Priyank Patel
ac7e6b19bd
xmlhttprequest: Upgrade xmlhttprequest to v1.8.0.
2018-05-20 11:11:03 -07:00
Priyank Patel
62a90661ad
underscore: Upgrade underscore to v1.9.0.
2018-05-20 11:11:03 -07:00
Priyank Patel
4605579335
typescript: Upgrade typescript to v2.8.3.
2018-05-20 11:11:03 -07:00
Priyank Patel
38d6654265
tslint: Upgrade tslint to v5.10.0.
2018-05-20 11:11:03 -07:00
Priyank Patel
a60099a6d5
ts-loader: Upgrade ts-loader to v4.3.0.
2018-05-20 11:11:03 -07:00
Priyank Patel
0c87ce5b1c
svgo: Upgrade svgo to v1.0.5.
...
It also updated all the svg to be optmized per new version.
This new version, since the last version contains bug fixes and improvement.
Refs: https://github.com/svg/svgo/releases
2018-05-20 11:11:03 -07:00
Priyank Patel
0d697cd569
String.codePointAt: Upgrade String.codePointAt polyfill to v0.2.1.
2018-05-20 11:11:03 -07:00
Priyank Patel
4091815721
moment-timezone: Upgrade moment-timezone to v0.5.17.
...
Refs: https://github.com/moment/moment-timezone/blob/master/changelog.md
2018-05-20 11:11:03 -07:00
Priyank Patel
506b23237a
jquery-validation: Upgrade jquery-validation to v1.17.0
...
Refs: https://github.com/jquery-validation/jquery-validation/releases/tag/1.17.0
2018-05-20 11:11:03 -07:00
Priyank Patel
11d819ee3d
clipboard: Upgrade clipboard to v2.0.1.
2018-05-20 11:11:03 -07:00
Priyank Patel
9c4a189781
moment: Upgrade moment to v2.22.1.
...
This version since the last version contains bug fixes and locale improvements.
Ref: https://github.com/moment/moment/blob/develop/CHANGELOG.md#2221-see-full-changelog
2018-05-20 11:11:03 -07:00
Priyank Patel
778742a189
jsdom: Upgrade jsdom to v11.10.0.
...
This also updates node_tests to use new constructor which is uppercase,
and some properties that are changed to be more clear now, like
jsdom().defaultView which is meant to the window object is now called window.
Ref: https://github.com/jsdom/jsdom/blob/master/Changelog.md
2018-05-20 11:11:03 -07:00
Priyank Patel
00151f988a
handlebars: Upgrade handlebars to v4.0.11.
...
This version only contains bugfixes. No breaking changes have been introduced.
Ref: https://github.com/wycats/handlebars.js/blob/master/release-notes.md#v4011---october-17th-2017
2018-05-20 11:11:03 -07:00
Priyank Patel
7b40f8d50d
flatpickr: Upgrade flatpickr to v4.5.0.
...
This new version is a lot ahead that what we now have currently.
Reading through the changelog there does not seem to any breaking
changes, just that this package have been updated a lot.
Ref: https://github.com/flatpickr/flatpickr/releases
2018-05-20 11:11:03 -07:00
Priyank Patel
f02c2349b8
@types/webpack: Upgrade @types/webpack to v4.4.0.
...
This updates the webpack typescript type defenations to latest so we
can find bugs with webpack configurations.
2018-05-20 11:11:03 -07:00
Priyank Patel
bcfc34c996
webpack-cli: Upgrade webpack-cli to v2.1.3.
...
This version just contains bugs fixes and regressions covered.
Ref: https://github.com/webpack/webpack-cli/releases/tag/2.1.3
2018-05-20 11:11:03 -07:00
Priyank Patel
50b663906a
nyc: Upgrade nyc to v11.8.0.
...
This fixes a one vulnerability with this package's dependency.
randomatic - Cryptographically Weak PRNG
Ref: https://nodesecurity.io/advisories/157
2018-05-20 11:11:03 -07:00
Priyank Patel
19ba08e055
webpack-dev-server: Upgrade webpack-dev-server to v3.1.4.
2018-05-20 11:11:03 -07:00
Priyank Patel
74b0a73260
phantomjs-prebuilt: Upgrade phantomjs-prebuilt to 2.1.16.
...
This solves 8 vulnerabilities, in its dependencies.
conacat-stream - Memory Exposure
Ref: https://nodesecurity.io/advisories/597
hoek - Prototype Pollution
Ref: https://nodesecurity.io/advisories/566
tunnel-agent - Memory Exposure
Ref: https://nodesecurity.io/advisories/598
debug - Regular Expression Denial of Service
Ref: https://nodesecurity.io/advisories/534
stringstream - Out-of-bounds Read
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
Priyank Patel
b9d49c846e
webpack: Upgrade webpack to v4.8.3.
2018-05-20 11:11:03 -07:00
Priyank Patel
6f4fc628e6
node-sass: Upgrade node-sass to v4.9.0.
...
This resolves 12 vulnerabilities.
Following were the issue with the dependencies of node-sass.
hoek - Prototype Pollution
Ref: https://nodesecurity.io/advisories/566
tunnle-agent - Memory Exposure issue
Ref: https://nodesecurity.io/advisories/598
stringstream - Out-of-bounds read
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
Priyank Patel
b376629974
ploty.js: Upgrade ploty.js to v1.37.1.
...
This solves 14 security venrubilities in the ploty.js's dependencies.
This was found by using the `npm audit` tool which can analyse dependencies
of dependencies issues.
static-eval - Sandbox Breakout / Arbitrary Code Execution
Ref: https://nodesecurity.io/advisories/548
hoek - Prototype pollution
Ref: https://nodesecurity.io/advisories/566
stringstream - Memory Exposure issue
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
Nikhil Kumar Mishra
fa9d79e203
stats: Add 1 day actives and total users to number of users chart.
2018-05-20 10:56:16 -07:00
Rishi Gupta
5ddc6c21e9
stats: Clean up line spacing in populate_number_of_users in stats.js.
...
We use this compressed form in our other layout definitions. Makes it easier
to visually digest.
2018-05-20 10:56:16 -07:00
Rishi Gupta
66a589c7a7
stats: Extend get_chart_data to support charts with multiple CountStats.
2018-05-20 10:56:16 -07:00
Rishi Gupta
08bf0a66b8
stats: Refactor the get_time_series_by_subgroup calls in get_chart_data.
...
This code is going to end up pretty complex -- each stat has multiple levels
of aggregation (UserCount, RealmCount, InstallationCount), and refinement
(subgroups), and soon we'll have charts that take data from multiple stats
as input.
Not sure what the best way to present it is, but hopefully this simplifies
it a bit.
2018-05-20 10:56:16 -07:00
Nikhil Kumar Mishra
26decb4c48
stats: Add 1day_actives::day CountStat to analytics tables.
2018-05-20 10:56:16 -07:00
Eeshan Garg
3dcde1c139
webhooks/mention: Update docs to conform to style guide.
...
This one took quite a while too. The interaction between Mention
and Zapier is kinda weird and the Zapier instructions are pretty
complicated.
2018-05-20 10:54:13 -07:00
Eeshan Garg
2f93c16df2
webhooks/slack: Update docs to conform to style guide.
2018-05-20 10:54:13 -07:00
Eeshan Garg
257d0f5537
webhooks/statuspage: Update docs to conform to style guide.
2018-05-20 10:54:13 -07:00
Sampriti Panda
d94202c662
notifications: Add consistent order for sending email notifications.
...
Notification emails are sent in increasing order of the max message-id
of the unread message thread.
2018-05-20 10:19:13 -07:00
Sampriti Panda
407aa99704
test_notifications: Fix confusing variable naming in test_unread_anchor.
2018-05-20 10:16:53 -07:00
Sampriti Panda
3f4200db3c
tests: Disable slow query messages in test environment.
...
Slow queries during backend tests sends messages to Error Bot
which affects the database state causing the tests to fail.
This fixes the occasional flakes due to that.
2018-05-20 10:16:53 -07:00
Eeshan Garg
2aa044d327
webhooks/librato: Stop advertising Snapshot notifications.
...
We ask our users to enable Snapshot notifications in Zulip via
Slack! But our Slack integration isn't exactly super robust and
I checked and our librato implementation isn't super smart about
handling snapshot payloads that come in via Slack.
Overall, this seems like a very poor solution, asking the user
to set up Slack in order to get the notifications in Zulip. So, I
thought we should get rid of at least the docs that suggest doing
this.
I also read librato/view.py and it wasn't clear to me how Slack
is supposed to act as an intermediate service here in a reliable
manner, which is another reason to not advertise this.
2018-05-20 10:14:03 -07:00
Eeshan Garg
9d9988d368
webhooks/librato: Rewrite docs to conform to style guide.
2018-05-20 10:14:03 -07:00
Tim Abbott
2655ece96f
create-production-venv: Fix missing virtualenv dependency.
...
On newer distros like Xenial, Stretch, etc., we were incorrectly not
installing the Python 3 version of the virtualenv package. This was
accidentally working because most base images with Python already have
this package too, but this was failing to install the right
dependencies in our Docker builds, requiring unnecessary manual code.
We fixed this some time ago for provision.py, but not for production.
2018-05-18 16:53:35 -07:00
Tim Abbott
9de80990ea
api: Update links for new /deploying-bots page.
...
Also caught by test-help-documentation.
2018-05-18 16:31:52 -07:00
Tim Abbott
847fc69c79
api: Fix a badly line-wrapped link.
...
Caught by test-help-documentation.
2018-05-18 16:31:36 -07:00
Tim Abbott
dd7507c88a
docs: Add a page on deploying bots in production.
2018-05-18 16:13:17 -07:00
Tim Abbott
0ba5c9c07d
lint: Fix extra long lines in stats.js.
...
I'm not sure why this wasn't reported in CI.
2018-05-18 15:44:30 -07:00
Shubham Padia
ffa41311ca
tests: Add node test for compose.needs_subscribe_warning.
2018-05-18 15:24:40 -07:00
Shubham Padia
bdda920e0b
bots: Do not show `not_subscribed` warning for bots on private streams.
...
Fixes #9373 .
`not_subscribed` warning is not shown for bots on either private or public
streams. Some of the bots have an interface such that they receive the
message mentioning them even if on a private stream where they are not
subscribed.
2018-05-18 15:24:40 -07:00
Yashashvi Dave
2e6d04797a
static/js/settings_users.js: Remove unused function.
...
Remove function `get_email_for_user_row`. As we already store email
as data-attribute of row, can directly access with .attr() method.
2018-05-18 15:20:43 -07:00
Yashashvi Dave
38db31779b
/json/bots: Return "No user" if access other realms bot.
...
Instead of returning warning "Insufficient Permission", return
"No such bot" warning if user tries to access other realms bot."
2018-05-18 15:20:43 -07:00
Yashashvi Dave
4162e61f33
/json/users: Replace email with user_id in API to reactivate user.
2018-05-18 15:20:43 -07:00
Yashashvi Dave
06e7e933cc
/json/users: Replace email with user_id in API to update/remove users.
2018-05-18 15:20:43 -07:00
Tim Abbott
b8e2339a65
test_presence: Update debugging print statements.
2018-05-18 15:20:15 -07:00
Rishi Gupta
1af7fc7344
stats: Add /stats/installation.
2018-05-18 15:12:36 -07:00
Rishi Gupta
2fe3fba6ce
stats: Rename data.realm to data.everyone.
...
We use "Everyone" for the button labels already.
Soon we'll support "Everyone" meaning either the installation or the realm,
depending on the URL route used to access the stats.
2018-05-18 15:12:36 -07:00
Rishi Gupta
af758755bd
stats: Rename target_realm_name to target_name in stats.html.
2018-05-18 15:12:36 -07:00