36e0ecc79a
Build(deps): Bump rubocop-rspec from 2.14.2 to 2.15.0 ( #18875 )
...
Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec ) from 2.14.2 to 2.15.0.
- [Release notes](https://github.com/rubocop/rubocop-rspec/releases )
- [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop-rspec/compare/v2.14.2...v2.15.0 )
---
updated-dependencies:
- dependency-name: rubocop-rspec
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-03 23:05:05 +01:00
41eb92f5db
UX: Change ordering of categories shown in sidebar ( #18803 )
...
There are two possible ordering for categories shown in sidebar with
this commit.
When the `fixed_category_positions` site setting is enabled, the
categories are ordered based on `Category#position` which is a configurable
option by the user. When said site setting is disabled, the categories
are ordered based on `Category#name`.
The categories in Sidebar are also sorted in such a way where child
categories are always ordered right after their parents. When multiple
child categories are present, the child categories are ordered based on
the ordering described above.
2022-11-04 05:21:49 +09:00
291bbc4fb9
FIX: When cloning themes via HTTP, try the original URI too ( #18870 )
...
This should fix fetching from gitlab.
In order to get SSRF protection, we had to prevent redirects when cloning via git, but some repos are behind redirects and we want to support those too. We use `FinalDestination` before cloning to try to simulate git with redirects, but this isn't quite how git works, so there's some discrepancies between our SSRF protected cloning behavior and normal git behavior that I'm trying to work around.
This is temporary fix. It would be better to use `FinalDestination` to simulate the first request that git makes. I aim to make it work like that in the not too distant future, but this is better for now.
2022-11-03 15:19:08 -05:00
1398bd5f1f
FIX: Theme import error handling needs to happen inside the hijack block ( #18866 )
...
Otherwise the errors don't get caught.
2022-11-03 14:02:26 -05:00
943c43ddc5
UX: less link-like unread/new color in sidebar ( #18868 )
2022-11-03 14:57:01 -04:00
49a0129b0d
FIX: prevents chat to enter in endless loop when getting 404 ( #18867 )
...
Doing DOM operations in finally would cause them to happen even when the request was a failure. Consequence of these DOM operations would be new request, which would also end up in a 404, and so on.
This commit simply moves the DOM operations in the then block where it should be safe to make.
2022-11-03 19:52:44 +01:00
6e5e696c0b
DEV: Make modifyClass native class-aware, add tests ( #16111 )
2022-11-03 18:10:08 +01:00
c122c032bb
Ux sidebar muted icon ( #18856 )
...
* UX: sidebar muted channel opacity and colour change
* UX: visual state for active on muted channel
2022-11-03 16:00:21 +01:00
abcaa1a961
DEV: Rename direct message related models
...
This is a followup of the previous refactor where we created two new
models to handle all the dedicated logic that was present in the
`ChatChannel` model.
For the sake of consistency, `DMChannel` has been renamed to
`DirectMessageChannel` and the previous `DirectMessageChannel` model is
now named `DirectMessage`. This should help reasoning about direct
messages.
2022-11-03 14:39:23 +01:00
7e992cb299
Build(deps): Bump ember-source in /app/assets/javascripts ( #18859 )
...
Bumps [ember-source](https://github.com/emberjs/ember.js ) from 3.28.9 to 3.28.10.
- [Release notes](https://github.com/emberjs/ember.js/releases )
- [Changelog](https://github.com/emberjs/ember.js/blob/master/CHANGELOG.md )
- [Commits](https://github.com/emberjs/ember.js/compare/v3.28.9...v3.28.10 )
---
updated-dependencies:
- dependency-name: ember-source
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-03 11:36:08 +00:00
f61e36384f
DEV: Use store.createRecord for Topic models ( #18837 )
...
…where possible
2022-11-03 12:32:20 +01:00
012eb922d5
Reduce theme/color-scheme cookie cookie duration ( #18858 )
...
Previously these were set to expire after 9999 days (27 years). This commit updates them to last 1 year, and to automatically be extended on every user visit.
2022-11-03 11:31:16 +00:00
3286d345f4
Build(deps): Bump @babel/standalone in /app/assets/javascripts ( #18851 )
...
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone ) from 7.20.0 to 7.20.1.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.20.1/packages/babel-standalone )
---
updated-dependencies:
- dependency-name: "@babel/standalone"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-03 12:30:45 +01:00
2f510cbd05
FIX: Do not limit scope to direct messages ( #18855 )
2022-11-03 09:17:23 +01:00
0028149ed4
UX: Add back button in chat browse screen on mobile ( #18849 )
2022-11-03 09:06:30 +01:00
9ff091dc01
FIX: the notification data on the client expects an identifier ( #18850 )
2022-11-03 09:06:05 +01:00
1c52e11d48
UX: scope chat-channel-title hover effect ( #18854 )
2022-11-03 09:04:57 +01:00
52be5b3782
DEV: Extend specs coverage for non-admin access to admin endpoints ( #18833 )
...
Replace base controller class inheritance specs with explicit specs
for non-staff and moderator access to admin resources
2022-11-03 03:42:44 +00:00
612ab8710a
DEV: Give em plugins the green tick ( #18836 )
2022-11-03 11:41:25 +08:00
49a191bf69
removed some extraneous question marks ( #18847 )
2022-11-03 10:26:27 +09:00
3ff18f2b3c
FIX: minor alignment fix for mobile small-actions ( #18853 )
2022-11-03 09:43:13 +09:00
d446ad3290
UX: Muted style for entire chat section link when muted ( #18852 )
2022-11-03 08:37:39 +09:00
391a456443
FIX: Write to group logs when a user is added to group by invite ( #18841 )
2022-11-03 07:58:12 +09:00
2e984f2eca
UX: Increase padding of back button in chat draft screen ( #18848 )
...
To increase hit target size for easier press on mobile devices
2022-11-02 21:28:41 +01:00
6c25b28312
DEV: Fix labeler.yml glob configuration ( #18846 )
...
Followup to 449f7d5ed5b32adf281e96a4d36ff3084f320817
2022-11-02 15:59:59 +00:00
8ed001678f
DEV: Have licensee check xmldom license ( #18840 )
2022-11-02 11:51:11 -04:00
449f7d5ed5
DEV: Automatically label chat PRs ( #18843 )
2022-11-02 15:43:59 +00:00
4201ca61e2
FIX: fix circle indicator on "my posts", color ( #18844 )
2022-11-02 11:43:28 -04:00
f6f436f694
FIX: New Topic button is now correctly disabled in a category where they have no permissions, even when filtered by tag ( #18741 )
2022-11-02 10:54:54 -04:00
954022aed2
DEV: Add chat plugin to Crowdin ( #18838 )
2022-11-02 15:18:02 +01:00
82425b23ee
Update translations ( #18813 )
2022-11-02 15:13:47 +01:00
0a5f548635
DEV: Move discourse-chat to the core repo. ( #18776 )
...
As part of this move, we are also renaming `discourse-chat` to `chat`.
2022-11-02 10:41:30 -03:00
e7e24843dc
DEV: Add integration specs for Github login ( #18808 )
...
Internal topic: t/82084.
2022-11-02 16:21:51 +03:00
2531828973
UX: hide new/unread counts in sidebar, use dot by default ( #18797 )
...
This updates the behavior of the list destination setting for links in the sidebar.
By default, new/unread content will show a dot like chat, rather than the count of new/unread topics.
If a user chooses to link to new/unread in the sidebar, we'll show the count.
The goal here is to find a simple default for typical users (new/unread indication, no counts, default links) while providing a different workflow for power users (showing new/unread counts, and linking directly to new/unread).
Internal Ref: /t/82626
2022-11-02 20:55:05 +09:00
46e9f402eb
DEV: Avoid cloning site settings in QUnit tests ( #18811 )
...
`siteSettings` is now a service which means there should only be one
state for `siteSettings` during the life time of the application. This
also helps to maintain parity with production where the `site` model
relies on the `siteSettings` service and not a clone of the attributes.
2022-11-02 20:07:17 +09:00
e6856a3ca3
Build(deps): Bump tmpl from 1.0.4 to 1.0.5 in /app/assets/javascripts ( #18835 )
...
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl ) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/daaku/nodejs-tmpl/releases )
- [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5 )
---
updated-dependencies:
- dependency-name: tmpl
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-02 10:58:59 +01:00
fc107be63f
FIX: Correct the post numbers in lastUnreadUrl ( #18831 )
...
Previously when a topic had e.g. 10 posts and you read them all, the link to the "first unread" would be `/11`, even when we knew there are only 10. (the topic route/controller would then fix that in the location bar after a second if you followed that URL)
2022-11-02 10:49:10 +01:00
c32fe340f0
DEV: Fix mocha deprecations ( #18828 )
...
It now supports strict keyword argument matching by default.
2022-11-02 10:47:59 +01:00
b9bcb225f2
DEV: Fix qunit hook issue ( #18829 )
2022-11-02 10:46:52 +01:00
45e8995eb1
DEV: Force testem upgrade ( #18834 )
...
1. Add `"testem": "latest"` to package.json
2. `yarn`
3. `npx yarn-deduplicate`
4. Remove the line from package.json
5. `yarn`
2022-11-02 10:45:17 +01:00
fefd938520
UX: Hide welcome topic from admins as well if not edited ( #18807 )
...
Depends on: #18806
We have a banner that prompts to edit the welcome topic, so let's not
show it in the topic list until it has been edited. Previously this
banner covered the welcome topic, now the banner will be above the topic
list, so we need to hide the welcome topic.
2022-11-01 16:17:17 -06:00
e79208888c
Build(deps): Bump zeitwerk from 2.6.3 to 2.6.4 ( #18830 )
...
Bumps [zeitwerk](https://github.com/fxn/zeitwerk ) from 2.6.3 to 2.6.4.
- [Release notes](https://github.com/fxn/zeitwerk/releases )
- [Changelog](https://github.com/fxn/zeitwerk/blob/main/CHANGELOG.md )
- [Commits](https://github.com/fxn/zeitwerk/compare/v2.6.3...v2.6.4 )
---
updated-dependencies:
- dependency-name: zeitwerk
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-01 21:48:10 +01:00
6029c6a4dc
Build(deps-dev): Bump mocha from 1.16.0 to 2.0.0 ( #18819 )
...
Bumps [mocha](https://github.com/freerange/mocha ) from 1.16.0 to 2.0.0.
- [Release notes](https://github.com/freerange/mocha/releases )
- [Changelog](https://github.com/freerange/mocha/blob/main/RELEASE.md )
- [Commits](https://github.com/freerange/mocha/compare/v1.16.0...v2.0.0 )
---
updated-dependencies:
- dependency-name: mocha
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-01 21:33:39 +01:00
208d22cfc2
UX: Change placement of welcome cta ( #18806 )
2022-11-01 14:07:40 -05:00
167181f4b7
DEV: Quote values when constructing SQL ( #18827 )
...
All of these cases should already be safe, but still good to quote for
"defense in depth".
2022-11-01 14:05:13 -05:00
a356e2fe30
UX: update and consolodate published page styles ( #18792 )
2022-11-01 14:31:39 -04:00
10ea279bc9
Build(deps): Bump rubocop from 1.37.1 to 1.38.0 ( #18821 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.37.1 to 1.38.0.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.37.1...v1.38.0 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-01 18:59:19 +01:00
e3da085e31
Version bump to v2.9.0.beta11 ( #18822 )
2022-11-01 17:00:05 +00:00
07ef1a80a1
SECURITY: Fix invite link email validation ( #18817 )
...
See https://github.com/discourse/discourse/security/advisories/GHSA-x8w7-rwmr-w278
Co-authored-by: Martin Brennan <martin@discourse.org >
2022-11-01 16:33:32 +00:00
68b4fe4cf8
SECURITY: Expand and improve SSRF Protections ( #18815 )
...
See https://github.com/discourse/discourse/security/advisories/GHSA-rcc5-28r3-23rr
Co-authored-by: OsamaSayegh <asooomaasoooma90@gmail.com >
Co-authored-by: Daniel Waterworth <me@danielwaterworth.com >
2022-11-01 16:33:17 +00:00
