Commit Graph

48685 Commits

Author SHA1 Message Date
David Taylor d37ecd4764
PERF: Set default global regex timeout to 2 seconds (#20933)
Followup to a0140f6f75
2023-04-03 10:43:28 +01:00
dependabot[bot] b042e1cbf7
Build(deps): Bump eslint in /app/assets/javascripts (#20883)
Bumps [eslint](https://github.com/eslint/eslint) from 8.36.0 to 8.37.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.36.0...v8.37.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-03 11:37:48 +02:00
dependabot[bot] 5ec169725b
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#20920)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.21.3 to 7.21.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.21.4/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-03 11:37:16 +02:00
dependabot[bot] 42a6d0c5b1
Build(deps): Bump webpack in /app/assets/javascripts (#20885)
Bumps [webpack](https://github.com/webpack/webpack) from 5.76.3 to 5.77.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.76.3...v5.77.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-03 11:36:53 +02:00
dependabot[bot] db6c395bab
Build(deps-dev): Bump selenium-webdriver from 4.8.3 to 4.8.6 (#20880)
Bumps [selenium-webdriver](https://github.com/SeleniumHQ/selenium) from 4.8.3 to 4.8.6.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES)
- [Commits](https://github.com/SeleniumHQ/selenium/commits)

---
updated-dependencies:
- dependency-name: selenium-webdriver
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-03 11:18:00 +02:00
dependabot[bot] 0ace26577b
Build(deps): Bump msgpack from 1.6.1 to 1.7.0 (#20882)
Bumps [msgpack](https://github.com/msgpack/msgpack-ruby) from 1.6.1 to 1.7.0.
- [Release notes](https://github.com/msgpack/msgpack-ruby/releases)
- [Changelog](https://github.com/msgpack/msgpack-ruby/blob/master/ChangeLog)
- [Commits](https://github.com/msgpack/msgpack-ruby/compare/v1.6.1...v1.7.0)

---
updated-dependencies:
- dependency-name: msgpack
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-03 11:16:56 +02:00
dependabot[bot] d00c04fe01
Build(deps): Bump tzinfo-data from 1.2023.2 to 1.2023.3 (#20884)
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data) from 1.2023.2 to 1.2023.3.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases)
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2023.2...v1.2023.3)

---
updated-dependencies:
- dependency-name: tzinfo-data
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-03 11:16:40 +02:00
dependabot[bot] 6e4655da7f
Build(deps): Bump loofah from 2.19.1 to 2.20.0 (#20919)
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.19.1 to 2.20.0.
- [Release notes](https://github.com/flavorjones/loofah/releases)
- [Changelog](https://github.com/flavorjones/loofah/blob/main/CHANGELOG.md)
- [Commits](https://github.com/flavorjones/loofah/compare/v2.19.1...v2.20.0)

---
updated-dependencies:
- dependency-name: loofah
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-03 11:15:54 +02:00
dependabot[bot] 818604f6c4
Build(deps): Bump parser from 3.2.1.1 to 3.2.2.0 (#20918)
Bumps [parser](https://github.com/whitequark/parser) from 3.2.1.1 to 3.2.2.0.
- [Release notes](https://github.com/whitequark/parser/releases)
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/whitequark/parser/compare/v3.2.1.1...v3.2.2.0)

---
updated-dependencies:
- dependency-name: parser
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-03 11:15:42 +02:00
Vinoth Kannan 8405ec2831
FEATURE: use "Comment" schema type for post replies. (#20932)
Previously, we used the schema type "DiscussionForumPosting" for all the posts including replies. This is not recommended as per Google search experts. This commit changes the schema type to "Comment" for replies.
2023-04-03 14:36:47 +05:30
dependabot[bot] 046560926f
Build(deps): Bump addressable from 2.8.1 to 2.8.2 (#20921)
Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.8.1 to 2.8.2.
- [Release notes](https://github.com/sporkmonger/addressable/releases)
- [Changelog](https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sporkmonger/addressable/compare/addressable-2.8.1...addressable-2.8.2)

---
updated-dependencies:
- dependency-name: addressable
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-03 11:02:49 +02:00
dependabot[bot] c64fd762a7
Build(deps): Bump puma from 6.1.1 to 6.2.1 (#20922)
Bumps [puma](https://github.com/puma/puma) from 6.1.1 to 6.2.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v6.1.1...v6.2.1)

---
updated-dependencies:
- dependency-name: puma
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-03 11:02:06 +02:00
dependabot[bot] 0e04404e6b
Build(deps): Bump @babel/core in /app/assets/javascripts (#20923)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.21.3 to 7.21.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.21.4/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-03 11:01:24 +02:00
Joffrey JAFFEUX 1219f41c68
UX: multiple minor improvements (#20917)
- Raises the scroll distance to 250px instead of 100px to show the arrow down button
- Always have a margin on drawer when showing channel list, removes this margin when the scrollbar is apparent
- Makes all scrollbar used in chat look the same through the chat-scrollbar mixin
- Ensures hover state is not persistent on channel row in mobile
- Makes the channel row full width on mobile
2023-04-03 10:46:38 +02:00
chapoi df31b8dd2e
UX: reviewq flagging (#20913)
* DEV: add context question to flagged chat messages too

* UX: added -ai-flagged badge colour + grey fallback

* UX: add one more badge name
2023-04-02 12:16:26 +02:00
Roman Rizzi ea4f7fb660
FEATURE: Experimental API for custom full-page search types. (#20915)
This change adds an experimental API tagged as "Do not use", only intended to conduct a PoC to test semantic search in the AI plugin.
2023-03-31 15:13:24 -03:00
Jan Cernik af98df8cb9
FIX: Vertically center youtube thumbnails in lazy-videos (#20914) 2023-03-31 09:41:58 -03:00
Alan Guo Xiang Tan 0162f0ccb0
DEV: Update experimental `/filter` route with categories support (#20911)
On the `/filter` route, the categories filtering query language is now
supported in the input per the example provided below:

```
category:bug => topics in the bug category AND all subcategories
=category:bug => topics in the bug category excluding subcategories
category:bug,feature => allow for categories either in bug or feature
=category:bug,feature => allow for exact categories match excluding sub cats
categories: => alias for category
```

Currently composing multiple category filters is not supported as we
have yet to determine what behaviour it should result in. For example,
`category:bug category:feature` would now return topics that are in both
the `bug` and `feature` category but it is not possible for a topic to
belong to two categories.
2023-03-31 14:32:12 +08:00
Krzysztof Kotlarek c86d772277
FIX: Drop internal URL validation for paths in sidebar (#20891)
`Rails.application.routes.recognize_path(value)` was not working for /admin paths because StaffConstraint.new requires user to check permission.

This validation is not bringing much value, and the easiest way is to drop it. In the worse case scenario, a user will have an incorrect link in their sidebar.

Bug reported: https://meta.discourse.org/t/custom-sidebar-sections-being-tested-on-meta/255303/66
2023-03-31 13:26:56 +08:00
Martin Brennan ef1b781ced
FIX: Prevent errors from uppy performance logging (#20910)
Back in d0e1c222f7 we added
performance measuring for uppy uploads using the Performance
API in the browser. However we recently discovered that
sometimes performance.measure can fail if for whatever reason
one of the marks passed to it does not exist:

> Failed to upload ... Performance.measure: Given mark name, upload-uppy-....-create-multipart-success, is unknown

This would cause the entire upload to fail, which is unnecessary
for a debugger. Improve the situation so if this happens again
the error does not stop the upload.
2023-03-31 14:29:07 +10:00
Martin Brennan f7997ae882
DEV: Add debug for ChatablesControllerSpec (#20909)
We keep getting this failure on the spec but I
cannot reproduce locally, add this extra log line
to see if it helps:

```
>  Chat::Api::ChatablesController#index with chat permissions does not return DM channels for users who are not in the chat allowed group
>  Failure/Error: example.run
>
>    expected: 200
>         got: 500
>
>    (compared using ==)
>  # ./plugins/chat/spec/requests/chat/api/chatables_controller_spec.rb:158:in `block (4 levels) in <main>'
>  # ./spec/rails_helper.rb:358:in `block (2 levels) in <top (required)>'
>  # ./vendor/bundle/ruby/3.2.0/gems/webmock-3.18.1/lib/webmock/rspec.rb:37:in `block (2 levels) in <top (required)>'
>  # ------------------
>  # --- Caused by: ---
>  #
>  #   expected: 200
>  #        got: 500
>  #
>  #   (compared using ==)
>  #   ./plugins/chat/spec/requests/chat/api/chatables_controller_spec.rb:158:in `block (4 levels) in <main>'

```
2023-03-31 11:50:12 +10:00
David McClure 9fbe476262
UX: Update guidance for target DAU/MAU (#20908)
This goal may vary for different types of communities, but 20% is a more reasonable target as a default for the ratio of daily active users / monthly active users (DAU/MAU).
2023-03-30 21:27:37 -04:00
dependabot[bot] 05024691b3
Build(deps): Bump rspec-mocks from 3.12.4 to 3.12.5 (#20905)
Bumps [rspec-mocks](https://github.com/rspec/rspec-mocks) from 3.12.4 to 3.12.5.
- [Release notes](https://github.com/rspec/rspec-mocks/releases)
- [Changelog](https://github.com/rspec/rspec-mocks/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-mocks/compare/v3.12.4...v3.12.5)

---
updated-dependencies:
- dependency-name: rspec-mocks
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-31 12:05:09 +11:00
Kris 1ff9bc6e55
UX: onebox site icon needs a right margin (#20902) 2023-03-31 11:06:46 +11:00
Alan Guo Xiang Tan e10bfe0cc1
SECURITY: Update URI gem to 0.12.1 to address CVE-2023-28755 (#20906)
See https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/
2023-03-31 07:51:45 +08:00
Krzysztof Kotlarek fd718c1a42
FIX: use unselectable mixin in sidebar drag and drop (#20886)
7dcaaec90c/app/assets/stylesheets/common/foundation/mixins.scss (L122)
2023-03-31 09:28:22 +11:00
Sam 347681dd20
DEV: add topic_query_suggested_options modifier (#20893)
Add a modifier that will allow us to tune the results returned by suggested.

At the moment the modifier allows us to toggle including random results.
This was created for the discourse-ai module. It needs to switch off random
results when it returns related topics.

Longer term we can use it to toggle unread/new and other aspects.

This also demonstrates how to test the contract when adding modifiers.
2023-03-31 09:03:15 +11:00
Natalie Tay 068a36d354
UX: Improve error message when a topic cannot be moved due to category restrictions (#20900) 2023-03-31 02:18:57 +08:00
Canapin 58270954b6
Fix keyboard shortcut button hover color for WCAG color schemes (#20431) 2023-03-30 14:18:20 -04:00
Joffrey JAFFEUX 6ba24b3599
UX: prevents long press on reaction to open actions (#20899)
This is super hard to write a test as a combination of: long press, mobile and popup.
2023-03-30 20:01:38 +02:00
Daniel Waterworth 2df0eca39a
DEV: Make postgres_readonly cache work like other caches (#20879)
We didn't have an authoritative source for this data previously, so now
it's stored in redis.
2023-03-30 09:14:59 -05:00
Mark VanLandingham 9518e47204
FEATURE: ability to bulk_remove users from a group (#20876) 2023-03-30 08:06:36 -05:00
Renato Atilio 7afcb664fb
FIX: pretty-text shims - getURL's baseUri (#20822) 2023-03-30 08:35:06 -04:00
Sam 74312a6c52
DEV: stop getting topic.url in specs (#20895)
topic.url is a dangerous method to use, it is incompatible with our `sign_in`
helper.

This removes a bunch of places this was erroneously used and helps to avoid
future cargo culting.
2023-03-30 18:09:19 +11:00
Alan Guo Xiang Tan a154d7207d
DEV: Improve test coverage for `/filters` route (#20890) 2023-03-30 12:57:23 +08:00
Martin Brennan e6feb3f136
DEV: Remove currentUser lookup in pretty-text (#20894)
This was added in d3f02a1270
for hashtags but later removed usage in
b2acc416e7. It was removed because
serializing the user does not include things like their
secure_categories.

It is not used by any other plugins or themes, and can cause
issues where it will error when operating on a null user. Better
to just pass in the user_id and use it to look up a user
directly in a PrettyText::Helper
2023-03-30 14:50:36 +10:00
Martin Brennan eea74e0e32
DEV: Add auto _map extension for simple/compact list SiteSettings (#20888)
Similar to the _map added for group_list SiteSettings in
e62e93f83a, this commit adds
the same extension for simple and compact `list` type SiteSettings,
so developers do not have to do the `.to_s.split("|")` dance
themselves all the time.

For example:

```
SiteSetting.markdown_linkify_tlds

=> "com|net|org|io|onion|co|tv|ru|cn|us|uk|me|de|fr|fi|gov|ddd"

SiteSetting.markdown_linkify_tlds_map

=> ["com", "net", "org", "io", "onion", "co", "tv", "ru", "cn", "us", "uk", "me", "de", "fr", "fi", "gov"]
```
2023-03-30 14:08:19 +10:00
Martin Brennan 84ff96bd07
FIX: Do not validate email in TL promotion (#20892)
There is no need to validate the user's emails when
promoting/demoting their trust level, this can cause
issues in things like Jobs::Tl3Promotions, we don't
need to fail in that case when all we are doing is changing
trust level.
2023-03-30 13:52:10 +10:00
Sam 795e6d72a4
FEATURE: modifier API for plugins (#20887)
Introduces a new API for plugin data modification without class-based extension overhead.

This commit introduces a new API that allows plugins to modify data in cases where they return different data rather than additional data, as is common with filtered_registers in DiscoursePluginRegistry. This API removes the need for defining class-based extension points.

When a plugin registers a modifier, it will automatically be called if the plugin is enabled. The core will then modify the parameter sent to it using the block registered by the plugin:
 
```ruby
DiscoursePluginRegistry.register_modifier(plugin_instance, :magic_sum_modifier) { |a, b| a + b }
sum = DiscoursePluginRegistry.apply_modifier(:magic_sum_filter, 1, 2)
expect(sum).to eq(3)
```

Key features of these modifiers:

- Operate in a stack (first registered, first called)
- Automatically disabled when the plugin is disabled
- Pass the cumulative result of all block invocations to the caller
2023-03-30 14:39:55 +11:00
Alan Guo Xiang Tan 4e11014693
DEV: Support `status:public` in topics filtering query language (#20889)
This commit adds support for the `status:public` filter which only
return topics that belong to public categories.
2023-03-30 10:57:26 +08:00
Martin Brennan f8ff97b2ec
DEV: Add specs to ChannelSerializer and StructuredChannelSerializer (#20872)
This adds specs to the mentioned serializers to catch regressions
with MessageBus last_ids and to ensure the correct ones are being
returned and passed down to the ChannelSerializer.

Followup to d8ad5c3
2023-03-30 12:16:32 +10:00
Alan Guo Xiang Tan 49e7e639cc
DEV: Update experimental `/filter` route with tags support (#20874)
The following are the changes being introduced in this commit:

1. Instead of mapping the query language to various query params on the
client side, we've decided that the benefits of having a more robust
query language far outweighs the benefits of having a more human readable query params in the URL.
As such, the `/filter` route will just accept a single `q` query param
and the query string will be parsed on the server side.

1. On the `/filter` route, the tags filtering query language is now
   supported in the input per the example provided below:

   ```
   tags:bug+feature tagged both bug and feature
   tags:bug,feature tagged either bug or feature
   -tags:bug+feature excluding topics tagged bug and feature
   -tags:bug,feature excluding topics tagged bug or feature
   ```

   The `tags` filter can also be specified multiple
times in the query string like so `tags:bug tags:feature` which will
filter topics that contain both the `bug` tag and `feature` tag. More
complex query like `tags:bug+feature -tags:experimental` will also work.
2023-03-30 09:00:42 +08:00
Jan Cernik afe3e36363
DEV: Remove lazy-yt and replace with lazy-videos (#20722)
- Refactors the old plugin to remove jquery usage
- Adds support for Vimeo videos (default on) and Tiktok (experimental and default off)
2023-03-29 11:54:25 -04:00
Jordan Vidrine 86f5abfa18
UX: Add description to apple touch setting (#20875) 2023-03-29 08:22:48 -05:00
Osama Sayegh 78befbc53e
DEV: Remove `{{user-selector}}` (#17753)
`{{user-selector}}` was deprecated in 293fd1f743 more than 2 years ago and it's time we deleted it.
2023-03-29 11:49:47 +03:00
Joffrey JAFFEUX 69de5b161f
FIX: ensures removing a reaction doesn’t remove others (#20869) 2023-03-29 08:39:52 +02:00
Krzysztof Kotlarek b854fa8cdb
FIX: disable text select on sidebar (#20871)
To make drag&drop links reliable, we have to disable user-select option on whole sidebar.

https://developer.mozilla.org/en-US/docs/Web/CSS/user-select
2023-03-29 14:32:28 +11:00
Krzysztof Kotlarek f5fadc3149
FIX: reorder custom sidebar links on touch screen (#20856)
Previously, reorder on touch screens was disabled https://github.com/discourse/discourse/pull/20769.

This PR enables it again. However, link has to be hold for 300 ms to enable drag&drop. Otherwise, normal scroll is performed.
2023-03-29 08:57:04 +11:00
Blake Erickson aa09a78d14
DEV: Remove diffhtml_preview for video thumbnails (#20865)
Video thumbnail generation is no longer dependent on
`enable_diffhtml_preview` being enabled.
2023-03-28 12:38:50 -06:00
Rafael dos Santos Silva 2a7bdb2d66
FIX: Push notification delay should not be longer than specified (#20864)
When user.last_seen was less than push_notification_time_window_mins we
where delaying the notification for the whole
push_notification_time_window_mins PLUS the time the user was away from.

Originally reported in https://meta.discourse.org/t/-/259688
2023-03-28 13:22:54 -03:00