Discourse/discourse
Discourse/discourse
0
0
Fork 0
mirror of https://gh.wpcy.net/https://github.com/discourse/discourse.git synced 2026-05-21 17:30:58 +08:00
Code Packages Activity Actions
discourse/spec/lib
History
Exact
Kelv b9363494d4
FIX: invalid CSP directive sources should allow site to boot with valid CSP directives (stable) (#31270) 
[Security
patch](5558e72f22)
(for this [CVE](https://nvd.nist.gov/vuln/detail/CVE-2024-54133)) from
rails actionpack was backported from [Rails
8.0.0.1](https://github.com/rails/rails/blob/v8.0.1/actionpack/CHANGELOG.md#rails-8001-december-10-2024)
to previous stable versions including `7-1-stable` / `7-2-stable`.

Any previous version of Discourse upgrading to v3.4.0.beta3 and above
would have observed their sites crashing if they had invalid sources in
their CSP directive extensions.

This fix removes such invalid sources during our build of the CSP, and
logs these at a warning level so devs are able to find out why their CSP
sources were filtered out of the extendable directives.
2025-02-11 11:51:01 +08:00
..
active_support_type_extensions DEV: Improve array type in service contracts 2024-10-17 17:02:02 +02:00
auth Add dedicated user_api_key_clients table to allow for 1:many use cases (#28119) 2024-11-08 12:05:03 -05:00
backup_restore FIX: truncate extremely long site name titles (#30977) 2025-01-24 15:47:05 +11:00
common_passwords DEV: Fix various spec linting issues (#24672) 2023-12-04 13:45:19 +01:00
compression DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
concern FIX: do not use return in block (#26260) 2024-03-20 10:49:28 +01:00
content_security_policy FIX: invalid CSP directive sources should allow site to boot with valid CSP directives (stable) (#31270) 2025-02-11 11:51:01 +08:00
demon DEV: Fix undefined method check_email_sync_heartbeat in unicorn conf (#30360) 2024-12-19 10:10:11 +08:00
discourse_webauthn DEV: Fix random typos (#26881) 2024-05-06 20:52:48 +02:00
email FEATURE: Improve use_email_for_username_and_name_suggestions (#30845) 2025-01-21 13:04:48 +00:00
file_store FIX: Include original filename in s3 uploads even if not attachment (#30789) 2025-01-15 18:08:18 +08:00
final_destination SECURITY: Add FastImage SSRF safe freedom patch 2024-07-03 20:49:15 +08:00
freedom_patches DEV: Remove unnecessary freedom patches 2024-08-19 12:06:54 +02:00
guardian FIX: Don't allow editing own posts user can no longer see (#30839) 2025-01-20 10:09:58 +08:00
highlight_js DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
i18n DEV: Enable Rails 7.1 defaults 2024-08-12 10:41:13 +02:00
imap DEV: Remove old TODOs for message-id formats (#27196) 2024-05-28 13:57:09 +10:00
import DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
middleware DEV: API to register custom request rate limiting conditions (#30239) 2024-12-23 09:57:18 +08:00
migration DEV: Upgrade Rails to version 7.2 2024-11-27 10:48:47 +01:00
onebox SECURITY: Restrict allowed URL patterns 2025-02-04 13:32:34 -03:00
plugin DEV: Use default admin routes for plugins with settings (#30941) 2025-02-04 14:57:28 +08:00
pretty_text FEATURE: Async load of category and chat hashtags (#25526) 2024-02-12 12:07:14 +02:00
rate_limiter DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
scheduler FIX: handle more thread pool edge cases (#30392) 2024-12-20 11:50:00 +11:00
second_factor DEV: Allow run_second_factor! to be used before login (#25420) 2024-01-29 12:28:47 +00:00
seed_data FIX: "Replace Text" didn't list "Welcome Topic" when "General" category is missing (#27182) 2024-05-27 09:57:30 +02:00
service DEV: new lock step for services (#30872) 2025-01-29 14:28:22 +01:00
site_settings FEATURE: setting allowing tl0/anonymous flag illegal content (#30785) 2025-01-17 08:57:44 +11:00
stylesheet FEATURE: Improve wizard font selection and set Inter as default font for new sites (#30974) 2025-01-27 11:29:55 +10:00
svg_sprite DEV: enable raise_error in test envs for deprecated icons in svg_sprite.rb (#30980) 2025-02-04 21:21:20 +08:00
theme_settings_manager DEV: Remove experimental_objects_type_for_theme_settings site setting (#26507) 2024-04-04 12:01:31 +08:00
theme_store FEATURE: Theme settings migrations (#24071) 2023-11-02 08:10:15 +03:00
topic_query DEV: Remove full group refreshes from tests (#25414) 2024-01-25 14:28:26 +08:00
turbo_tests/flaky DEV: Include exception details for each test in flaky tests report (#24892) 2023-12-14 11:11:11 +08:00
validators FEATURE: Add option to hide full name input at signup (#30471) 2024-12-30 22:26:20 +03:00
wizard FEATURE: Improve wizard font selection and set Inter as default font for new sites (#30974) 2025-01-27 11:29:55 +10:00
admin_confirmation_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
admin_user_index_query_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
archetype_spec.rb DEV: Catch missing translations during test runs (#26258) 2024-05-24 22:15:53 +08:00
bookmark_manager_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
bookmark_query_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
bookmark_reminder_notification_handler_spec.rb FIX: Bookmark reminder was clearing incorrectly (#28506) 2024-08-26 09:17:39 +10:00
bookmarks_bulk_action_spec.rb FIX: Bookmark reminder was clearing incorrectly (#28506) 2024-08-26 09:17:39 +10:00
browser_detection_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
cache_spec.rb DEV: Use rspec mocks to properly verify a race condition 2024-08-06 15:57:04 +02:00
category_badge_spec.rb FIX: email category badges shouldn't use category text color (#25655) 2024-02-13 10:18:36 -05:00
category_guardian_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
color_math_spec.rb UX: Calculate missing hover/selected colors from existing colors (#20105) 2023-02-01 09:55:21 +00:00
composer_messages_finder_spec.rb DEV: move post flags into database (#27125) 2024-05-23 12:19:07 +10:00
content_buffer_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
content_security_policy_spec.rb FIX: invalid CSP directive sources should allow site to boot with valid CSP directives (stable) (#31270) 2025-02-11 11:51:01 +08:00
cooked_post_processor_spec.rb FIX: show lightbox for small images (#29140) 2024-10-18 09:45:08 +04:00
crawler_detection_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
current_user_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
db_helper_spec.rb FIX: Truncate bookmarks.name when remapping 2024-12-11 18:53:17 -05:00
directory_helper_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
discourse_diff_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
discourse_event_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
discourse_hub_spec.rb DEV: Don’t replace Rails logger in specs (#29721) 2024-11-13 08:47:39 +08:00
discourse_ip_info_spec.rb DEV: Don’t replace Rails logger in specs (#29721) 2024-11-13 08:47:39 +08:00
discourse_js_processor_spec.rb DEV: Upgrade dependencies to Ember 5.12 (#30131) 2024-12-11 11:09:25 -03:00
discourse_logstash_logger_spec.rb DEV: Log sidekiq job opts as string instead of hash (#28012) 2024-07-23 06:27:43 +08:00
discourse_plugin_registry_spec.rb DEV: Remove sprockets from plugin 'extra js' pipeline (#25502) 2024-02-01 11:48:31 +00:00
discourse_redis_spec.rb DEV: Fix random typos (#29161) 2024-10-10 16:11:55 +02:00
discourse_sourcemapping_url_processor_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
discourse_spec.rb DEV: Don’t replace Rails logger in specs (#29721) 2024-11-13 08:47:39 +08:00
discourse_tagging_spec.rb FEATURE: Add user to topic_tags_changed event (#28714) 2024-09-06 11:23:30 -03:00
discourse_updates_spec.rb FIX: Calculate experiment_enabled on server for "What's new?" (#30599) 2025-01-07 11:27:24 +10:00
distributed_cache_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
distributed_memoizer_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
distributed_mutex_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
email_cook_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
email_updater_spec.rb DEV: Change hide_email_address_taken default to true (#30293) 2024-12-17 10:46:04 +08:00
ember_cli_spec.rb FIX: EmberCli cache clearance issue in production (#24343) 2023-11-13 10:34:06 +00:00
encodings_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
enum_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
excerpt_parser_spec.rb FIX: proper details / summary excerpt (#30229) 2024-12-12 09:09:49 +01:00
feed_element_installer_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
feed_item_accessor_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
file_helper_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
filter_best_posts_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
final_destination_spec.rb FIX: FinalDestination#get forwarding Authorization header on redirects (#27043) 2024-05-16 08:37:34 +08:00
flag_settings_spec.rb FEATURE: custom flag can require additional message (#27908) 2024-07-18 10:10:22 +10:00
gaps_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
gc_stat_instrumenter_spec.rb DEV: Seperate concerns of tracking GC stat from MethodProfiler (#22921) 2023-08-02 10:46:37 +08:00
git_repo_spec.rb FEATURE: display commit hash for each plugin on /admin/plugins page. (#22176) 2023-06-26 10:09:57 +05:30
git_url_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
global_path_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
group_lookup_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
guardian_spec.rb FEATURE: Allow admins to export users (#30918) 2025-01-24 08:13:25 +11:00
has_errors_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
hijack_spec.rb FIX: Reports did not respect user locale (#30524) 2025-01-02 13:05:53 +10:00
homepage_helper_spec.rb DEV: uses context blocks (#28658) 2024-08-30 11:26:15 +02:00
html_prettify_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
html_to_markdown_spec.rb DEV: Bump rubocop_discourse (#29608) 2024-11-06 06:27:49 +08:00
image_sizer_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
inline_oneboxer_spec.rb FIX: Inline oneboxes should obey the locale. (#30664) 2025-01-09 17:22:22 +11:00
js_locale_helper_spec.rb DEV: Output failing MF keys when compilation fails 2024-10-15 12:45:23 +02:00
json_error_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
letter_avatar_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
message_id_service_spec.rb DEV: Remove old TODOs for message-id formats (#27196) 2024-05-28 13:57:09 +10:00
method_profiler_spec.rb DEV: Seperate concerns of tracking GC stat from MethodProfiler (#22921) 2023-08-02 10:46:37 +08:00
mini_scheduler_long_running_job_logger_spec.rb DEV: Don’t replace Rails logger in specs (#29721) 2024-11-13 08:47:39 +08:00
mini_sql_multisite_connection_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
mobile_detection_spec.rb Drop support for iOS < 15.7 (#19847) 2023-01-16 17:28:59 +00:00
new_post_manager_spec.rb FEATURE: Support designating multiple groups as mods on category (#28655) 2024-09-04 04:38:46 +03:00
new_post_result_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
onebox_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
oneboxer_spec.rb FIX: Allow to follow non-ASCII canonical links for oneboxes 2025-02-04 15:40:23 +01:00
onpdiff_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
password_hasher_spec.rb FEATURE: Persist password hashing algorithm/params in database (#20980) 2023-04-11 10:16:28 +01:00
pbkdf2_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
pinned_check_spec.rb DEV: Fix various spec linting issues (#24672) 2023-12-04 13:45:19 +01:00
plain_text_to_markdown_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
post_action_creator_spec.rb DEV: Call Discourse.redis.flushdb after the end of each test (#29117) 2024-10-09 07:19:31 +08:00
post_action_destroyer_spec.rb DEV: Convert min_trust_to_flag_posts setting to groups (#24864) 2023-12-13 17:18:42 +08:00
post_action_type_view_spec.rb FIX: use a custom prefix for custom flags (#28839) 2024-09-11 15:30:20 +10:00
post_creator_spec.rb FEATURE: Multiple Draft Topics (#30790) 2025-01-29 10:23:26 +04:00
post_destroyer_spec.rb FIX: update flag reason message with default value (#30026) 2024-12-04 14:46:52 +11:00
post_jobs_enqueuer_spec.rb DEV: Update the rubocop-discourse gem 2023-06-26 11:41:52 +02:00
post_locker_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
post_merger_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
post_revisor_spec.rb FIX: Change create_post_for_category_and_tag_changes setting to use whispers instead of small actions (#29602) 2024-11-06 09:28:28 -03:00
presence_channel_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
pretty_text_spec.rb FIX: Quoting videos can show a corrupted thumbnail (#31079) 2025-01-30 17:54:50 -07:00
promotion_spec.rb DEV: Add PluginRegistry modifiers to #review and #recalculate (#29128) 2024-10-16 10:26:10 -05:00
quote_comparer_spec.rb DEV: Correct Style/RedundantReturn rubocop issues (#23052) 2023-08-10 02:03:38 +02:00
quote_rewriter_spec.rb UX: Remove loading="lazy" from avatars for improved UX (#30897) 2025-01-21 14:06:45 +00:00
rate_limiter_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
retrieve_title_spec.rb FIX: Don't error out when trying to retrieve title and URL won't encode (#24660) 2023-12-01 15:03:06 +08:00
rtl_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
s3_cors_rulesets_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
s3_helper_spec.rb FIX: Use dualstack S3 endpoint for direct uploads (#29611) 2024-11-07 11:06:39 +10:00
s3_inventory_multisite_spec.rb FIX: S3Inventory#backfill_etags_and_list_missing need to unescape key (#30787) 2025-01-15 14:52:49 +08:00
s3_inventory_spec.rb FIX: S3Inventory#backfill_etags_and_list_missing need to unescape key (#30787) 2025-01-15 14:52:49 +08:00
score_calculator_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
scss_checker_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
search_spec.rb DEV: Remove deprecated search_tokenize_chinese_japanese_korean setting (#30549) 2025-01-03 23:21:18 +01:00
secure_session_spec.rb DEV: Fix various rubocop lints (#24749) 2023-12-06 23:25:00 +01:00
service_spec.rb DEV: Fix policy classes delegating their #call method in services 2024-12-18 09:59:40 +01:00
shrink_uploaded_image_spec.rb DEV: Move min_trust_to_post_embedded_media to group setting (#25238) 2024-01-25 09:50:59 +10:00
sidebar_section_links_updater_spec.rb DEV: Limit the number of category sidebar links a user can have (#26756) 2024-04-25 13:21:39 -05:00
sidekiq_long_running_job_logger_spec.rb DEV: Don’t replace Rails logger in specs (#29721) 2024-11-13 08:47:39 +08:00
signal_trap_logger_spec.rb DEV: Move spec file to right folder (#27449) 2024-06-13 06:38:03 +08:00
site_icon_manager_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
site_setting_extension_multisite_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
site_setting_extension_spec.rb DEV: Revert the addition of keywords for all site settings. (#30755) 2025-01-14 13:34:04 +11:00
slug_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
spam_handler_spec.rb DEV: Remove full group refreshes from tests (#25414) 2024-01-25 14:28:26 +08:00
statistics_spec.rb FIX: participating users statistics... (#29293) 2024-10-21 18:18:42 +02:00
suggested_topics_builder_spec.rb DEV: Add modifier to SuggestedTopicsBuilder#add_results (#29164) 2024-10-10 10:03:26 -05:00
system_message_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
text_cleaner_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
text_sentinel_spec.rb FIX: Allow all caps within CJK text (#28018) 2024-07-22 17:35:52 +02:00
theme_flag_modifier_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
theme_javascript_compiler_spec.rb DEV: Compile theme raw-hbr to modules (#30299) 2024-12-16 17:31:49 +00:00
theme_settings_manager_spec.rb DEV: Refactor subclasses in ThemeSettingsManager to individual files (#25605) 2024-02-08 12:59:52 +08:00
theme_settings_object_validator_spec.rb DEV: Add isValidUrl helper function to theme migrations (#26817) 2024-04-30 16:45:07 +08:00
theme_settings_parser_spec.rb DEV: Fix various rubocop lints (#24749) 2023-12-06 23:25:00 +01:00
theme_settings_validator_spec.rb DEV: Correctly pluralize error messages (#26469) 2024-04-04 15:02:09 +02:00
timeline_lookup_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
tiny_japanese_segmenter_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
topic_creator_spec.rb FIX: prevents PM to large groups (#28681) 2024-09-03 12:08:14 +02:00
topic_publisher_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
topic_query_spec.rb FIX: remove muted topics/tags/categories from top and hot topics lists (#30892) 2025-01-29 11:51:10 +01:00
topic_retriever_spec.rb FEATURE: Update topic/comment embedding parameters (#20181) 2023-02-28 14:31:59 +02:00
topic_upload_security_manager_spec.rb DEV: Update the rubocop-discourse gem 2023-06-26 11:41:52 +02:00
topic_view_spec.rb DEV: Apply modifier for topic_view link_counts (#29883) 2024-11-22 14:49:39 -06:00
topics_bulk_action_spec.rb DEV: Convert min_trust_level_to_tag_topics to groups (#25273) 2024-01-26 13:25:03 +08:00
topics_filter_spec.rb DEV: Extend /filter's ability to order (#28242) 2024-08-07 16:37:00 +08:00
trashable_spec.rb DEV: Added .only_deleted scope in the Trashable module (#20196) 2023-02-07 15:28:59 -03:00
truncate_logs_formatter_spec.rb SECURITY: Add a default limit as to when logs should be truncated 2023-10-16 10:34:38 -04:00
trust_level_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
twitter_api_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
unread_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
upload_creator_spec.rb DEV: depend less on pngquant version (#26906) 2024-05-07 16:56:05 +02:00
upload_markdown_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
upload_recovery_spec.rb DEV: Move min_trust_to_post_embedded_media to group setting (#25238) 2024-01-25 09:50:59 +10:00
upload_security_spec.rb DEV: Fix various spec linting issues (#24672) 2023-12-04 13:45:19 +01:00
url_helper_spec.rb DEV: Add isValidUrl helper function to theme migrations (#26817) 2024-04-30 16:45:07 +08:00
user_comm_screener_spec.rb DEV: Update the rubocop-discourse gem 2023-06-26 11:41:52 +02:00
user_lookup_spec.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
user_name_suggester_spec.rb FEATURE: Improve use_email_for_username_and_name_suggestions (#30845) 2025-01-21 13:04:48 +00:00
version_spec.rb SECURITY: Add limits for themes and theme assets 2023-09-12 15:31:31 -03:00
work_queue_spec.rb PERF: Don't allow a single user to monopolize the defer queue (#25593) 2024-02-07 13:47:50 -06:00