| .. |
|
admin
|
DEV: Enable Rails/FilePath rubocop rule (#40097)
|
2026-05-19 19:07:54 +02:00 |
|
api
|
DEV: Enable Style/RedundantBegin rubocop rule (#40096)
|
2026-05-19 18:44:54 +02:00 |
|
examples
|
|
|
|
about_controller_spec.rb
|
DEV: Add tests for intentional granular API key behavior for /about (#39922)
|
2026-05-12 09:05:11 -05:00 |
|
application_controller_spec.rb
|
FIX: Anon pageview session id reused across cached responses (#39879)
|
2026-05-12 10:13:05 +08:00 |
|
associate_accounts_controller_spec.rb
|
DEV: add shortcut fab!(:variable, :fabricator) to specs (#33577)
|
2025-07-11 11:16:34 -03:00 |
|
badges_controller_spec.rb
|
FIX: Non-listable and disabled badges exposed via XHR JSON requests (#37869)
|
2026-02-17 16:17:01 +11:00 |
|
bookmarks_controller_spec.rb
|
DEV: Update rubocop-discourse to 3.13 and autofix issues (#35073)
|
2025-10-06 16:11:01 +02:00 |
|
calendar_subscriptions_controller_spec.rb
|
FEATURE: Add calendar subscription URLs to user preferences (#38598)
|
2026-03-17 10:28:20 -03:00 |
|
categories_controller_spec.rb
|
FEATURE: add bootstrap first admin job (#39851)
|
2026-05-08 16:16:18 -03:00 |
|
clicks_controller_spec.rb
|
|
|
|
composer_controller_spec.rb
|
FIX: Suppress composer mention warning for AI bot users (#39986)
|
2026-05-13 18:44:14 +02:00 |
|
composer_messages_controller_spec.rb
|
DEV: Filter hidden posts from duplicate link lookup (#38543)
|
2026-03-12 10:32:59 -07:00 |
|
crawler_hreflang_spec.rb
|
FIX: Use hyphens instead of underscores for hreflang tags (#39884)
|
2026-05-19 21:18:46 +08:00 |
|
default_headers_spec.rb
|
|
|
|
dev_mode_controller_spec.rb
|
DEV: Add /dev-mode endpoint for MiniProfiler auth cookie (#37027)
|
2026-01-12 10:01:20 +08:00 |
|
directory_columns_controller_spec.rb
|
|
|
|
directory_items_controller_spec.rb
|
SECURITY: exclude_groups enables private group membership inference without authorization
|
2026-03-19 15:21:28 +00:00 |
|
discourse_id_controller_spec.rb
|
FIX: Revocation endpoint is blocked when login_required is enabled, preventing session invalidation (#37859)
|
2026-02-17 09:12:14 -05:00 |
|
do_not_disturb_controller_spec.rb
|
|
|
|
drafts_controller_spec.rb
|
DEV: Expand top_tags, topic.tags, etc, to return an array of tag objects instead of tag names (#36678)
|
2026-02-02 10:03:02 +08:00 |
|
edit_directory_columns_controller_spec.rb
|
|
|
|
email_controller_spec.rb
|
DEV: add shortcut fab!(:variable, :fabricator) to specs (#33577)
|
2025-07-11 11:16:34 -03:00 |
|
embed_controller_spec.rb
|
FIX: Handle blank-slug topics in full app embed mode (#38668)
|
2026-03-17 15:37:00 -03:00 |
|
emojis_controller_spec.rb
|
FEATURE: Locale-specific emoji search aliases (#39089)
|
2026-04-06 14:08:46 -03:00 |
|
exceptions_controller_spec.rb
|
FIX: Respect forced color mode for logo on server-rendered pages (#37032)
|
2026-01-09 11:33:06 +01:00 |
|
export_csv_controller_spec.rb
|
FIX: Enforce can_see_ip checks across admin IP features (#40019)
|
2026-05-19 11:37:20 +08:00 |
|
extra_locales_controller_spec.rb
|
DEV: Refactor locale bundle loading (#37114)
|
2026-01-16 11:45:14 +00:00 |
|
finish_installation_controller_spec.rb
|
DEV: Allow new instances to be set up directly with Discourse ID (#36731)
|
2025-12-23 12:13:36 -05:00 |
|
form_templates_controller_spec.rb
|
SECURITY: Scope form template endpoints to accessible categories
|
2026-05-19 00:26:04 +01:00 |
|
forums_controller_spec.rb
|
FIX: improve "read only" modes (#33521)
|
2025-07-10 09:08:00 +02:00 |
|
groups_controller_spec.rb
|
SECURITY: Redact group history related to email password to group owners
|
2026-05-19 00:26:04 +01:00 |
|
hashtags_controller_spec.rb
|
|
|
|
highlightjs_controller_spec.rb
|
|
|
|
home_page_controller_spec.rb
|
DEV: Enable Rails/FilePath rubocop rule (#40097)
|
2026-05-19 19:07:54 +02:00 |
|
inline_onebox_controller_spec.rb
|
SECURITY: Check topic visibility in Oneboxer even when categories match
|
2026-03-31 15:12:45 +01:00 |
|
invites_controller_spec.rb
|
DEV: Enable Rails/FilePath rubocop rule (#40097)
|
2026-05-19 19:07:54 +02:00 |
|
list_controller_spec.rb
|
FIX: Enforce group PM visibility checks on new/unread list routes (#39992)
|
2026-05-13 15:15:18 -03:00 |
|
metadata_controller_spec.rb
|
SECURITY: Error responses missing Cache-Control header
|
2025-10-28 14:40:41 +08:00 |
|
nested_topics_controller_spec.rb
|
FEATURE: Instantly mark nested topics as read on enter (#40176)
|
2026-05-19 15:19:55 -05:00 |
|
net_http_header_spec.rb
|
|
|
|
net_http_timeout_spec.rb
|
DEV: fix a large amount of typos (#37428)
|
2026-02-02 16:31:58 +11:00 |
|
noscript_escape_spec.rb
|
|
|
|
notifications_controller_spec.rb
|
FIX: Hide badge notifications for disabled badges or when badges are disabled (#36987)
|
2026-01-07 15:28:43 +08:00 |
|
offline_controller_spec.rb
|
|
|
|
omniauth_callbacks_controller_spec.rb
|
DEV: Enable some minor rubocop rules (#40094)
|
2026-05-19 15:29:38 +02:00 |
|
onebox_controller_spec.rb
|
SECURITY: prevent hidden profile data leak via user onebox
|
2026-03-19 15:21:28 +00:00 |
|
permalinks_controller_spec.rb
|
SECURITY: prevent permalink redirects from leaking restricted slugs
|
2026-01-28 17:11:14 +00:00 |
|
post_action_users_controller_spec.rb
|
UX: Ignored users reactions/likes should not show up (#39672)
|
2026-05-11 15:32:29 -03:00 |
|
post_actions_controller_spec.rb
|
SECURITY: fix is_warning type coercion bypass in PostActionsController
|
2026-03-19 15:21:28 +00:00 |
|
post_localizations_controller_spec.rb
|
FEATURE: Allow post authors to localize their own posts (#36178)
|
2025-11-25 11:02:22 +08:00 |
|
post_readers_controller_spec.rb
|
SECURITY: Missing post-level authorization allows whisper metadata disclosure
|
2026-03-31 15:12:45 +01:00 |
|
posts_controller_spec.rb
|
DEV: Enable Style/RedundantSelf rubocop rule (#40098)
|
2026-05-19 19:27:45 +02:00 |
|
presence_controller_spec.rb
|
|
|
|
published_pages_controller_spec.rb
|
FIX: ensures only staff can check slugs (#37846)
|
2026-02-16 18:23:46 +01:00 |
|
push_notification_controller_spec.rb
|
|
|
|
qunit_controller_spec.rb
|
DEV: Cache AssetProcessor code in development (#38036)
|
2026-02-25 11:24:41 +00:00 |
|
reviewable_claimed_topics_controller_spec.rb
|
SECURITY: Require topic visibility for category group moderator actions
|
2026-05-19 00:26:04 +01:00 |
|
reviewable_notes_controller_spec.rb
|
SECURITY: scope reviewable notes to user-visible reviewables
|
2026-02-26 12:22:54 +00:00 |
|
reviewables_controller_spec.rb
|
DEV: Remove unused transition_to and transition_to_id from reviewable serializer (#37135)
|
2026-01-15 15:04:53 +08:00 |
|
robots_txt_controller_spec.rb
|
|
|
|
safe_mode_controller_spec.rb
|
|
|
|
search_controller_spec.rb
|
DEV: fix a large amount of typos (#37428)
|
2026-02-02 16:31:58 +11:00 |
|
session_controller_spec.rb
|
FEATURE: Allow passkeys to satisfy 2FA on /session/2fa (#39674)
|
2026-05-06 14:47:01 -03:00 |
|
sidebar_sections_controller_spec.rb
|
FIX: raise 404 when sidebar section doesn't exist (#37675)
|
2026-02-10 15:47:49 +01:00 |
|
similar_topics_controller_spec.rb
|
|
|
|
site_controller_spec.rb
|
DEV: Gate read-restricted banner topics (#38496)
|
2026-03-11 08:14:57 -07:00 |
|
sitemap_controller_spec.rb
|
DEV: Update rubocop-discourse to 3.13 and autofix issues (#35073)
|
2025-10-06 16:11:01 +02:00 |
|
slugs_controller_spec.rb
|
DEV: add shortcut fab!(:variable, :fabricator) to specs (#33577)
|
2025-07-11 11:16:34 -03:00 |
|
static_controller_spec.rb
|
DEV: Enable Style/RedundantBegin rubocop rule (#40096)
|
2026-05-19 18:44:54 +02:00 |
|
steps_controller_spec.rb
|
UX: One step wizard (#36082)
|
2025-11-25 13:35:32 -05:00 |
|
stylesheets_controller_spec.rb
|
DEV: Public color_scheme requests can disclose non-user-selectable theme color definitions and raw SCSS (#38497)
|
2026-03-11 07:56:27 -07:00 |
|
svg_sprite_controller_spec.rb
|
|
|
|
tag_groups_controller_spec.rb
|
FIX: Prevent tag group from saving if private + no group selected (#39599)
|
2026-04-29 12:10:45 +08:00 |
|
tag_localizations_controller_spec.rb
|
FIX: Clean localized tag names (#38488)
|
2026-03-12 12:54:50 +08:00 |
|
tags_controller_spec.rb
|
DEV: Enable Rails/FilePath rubocop rule (#40097)
|
2026-05-19 19:07:54 +02:00 |
|
theme_javascripts_controller_spec.rb
|
DEV: Use rollup for theme JS compilation (#33103)
|
2025-07-25 12:02:29 +01:00 |
|
topic_localizations_controller_spec.rb
|
UX: Use inline title editor instead of composer when editing translation (#36847)
|
2025-12-24 00:56:36 +08:00 |
|
topic_view_stats_controller_spec.rb
|
|
|
|
topics_controller_spec.rb
|
DEV: Enable Style/RedundantBegin rubocop rule (#40096)
|
2026-05-19 18:44:54 +02:00 |
|
uploads_controller_multisite_spec.rb
|
FIX: Multisite prevent anons from downloading files (#37979)
|
2026-02-24 10:49:14 +10:00 |
|
uploads_controller_spec.rb
|
DEV: Enable Rails/FilePath rubocop rule (#40097)
|
2026-05-19 19:07:54 +02:00 |
|
user_actions_controller_spec.rb
|
FIX: Prevent hidden excerpts in user actions (#40028)
|
2026-05-14 18:35:39 +05:30 |
|
user_api_key_clients_controller_spec.rb
|
FIX: Empty-scopes bypass allows untrusted client registration and downstream scope/redirect policy bypass (#37855)
|
2026-02-17 12:39:09 +11:00 |
|
user_api_keys_controller_spec.rb
|
FIX: rescue OpenSSL::PKey::RSAError in UserApiKeysController (#39889)
|
2026-05-11 14:57:38 -04:00 |
|
user_avatars_controller_spec.rb
|
DEV: Don't try to proxy avatars in test env (#40047)
|
2026-05-15 11:34:39 +02:00 |
|
user_badges_controller_spec.rb
|
FIX: Wire up wrench post-menu actions in nested replies (#40138)
|
2026-05-19 13:13:39 -03:00 |
|
user_status_controller_spec.rb
|
FEATURE: Prevent silenced users from liking and using reactions (#37040)
|
2026-01-13 13:59:57 +01:00 |
|
users_controller_spec.rb
|
DEV: Enable Rails/FilePath rubocop rule (#40097)
|
2026-05-19 19:07:54 +02:00 |
|
users_email_controller_spec.rb
|
FIX: enforces login for create in user emails controller (#37770)
|
2026-02-12 17:10:43 +01:00 |
|
webhooks_controller_spec.rb
|
DEV: Enable some minor rubocop rules (#40094)
|
2026-05-19 15:29:38 +02:00 |
|
wizard_controller_spec.rb
|
|
|
