Neil Lalonde
93c8b4fb58
Bump rack from 2.0.7 to 2.0.8
2019-12-19 12:22:48 -05:00
dependabot-preview[bot]
e0df0f479a
Bump aws-sdk-s3 from 1.59.0 to 1.59.1 ( #8575 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.59.0 to 1.59.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.59.0...v1.59.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-18 12:11:43 -03:00
dependabot-preview[bot]
2cdaf05c37
Bump ruby-prof from 1.0.0 to 1.1.0 ( #8546 )
...
Bumps [ruby-prof](https://github.com/ruby-prof/ruby-prof ) from 1.0.0 to 1.1.0.
- [Release notes](https://github.com/ruby-prof/ruby-prof/releases )
- [Changelog](https://github.com/ruby-prof/ruby-prof/blob/master/CHANGES )
- [Commits](https://github.com/ruby-prof/ruby-prof/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-18 12:10:09 -03:00
dependabot-preview[bot]
7b7926c486
Bump rake-compiler from 1.0.7 to 1.0.8 ( #8559 )
...
Bumps [rake-compiler](https://github.com/luislavena/rake-compiler ) from 1.0.7 to 1.0.8.
- [Release notes](https://github.com/luislavena/rake-compiler/releases )
- [Changelog](https://github.com/rake-compiler/rake-compiler/blob/master/History.txt )
- [Commits](https://github.com/luislavena/rake-compiler/compare/v1.0.7...v1.0.8 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-18 11:56:16 -03:00
dependabot-preview[bot]
aaf159c48c
Bump aws-partitions from 1.255.0 to 1.256.0 ( #8566 )
...
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby ) from 1.255.0 to 1.256.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-18 11:55:44 -03:00
dependabot-preview[bot]
caa7cc51f1
Build(deps): Bump thor from 1.0.0 to 1.0.1 ( #8572 )
...
Bumps [thor](https://github.com/erikhuda/thor ) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/erikhuda/thor/releases )
- [Changelog](https://github.com/erikhuda/thor/blob/master/CHANGELOG.md )
- [Commits](https://github.com/erikhuda/thor/compare/v1.0.0...v1.0.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-18 11:55:18 -03:00
Martin Brennan
beb91e7eff
FIX: require: false for rotp gem ( #8540 )
...
The ROTP gem is only used in a very small amount of places in the app, we don't need to globally require it.
Also set the Addressable gem to not have a specific version range, as it has not been a problem yet.
Some slight refactoring of UserSecondFactor here too to use SecondFactorManager to avoid code repetition
2019-12-17 10:33:51 +10:00
dependabot-preview[bot]
998bbdc40f
Bump fspath from 3.1.0 to 3.1.2 ( #8564 )
...
Bumps [fspath](https://github.com/toy/fspath ) from 3.1.0 to 3.1.2.
- [Release notes](https://github.com/toy/fspath/releases )
- [Commits](https://github.com/toy/fspath/compare/v3.1.0...v3.1.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 12:19:31 -08:00
dependabot-preview[bot]
5acecfcb91
Bump in_threads from 1.5.1 to 1.5.3 ( #8556 )
...
Bumps [in_threads](https://github.com/toy/in_threads ) from 1.5.1 to 1.5.3.
- [Release notes](https://github.com/toy/in_threads/releases )
- [Changelog](https://github.com/toy/in_threads/blob/master/CHANGELOG.markdown )
- [Commits](https://github.com/toy/in_threads/compare/v1.5.1...v1.5.3 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 10:57:22 -08:00
dependabot-preview[bot]
82828d5145
Bump progress from 3.5.0 to 3.5.2 ( #8560 )
...
Bumps [progress](https://github.com/toy/progress ) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/toy/progress/releases )
- [Changelog](https://github.com/toy/progress/blob/master/CHANGELOG.markdown )
- [Commits](https://github.com/toy/progress/compare/v3.5.0...v3.5.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 10:45:33 -08:00
dependabot-preview[bot]
aee3c6b96b
Bump json from 2.2.0 to 2.3.0 ( #8563 )
...
Bumps [json](https://github.com/flori/json ) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/flori/json/releases )
- [Changelog](https://github.com/flori/json/blob/master/CHANGES.md )
- [Commits](https://github.com/flori/json/compare/v2.2.0...v2.3.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 10:35:08 -08:00
dependabot-preview[bot]
e328700ae5
Bump aws-sdk-core from 3.85.0 to 3.86.0 ( #8558 )
...
Bumps [aws-sdk-core](https://github.com/aws/aws-sdk-ruby ) from 3.85.0 to 3.86.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-core/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 10:09:38 -08:00
dependabot-preview[bot]
22f1aa0c58
Bump jquery-rails from 4.3.3 to 4.3.5 ( #8557 )
...
Bumps [jquery-rails](https://github.com/rails/jquery-rails ) from 4.3.3 to 4.3.5.
- [Release notes](https://github.com/rails/jquery-rails/releases )
- [Changelog](https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rails/jquery-rails/compare/v4.3.3...v4.3.5 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 09:44:56 -08:00
dependabot-preview[bot]
db82ed86c4
Bump thor from 0.20.3 to 1.0.0 ( #8550 )
2019-12-16 09:23:47 -08:00
dependabot-preview[bot]
6b3308d614
Bump excon from 0.70.0 to 0.71.0 ( #8551 )
...
Bumps [excon](https://github.com/excon/excon ) from 0.70.0 to 0.71.0.
- [Release notes](https://github.com/excon/excon/releases )
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt )
- [Commits](https://github.com/excon/excon/compare/v0.70.0...v0.71.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 08:53:42 -08:00
OsamaSayegh
dc3c4bdd00
DEV: Bump Logster version to 2.5.1
...
This version has minor follow-up fixes and changes to the pattern
grouping feature that was introduced yesterday. See Logster changelog
for details: https://github.com/discourse/logster/blob/master/CHANGELOG.md
2019-12-13 09:51:19 +00:00
dependabot-preview[bot]
885d2bb87a
Bump logster from 2.4.2 to 2.5.0 ( #8538 )
...
Bumps [logster](https://github.com/discourse/logster ) from 2.4.2 to 2.5.0.
- [Release notes](https://github.com/discourse/logster/releases )
- [Changelog](https://github.com/discourse/logster/blob/master/CHANGELOG.md )
- [Commits](https://github.com/discourse/logster/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
This new version of Logster has grouping patterns that can be added via the UI to group logs that match into a single row. More details at 24d6cc9742
2019-12-12 08:26:49 +03:00
Martin Brennan
e8ee847dd2
Merge branch 'master' of github.com:discourse/discourse
2019-12-12 14:33:09 +10:00
Martin Brennan
9c1e0b8bd2
bump rubocop-discourse to 1.0.2 for NoURIEscapeEncode cop
2019-12-12 14:30:27 +10:00
Martin Brennan
edbc356593
FIX: Replace deprecated URI.encode, URI.escape, URI.unescape and URI.unencode ( #8528 )
...
The following methods have long been deprecated in ruby due to flaws in their implementation per http://blade.nagaokaut.ac.jp/cgi-bin/vframe.rb/ruby/ruby-core/29293?29179-31097 :
URI.escape
URI.unescape
URI.encode
URI.unencode
escape/encode are just aliases for one another. This PR uses the Addressable gem to replace these methods with its own encode, unencode, and encode_component methods where appropriate.
I have put all references to Addressable::URI here into the UrlHelper to keep them corralled in one place to make changes to this implementation easier.
Addressable is now also an explicit gem dependency.
2019-12-12 12:49:21 +10:00
Sam Saffron
b6acfb7847
DEV: upgrade redis-namespace gem
...
New release has a few extra commands namespaced, nothing we use.
Also added a comment about why this is explicitly required.
2019-12-12 13:36:08 +11:00
dependabot-preview[bot]
61ac0d47ee
DEV: Bump stackprof from 0.2.13 to 0.2.14 ( #8531 )
...
Bumps [stackprof](https://github.com/tmm1/stackprof ) from 0.2.13 to 0.2.14.
- [Release notes](https://github.com/tmm1/stackprof/releases )
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md )
- [Commits](https://github.com/tmm1/stackprof/compare/v0.2.13...v0.2.14 )
Minor upgrade to stackprof which is only used for diagnostics and not default required. Changes all look safe.
2019-12-12 13:29:00 +11:00
Krzysztof Kotlarek
746ba0d8fd
SECURITY: upgrade rack-mini-profiler to avoid possible XSS ( #8537 )
2019-12-12 13:15:40 +11:00
dependabot-preview[bot]
863d3f89de
Build(deps): Bump aws-sdk-s3 from 1.36.1 to 1.59.0 ( #8502 )
...
* Build(deps): Bump aws-sdk-s3 from 1.36.1 to 1.59.0
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.36.1 to 1.59.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.36.1...v1.59.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Dependabot/bundler/aws sdk s3 1.59.0 (#8532 )
2019-12-11 10:18:11 -08:00
Mark VanLandingham
06c6062ed2
DEV: Lock sassc gem at version 2.0.1 with note ( #8523 )
2019-12-11 06:22:39 -08:00
dependabot-preview[bot]
b90a592146
DEV: Bump aws-sdk-sns from 1.13.0 to 1.21.0 ( #8490 )
...
Bumps [aws-sdk-sns](https://github.com/aws/aws-sdk-ruby ) from 1.13.0 to 1.21.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-sns/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/1.13.0...1.21.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-11 06:13:17 -08:00
Sam Saffron
1d16b34284
DEV: forgot to check in lockfile
...
updates lock file to properly match the generated one.
2019-12-11 12:45:42 +11:00
dependabot-preview[bot]
508b4c1e5e
DEV: Bump css_parser from 1.7.0 to 1.7.1 ( #8524 )
...
Bumps [css_parser](https://github.com/premailer/css_parser ) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/premailer/css_parser/releases )
- [Changelog](https://github.com/premailer/css_parser/blob/master/CHANGELOG.md )
- [Commits](https://github.com/premailer/css_parser/compare/v1.7.0...v1.7.1 )
This minor update force UTF-8, this should have not impact on us as we only trade in UTF-8 strings for CSS anyway.
2019-12-11 10:56:53 +11:00
dependabot-preview[bot]
83175c9bfb
DEV: Bump rspec-html-matchers from 0.9.1 to 0.9.2 ( #8525 )
...
Bumps [rspec-html-matchers](https://github.com/kucaahbe/rspec-html-matchers ) from 0.9.1 to 0.9.2.
- [Release notes](https://github.com/kucaahbe/rspec-html-matchers/releases )
- [Changelog](https://github.com/kucaahbe/rspec-html-matchers/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kucaahbe/rspec-html-matchers/compare/v0.9.1...v0.9.2 )
Low risk update, only impacts tests.
2019-12-11 10:55:25 +11:00
dependabot-preview[bot]
505b8b76bc
Build(deps): Bump webpush from 0.3.8 to 1.0.0 ( #8511 )
...
Bumps [webpush](https://github.com/zaru/webpush ) from 0.3.8 to 1.0.0.
- [Release notes](https://github.com/zaru/webpush/releases )
- [Changelog](https://github.com/zaru/webpush/blob/master/CHANGELOG.md )
- [Commits](https://github.com/zaru/webpush/compare/v0.3.8...v1.0.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-10 12:56:52 -08:00
dependabot-preview[bot]
3309a2b564
Build(deps-dev): Bump webmock from 3.5.1 to 3.7.6 ( #8512 )
...
Bumps [webmock](https://github.com/bblimke/webmock ) from 3.5.1 to 3.7.6.
- [Release notes](https://github.com/bblimke/webmock/releases )
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md )
- [Commits](https://github.com/bblimke/webmock/compare/v3.5.1...v3.7.6 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-10 10:38:03 -08:00
dependabot-preview[bot]
31c6a1528b
Build(deps-dev): Bump listen from 3.1.5 to 3.2.1 ( #8498 )
...
Bumps [listen](https://github.com/guard/listen ) from 3.1.5 to 3.2.1.
- [Release notes](https://github.com/guard/listen/releases )
- [Commits](https://github.com/guard/listen/compare/v3.1.5...v3.2.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-10 08:48:40 -08:00
dependabot-preview[bot]
287ba20f3b
Build(deps-dev): Bump parallel_tests from 2.29.2 to 2.30.0 ( #8508 )
...
Bumps [parallel_tests](https://github.com/grosser/parallel_tests ) from 2.29.2 to 2.30.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases )
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.29.2...v2.30.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-10 16:11:49 +00:00
Mark VanLandingham
148970ca9b
DEV: Revert parallel_tests bump ( #8518 )
...
parallel_tests with this version uses `bin/rake`, which auto-loads plugins
2019-12-10 07:58:12 -08:00
dependabot-preview[bot]
2605adede0
Build(deps-dev): Bump parallel_tests from 2.29.2 to 2.30.0 ( #8508 )
...
Bumps [parallel_tests](https://github.com/grosser/parallel_tests ) from 2.29.2 to 2.30.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases )
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.29.2...v2.30.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-10 07:12:38 -08:00
dependabot-preview[bot]
da62f87694
Build(deps): Bump rqrcode from 0.10.1 to 1.1.2 ( #8497 )
...
Bumps [rqrcode](https://github.com/whomwah/rqrcode ) from 0.10.1 to 1.1.2.
- [Release notes](https://github.com/whomwah/rqrcode/releases )
- [Commits](https://github.com/whomwah/rqrcode/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-10 06:49:20 -08:00
dependabot-preview[bot]
ee1f77d301
Build(deps-dev): Bump uglifier from 4.1.20 to 4.2.0 ( #8510 )
...
Bumps [uglifier](https://github.com/lautis/uglifier ) from 4.1.20 to 4.2.0.
- [Release notes](https://github.com/lautis/uglifier/releases )
- [Changelog](https://github.com/lautis/uglifier/blob/master/CHANGELOG.md )
- [Commits](https://github.com/lautis/uglifier/compare/v4.1.20...v4.2.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-10 06:28:15 -08:00
dependabot-preview[bot]
33ae9679d8
DEV: Bump excon from 0.64.0 to 0.70.0 ( #8503 )
...
Bumps [excon](https://github.com/excon/excon ) from 0.64.0 to 0.70.0.
- [Release notes](https://github.com/excon/excon/releases )
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt )
- [Commits](https://github.com/excon/excon/compare/v0.64.0...v0.70.0 )
Most changes are minor and update should be pretty safe.
2019-12-10 12:34:00 +11:00
Sam Saffron
3e0454c97b
DEV: add a note about sprockets being held back
...
We want to upgrade to version 4, but it does not work atm.
2019-12-10 12:31:16 +11:00
dependabot-preview[bot]
84c251c778
DEV: Bump sidekiq from 5.2.7 to 6.0.3 ( #8499 )
...
Bumps [sidekiq](https://github.com/mperham/sidekiq ) from 5.2.7 to 6.0.3.
- [Release notes](https://github.com/mperham/sidekiq/releases )
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md )
- [Commits](https://github.com/mperham/sidekiq/compare/v5.2.7...v6.0.3 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
The big thing for us with this update is that it makes sidekiq a bit faster.
2019-12-10 12:05:02 +11:00
dependabot-preview[bot]
c923c49964
DEV: Bump sassc-rails from 2.1.1 to 2.1.2 ( #8501 )
...
Bumps [sassc-rails](https://github.com/sass/sassc-rails ) from 2.1.1 to 2.1.2.
- [Release notes](https://github.com/sass/sassc-rails/releases )
- [Commits](https://github.com/sass/sassc-rails/compare/v2.1.1...v2.1.2 )
Minor fixes in the gem
2019-12-10 11:50:34 +11:00
Sam Saffron
0c52537f10
DEV: update rubocop to version 0.77
...
We like to stay as close as possible to latest with rubocop cause the cops
get better.
This update required some code changes, specifically the default is to avoid
explicit returns where implicit is done
Also this renames a few rules
2019-12-10 11:48:39 +11:00
dependabot-preview[bot]
ee9afb87f2
DEV: Bump mock_redis from 0.19.0 to 0.22.0 ( #8504 )
...
Bumps [mock_redis](https://github.com/sds/mock_redis ) from 0.19.0 to 0.22.0.
- [Release notes](https://github.com/sds/mock_redis/releases )
- [Changelog](https://github.com/sds/mock_redis/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sds/mock_redis/compare/v0.19.0...v0.22.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Mock redis update adds better parity for redis mock, we use it during tests.
2019-12-10 11:36:36 +11:00
Mark VanLandingham
6740e08caa
DEV: Revert 3 dependabot suggestions ( #8506 )
2019-12-09 14:40:54 -08:00
Mark VanLandingham
642c17a4b2
DEV: revert webpush version bump ( #8505 )
2019-12-09 13:53:25 -08:00
dependabot-preview[bot]
413a49fe06
Build(deps-dev): Bump rspec-html-matchers from 0.9.1 to 0.9.2 ( #8494 )
...
Bumps [rspec-html-matchers](https://github.com/kucaahbe/rspec-html-matchers ) from 0.9.1 to 0.9.2.
- [Release notes](https://github.com/kucaahbe/rspec-html-matchers/releases )
- [Changelog](https://github.com/kucaahbe/rspec-html-matchers/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kucaahbe/rspec-html-matchers/compare/v0.9.1...v0.9.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-09 12:22:55 -08:00
dependabot-preview[bot]
866b634f22
Build(deps): Bump webpush from 0.3.8 to 1.0.0 ( #8491 )
...
Bumps [webpush](https://github.com/zaru/webpush ) from 0.3.8 to 1.0.0.
- [Release notes](https://github.com/zaru/webpush/releases )
- [Changelog](https://github.com/zaru/webpush/blob/master/CHANGELOG.md )
- [Commits](https://github.com/zaru/webpush/compare/v0.3.8...v1.0.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-09 12:21:49 -08:00
dependabot-preview[bot]
6dd1d63671
Build(deps): Bump sassc from 2.0.1 to 2.2.1 ( #8493 )
...
Bumps [sassc](https://github.com/sass/sassc-ruby ) from 2.0.1 to 2.2.1.
- [Release notes](https://github.com/sass/sassc-ruby/releases )
- [Changelog](https://github.com/sass/sassc-ruby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sass/sassc-ruby/compare/v2.0.1...v2.2.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-09 12:19:39 -08:00
dependabot-preview[bot]
bf847e680a
Build(deps-dev): Bump uglifier from 4.1.20 to 4.2.0 ( #8489 )
...
Bumps [uglifier](https://github.com/lautis/uglifier ) from 4.1.20 to 4.2.0.
- [Release notes](https://github.com/lautis/uglifier/releases )
- [Changelog](https://github.com/lautis/uglifier/blob/master/CHANGELOG.md )
- [Commits](https://github.com/lautis/uglifier/compare/v4.1.20...v4.2.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-09 12:16:03 -08:00
dependabot-preview[bot]
16de46f8d4
Build(deps): Bump omniauth-google-oauth2 from 0.7.0 to 0.8.0 ( #8488 )
...
Bumps [omniauth-google-oauth2](https://github.com/zquestz/omniauth-google-oauth2 ) from 0.7.0 to 0.8.0.
- [Release notes](https://github.com/zquestz/omniauth-google-oauth2/releases )
- [Changelog](https://github.com/zquestz/omniauth-google-oauth2/blob/master/CHANGELOG.md )
- [Commits](https://github.com/zquestz/omniauth-google-oauth2/compare/v0.7.0...v0.8.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-09 12:13:07 -08:00