79bea9464c
PERF: Move user-tips and narrative to per-user messagebus channels ( #19773 )
...
Using a shared channel with per-message permissions means that every client is updated with the channel's 'last_id', even if there are no messages available to them. Per-user channel names avoid this problem - the last_id will only be incremented when there is a message for the given user.
2023-01-30 11:48:09 +00:00
23a74ecf8f
FIX: Truncate existing user status to 100 chars ( #20044 )
...
This commits adds a database migration to limit the user status to 100
characters, limits the user status in the UI and makes sure that the
emoji is valid.
Follow up to commit b6f75e231c
2023-01-30 10:49:08 +02:00
0a8387ecd2
FIX: Validate asset url before replacing base url ( #16438 )
...
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com >
2023-01-30 07:32:48 +08:00
8410b25f3c
Build(deps): Bump @babel/standalone in /app/assets/javascripts ( #20055 )
...
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone ) from 7.20.13 to 7.20.14.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.20.14/packages/babel-standalone )
---
updated-dependencies:
- dependency-name: "@babel/standalone"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-29 22:44:40 +01:00
15e854f0f7
Build(deps): Bump eslint in /app/assets/javascripts ( #20054 )
...
Bumps [eslint](https://github.com/eslint/eslint ) from 8.32.0 to 8.33.0.
- [Release notes](https://github.com/eslint/eslint/releases )
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md )
- [Commits](https://github.com/eslint/eslint/compare/v8.32.0...v8.33.0 )
---
updated-dependencies:
- dependency-name: eslint
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-29 22:44:14 +01:00
a4c68d4a2e
FIX: Failing system spec for rate limited search ( #20046 )
2023-01-27 12:14:29 -08:00
39eec37e75
A11Y: post avatars should not be tabbable ( #20045 )
2023-01-27 14:39:55 -05:00
2c8dfc3dbc
FEATURE: rate limit anon searches per second ( #19708 )
2023-01-27 10:05:27 -08:00
8fc11215e1
FIX: Ensure soft-deleted topics can be deleted ( #19802 )
...
* FIX: Ensure soft-deleted topics can be deleted
The topic was not found during the deletion process because it was
deleted and `@post.topic` was nil.
* DEV: Use @topic instead of finding the topic every time
2023-01-27 16:15:33 +02:00
0c967e6aa3
A11Y: add accessible label for bookmark name input ( #20036 )
2023-01-26 17:35:19 -05:00
2c9d76e510
FIX: Use specified limit option in user search ( #20020 )
2023-01-26 16:17:15 +02:00
d5745d34c2
SECURITY: Limit the character count of group membership requests ( #19993 )
...
When creating a group membership request, there is no character
limit on the 'reason' field. This can be potentially be used by
an attacker to create enormous amount of data in the database.
Co-authored-by: Ted Johansson <ted@discourse.org >
2023-01-25 13:50:33 +02:00
69c7f676ea
Build(deps): Bump ember-auto-import in /app/assets/javascripts ( #19981 )
2023-01-24 22:50:05 +01:00
75032f4752
UX: remove extra whitespace in search helper ( #19980 )
2023-01-24 15:27:05 -05:00
e71bf672cb
UX: prevent user card status overflow ( #19979 )
2023-01-24 13:58:24 -05:00
4da8e15801
A11Y: discourse-tags should have a role and label ( #19977 )
2023-01-24 13:04:32 -05:00
a57d6a0f75
A11Y: add aria-labels for flagging textareas ( #19938 )
2023-01-24 09:49:15 -05:00
17deb79fcb
DEV: Fix random typos ( #19973 )
2023-01-24 15:41:01 +01:00
1bc39c1a4f
FIX: text selection breaks opening of links in new tabs ( #19867 )
...
When a user checks "Open all external links in a new tab" preference
he expects not to be overruled by unrelated text selections.
Yet if text is selected during a link click the link is followed on
the same tab. This change corrects that.
2023-01-24 14:17:03 +01:00
48713653df
DEV: Add failing test for api.modifyClass with native getters ( #19911 )
...
https://meta.discourse.org/t/251793/8
2023-01-24 10:41:48 +00:00
ac4ee1a3d4
FIX: TL4 user is not redirected to latest when delete topic ( #19967 )
...
Continue of https://github.com/discourse/discourse/pull/19766
When TL4 is allowed to delete topic, they should not be redirected to / after that action.
2023-01-24 11:28:04 +11:00
bc9874033f
Build(deps): Bump qunit from 2.19.3 to 2.19.4 in /app/assets/javascripts ( #19962 )
2023-01-23 23:52:22 +01:00
239815c4a4
UX: fixes and adjustments for user nav ( #19954 )
2023-01-23 14:28:55 -05:00
54e5a2e4c4
Build(deps): Bump sass from 1.57.0 to 1.57.1 in /app/assets/javascripts ( #19538 )
...
Bumps [sass](https://github.com/sass/dart-sass ) from 1.57.0 to 1.57.1.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.57.0...1.57.1 )
---
updated-dependencies:
- dependency-name: sass
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-22 23:36:16 +01:00
f81c94637a
Build(deps): Bump ember-rfc176-data in /app/assets/javascripts ( #19925 )
...
Bumps [ember-rfc176-data](https://github.com/ember-cli/ember-rfc176-data ) from 0.3.17 to 0.3.18.
- [Release notes](https://github.com/ember-cli/ember-rfc176-data/releases )
- [Changelog](https://github.com/ember-cli/ember-rfc176-data/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ember-cli/ember-rfc176-data/compare/v0.3.17...v0.3.18 )
---
updated-dependencies:
- dependency-name: ember-rfc176-data
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-22 22:56:17 +01:00
9be9f97373
Build(deps): Bump @babel/standalone in /app/assets/javascripts ( #19945 )
...
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone ) from 7.20.12 to 7.20.13.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.20.13/packages/babel-standalone )
---
updated-dependencies:
- dependency-name: "@babel/standalone"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-22 22:53:57 +01:00
36447fb043
Build(deps): Bump jsdom from 21.0.0 to 21.1.0 in /app/assets/javascripts ( #19944 )
...
Bumps [jsdom](https://github.com/jsdom/jsdom ) from 21.0.0 to 21.1.0.
- [Release notes](https://github.com/jsdom/jsdom/releases )
- [Changelog](https://github.com/jsdom/jsdom/blob/master/Changelog.md )
- [Commits](https://github.com/jsdom/jsdom/compare/21.0.0...21.1.0 )
---
updated-dependencies:
- dependency-name: jsdom
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-22 22:39:36 +01:00
f7907a3645
A11Y: remove heading tags from user profile ( #19935 )
2023-01-20 12:27:07 -05:00
1521bace4f
A11Y: add secondary skip link to user profiles ( #19926 )
2023-01-20 10:30:57 -05:00
90d452ab6c
FIX: Don't display staff-only options to non-staff in group member bulk menu ( #19907 )
...
In the group member bulk edit menu we are displaying staff-only options
to non-staff. The requests are blocked by the back-end, so there is no
harm other than to the user experience.
Notably the individual user edit menu is correctly filtering out
unavailable options. This change brings the bulk edit menu in line with
that.
2023-01-20 11:16:04 +08:00
b05f193cf0
FIX: move min tag setting to tags section in edit category ( #19789 )
...
`Minimum number of tags required in a topic` should be in `Tags` panel instead of `Settings`
2023-01-20 13:30:39 +11:00
292d3677e9
FEATURE: Allow admins to permanently delete revisions ( #19913 )
...
# Context
This PR introduces the ability to permanently delete revisions from a post while maintaining the changes implemented by the revisions.
Additional Context: /t/90301
# Functionality
In the case a staff member wants to _remove the visual cue_ that a post has been edited eg.
<img width="86" alt="Screenshot 2023-01-18 at 2 59 12 PM" src="https://user-images.githubusercontent.com/50783505/213293333-9c881229-ab18-4591-b39b-e3419a67907d.png ">
while maintaining the changes made in the edits, they can enable the (hidden) site setting of `can_permanently_delete`.
When this is enabled, after _hiding_ the revisions
<img width="149" alt="Screenshot 2023-01-19 at 1 53 35 PM" src="https://user-images.githubusercontent.com/50783505/213546080-2a9e9c55-b3ef-428e-a93d-1b6ba287dfae.png ">
there will be an additional button in the history modal to <kbd>Delete revisions</kbd> on a post.
<img width="997" alt="Screenshot 2023-01-19 at 1 49 51 PM" src="https://user-images.githubusercontent.com/50783505/213546333-49042558-50ab-4724-9da7-08bacc68d38d.png ">
Since this action is permanent, we display a confirmation dialog prior to triggering the destroy call
<img width="722" alt="Screenshot 2023-01-19 at 1 55 59 PM" src="https://user-images.githubusercontent.com/50783505/213546487-96ea6e89-ac49-4892-b4b0-28996e3c867f.png ">
Once confirmed the history modal will close and the post will `rebake` to display an _unedited_ post.
<img width="868" alt="Screenshot 2023-01-19 at 1 56 35 PM" src="https://user-images.githubusercontent.com/50783505/213546608-d6436717-8484-4132-a1a8-b7a348d92728.png ">
see that there is not a visual que for _revision have been made on this post_ for a post that **HAS** been edited. In addition to this, a user history log for `purge_post_revisions` will be added for each action completed.
# Limits
- Admins are rate limited to 20 posts per minute
2023-01-19 15:09:01 -06:00
f66e798ed7
A11Y: more descriptive user page titles ( #19819 )
2023-01-19 12:45:45 -05:00
20f5a69427
UX: add missing space and other minor search adjustments ( #19899 )
2023-01-18 09:40:38 -05:00
145d2baa14
A11Y: add aria tags to the new user nav ( #19774 )
2023-01-17 12:18:16 -05:00
011c9b9973
DEV: Use message-bus chunked encoding in development ( #19878 )
...
This was previously disabled because of incompatibility with the ember-cli proxy. This commit fixes that incompatibility, and restores the development behaviour to match production.
There were three issues at play:
1. Our bootstrap-js addon handles the forwarding of most requests in the ember-cli proxy. This is not built to handle streaming responses. Solution: skip our custom request processing for `/message-bus/*` and use ember-cli's default `http-proxy`.
2. The request/response size-limiting middleware (`rawMiddleware`) would apply even to unhandled paths, causing request and response bodies to be buffered. Solution: skip it for any paths which are not handled by our custom addon.
3. Expressjs servers will buffer/compress responses. Solution: add `Cache-Control: no-transform` to message-bus responses. For now I've done this in development only, but it may be useful to add it to message-bus's default headers in future
2023-01-17 09:54:33 +00:00
624f4a7de9
Drop support for iOS < 15.7 ( #19847 )
...
https://meta.discourse.org/t/224747
2023-01-16 17:28:59 +00:00
9ed4550b86
Build(deps): Bump eslint in /app/assets/javascripts ( #19873 )
...
Bumps [eslint](https://github.com/eslint/eslint ) from 8.31.0 to 8.32.0.
- [Release notes](https://github.com/eslint/eslint/releases )
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md )
- [Commits](https://github.com/eslint/eslint/compare/v8.31.0...v8.32.0 )
---
updated-dependencies:
- dependency-name: eslint
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-15 22:32:00 +01:00
a444023113
DEV: adds row index support ( #19871 )
...
This commits adds a data-index attribute on each `select-kit-row` DOM node and also makes available `this.index` in each `select-kit-row` template.
2023-01-13 16:39:21 +01:00
f525f722ea
DEV: adds expandedOnInsert option to sk ( #19870 )
...
Allows to display a select-kit component expanded by default.
Usage:
```
<SingleSelect
@value={{this.value}}
@content={{this.content}}
@options={{hash expandedOnInsert=true}}
/>
```
2023-01-13 16:13:13 +01:00
5cd136510a
Build(deps): Bump message-bus-client in /app/assets/javascripts ( #19864 )
...
Bumps [message-bus-client](https://github.com/discourse/message_bus ) from 4.3.1 to 4.3.2.
- [Release notes](https://github.com/discourse/message_bus/releases )
- [Changelog](https://github.com/discourse/message_bus/blob/main/CHANGELOG )
- [Commits](https://github.com/discourse/message_bus/compare/v4.3.1...v4.3.2 )
---
updated-dependencies:
- dependency-name: message-bus-client
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-13 12:22:00 +00:00
28078d78e2
DEV: Make 'username' optional for bookmark notifications ( #19851 )
...
Data Explorer queries have a `user_id` assigned to each query created. DE Reports can be bookmarked for later reference.
When creating the bookmark notification there was the possibility of a notification error being thrown (that made the notification menu inaccessible) due to a DE Query not having a owner (associated user_id). This can happen in a couple ways:
- having a query created by a user that was then later deleted leaving the query without ownership
- having a TA create a query for a customer using a temporary account, that would then later be deleted leaving the query without ownership
Since there is a case that `bookmark.user` is not valid the PR makes the `bookmark.user.username` optional for a bookmark notification. As [tested](https://github.com/discourse/discourse/pull/19851/files#diff-5b5154de37f96988d551feff6f1dfe5ba804fbcbc1c33b5478dde02a447a634f ) in the case a username is not present, we will still render the `content` of the notification minus the username. This creates a safe fallback when looking up non-valid users.
2023-01-12 12:22:11 -06:00
1a759fd75f
Build(deps): Bump @ember/render-modifiers in /app/assets/javascripts ( #19832 )
...
Bumps [@ember/render-modifiers](https://github.com/emberjs/ember-render-modifiers ) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/emberjs/ember-render-modifiers/releases )
- [Changelog](https://github.com/emberjs/ember-render-modifiers/blob/master/CHANGELOG.md )
- [Commits](https://github.com/emberjs/ember-render-modifiers/compare/v2.0.4...v2.0.5 )
---
updated-dependencies:
- dependency-name: "@ember/render-modifiers"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-12 10:47:23 +01:00
21a95b000e
DEV: Remove defunct TODOs ( #19825 )
...
* Firefox now finally returns PerformanceMeasure from performance.measure
* Some TODOs were really more NOTE or FIXME material or no longer relevant
* retain_hours is not needed in ExternalUploadsManager, it doesn't seem like anywhere in the UI sends this as a param for uploads
* https://github.com/discourse/discourse/pull/18413 was merged so we can remove JS test workaround for settings
2023-01-12 09:41:39 +10:00
92bb728fe5
DEV: Add search suggestions for tag-intersections ( #19777 )
...
Added `tagIntersection` search context for handling search suggestions on tag intersection and tag+category routes.
# Tag & Category Route Search Suggestions
eg. /tags/c/general/5/updates
### Before
<img width="422" alt="Screenshot 2023-01-06 at 2 58 50 PM" src="https://user-images.githubusercontent.com/50783505/211098933-ade438c6-5008-49ce-9a90-c8200ec5fe00.png ">
### After
<img width="359" alt="Screenshot 2023-01-06 at 3 00 35 PM" src="https://user-images.githubusercontent.com/50783505/211099183-c3feaeac-8661-47ed-843c-da9d9fb78e9e.png ">
# Tag Intersection Route Search Suggestions
eg. /tags/intersection/updates/foo
### Before
<img width="421" alt="Screenshot 2023-01-06 at 3 02 23 PM" src="https://user-images.githubusercontent.com/50783505/211099435-e8fc6d87-2772-45b5-b455-1831f80eab3a.png ">
### After
<img width="362" alt="Screenshot 2023-01-09 at 2 02 09 PM" src="https://user-images.githubusercontent.com/50783505/211397349-acb350f7-8e6a-4d9f-a749-8292e49400d9.png ">
I defaulted to using `+` as a separator for tag intersections. The reasoning behind this is that we don't make the tag intersection routes easily accessible, so if you are going out of your way to view multiple tags, you are most likely going to be searching by **both** of those tags as well.
# General Search
Introducing flex wrap removes whitespace causing a [test](https://github.com/discourse/discourse/pull/19777/files#diff-5d3d13fabc1a511635eb7471ffe74f4d455d77f6984543c2be6ad136dfaa6d3aR813 ) to fail, but to remedy this I added spacing to the `.search-item-prefix` and `.search-item-slug` which achieves the same thing.
### After
<img width="359" alt="Screenshot 2023-01-09 at 2 04 54 PM" src="https://user-images.githubusercontent.com/50783505/211397900-60220394-5596-4e13-afd0-b6130afa0de2.png ">
2023-01-11 13:02:22 -06:00
d2e9ea6193
FEATURE: Allow group owners promote more owners ( #19768 )
...
This change allows group owners (in addition to admins) to promote other members to owners.
2023-01-11 16:43:18 +08:00
06bda1fc62
FIX: wrap plugin outlets on user preference page
2023-01-09 14:17:50 +01:00
c31772879b
FIX: Disable image optimization in iOS Safari ( #19790 )
...
There are various performance issues with the Canvas in iOS Safari
that are causing crashes when processing images with spikes of over 100%
CPU usage. The cause of this is unknown, but profiling points to
CanvasRenderingContext2D.getImageData() and
CanvasRenderingContext2D.drawImage().
Until Safari makes some progress with OffscreenCanvas or other
alternatives we cannot support this workflow. We will revisit in 6
months.
This is gated behind the hidden `composer_ios_media_optimisation_image_enabled`
site setting for people who really still want to try using this.
2023-01-09 12:16:02 +10:00
15e81b6174
Build(deps): Bump jsdom from 20.0.3 to 21.0.0 in /app/assets/javascripts ( #19786 )
...
Bumps [jsdom](https://github.com/jsdom/jsdom ) from 20.0.3 to 21.0.0.
- [Release notes](https://github.com/jsdom/jsdom/releases )
- [Changelog](https://github.com/jsdom/jsdom/blob/master/Changelog.md )
- [Commits](https://github.com/jsdom/jsdom/compare/20.0.3...21.0.0 )
---
updated-dependencies:
- dependency-name: jsdom
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-08 23:41:14 +01:00
1ee9356a54
PR reviews
2023-01-06 09:51:46 +08:00
David Taylor
Bianca Nenciu
Zachary Huff
dependabot[bot]
Keegan George
Kris
Sam
Natalie Tay
Jarek Radosz
Aleksey Bogdanov
Krzysztof Kotlarek
Ted Johansson
Isaac Janzen
Joffrey JAFFEUX
Martin Brennan
Alan Guo Xiang Tan
