614f63c658
unpin mysql2 and update
...
I can't see a reason for us to pin a specific version of this gem.
Closes #532
2018-08-15 07:36:59 -05:00
6b54680202
Bump nokogiri from 1.8.2 to 1.8.4 for security fix
...
PR #521
2018-08-08 08:39:01 -05:00
c05becb0fe
generate sitemaps
...
Google's indexing of the site is very spotty, and this seems a lot easier than
improving our builtin search engine.
2018-07-31 22:05:11 -05:00
87b8966ca6
rails complains that this is missing
2018-06-22 20:17:02 -05:00
ffc054f207
Revert "add bootsnap"; see #512
...
This reverts commit e5417d539b
2018-06-20 08:51:51 -05:00
e5417d539b
add bootsnap
...
PR #513 , #512
2018-06-20 07:38:21 -05:00
a3a639abfb
Bump sprockets from 3.7.1 to 3.7.2
...
PR #515 , https://lobste.rs/s/rderhr/rails_asset_pipeline_directory
2018-06-19 13:17:37 -05:00
94d9549d5b
rails 5.2 upgrade
...
PR #498 , leaves some tasks in #508 and #509
2018-06-14 10:17:19 -05:00
6799938325
replace abandoned Machinist gem with FactoryBot
...
PR #507
2018-06-14 08:34:59 -05:00
7a8497420e
Use `scenic-mysql_adapter` over `senic-mysql`
...
Fixes an irritating bug that kept prefixing the prod database name onto the view, which didn't work in dev.
2018-06-14 08:32:52 -05:00
440c932d63
add byebug to development env
2018-06-13 09:57:45 -05:00
f278565e09
cache full pages for logged-out visitors without tag filters
2018-05-17 09:46:28 -05:00
fd84f02f8e
update from insecure version
2018-05-02 10:32:03 -05:00
ff1dc75523
high-value end-to-end happy path specs
...
Viewing homepage, ubmitting a story, viewing a story as a logged-in or
logged-out user, and submitting a comment. Also allows posting comments
without JavaScript.
I wanted smoke tests for the highest-traffic endpoints that tend to throw me a
few hundred emails if they hit exceptions in production.
2018-04-18 10:13:34 -05:00
5e8d57b618
Revert skylight
...
Closes #454
2018-04-12 16:00:47 -05:00
616b331d1c
Add Skylight instrumentation
...
I discussed with @pushcx about adding Skylight instrumentation
to lobste.rs under the new [Skylight for Open Source](https://www.skylight.io/oss )
program.
If you’re not already familiar with Skylight, it is a smart profiler
for Rails apps. Skylight makes it easy to pinpoint performance issues
in Rails applications.
We work on a lot of open source projects ourselves, and in our experience
it can be pretty hard to get contributors to work on application performance
issues. Few contributors consider working on performance problems, and the
ones that might be interested may not even know where to start. By making
performance information more accessible, we hope to inspire potential
contributors to tackle slow parts of your app, and have a good way to
see if their contributions helped.
Once this patch is merged and deloyed*, you will be able to view the
performance data we collected at the [public Skylight dashboard](https://oss.skylight.io/app/applications/UVOwCQJiWlFy ).
The dashboard will be accessible to anyone (no Skylight account
required) to make it easy for contributors.
(*Actually, I lied a little. We still need to set the `SKYLIGHT_AUTHENTICATION`
environment variable to the appropiate API key on production, but I
will work with @pushcx on that off-thread.)
Fixes #454
2018-03-26 19:03:34 +01:00
d48305ac7f
Fix broken dep - Parser 2.5.0.4 has been yanked
...
Updated parser to 2.5.0.5 as the previous version has
has been yanked by author, and no longer available.
https://rubygems.org/gems/parser/versions/2.5.0.4
2018-03-26 16:46:38 +01:00
29e095a9b6
add bullet to catch 1 + n queries and unused eager loading
2018-03-21 20:29:04 -05:00
c0393457a4
update to current rspec-rails integration style
2018-03-21 15:37:41 -05:00
604713e97c
Merge branch 'rubocop'
2018-03-21 15:19:48 -05:00
55da55cb9e
fix mysql/AR version incompatibility
2018-03-21 13:53:38 -05:00
3cc57b786c
Update dependencies
...
* Bump rspec-rails from 3.6.0 to 3.7.2
Bumps [rspec-rails](https://github.com/rspec/rspec-rails ) from 3.6.0 to 3.7.2.
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md )
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.6.0...v3.7.2 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
* Bump activerecord-typedstore from 1.1.1 to 1.1.3
Bumps [activerecord-typedstore](https://github.com/byroot/activerecord-typedstore ) from 1.1.1 to 1.1.3.
- [Commits](https://github.com/byroot/activerecord-typedstore/compare/v1.1.1...v1.1.3 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
* Bump nokogiri from 1.8.1 to 1.8.2
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.8.1 to 1.8.2.
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.8.1...v1.8.2 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
* Bump scenic from 1.4.0 to 1.4.1
Bumps [scenic](https://github.com/thoughtbot/scenic ) from 1.4.0 to 1.4.1.
- [Changelog](https://github.com/thoughtbot/scenic/blob/master/NEWS.md )
- [Commits](https://github.com/thoughtbot/scenic/compare/v1.4.0...v1.4.1 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
* Bump exception_notification from 4.2.1 to 4.2.2
Bumps [exception_notification](https://github.com/smartinez87/exception_notification ) from 4.2.1 to 4.2.2.
- [Changelog](https://github.com/smartinez87/exception_notification/blob/master/CHANGELOG.rdoc )
- [Commits](https://github.com/smartinez87/exception_notification/compare/v4.2.1...v4.2.2 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
* Bump oauth from 0.5.3 to 0.5.4
Bumps oauth from 0.5.3 to 0.5.4.
Signed-off-by: dependabot[bot] <support@dependabot.com>
* Bump uglifier from 3.2.0 to 4.1.7
Bumps [uglifier](https://github.com/lautis/uglifier ) from 3.2.0 to 4.1.7.
- [Changelog](https://github.com/lautis/uglifier/blob/master/CHANGELOG.md )
- [Commits](https://github.com/lautis/uglifier/compare/v3.2.0...v4.1.7 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
* Bump rotp from 3.3.0 to 3.3.1
Bumps [rotp](https://github.com/mdp/rotp ) from 3.3.0 to 3.3.1.
- [Changelog](https://github.com/mdp/rotp/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mdp/rotp/commits )
Signed-off-by: dependabot[bot] <support@dependabot.com>
* Bump rails from 5.1.1 to 5.1.5
Bumps [rails](https://github.com/rails/rails ) from 5.1.1 to 5.1.5.
- [Commits](https://github.com/rails/rails/compare/v5.1.1...v5.1.5 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
* Bump faker from 1.7.3 to 1.8.7
Bumps [faker](https://github.com/stympy/faker ) from 1.7.3 to 1.8.7.
- [Changelog](https://github.com/stympy/faker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/stympy/faker/compare/v1.7.3...v1.8.7 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
* Bump unicorn from 5.3.0 to 5.4.0
Bumps [unicorn](https://bogomips.org/unicorn/ ) from 5.3.0 to 5.4.0.
Signed-off-by: dependabot[bot] <support@dependabot.com>
* Bump mysql2 from 0.4.6 to 0.4.10
Bumps [mysql2](https://github.com/brianmario/mysql2 ) from 0.4.6 to 0.4.10.
- [Release notes](https://github.com/brianmario/mysql2/releases )
- [Changelog](https://github.com/brianmario/mysql2/blob/master/CHANGELOG.md )
- [Commits](https://github.com/brianmario/mysql2/compare/0.4.6...0.4.10 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-03-21 13:43:51 -05:00
5851346765
add rubocop, 4849 offenses
2018-03-01 22:35:07 -06:00
dd42cca880
Show story and comment replies, tracking unread ones
2018-01-31 07:43:07 -06:00
a8415a675c
bump nokogiri for security fix
2018-01-25 18:42:52 -06:00
8311cb31d2
Gemfile.lock: update aftet 8128ff15b7
2017-09-08 10:31:06 -05:00
28c8217652
Upgrade rails 5 1 ( #367 )
...
* Upgrade to rails 5.1
- Update versions of dependencies
- Switch before_filter to before_action
- Use render plain rather than render text
* Generate new rails 5.1 scripts
2017-06-18 11:04:32 -05:00
10cde11f83
Search: drop sphinx for searching, use sql fulltext
...
Sphinx's searchd is very buggy, often crashing on rebuilding its
indexes, not starting up, or just spinning at 100% CPU.
It is also a big external dependency that might not be available on
other hosting platforms.
This removes the ability to search both comments and stories at
once, though I don't know how useful that was anyway. We gain
boolean searching and the ability to more carefully craft queries
using particular keywords (in the future) like "user:blah" or
"tag:blah" to narrow things down.
2017-06-07 15:59:54 -05:00
638cf44d0f
Upgrade nokogiri, jquery-rails and uglifier to secure version ( #362 )
2017-05-27 18:26:40 -05:00
fa70ab147c
Simple replacement with CommonMarker
2017-04-12 22:53:51 +10:00
3c908f7487
update to rails 4.2.8
2017-03-18 21:20:40 -05:00
dbd84f1e03
add TOTP-based two-factor authentication option
2017-02-24 12:58:42 -06:00
8fbdc02078
step one of moving user settings to a single column
...
see #245
2017-01-19 12:02:51 -06:00
f3a3413e66
Update htmlentities to remove warning
...
The previous version of `htmlentities` had a duplicate key in one of
its hashes, which produced the following warning:
```
.../htmlentities-4.3.2/lib/htmlentities/mappings/expanded.rb:465:
warning: key "inodot" is duplicated and overwritten on line 466
```
Updating to the latest removes this warning.
2016-03-05 17:32:44 -05:00
6eec2e26af
Support Ruby 2.2.0 and 2.3.0
...
Judging from the test suite, the only issue in supporting Ruby 2.2.0+
was with the `mysql2` gem. Updating this to the latest 0.3.x allows
Lobsters to run with newer Rubies.
We can't update to the absolute latest `mysql2` gem without first
updating Rails, which is why I used the pessimistic version constraint
for `mysql2`.
2016-03-05 17:19:44 -05:00
befee851c8
update to rails 4.1.12
2015-07-24 01:38:51 -05:00
56d771a9f4
rename bcrypt, to eliminate the warning that they changed the gem name
2015-03-04 22:33:09 -08:00
b7b93d0bf9
update to rails 4.1.8
2014-12-13 23:47:44 -05:00
346fec4ef9
update to thinking-sphinx 3.1.2
2014-12-13 23:43:20 -05:00
dfe6db4849
revert 85cb7c20, give up on planet rss aggregation
2014-08-31 20:35:41 -05:00
c4b6772828
update to rails 4.0.8 for no particular reason
2014-08-17 19:25:02 -05:00
85cb7c2057
first stab at planet rss aggregation
...
could probably use a prettier layout and auto-posting a weblog url
to the main site (carrying tags)
2014-08-03 22:07:57 -05:00
b3e6679da0
update some gems, remove some useless comments from Gemfile
2014-08-03 22:07:50 -05:00
9e849de0f7
Add task to generate test data
2014-07-07 12:15:28 +04:00
21553878f3
rails 4.0.5 for CVE-2014-0130
2014-05-06 21:29:07 -05:00
519427586a
use Rails4-style strong parameters mass assignment protection
2014-02-02 15:41:38 -05:00
709b0bff98
upgrade thinking-sphinx gem
2014-01-07 05:52:29 -05:00
9b0294c471
upgrade to rails v4.0.2
2013-12-30 17:40:52 -05:00
aeb97bd8eb
rails 3.2.16 and assorted gem updates
2013-12-03 16:14:18 -06:00
0ac51b9f8c
include oauth gem for a cli tool
2013-07-03 22:40:37 -05:00
fd41bfa566
start on mailing list interface
2013-06-30 00:54:02 -05:00
c9571dabaf
back out 9ece666 removing utf8mb4 hacks, no longer needed
2013-05-26 12:32:54 -05:00
e8bb03a689
rails 3.2.13
2013-03-18 14:16:19 -05:00
e4ec8939c2
rails update o' the day - 3.2.12
2013-02-11 21:58:39 -06:00
ae2c0421e6
update to rails 3.2.11
...
keep ActionDispatch params parsers off
2013-01-08 15:26:12 -06:00
907a18267b
update to rails 3.2.10 to fix CVE-2012-5664
2013-01-02 17:18:57 -06:00
abb8392c16
search engine!
2012-08-24 11:41:36 -05:00
8dd109c49f
drop custom markdowner for rdiscount
2012-08-24 10:57:42 -05:00
7b3cbdddee
rss feeds!
2012-08-24 10:57:10 -05:00
f801932a03
use nokogiri to get doc titles
2012-08-24 10:57:10 -05:00
7fa3f44b27
exception notification
2012-08-24 10:56:54 -05:00
1327a4a130
uglifier
2012-06-30 16:37:09 -05:00
0665176611
unicorn
2012-06-30 16:34:15 -05:00
0a97a5672c
use bcrypt 3.0.0 that is compiled on thalamus
2012-06-30 14:23:08 -05:00
093747b796
initial work on conversion from php tree
2012-06-16 20:15:46 -05:00
Peter Bhat Harkins
Grey Baker
thomasdziedzic-pd
David Wolgemuth
Hunter Madison
Godfrey Chan
James Brink
joshua stein
Adam Hess
Yuki Izumi
Derek Prior
Carlos Puchol
Serge Paquet
Andrey Chernih