github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-06-29 11:25:37 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
42,544 Commits 325 Branches 518 Tags
cd9262b7d3af8b12a9b1eac396ca78ed9aae219c
Commit Graph

42544 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vinoth Kannan
cd9262b7d3 DEV: minor improvements in the vanilla import script. (#14026) 
We're parsing the post raw based on the record format now.
 2021-08-12 15:07:44 +05:30
Alan Guo Xiang Tan
aed65ec16d SECURITY: User's read state for topic is leaked to unauthorized clients. 
A user's read state for a topic such as the last read post number and the notification level is exposed.
 2021-08-12 12:16:45 +08:00
Alan Guo Xiang Tan
9a60c83535 FIX: TopicTrackingState.report not including unread for staff posts. 
Follow-up to e15c86e8c5ff9fcb8aec32d3bab641c2ab4193a9
 2021-08-12 11:10:49 +08:00
Alan Guo Xiang Tan
2fb17b7b17 DEV: Remove code that is not being used. 
Code was added in e15c86e8c5ff9fcb8aec32d3bab641c2ab4193a9 but it isn't
necessary anymore.

Follow-up to e15c86e8c5ff9fcb8aec32d3bab641c2ab4193a9
 2021-08-12 07:56:38 +08:00
dependabot[bot]
16ff3ea2f1 Build(deps): Bump discourse-fonts from 0.0.8 to 0.0.9 
Bumps [discourse-fonts](https://github.com/discourse/discourse-fonts) from 0.0.8 to 0.0.9.
- [Release notes](https://github.com/discourse/discourse-fonts/releases)
- [Commits](https://github.com/discourse/discourse-fonts/compare/v0.0.8...v0.0.9)

---
updated-dependencies:
- dependency-name: discourse-fonts
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-12 07:55:40 +08:00
dependabot[bot]
67f93c60eb Build(deps): Bump loofah from 2.11.0 to 2.12.0 
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.11.0 to 2.12.0.
- [Release notes](https://github.com/flavorjones/loofah/releases)
- [Changelog](https://github.com/flavorjones/loofah/blob/main/CHANGELOG.md)
- [Commits](https://github.com/flavorjones/loofah/compare/v2.11.0...v2.12.0)

---
updated-dependencies:
- dependency-name: loofah
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-12 07:55:18 +08:00
Martin Brennan
814aa64a5d FIX: Notification menu broken on older browsers (#14019) 
replaceAll is not available in all versions of Chrome/Firefox/Edge
that we support, so we need to use replace instead
 2021-08-12 09:54:15 +10:00
jbrw
20a6bad87e FIX: Category group moderators can read flagged post meta_topics (#14014) 
When a post is flagged with the reason of 'Something Else' a brief message can be added by the user which subsequently creates a `meta_topic` private message. The group `moderators` is automatically added to this topic.

If category group moderation is enabled, and the post belongs to a category with a reviewable group, that group should also be added to the meta_topic.

Note: This extends the `notify_moderators` logic, and will add the reviewable group to the meta_topic, regardless of the settings of that group.
 2021-08-11 18:11:22 -04:00
Roman Rizzi
630d485f0f DEV: Remove unused server-side route. (#14011) 
We no longer use this route. When a staff member wants to see a user flagged posts, we redirect them to the review queue.
 2021-08-11 17:29:19 -03:00
Blake Erickson
1799944a04 DEV: Specify the latest openapi spec version (#14012) 
The latest openapi spec version is v3.1.0

 https://spec.openapis.org/oas/v3.1.0

Specifying the latest version will allow our openapi spec linter to use
this version and allow use to use the new type format that allows for
specifying a type as "null", which we need because sometimes our api
responses include null values instead of a "string", "integer", or
"object" type.

See: https://stackoverflow.com/a/48114322/588458
 2021-08-11 12:38:02 -06:00
Blake Erickson
ce015f5b75 DEV: Fix api docs tagging format (#14010) 
When specifying multiple tags they should be separate strings, not a
single string.
 2021-08-11 11:00:48 -06:00
Kris
f848f6cbb6 UX: Fix mobile PM nav for regular users (#14007) 2021-08-11 12:47:03 -04:00
David Taylor
b3c1cb6df6 DEV: Add caret_position.js to ember-cli build (#14009) 
This is used when positioning autocompletes in the composer, and elsewhere
 2021-08-11 16:42:04 +01:00
Mark VanLandingham
3119b881aa DEV: Define --footer-nav-height css var (#14008) 2021-08-11 10:29:16 -05:00
David Taylor
70f8fdbe45 FEATURE: Allow linking an existing account from invite acceptance (#13998) 
The invite acceptance page is an alternative signup flow, so it makes sense to include the new 'link' functionality there as well.

Followup to 7dc8f8b794cbb36b14737710ccfe417d1c074d12
 2021-08-11 10:26:37 +01:00
Arpit Jalan
e9b2415e7d UX: show flair help text for private member visibility only (#14005) 2021-08-11 16:23:58 +10:00
Alan Guo Xiang Tan
e157925308 DEV: Remove unused attributes when publishing read/new. 2021-08-11 11:12:23 +08:00
Rafael dos Santos Silva
8e45fdfbb1 DEV: Log duration of ember-cli asset build (#13980) 2021-08-10 23:43:08 -03:00
dependabot[bot]
683712fae7 Build(deps): Bump rubocop-ast from 1.9.0 to 1.9.1 
Bumps [rubocop-ast](https://github.com/rubocop-hq/rubocop-ast) from 1.9.0 to 1.9.1.
- [Release notes](https://github.com/rubocop-hq/rubocop-ast/releases)
- [Changelog](https://github.com/rubocop/rubocop-ast/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-ast/compare/v1.9.0...v1.9.1)

---
updated-dependencies:
- dependency-name: rubocop-ast
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-11 10:27:30 +08:00
dependabot[bot]
7804fdf860 Build(deps): Bump fastimage from 2.2.4 to 2.2.5 
Bumps [fastimage](https://github.com/sdsykes/fastimage) from 2.2.4 to 2.2.5.
- [Release notes](https://github.com/sdsykes/fastimage/releases)
- [Changelog](https://github.com/sdsykes/fastimage/blob/master/CHANGELOG)
- [Commits](https://github.com/sdsykes/fastimage/compare/v2.2.4...v2.2.5)

---
updated-dependencies:
- dependency-name: fastimage
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-11 10:27:17 +08:00
dependabot[bot]
7b205abacf Build(deps): Bump oj from 3.13.0 to 3.13.1 
Bumps [oj](https://github.com/ohler55/oj) from 3.13.0 to 3.13.1.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.13.0...v3.13.1)

---
updated-dependencies:
- dependency-name: oj
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-11 10:27:01 +08:00
dependabot[bot]
6525918aae Build(deps): Bump nokogiri from 1.12.2 to 1.12.3 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.2 to 1.12.3.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.2...v1.12.3)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-11 10:26:47 +08:00
Krzysztof Kotlarek
195f7346ba FIX: check if BasicBadge is enabled for TL1 welcome message (#13983) 
In 2018 check was added that TL1 welcome message is sent unless user already has BasicBadge granted.

I think we should also check if BasicBadge is even enabled. Otherwise, each time group is assigned to a user and trust level is recalculated, they will receive a welcome message.
 2021-08-11 08:39:25 +10:00
Osama Sayegh
bdcb96ad1b UX: Indicate capped history revisions only when they're actually capped (#14000) 
We've recently added a limit to the posts history modal so it displays the last 100 revisions only for performance reasons. However, the title of the modal now always says `History, last 100 revisions` even when the post has fewer than 100 revisions which can be a bit noisy.

This PR amends the history modal so the title of the modal says `History` when the post's revisions count is ≤100, and `History, last 100 revisions` when it has more >100 revisions.
 2021-08-11 00:24:37 +03:00
Jordan Vidrine
8569895f71 FIX: Fix rtl style for pull right (#13999) 
* FIX: RTL fix for pull right
 2021-08-10 15:31:04 -05:00
Andrei Prigorshnev
622859dbe6 FEATURE: add Unseen view (#13977) 
This view is the same as Latest except it hides the topics you have fully read. Based on this plugin of @davidtaylorhq https://meta.discourse.org/t/simple-unread-list-plugin-discourse-simple-unread/70013.
 2021-08-10 18:30:34 +04:00
Dmitry Klimensky
d54b339809 Escape values of HTML attributes 2021-08-10 10:25:15 -04:00
David Taylor
7dc8f8b794 FEATURE: Allow linking an existing account during external-auth signup 
When a user signs up via an external auth method, a new link is added to the signup modal which allows them to connect an existing Discourse account. This will only happen if:

- There is at least 1 other auth method available

and

- The current auth method permits users to disconnect/reconnect their accounts themselves
 2021-08-10 15:07:40 +01:00
David Taylor
46dc189850 DEV: Improve robustness of associate_accounts_controller 
This handles a few edge cases which are extremely rare (due to the UI layout), but still technically possible:

- Ensure users are authenticated before attempting association.

- Add a message and logic for when a user already has an association for a given auth provider.
 2021-08-10 15:07:40 +01:00
David Taylor
2cae29f644 DEV: Update associate_accounts_controller to use secure_session 
This is much cleaner than using redis directly. It also opens the door to more complex association change flows which may happen during login.
 2021-08-10 15:07:40 +01:00
Arpit Jalan
97f701bc4c UX: update member visibility help text to include flair information (#13995) 2021-08-10 19:31:29 +05:30
Joffrey JAFFEUX
6d41c37c16 DEV: stop propagation of events on button click (#13993) 2021-08-10 15:52:59 +02:00
Joffrey JAFFEUX
644441852e FIX: prevents exception on malformatted messages (#13997) 
The following example message would generate an exception:

```
Return-Path: <discourse@bar.com>
From: Foo Bar <discourse@bar.com>
To: reply+4f97315cc828096c9cb34c6f1a0d6fe8@bar.com
Date: Fri, 15 Jan 2016 00:12:43 +0100
Message-ID: <21@foo.bar.mail>
Mime-Version: 1.0
Content-Type: text/html; charset=UTF-8

</div>

```

Exception:

```
NoMethodError:
       undefined method `split' for nil:NilClass
```
 2021-08-10 15:49:32 +02:00
Arpit Jalan
3006de39d1 REVERT "FIX: do not show private group flair on user avatars" (#13991) 
This reverts commit fe3e18f9814d94cf5ca19891262b9376861ce3d0 and 0d8fd9ace60ad676af0cfb58d65191821a77e8a9
 2021-08-10 17:25:11 +05:30
Joffrey JAFFEUX
4ca34940d3 DEV: ensures container is not destroyed before showing tooltip (#13992) 
In fast tests it could results in an error.
 2021-08-10 11:48:31 +02:00
Joffrey JAFFEUX
2efe91f49f UI: fixes sidebar settings border and active styles (#13990) 
- active setting should now correctly show an arrow which was previously floating in the middle of nowhere
- uses a correct color for border separation, previously the border was present but invisible as similar to the background
- slighty tweak padding
- makes arrow computation based on a variable
 2021-08-10 08:53:22 +02:00
Martin Brennan
6774c600a4 DEV: Fix uploads controller flaky presigned put spec (#13985) 
Was missing RateLimiter.clear_all!, leading to 403 errors
 2021-08-10 14:30:22 +10:00
Martin Brennan
93af139a76 Revert "DEV: Move rate limiter disable to after :each for tests (#13986)" (#13987) 
This reverts commit 52035dc665f84174caedf275f6b6282e0f80d220.
 2021-08-10 14:12:36 +10:00
Martin Brennan
52035dc665 DEV: Move rate limiter disable to after :each for tests (#13986) 
We weren't calling clear_all! for the rate limiter which
was the first problem, and the second problem was that it
is very odd to do state cleanup before tests instead of after,
so moved the disabling and clear_all! to after.
 2021-08-10 13:38:35 +10:00
Alan Guo Xiang Tan
fa952c036c UX: Missing translation for title attribute for PM tag route. 2021-08-10 09:58:59 +08:00
dependabot[bot]
7ecd0da109 Build(deps): Bump oj from 3.12.3 to 3.13.0 
Bumps [oj](https://github.com/ohler55/oj) from 3.12.3 to 3.13.0.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.12.3...v3.13.0)

---
updated-dependencies:
- dependency-name: oj
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-10 09:16:59 +08:00
dependabot[bot]
a38dc09e05 Build(deps): Bump faraday from 1.6.0 to 1.7.0 
Bumps [faraday](https://github.com/lostisland/faraday) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/lostisland/faraday/releases)
- [Changelog](https://github.com/lostisland/faraday/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lostisland/faraday/compare/v1.6.0...v1.7.0)

---
updated-dependencies:
- dependency-name: faraday
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-10 09:16:36 +08:00
Bianca Nenciu
d68f2de4c7 FIX: Reuse avatar-flair component in group preview (#13961) 
Sometimes the group flair preview was different than the real group
flair because different components were used for rendering.
 2021-08-09 15:38:49 -03:00
Robin Ward
5c07e544af Revert "DEV: Discourse.User has been deprecated since 2.6" 
This reverts commit 3edf24437a4ef117ee8d8b49497da350b0dce8c6.

Too many plugins rely on this right now and need to be updated.
 2021-08-09 13:42:26 -04:00
Robin Ward
3edf24437a DEV: Discourse.User has been deprecated since 2.6 2021-08-09 12:40:42 -04:00
Laurent Arnoud
03896a9c43 FIX: Errno::EXDEV when across filesystem boundaries (#13976) 
ref https://bugs.ruby-lang.org/issues/12615

```
        W: rake aborted!
        W: Errno::EXDEV: Invalid cross-device link @ rb_file_s_rename - (/app/tmp/adeeee62504de67238341871bda1aaf0, /app/app/assets/javascripts/plugins/discourse-cakeday.js.e
rb)
        W: lib/discourse.rb:65:in `rename'
        W: lib/discourse.rb:65:in `atomic_write_file'
        W: /app/lib/plugin/instance.rb:683:in `activate!'
        W: lib/discourse.rb:246:in `block in activate_plugins!'
        W: lib/discourse.rb:243:in `each'
        W: lib/discourse.rb:243:in `activate_plugins!'
```
 2021-08-09 12:20:26 +02:00
Jarek Radosz
e68c1d5ba5 DEV: Use key over the deprecated keyCode (#13795) 
Makes the code a bit more readable. Inspired by https://github.com/emberjs/ember.js/pull/19185
 2021-08-09 11:41:36 +02:00
Joffrey JAFFEUX
8df48b516f DEV: ensures click listeners are reset between tests (#13900) 2021-08-09 10:00:56 +02:00
Joffrey JAFFEUX
800926fcce FIX: prevents s shortcut to generate an error (#13974) 
When no element is selected, on the homepage for example, pressing `s` would generate the following error:

```
Uncaught TypeError: Cannot read property 'click' of undefined
```

Note that this commit also removes jquery usage.
 2021-08-09 09:39:01 +02:00
dependabot[bot]
0790bbdea5 Build(deps): Bump rubocop-ast from 1.8.0 to 1.9.0 (#13975) 
Bumps [rubocop-ast](https://github.com/rubocop-hq/rubocop-ast) from 1.8.0 to 1.9.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-ast/releases)
- [Changelog](https://github.com/rubocop/rubocop-ast/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-ast/compare/v1.8.0...v1.9.0)

---
updated-dependencies:
- dependency-name: rubocop-ast
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-08-09 00:27:39 +02:00