4ad7ee
FIX: Make can_send_private_messages not reliant on system user (#18812)
Since the system user is a regular user, it can have its
`allow_private_messages` user option turned off, which
with our current `can_send_private_message?(Discourse.system_user)`
check inside the CurrentUserSerializer, will prevent any
user from sending messages in the UI if the system user is not
accepting PMs.

This commit adds a new `can_send_private_messages?` method to
the Guardian, which can be used in serializers and not depend
on the system user. When the user actually sends a message
we still rely on the old `can_send_private_message?(target)`
call to see if they are allowed to send the message to the target.
The new method is just to say they can "generally" send
private messages.
2022-11-07 09:11:18 +10:00
Vinoth Kannan dea44ec923
FEATURE: new site setting to hide user profiles by default. (#18864)
Previously, we didn't have a site-wide setting to set the default behavior for user profile visibility and user presence features. But we already have a user preference for that.
2022-11-06 16:44:17 +05:30
Isaac Janzen 4542bf4fef
DEV: Fix greyed text for dark mode emails (#18889) 2022-11-04 15:44:49 -05:00
Penar Musaraj 343037b022
FIX: Bug with permanent delete modal (#18825)
Repro steps:
- enable permanent deletes (via hidden site setting)
- set `min_topic_views_for_delete_confirm` to 0

When permanently deleting, the delete confirm modal is shown (for a
second time) and it doesn't pass the `force_destroy` parameter to the
request and the action results in a 422 error (i.e. can't perma-delete).

This change skips showing the confirm modal when perma-deleting given
that it has already been show on the first delete action.
2022-11-04 14:49:19 -04:00
Kris 2ae09db4aa
FIX: restore mention tab for experimental user nav (#18882) 2022-11-04 14:07:41 -04:00
David Taylor 38bb00edce
DEV: Use action helper in `bulk-tag` modal (#18885)
Passing a string action name to `DButton` causes it to use `sendAction`, which is deprecated and will be removed in Ember 4.x. The action helper converts a string to a closure action.

This also fixes compatibility with https://github.com/discourse/discourse/pull/17767
2022-11-04 17:26:31 +00:00
Alan Guo Xiang Tan 41eb92f5db
UX: Change ordering of categories shown in sidebar (#18803)
There are two possible ordering for categories shown in sidebar with
this commit.

When the `fixed_category_positions` site setting is enabled, the
categories are ordered based on `Category#position` which is a configurable
option by the user. When said site setting is disabled, the categories
are ordered based on `Category#name`.

The categories in Sidebar are also sorted in such a way where child
categories are always ordered right after their parents. When multiple
child categories are present, the child categories are ordered based on
the ordering described above.
2022-11-04 05:21:49 +09:00
Daniel Waterworth 1398bd5f1f
FIX: Theme import error handling needs to happen inside the hijack block (#18866)
Otherwise the errors don't get caught.
2022-11-03 14:02:26 -05:00
Kris 943c43ddc5
UX: less link-like unread/new color in sidebar (#18868) 2022-11-03 14:57:01 -04:00
Jarek Radosz 6e5e696c0b
DEV: Make `modifyClass` native class-aware, add tests (#16111) 2022-11-03 18:10:08 +01:00
dependabot[bot] 7e992cb299
Build(deps): Bump ember-source in /app/assets/javascripts (#18859)
Bumps [ember-source](https://github.com/emberjs/ember.js) from 3.28.9 to 3.28.10.
- [Release notes](https://github.com/emberjs/ember.js/releases)
- [Changelog](https://github.com/emberjs/ember.js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/emberjs/ember.js/compare/v3.28.9...v3.28.10)

---
updated-dependencies:
- dependency-name: ember-source
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-03 11:36:08 +00:00
Jarek Radosz f61e36384f
DEV: Use `store.createRecord` for Topic models (#18837)
…where possible
2022-11-03 12:32:20 +01:00
David Taylor 012eb922d5
Reduce theme/color-scheme cookie cookie duration (#18858)
Previously these were set to expire after 9999 days (27 years). This commit updates them to last 1 year, and to automatically be extended on every user visit.
2022-11-03 11:31:16 +00:00
dependabot[bot] 3286d345f4
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#18851)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.20.0 to 7.20.1.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.1/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-03 12:30:45 +01:00
Kris 3ff18f2b3c
FIX: minor alignment fix for mobile small-actions (#18853) 2022-11-03 09:43:13 +09:00
Alan Guo Xiang Tan d446ad3290
UX: Muted style for entire chat section link when muted (#18852) 2022-11-03 08:37:39 +09:00
Osama Sayegh 391a456443
FIX: Write to group logs when a user is added to group by invite (#18841) 2022-11-03 07:58:12 +09:00
Penar Musaraj 8ed001678f
DEV: Have `licensee` check xmldom license (#18840) 2022-11-02 11:51:11 -04:00
Kris 4201ca61e2
FIX: fix circle indicator on "my posts", color (#18844) 2022-11-02 11:43:28 -04:00
Frank f6f436f694
FIX: New Topic button is now correctly disabled in a category where they have no permissions, even when filtered by tag (#18741) 2022-11-02 10:54:54 -04:00
Roman Rizzi 0a5f548635
DEV: Move `discourse-chat` to the core repo. (#18776)
As part of this move, we are also renaming `discourse-chat` to `chat`.
2022-11-02 10:41:30 -03:00
Kris 2531828973
UX: hide new/unread counts in sidebar, use dot by default (#18797)
This updates the behavior of the list destination setting for links in the sidebar.

By default, new/unread content will show a dot like chat, rather than the count of new/unread topics.

If a user chooses to link to new/unread in the sidebar, we'll show the count.

The goal here is to find a simple default for typical users (new/unread indication, no counts, default links) while providing a different workflow for power users (showing new/unread counts, and linking directly to new/unread).

Internal Ref: /t/82626
2022-11-02 20:55:05 +09:00
Alan Guo Xiang Tan 46e9f402eb
DEV: Avoid cloning site settings in QUnit tests (#18811)
`siteSettings` is now a service which means there should only be one
state for `siteSettings` during the life time of the application. This
also helps to maintain parity with production where the `site` model
relies on the `siteSettings` service and not a clone of the attributes.
2022-11-02 20:07:17 +09:00
dependabot[bot] e6856a3ca3
Build(deps): Bump tmpl from 1.0.4 to 1.0.5 in /app/assets/javascripts (#18835)
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/daaku/nodejs-tmpl/releases)
- [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5)

---
updated-dependencies:
- dependency-name: tmpl
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-02 10:58:59 +01:00
Jarek Radosz fc107be63f
FIX: Correct the post numbers in `lastUnreadUrl` (#18831)
Previously when a topic had e.g. 10 posts and you read them all, the link to the "first unread" would be `/11`, even when we knew there are only 10. (the topic route/controller would then fix that in the location bar after a second if you followed that URL)
2022-11-02 10:49:10 +01:00
Jarek Radosz b9bcb225f2
DEV: Fix qunit hook issue (#18829) 2022-11-02 10:46:52 +01:00
Jarek Radosz 45e8995eb1
DEV: Force `testem` upgrade (#18834)
1. Add `"testem": "latest"` to package.json
2. `yarn`
3. `npx yarn-deduplicate`
4. Remove the line from package.json
5. `yarn`
2022-11-02 10:45:17 +01:00
Jordan Vidrine 208d22cfc2
UX: Change placement of welcome cta (#18806) 2022-11-01 14:07:40 -05:00
Daniel Waterworth 167181f4b7
DEV: Quote values when constructing SQL (#18827)
All of these cases should already be safe, but still good to quote for
"defense in depth".
2022-11-01 14:05:13 -05:00
Kris a356e2fe30
UX: update and consolodate published page styles (#18792) 2022-11-01 14:31:39 -04:00
David Taylor 07ef1a80a1
SECURITY: Fix invite link email validation (#18817)
See https://github.com/discourse/discourse/security/advisories/GHSA-x8w7-rwmr-w278

Co-authored-by: Martin Brennan <martin@discourse.org>
2022-11-01 16:33:32 +00:00
David Taylor 68b4fe4cf8
SECURITY: Expand and improve SSRF Protections (#18815)
See https://github.com/discourse/discourse/security/advisories/GHSA-rcc5-28r3-23rr

Co-authored-by: OsamaSayegh <asooomaasoooma90@gmail.com>
Co-authored-by: Daniel Waterworth <me@danielwaterworth.com>
2022-11-01 16:33:17 +00:00
David Taylor 695b44269b
DEV: Do not remove `debugger` statements from themes (#18814) 2022-11-01 13:56:33 +00:00