discourse

mirror of https://gh.wpcy.net/https://github.com/discourse/discourse.git synced 2026-06-18 23:39:11 +08:00

History

Alan Guo Xiang Tan 160d84dbe3 DEV: Remove `admin_dashboard_search_section_enabled` hidden site setting (#41016 )		2026-06-18 15:03:25 +08:00
..
admin	DEV: Remove `admin_dashboard_search_section_enabled` hidden site setting (#41016 )	2026-06-18 15:03:25 +08:00
api	FIX: Reject DiscourseConnect SSO payloads when secret is blank (#40830 )	2026-06-12 15:17:16 +03:00
examples
about_controller_spec.rb	DEV: Add tests for intentional granular API key behavior for /about (#39922 )	2026-05-12 09:05:11 -05:00
anonymous_actions_controller_spec.rb	FEATURE: Prompt anonymous users to sign up after engagement clicks (#40256 )	2026-05-26 09:30:38 +02:00
application_controller_spec.rb	FIX: Reject DiscourseConnect SSO payloads when secret is blank (#40830 )	2026-06-12 15:17:16 +03:00
associate_accounts_controller_spec.rb
badges_controller_spec.rb	FIX: Non-listable and disabled badges exposed via XHR JSON requests (#37869 )	2026-02-17 16:17:01 +11:00
bookmarks_controller_spec.rb
calendar_subscriptions_controller_spec.rb	FEATURE: Add calendar subscription URLs to user preferences (#38598 )	2026-03-17 10:28:20 -03:00
categories_controller_spec.rb	FIX: Moderators can enable plugins when enable_category_type_setup SiteSetting is enabled (#40349 )	2026-06-17 08:37:14 -05:00
clicks_controller_spec.rb
composer_controller_spec.rb	FIX: Suppress composer mention warning for AI bot users (#39986 )	2026-05-13 18:44:14 +02:00
composer_messages_controller_spec.rb	DEV: Filter hidden posts from duplicate link lookup (#38543 )	2026-03-12 10:32:59 -07:00
crawler_hreflang_spec.rb	FIX: Use hyphens instead of underscores for hreflang tags (#39884 )	2026-05-19 21:18:46 +08:00
default_headers_spec.rb
dev_mode_controller_spec.rb	DEV: Add /dev-mode endpoint for MiniProfiler auth cookie (#37027 )	2026-01-12 10:01:20 +08:00
directory_columns_controller_spec.rb
directory_items_controller_spec.rb	FIX: Match searchable custom fields when searching the user directory (#40698 )	2026-06-10 08:16:35 +02:00
discourse_id_controller_spec.rb	FIX: Revocation endpoint is blocked when `login_required` is enabled, preventing session invalidation (#37859 )	2026-02-17 09:12:14 -05:00
do_not_disturb_controller_spec.rb
drafts_controller_spec.rb	FIX: Drafts/reviewables API returned 404 when acting on own resource (#39449 )	2026-05-26 09:29:20 +02:00
edit_directory_columns_controller_spec.rb
email_controller_spec.rb
embed_controller_spec.rb	FIX: Add visibility check to Embed info (#40896 )	2026-06-15 10:20:56 -05:00
emojis_controller_spec.rb	FEATURE: Locale-specific emoji search aliases (#39089 )	2026-04-06 14:08:46 -03:00
exceptions_controller_spec.rb	FIX: Respect forced color mode for logo on server-rendered pages (#37032 )	2026-01-09 11:33:06 +01:00
export_csv_controller_spec.rb	FIX: Suspicious login IPs bypass the moderator IP-visibility setting (#40154 )	2026-05-22 13:22:32 +08:00
extra_locales_controller_spec.rb	DEV: Refactor locale bundle loading (#37114 )	2026-01-16 11:45:14 +00:00
finish_installation_controller_spec.rb	DEV: Allow new instances to be set up directly with Discourse ID (#36731 )	2025-12-23 12:13:36 -05:00
form_templates_controller_spec.rb	SECURITY: Scope form template endpoints to accessible categories	2026-05-19 00:26:04 +01:00
forums_controller_spec.rb
groups_controller_spec.rb	FIX: Reject DiscourseConnect SSO payloads when secret is blank (#40830 )	2026-06-12 15:17:16 +03:00
hashtags_controller_spec.rb
highlightjs_controller_spec.rb
home_page_controller_spec.rb	DEV: Enable Rails/FilePath rubocop rule (#40097 )	2026-05-19 19:07:54 +02:00
inline_onebox_controller_spec.rb	SECURITY: Check topic visibility in Oneboxer even when categories match	2026-03-31 15:12:45 +01:00
invites_controller_spec.rb	FIX: Reject DiscourseConnect SSO payloads when secret is blank (#40830 )	2026-06-12 15:17:16 +03:00
list_controller_spec.rb	FEATURE: Add upcoming change for unified new view (#40631 )	2026-06-09 11:34:22 +10:00
metadata_controller_spec.rb
nested_topics_controller_spec.rb	DEV: route nested view through topic route (#40820 )	2026-06-15 11:42:20 -05:00
net_http_header_spec.rb
net_http_timeout_spec.rb	DEV: fix a large amount of typos (#37428 )	2026-02-02 16:31:58 +11:00
noscript_escape_spec.rb
notifications_controller_spec.rb	FIX: Hide badge notifications for disabled badges or when badges are disabled (#36987 )	2026-01-07 15:28:43 +08:00
offline_controller_spec.rb
omniauth_callbacks_controller_spec.rb	DEV: Enable some minor rubocop rules (#40094 )	2026-05-19 15:29:38 +02:00
onebox_controller_spec.rb	SECURITY: prevent hidden profile data leak via user onebox	2026-03-19 15:21:28 +00:00
permalinks_controller_spec.rb	SECURITY: prevent permalink redirects from leaking restricted slugs	2026-01-28 17:11:14 +00:00
post_action_users_controller_spec.rb	UX: Ignored users reactions/likes should not show up (#39672 )	2026-05-11 15:32:29 -03:00
post_actions_controller_spec.rb	SECURITY: fix is_warning type coercion bypass in PostActionsController	2026-03-19 15:21:28 +00:00
post_localizations_controller_spec.rb	FEATURE: Allow post authors to localize their own posts (#36178 )	2025-11-25 11:02:22 +08:00
post_readers_controller_spec.rb	SECURITY: Missing post-level authorization allows whisper metadata disclosure	2026-03-31 15:12:45 +01:00
posts_controller_spec.rb	SECURITY: Authorization bypass in post revision endpoints via array id (#41014 )	2026-06-18 09:54:56 +03:00
presence_controller_spec.rb
published_pages_controller_spec.rb	FIX: ensures only staff can check slugs (#37846 )	2026-02-16 18:23:46 +01:00
push_notification_controller_spec.rb
qunit_controller_spec.rb	DEV: Cache AssetProcessor code in development (#38036 )	2026-02-25 11:24:41 +00:00
reviewable_claimed_topics_controller_spec.rb	SECURITY: Require topic visibility for category group moderator actions	2026-05-19 00:26:04 +01:00
reviewable_notes_controller_spec.rb	SECURITY: scope reviewable notes to user-visible reviewables	2026-02-26 12:22:54 +00:00
reviewables_controller_spec.rb	FIX: Resolve all of a deleted spammer's reviewables (#40780 )	2026-06-15 13:34:15 +08:00
robots_txt_controller_spec.rb
safe_mode_controller_spec.rb
search_controller_spec.rb	DEV: fix a large amount of typos (#37428 )	2026-02-02 16:31:58 +11:00
session_controller_spec.rb	FEATURE: Log in with a one-time email code (#40804 )	2026-06-17 12:34:48 -07:00
sidebar_sections_controller_spec.rb	FIX: raise 404 when sidebar section doesn't exist (#37675 )	2026-02-10 15:47:49 +01:00
similar_topics_controller_spec.rb
site_controller_spec.rb	DEV: Gate read-restricted banner topics (#38496 )	2026-03-11 08:14:57 -07:00
sitemap_controller_spec.rb
slugs_controller_spec.rb
static_controller_spec.rb	DEV: Enable Style/RedundantBegin rubocop rule (#40096 )	2026-05-19 18:44:54 +02:00
steps_controller_spec.rb	UX: One step wizard (#36082 )	2025-11-25 13:35:32 -05:00
stylesheets_controller_spec.rb	DEV: Allow plugins to register admin-panel-specific CSS (#40345 )	2026-05-28 11:03:38 +01:00
svg_sprite_controller_spec.rb
tag_groups_controller_spec.rb	FIX: Prevent tag group from saving if private + no group selected (#39599 )	2026-04-29 12:10:45 +08:00
tag_localizations_controller_spec.rb	FIX: Clean localized tag names (#38488 )	2026-03-12 12:54:50 +08:00
tags_controller_spec.rb	UX: Make composer tag suggestions word-based with clearer reasons (#40489 )	2026-06-02 20:08:07 +02:00
theme_javascripts_controller_spec.rb	PERF: Move theme settings from js bundle to preload data (#40137 )	2026-06-08 16:04:56 +01:00
topic_localizations_controller_spec.rb	UX: Use inline title editor instead of composer when editing translation (#36847 )	2025-12-24 00:56:36 +08:00
topic_view_stats_controller_spec.rb
topics_controller_spec.rb	SECURITY: Hidden post link URLs leak through per-post link_counts (#40903 )	2026-06-15 14:44:02 -05:00
uploads_controller_multisite_spec.rb	FIX: Multisite prevent anons from downloading files (#37979 )	2026-02-24 10:49:14 +10:00
uploads_controller_spec.rb	PERF: Run primary and parallel DB setup concurrently in CI (#40319 )	2026-05-29 06:46:32 +08:00
user_actions_controller_spec.rb	FIX: Prevent hidden excerpts in user actions (#40028 )	2026-05-14 18:35:39 +05:30
user_api_key_clients_controller_spec.rb	FIX: Empty-scopes bypass allows untrusted client registration and downstream scope/redirect policy bypass (#37855 )	2026-02-17 12:39:09 +11:00
user_api_keys_controller_spec.rb	FIX: Only allow OTPs to be generated from a browser session (#40964 )	2026-06-17 18:07:32 +03:00
user_avatars_controller_spec.rb	DEV: Don't try to proxy avatars in test env (#40047 )	2026-05-15 11:34:39 +02:00
user_badges_controller_spec.rb	FIX: Wire up wrench post-menu actions in nested replies (#40138 )	2026-05-19 13:13:39 -03:00
user_status_controller_spec.rb	FIX: Post serialization exposes hidden-profile user status messages (#40885 )	2026-06-15 09:25:47 -05:00
users_controller_spec.rb	SECURITY: Stored XSS in suspension and silencing reasons on user profiles and cards (#40963 )	2026-06-18 06:58:32 +10:00
users_email_controller_spec.rb	DEV: CSRF Token Not Invalidated After Password Reset (#40998 )	2026-06-17 16:07:30 -04:00
webhooks_controller_spec.rb	DEV: Enable some minor rubocop rules (#40094 )	2026-05-19 15:29:38 +02:00
wizard_controller_spec.rb

菲码源库

快速导航

产品服务

生态伙伴