Commit Graph

26796 Commits

Author SHA1 Message Date
Priyank Patel 38d6654265 tslint: Upgrade tslint to v5.10.0. 2018-05-20 11:11:03 -07:00
Priyank Patel a60099a6d5 ts-loader: Upgrade ts-loader to v4.3.0. 2018-05-20 11:11:03 -07:00
Priyank Patel 0c87ce5b1c svgo: Upgrade svgo to v1.0.5.
It also updated all the svg to be optmized per new version.
This new version, since the last version contains bug fixes and improvement.
Refs: https://github.com/svg/svgo/releases
2018-05-20 11:11:03 -07:00
Priyank Patel 0d697cd569 String.codePointAt: Upgrade String.codePointAt polyfill to v0.2.1. 2018-05-20 11:11:03 -07:00
Priyank Patel 4091815721 moment-timezone: Upgrade moment-timezone to v0.5.17.
Refs: https://github.com/moment/moment-timezone/blob/master/changelog.md
2018-05-20 11:11:03 -07:00
Priyank Patel 506b23237a jquery-validation: Upgrade jquery-validation to v1.17.0
Refs: https://github.com/jquery-validation/jquery-validation/releases/tag/1.17.0
2018-05-20 11:11:03 -07:00
Priyank Patel 11d819ee3d clipboard: Upgrade clipboard to v2.0.1. 2018-05-20 11:11:03 -07:00
Priyank Patel 9c4a189781 moment: Upgrade moment to v2.22.1.
This version since the last version contains bug fixes and locale improvements.
Ref: https://github.com/moment/moment/blob/develop/CHANGELOG.md#2221-see-full-changelog
2018-05-20 11:11:03 -07:00
Priyank Patel 778742a189 jsdom: Upgrade jsdom to v11.10.0.
This also updates node_tests to use new constructor which is uppercase,
and some properties that are changed to be more clear now, like
jsdom().defaultView which is meant to the window object is now called window.

Ref: https://github.com/jsdom/jsdom/blob/master/Changelog.md
2018-05-20 11:11:03 -07:00
Priyank Patel 00151f988a handlebars: Upgrade handlebars to v4.0.11.
This version only contains bugfixes. No breaking changes have been introduced.
Ref: https://github.com/wycats/handlebars.js/blob/master/release-notes.md#v4011---october-17th-2017
2018-05-20 11:11:03 -07:00
Priyank Patel 7b40f8d50d flatpickr: Upgrade flatpickr to v4.5.0.
This new version is a lot ahead that what we now have currently.
Reading through the changelog there does not seem to any breaking
changes, just that this package have been updated a lot.

Ref: https://github.com/flatpickr/flatpickr/releases
2018-05-20 11:11:03 -07:00
Priyank Patel f02c2349b8 @types/webpack: Upgrade @types/webpack to v4.4.0.
This updates the webpack typescript type defenations to latest so we
can find bugs with webpack configurations.
2018-05-20 11:11:03 -07:00
Priyank Patel bcfc34c996 webpack-cli: Upgrade webpack-cli to v2.1.3.
This version just contains bugs fixes and regressions covered.
Ref: https://github.com/webpack/webpack-cli/releases/tag/2.1.3
2018-05-20 11:11:03 -07:00
Priyank Patel 50b663906a nyc: Upgrade nyc to v11.8.0.
This fixes a one vulnerability with this package's dependency.

randomatic - Cryptographically Weak PRNG
Ref: https://nodesecurity.io/advisories/157
2018-05-20 11:11:03 -07:00
Priyank Patel 19ba08e055 webpack-dev-server: Upgrade webpack-dev-server to v3.1.4. 2018-05-20 11:11:03 -07:00
Priyank Patel 74b0a73260 phantomjs-prebuilt: Upgrade phantomjs-prebuilt to 2.1.16.
This solves 8 vulnerabilities, in its dependencies.

conacat-stream - Memory Exposure
Ref: https://nodesecurity.io/advisories/597

hoek - Prototype Pollution
Ref: https://nodesecurity.io/advisories/566

tunnel-agent - Memory Exposure
Ref: https://nodesecurity.io/advisories/598

debug - Regular Expression Denial of Service
Ref:  https://nodesecurity.io/advisories/534

stringstream - Out-of-bounds Read
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
Priyank Patel b9d49c846e webpack: Upgrade webpack to v4.8.3. 2018-05-20 11:11:03 -07:00
Priyank Patel 6f4fc628e6 node-sass: Upgrade node-sass to v4.9.0.
This resolves 12 vulnerabilities.

Following were the issue with the dependencies of node-sass.
hoek - Prototype Pollution
Ref: https://nodesecurity.io/advisories/566

tunnle-agent - Memory Exposure issue
Ref: https://nodesecurity.io/advisories/598

stringstream - Out-of-bounds read
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
Priyank Patel b376629974 ploty.js: Upgrade ploty.js to v1.37.1.
This solves 14 security venrubilities in the ploty.js's dependencies.
This was found by using the `npm audit` tool which can analyse dependencies
of dependencies issues.

static-eval - Sandbox Breakout / Arbitrary Code Execution
Ref: https://nodesecurity.io/advisories/548

hoek - Prototype pollution
Ref: https://nodesecurity.io/advisories/566

stringstream - Memory Exposure issue
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
Nikhil Kumar Mishra fa9d79e203 stats: Add 1 day actives and total users to number of users chart. 2018-05-20 10:56:16 -07:00
Rishi Gupta 5ddc6c21e9 stats: Clean up line spacing in populate_number_of_users in stats.js.
We use this compressed form in our other layout definitions. Makes it easier
to visually digest.
2018-05-20 10:56:16 -07:00
Rishi Gupta 66a589c7a7 stats: Extend get_chart_data to support charts with multiple CountStats. 2018-05-20 10:56:16 -07:00
Rishi Gupta 08bf0a66b8 stats: Refactor the get_time_series_by_subgroup calls in get_chart_data.
This code is going to end up pretty complex -- each stat has multiple levels
of aggregation (UserCount, RealmCount, InstallationCount), and refinement
(subgroups), and soon we'll have charts that take data from multiple stats
as input.

Not sure what the best way to present it is, but hopefully this simplifies
it a bit.
2018-05-20 10:56:16 -07:00
Nikhil Kumar Mishra 26decb4c48 stats: Add 1day_actives::day CountStat to analytics tables. 2018-05-20 10:56:16 -07:00
Eeshan Garg 3dcde1c139 webhooks/mention: Update docs to conform to style guide.
This one took quite a while too. The interaction between Mention
and Zapier is kinda weird and the Zapier instructions are pretty
complicated.
2018-05-20 10:54:13 -07:00
Eeshan Garg 2f93c16df2 webhooks/slack: Update docs to conform to style guide. 2018-05-20 10:54:13 -07:00
Eeshan Garg 257d0f5537 webhooks/statuspage: Update docs to conform to style guide. 2018-05-20 10:54:13 -07:00
Sampriti Panda d94202c662 notifications: Add consistent order for sending email notifications.
Notification emails are sent in increasing order of the max message-id
of the unread message thread.
2018-05-20 10:19:13 -07:00
Sampriti Panda 407aa99704 test_notifications: Fix confusing variable naming in test_unread_anchor. 2018-05-20 10:16:53 -07:00
Sampriti Panda 3f4200db3c tests: Disable slow query messages in test environment.
Slow queries during backend tests sends messages to Error Bot
which affects the database state causing the tests to fail.
This fixes the occasional flakes due to that.
2018-05-20 10:16:53 -07:00
Eeshan Garg 2aa044d327 webhooks/librato: Stop advertising Snapshot notifications.
We ask our users to enable Snapshot notifications in Zulip via
Slack! But our Slack integration isn't exactly super robust and
I checked and our librato implementation isn't super smart about
handling snapshot payloads that come in via Slack.

Overall, this seems like a very poor solution, asking the user
to set up Slack in order to get the notifications in Zulip. So, I
thought we should get rid of at least the docs that suggest doing
this.

I also read librato/view.py and it wasn't clear to me how Slack
is supposed to act as an intermediate service here in a reliable
manner, which is another reason to not advertise this.
2018-05-20 10:14:03 -07:00
Eeshan Garg 9d9988d368 webhooks/librato: Rewrite docs to conform to style guide. 2018-05-20 10:14:03 -07:00
Tim Abbott 2655ece96f create-production-venv: Fix missing virtualenv dependency.
On newer distros like Xenial, Stretch, etc., we were incorrectly not
installing the Python 3 version of the virtualenv package.  This was
accidentally working because most base images with Python already have
this package too, but this was failing to install the right
dependencies in our Docker builds, requiring unnecessary manual code.

We fixed this some time ago for provision.py, but not for production.
2018-05-18 16:53:35 -07:00
Tim Abbott 9de80990ea api: Update links for new /deploying-bots page.
Also caught by test-help-documentation.
2018-05-18 16:31:52 -07:00
Tim Abbott 847fc69c79 api: Fix a badly line-wrapped link.
Caught by test-help-documentation.
2018-05-18 16:31:36 -07:00
Tim Abbott dd7507c88a docs: Add a page on deploying bots in production. 2018-05-18 16:13:17 -07:00
Tim Abbott 0ba5c9c07d lint: Fix extra long lines in stats.js.
I'm not sure why this wasn't reported in CI.
2018-05-18 15:44:30 -07:00
Shubham Padia ffa41311ca tests: Add node test for compose.needs_subscribe_warning. 2018-05-18 15:24:40 -07:00
Shubham Padia bdda920e0b bots: Do not show `not_subscribed` warning for bots on private streams.
Fixes #9373.
`not_subscribed` warning is not shown for bots on either private or public
streams. Some of the bots have an interface such that they receive the
message mentioning them even if on a private stream where they are not
subscribed.
2018-05-18 15:24:40 -07:00
Yashashvi Dave 2e6d04797a static/js/settings_users.js: Remove unused function.
Remove function `get_email_for_user_row`. As we already store email
as data-attribute of row, can directly access with .attr() method.
2018-05-18 15:20:43 -07:00
Yashashvi Dave 38db31779b /json/bots: Return "No user" if access other realms bot.
Instead of returning warning "Insufficient Permission", return
"No such bot" warning if user tries to access other realms bot."
2018-05-18 15:20:43 -07:00
Yashashvi Dave 4162e61f33 /json/users: Replace email with user_id in API to reactivate user. 2018-05-18 15:20:43 -07:00
Yashashvi Dave 06e7e933cc /json/users: Replace email with user_id in API to update/remove users. 2018-05-18 15:20:43 -07:00
Tim Abbott b8e2339a65 test_presence: Update debugging print statements. 2018-05-18 15:20:15 -07:00
Rishi Gupta 1af7fc7344 stats: Add /stats/installation. 2018-05-18 15:12:36 -07:00
Rishi Gupta 2fe3fba6ce stats: Rename data.realm to data.everyone.
We use "Everyone" for the button labels already.

Soon we'll support "Everyone" meaning either the installation or the realm,
depending on the URL route used to access the stats.
2018-05-18 15:12:36 -07:00
Rishi Gupta af758755bd stats: Rename target_realm_name to target_name in stats.html. 2018-05-18 15:12:36 -07:00
Rishi Gupta e099959a41 stats: Move API route computation from frontend to backend.
Will make it easier to extend to additional routes.
No changes in behavior.
2018-05-18 15:12:36 -07:00
Rishi Gupta 645e2720b6 stats: Move get_chart_data calls to bottom of stats.js. 2018-05-18 15:12:36 -07:00
Shubham Padia d478c6399c search: Show category-wise operator suggestions for has operator.
When suggesting operators to chose, category wise suggestions are
shown instead of a single default suggestion. e.g suggestions for
all the categories of has operator will be show instead of `Messages
with one or more` suggestion which did not make sense.
2018-05-18 14:18:26 -07:00