ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-10-14 08:31:40 +03:00
Code Issues Projects Releases Wiki Activity

discourse: 3.1.0 -> 3.2.2

Browse Source 
https://meta.discourse.org/t/3-1-1-security-and-bug-fix-release/278760
https://meta.discourse.org/t/3-1-2-security-and-bug-fix-release/282427
https://meta.discourse.org/t/3-1-3-security-and-bug-fix-release/284973
https://meta.discourse.org/t/3-1-4-security-and-bug-fix-release/290939
https://blog.discourse.org/2024/01/celebrating-discourse-3-2/
https://meta.discourse.org/t/3-2-1-security-and-bug-fix-release/298237
https://meta.discourse.org/t/3-2-2-bug-fix-release/307780

Co-Authored-By: Christian Albrecht <christian.albrecht@mayflower.de>
Fixes: CVE-2023-38706, CVE-2023-40588, CVE-2023-41043, CVE-2023-41042,
       CVE-2023-44388, CVE-2023-43814, CVE-2023-45147, CVE-2023-43659,
       CVE-2023-44391, CVE-2023-45131, CVE-2023-47120, CVE-2023-45816,
       CVE-2023-46130, CVE-2023-47119, CVE-2023-47121, CVE-2023-45806,
       CVE-2023-49099, CVE-2024-21655, CVE-2024-21655, CVE-2023-48297,
       CVE-2024-24748, CVE-2024-24827, CVE-2024-27085, CVE-2024-27100,
       CVE-2024-28242
This commit is contained in:
Martin Weinelt 2024-03-26 18:57:36 +01:00
parent 5cf005119a
commit 25755c0d20
No known key found for this signature in database
GPG Key ID: 87C1E9888F856759
9 changed files with 563 additions and 514 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
pkgs/servers/web-apps/discourse/asserts_patch-package_from_path.patch
View File

@ -1,13 +0,0 @@
diff --git a/app/assets/javascripts/discourse/package.json b/app/assets/javascripts/discourse/package.json
index 9e4533d2..e57f8a5f 100644
--- a/app/assets/javascripts/discourse/package.json
+++ b/app/assets/javascripts/discourse/package.json
@@ -14,7 +14,7 @@
"build": "ember build",
"start": "ember serve",
"test": "ember test",
- "postinstall": "yarn --silent --cwd .. patch-package"
+ "postinstall": "patch-package"
},
"dependencies": {
"@babel/core": "^7.21.4",

18
pkgs/servers/web-apps/discourse/assets_rake_command.patch
View File

@ -1,13 +1,13 @@
diff --git a/lib/tasks/assets.rake b/lib/tasks/assets.rake
index 68b5db61ac..d460b5753e 100644
index 9608297789..5487490915 100644
--- a/lib/tasks/assets.rake
+++ b/lib/tasks/assets.rake
@@ -19,7 +19,7 @@ task 'assets:precompile:before' do
if only_assets_precompile_remaining
# Using exec to free up Rails app memory during ember build
- exec "#{compile_command} && EMBER_CLI_COMPILE_DONE=1 bin/rake assets:precompile"
+ exec "#{compile_command} && EMBER_CLI_COMPILE_DONE=1 bundle exec rake assets:precompile"
@@ -36,7 +36,7 @@ task "assets:precompile:build" do
if only_ember_precompile_build_remaining
exec "#{compile_command}"
elsif only_assets_precompile_remaining
- exec "#{compile_command} && SKIP_EMBER_CLI_COMPILE=1 bin/rake assets:precompile"
+ exec "#{compile_command} && SKIP_EMBER_CLI_COMPILE=1 bundle exec rake assets:precompile"
else
system compile_command
end
system compile_command, exception: true
EmberCli.clear_cache!

75
pkgs/servers/web-apps/discourse/default.nix
View File

@ -46,13 +46,13 @@
}@args:
let
version = "3.1.0";
version = "3.2.2";
src = fetchFromGitHub {
owner = "discourse";
repo = "discourse";
rev = "v${version}";
sha256 = "sha256-Iv7VSnK8nZDpmIwIRPedSWlftABKuMOQ4MXDGpjuWrY=";
sha256 = "sha256-JUCFtB5BvBytO3flq9o6iI3HPmvLU358HEmE6wbBsSk=";
};
ruby = ruby_3_2;
@ -65,6 +65,7 @@ let
gnutar
git
brotli
nodejs_18
# Misc required system utils
which
@ -200,9 +201,14 @@ let
pname = "discourse-assets";
inherit version src;
yarnDevOfflineCache = fetchYarnDeps {
yarnLock = src + "/yarn.lock";
hash = "sha256-0s8c2V8Wl3f5kL1OIn2ps6hL7CUQD5+LJm+9LYHc+W0=";
};
yarnOfflineCache = fetchYarnDeps {
yarnLock = src + "/app/assets/javascripts/yarn.lock";
sha256 = "0sclrv3303dgg3r08dwhd1yvi3pvlnvnikn300vjsh6c71fnzhnj";
yarnLock = src + "/app/assets/javascripts/yarn-ember5.lock";
hash = "sha256-ZBXvNdHHV92kSAswe6KA+OqaY5smf7ZKTTOiY8g78D0=";
};
nativeBuildInputs = runtimeDeps ++ [
@ -210,9 +216,7 @@ let
redis
nodePackages.uglify-js
terser
nodePackages.patch-package
yarn
nodejs_18
jq
moreutils
fixup-yarn-lock
@ -234,13 +238,14 @@ let
# assets precompilation task.
./assets_rake_command.patch
# `app/assets/javascripts/discourse/package.json`'s postinstall
# hook tries to call `../node_modules/.bin/patch-package`, which
# hasn't been `patchShebangs`-ed yet. So instead we just use
# `patch-package` from `nativeBuildInputs`.
./asserts_patch-package_from_path.patch
# Little does he know, so he decided there is no need to generate the
# theme-transpiler over and over again. Which at the same time allows the removal
# of javascript devDependencies from the runtime environment.
./prebuild-theme-transpiler.patch
];
env.RAILS_ENV = "production";
# We have to set up an environment that is close enough to
# production ready or the assets:precompile task refuses to
# run. This means that Redis and PostgreSQL has to be running and
@ -249,27 +254,30 @@ let
# Yarn wants a real home directory to write cache, config, etc to
export HOME=$NIX_BUILD_TOP/fake_home
# Make yarn install packages from our offline cache, not the registry
yarn config --offline set yarn-offline-mirror $yarnOfflineCache
yarn_install() {
local offlineCache=$1 yarnLock=$2
# Fixup "resolved"-entries in yarn.lock to match our offline cache
fixup-yarn-lock app/assets/javascripts/yarn.lock
# Make yarn install packages from our offline cache, not the registry
yarn config --offline set yarn-offline-mirror $offlineCache
# Fixup "resolved"-entries in yarn.lock to match our offline cache
fixup-yarn-lock $yarnLock
# Install while ignoring hook scripts
yarn --offline --ignore-scripts --cwd $(dirname $yarnLock) install
}
# Install devDependencies for generating the theme-transpiler executed as
# dependent task assets:precompile:theme_transpiler before db:migrate
yarn_install $yarnDevOfflineCache yarn.lock
# Install the runtime dependencies
yarn_install $yarnOfflineCache app/assets/javascripts/yarn-ember5.lock
# Patch before running postinstall hook script
patchShebangs --build app/assets/javascripts
yarn --offline --cwd app/assets/javascripts run postinstall
export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt
find app/assets/javascripts -name package.json -print0 \
| xargs -0 -I {} bash -c "jq 'del(.scripts.postinstall)' -r <{} | sponge {}"
yarn install --offline --cwd app/assets/javascripts/discourse
patchShebangs app/assets/javascripts/node_modules/
# Run `patch-package` AFTER the corresponding shebang inside `.bin/patch-package`
# got patched. Otherwise this will fail with
# /bin/sh: line 1: /build/source/app/assets/javascripts/node_modules/.bin/patch-package: cannot execute: required file not found
pushd app/assets/javascripts &>/dev/null
yarn run patch-package
popd &>/dev/null
redis-server >/dev/null &
initdb -A trust $NIX_BUILD_TOP/postgres >/dev/null
@ -286,14 +294,8 @@ let
psql 'discourse' -tAc "CREATE EXTENSION IF NOT EXISTS pg_trgm"
psql 'discourse' -tAc "CREATE EXTENSION IF NOT EXISTS hstore"
# Create a temporary home dir to stop bundler from complaining
mkdir $NIX_BUILD_TOP/tmp_home
export HOME=$NIX_BUILD_TOP/tmp_home
${lib.concatMapStringsSep "\n" (p: "ln -sf ${p} plugins/${p.pluginName or ""}") plugins}
export RAILS_ENV=production
bundle exec rake db:migrate >/dev/null
chmod -R +w tmp
'';
@ -352,6 +354,11 @@ let
# Make sure the notification email setting applies
./notification_email.patch
# Little does he know, so he decided there is no need to generate the
# theme-transpiler over and over again. Which at the same time allows the removal
# of javascript devDependencies from the runtime environment.
./prebuild-theme-transpiler.patch
];
postPatch = ''

21
pkgs/servers/web-apps/discourse/prebuild-theme-transpiler.patch Normal file
View File

@ -0,0 +1,21 @@
diff --git a/lib/discourse_js_processor.rb b/lib/discourse_js_processor.rb
index 26d142fa4d..6040aba6f4 100644
--- a/lib/discourse_js_processor.rb
+++ b/lib/discourse_js_processor.rb
@@ -68,7 +68,7 @@ class DiscourseJsProcessor
TRANSPILER_PATH =
(
if Rails.env.production?
- "tmp/theme-transpiler.js"
+ "app/assets/javascripts/theme-transpiler.js"
else
"tmp/theme-transpiler/#{Process.pid}.js"
end
@@ -87,6 +87,6 @@ class DiscourseJsProcessor
"node",
"app/assets/javascripts/theme-transpiler/build.js",
TRANSPILER_PATH,
- )
+ ) if !Rails.env.production? or !File.file?(TRANSPILER_PATH)
TRANSPILER_PATH
end

49
pkgs/servers/web-apps/discourse/rubyEnv/Gemfile
View File

@ -6,28 +6,14 @@ source "https://rubygems.org"
gem "bootsnap", require: false, platform: :mri
def rails_master?
ENV["RAILS_MASTER"] == "1"
end
if rails_master?
gem "arel", git: "https://github.com/rails/arel.git"
gem "rails", git: "https://github.com/rails/rails.git"
else
# NOTE: Until rubygems gives us optional dependencies we are stuck with this needing to be explicit
# this allows us to include the bits of rails we use without pieces we do not.
#
# To issue a rails update bump the version number here
rails_version = "7.0.5.1"
gem "actionmailer", rails_version
gem "actionpack", rails_version
gem "actionview", rails_version
gem "activemodel", rails_version
gem "activerecord", rails_version
gem "activesupport", rails_version
gem "railties", rails_version
gem "sprockets-rails"
end
gem "actionmailer", "< 7.1"
gem "actionpack", "< 7.1"
gem "actionview", "< 7.1"
gem "activemodel", "< 7.1"
gem "activerecord", "< 7.1"
gem "activesupport", "< 7.1"
gem "railties", "< 7.1"
gem "sprockets-rails"
gem "json"
@ -141,10 +127,11 @@ group :test do
gem "fakeweb", require: false
gem "minitest", require: false
gem "simplecov", require: false
gem "selenium-webdriver", require: false
gem "selenium-webdriver", "~> 4.14", require: false
gem "selenium-devtools", require: false
gem "test-prof"
gem "webdrivers", require: false
gem "rails-dom-testing", require: false
gem "minio_runner", require: false
end
group :test, :development do
@ -158,7 +145,7 @@ group :test, :development do
gem "rspec-rails"
gem "shoulda-matchers", require: false, github: "thoughtbot/shoulda-matchers"
gem "shoulda-matchers", require: false
gem "rspec-html-matchers"
gem "byebug", require: ENV["RM_INFO"].nil?, platform: :mri
gem "rubocop-discourse", require: false
@ -209,7 +196,9 @@ gem "rack-mini-profiler", require: ["enable_rails_patches"]
gem "unicorn", require: false, platform: :ruby
gem "puma", require: false
gem "rbtrace", require: false, platform: :mri
gem "gc_tracer", require: false, platform: :mri
# required for feed importing and embedding
@ -228,9 +217,8 @@ gem "logstash-event", require: false
gem "logstash-logger", require: false
gem "logster"
# These are forks of sassc and sassc-rails with dart-sass support
gem "dartsass-ruby"
gem "dartsass-sprockets"
# A fork of sassc with dart-sass support
gem "sassc-embedded"
gem "rotp", require: false
@ -259,6 +247,11 @@ if ENV["IMPORT"] == "1"
gem "parallel", require: false
end
group :generic_import, optional: true do
gem "sqlite3"
gem "redcarpet"
end
gem "web-push"
gem "colored2", require: false
gem "maxminddb"

331
pkgs/servers/web-apps/discourse/rubyEnv/Gemfile.lock
View File

@ -7,63 +7,56 @@ GIT
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
GIT
remote: https://github.com/thoughtbot/shoulda-matchers.git
revision: 783a90554053002017510285bc736099b2749c22
specs:
shoulda-matchers (5.3.0)
activesupport (>= 5.2.0)
GEM
remote: https://rubygems.org/
specs:
actionmailer (7.0.5.1)
actionpack (= 7.0.5.1)
actionview (= 7.0.5.1)
activejob (= 7.0.5.1)
activesupport (= 7.0.5.1)
actionmailer (7.0.8)
actionpack (= 7.0.8)
actionview (= 7.0.8)
activejob (= 7.0.8)
activesupport (= 7.0.8)
mail (~> 2.5, >= 2.5.4)
net-imap
net-pop
net-smtp
rails-dom-testing (~> 2.0)
actionpack (7.0.5.1)
actionview (= 7.0.5.1)
activesupport (= 7.0.5.1)
actionpack (7.0.8)
actionview (= 7.0.8)
activesupport (= 7.0.8)
rack (~> 2.0, >= 2.2.4)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.2.0)
actionview (7.0.5.1)
activesupport (= 7.0.5.1)
actionview (7.0.8)
activesupport (= 7.0.8)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.1, >= 1.2.0)
actionview_precompiler (0.2.3)
actionview_precompiler (0.3.0)
actionview (>= 6.0.a)
active_model_serializers (0.8.4)
activemodel (>= 3.0)
activejob (7.0.5.1)
activesupport (= 7.0.5.1)
activejob (7.0.8)
activesupport (= 7.0.8)
globalid (>= 0.3.6)
activemodel (7.0.5.1)
activesupport (= 7.0.5.1)
activerecord (7.0.5.1)
activemodel (= 7.0.5.1)
activesupport (= 7.0.5.1)
activesupport (7.0.5.1)
activemodel (7.0.8)
activesupport (= 7.0.8)
activerecord (7.0.8)
activemodel (= 7.0.8)
activesupport (= 7.0.8)
activesupport (7.0.8)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 1.6, < 2)
minitest (>= 5.1)
tzinfo (~> 2.0)
addressable (2.8.4)
addressable (2.8.6)
public_suffix (>= 2.0.2, < 6.0)
annotate (3.2.0)
activerecord (>= 3.2, < 8.0)
rake (>= 10.4, < 14.0)
ast (2.4.2)
aws-eventstream (1.2.0)
aws-eventstream (1.3.0)
aws-partitions (1.583.0)
aws-sdk-core (3.130.2)
aws-eventstream (~> 1, >= 1.0.2)
@ -82,55 +75,50 @@ GEM
aws-sigv4 (~> 1.1)
aws-sigv4 (1.5.0)
aws-eventstream (~> 1, >= 1.0.2)
base64 (0.2.0)
better_errors (2.10.1)
erubi (>= 1.0.0)
rack (>= 0.9.0)
rouge (>= 1.0.0)
bigdecimal (3.1.6)
binding_of_caller (1.0.0)
debug_inspector (>= 0.0.1)
bootsnap (1.16.0)
bootsnap (1.17.1)
msgpack (~> 1.2)
builder (3.2.4)
bullet (7.0.7)
bullet (7.1.6)
activesupport (>= 3.0.0)
uniform_notifier (~> 1.11)
byebug (11.1.3)
capybara (3.39.2)
capybara (3.40.0)
addressable
matrix
mini_mime (>= 0.1.3)
nokogiri (~> 1.8)
nokogiri (~> 1.11)
rack (>= 1.6.0)
rack-test (>= 0.6.3)
regexp_parser (>= 1.5, < 3.0)
xpath (~> 3.2)
cbor (0.5.9.6)
cbor (0.5.9.8)
certified (1.0.0)
cgi (0.3.6)
cgi (0.4.1)
chunky_png (1.4.0)
coderay (1.1.3)
colored2 (3.1.2)
concurrent-ruby (1.2.2)
colored2 (4.0.0)
concurrent-ruby (1.2.3)
connection_pool (2.4.1)
cose (1.3.0)
cbor (~> 0.5.9)
openssl-signature_algorithm (~> 1.0)
cppjieba_rb (0.4.2)
crack (0.4.5)
crack (0.4.6)
bigdecimal
rexml
crass (1.0.6)
css_parser (1.14.0)
css_parser (1.16.0)
addressable
dartsass-ruby (3.0.1)
sass-embedded (~> 1.54)
dartsass-sprockets (3.0.0)
dartsass-ruby (~> 3.0)
railties (>= 4.0.0)
sprockets (> 3.0)
sprockets-rails
tilt
date (3.3.3)
debug_inspector (1.1.0)
date (3.3.4)
debug_inspector (1.2.0)
diff-lcs (1.5.0)
diffy (3.4.2)
digest (3.1.1)
@ -144,34 +132,35 @@ GEM
docile (1.4.0)
email_reply_trimmer (0.1.13)
erubi (1.12.0)
excon (0.100.0)
execjs (2.8.1)
excon (0.109.0)
execjs (2.9.1)
exifr (1.4.0)
fabrication (2.30.0)
fabrication (2.31.0)
faker (2.23.0)
i18n (>= 1.8.11, < 2)
fakeweb (1.3.0)
faraday (2.7.10)
faraday-net_http (>= 2.0, < 3.1)
ruby2_keywords (>= 0.0.4)
faraday-net_http (3.0.2)
faraday (2.9.0)
faraday-net_http (>= 2.0, < 3.2)
faraday-net_http (3.1.0)
net-http
faraday-retry (2.2.0)
faraday (~> 2.0)
fast_blank (1.0.1)
fast_xs (0.8.0)
fastimage (2.2.7)
ffi (1.15.5)
fastimage (2.3.0)
ffi (1.16.3)
fspath (3.1.2)
gc_tracer (1.5.1)
globalid (1.1.0)
activesupport (>= 5.0)
google-protobuf (3.23.4)
globalid (1.2.1)
activesupport (>= 6.1)
google-protobuf (3.25.2)
google-protobuf (3.25.2-arm64-darwin)
google-protobuf (3.25.2-x86_64-darwin)
guess_html_encoding (0.0.11)
hana (1.3.7)
hashdiff (1.0.1)
hashdiff (1.1.0)
hashie (5.0.0)
highline (2.1.0)
hkdf (1.0.0)
highline (3.0.1)
htmlentities (4.3.4)
http_accept_language (2.1.1)
i18n (1.14.1)
@ -182,13 +171,13 @@ GEM
image_size (>= 1.5, < 4)
in_threads (~> 1.3)
progress (~> 3.0, >= 3.0.1)
image_size (3.3.0)
image_size (3.4.0)
in_threads (1.6.0)
jmespath (1.6.2)
json (2.6.3)
json-schema (3.0.0)
json (2.7.1)
json-schema (4.1.1)
addressable (>= 2.8)
json_schemer (1.0.3)
json_schemer (2.1.1)
hana (~> 1.3)
regexp_parser (~> 2.0)
simpleidn (~> 0.2)
@ -196,11 +185,13 @@ GEM
kgio (2.11.4)
language_server-protocol (3.17.0.3)
libv8-node (18.16.0.0)
libv8-node (18.16.0.0-arm64-darwin)
libv8-node (18.16.0.0-x86_64-darwin)
listen (3.8.0)
rb-fsevent (~> 0.10, >= 0.10.3)
rb-inotify (~> 0.9, >= 0.9.10)
literate_randomizer (0.4.0)
lograge (0.13.0)
lograge (0.14.0)
actionpack (>= 4)
activesupport (>= 4)
railties (>= 4)
@ -208,8 +199,8 @@ GEM
logstash-event (1.2.02)
logstash-logger (0.26.1)
logstash-event (~> 1.2)
logster (2.12.2)
loofah (2.21.3)
logster (2.16.0)
loofah (2.22.0)
crass (~> 1.0.2)
nokogiri (>= 1.12.0)
lru_redux (1.1.0)
@ -222,40 +213,45 @@ GEM
matrix (0.4.2)
maxminddb (0.1.22)
memory_profiler (1.0.1)
message_bus (4.3.7)
message_bus (4.3.8)
rack (>= 1.1.3)
method_source (1.0.0)
mini_mime (1.1.2)
mini_portile2 (2.8.4)
mini_mime (1.1.5)
mini_portile2 (2.8.6)
mini_racer (0.8.0)
libv8-node (~> 18.16.0.0)
mini_scheduler (0.16.0)
sidekiq (>= 4.2.3, < 7.0)
mini_sql (1.4.0)
mini_sql (1.5.0)
mini_suffix (0.3.3)
ffi (~> 1.9)
minitest (5.19.0)
minio_runner (0.1.2)
minitest (5.21.2)
mocha (2.1.0)
ruby2_keywords (>= 0.0.5)
msgpack (1.7.2)
multi_json (1.15.0)
multi_xml (0.6.0)
mustache (1.1.1)
net-http (0.3.2)
net-http (0.4.1)
uri
net-imap (0.3.7)
net-imap (0.4.9.1)
date
net-protocol
net-pop (0.1.2)
net-protocol
net-protocol (0.2.1)
net-protocol (0.2.2)
timeout
net-smtp (0.3.3)
net-smtp (0.4.0.1)
net-protocol
nio4r (2.5.9)
nokogiri (1.15.3)
nio4r (2.7.0)
nokogiri (1.16.0)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
nokogiri (1.16.0-arm64-darwin)
racc (~> 1.4)
nokogiri (1.16.0-x86_64-darwin)
racc (~> 1.4)
oauth (1.1.0)
oauth-tty (~> 1.0, >= 1.0.1)
snaky_hash (~> 2.0)
@ -268,7 +264,8 @@ GEM
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 4)
oj (3.15.1)
oj (3.16.3)
bigdecimal (>= 3.0)
omniauth (1.9.2)
hashie (>= 3.4.6)
rack (>= 1.6.2, < 3)
@ -291,17 +288,17 @@ GEM
omniauth-twitter (1.4.0)
omniauth-oauth (~> 1.1)
rack
openssl (3.1.0)
openssl (3.2.0)
openssl-signature_algorithm (1.3.0)
openssl (> 2.0)
optimist (3.1.0)
parallel (1.23.0)
parallel_tests (4.2.1)
parallel (1.24.0)
parallel_tests (4.4.0)
parallel
parser (3.2.2.3)
parser (3.3.0.5)
ast (~> 2.4.1)
racc
pg (1.4.6)
pg (1.5.4)
prettier_print (1.2.1)
progress (3.6.0)
pry (0.14.2)
@ -312,18 +309,19 @@ GEM
pry (>= 0.13, < 0.15)
pry-rails (0.3.9)
pry (>= 0.10.4)
public_suffix (5.0.3)
puma (6.3.0)
public_suffix (5.0.4)
puma (6.4.2)
nio4r (~> 2.0)
racc (1.7.1)
racc (1.7.3)
rack (2.2.8)
rack-mini-profiler (3.1.0)
rack-mini-profiler (3.3.0)
rack (>= 1.2.0)
rack-protection (3.0.6)
rack
rack-protection (3.2.0)
base64 (>= 0.1.0)
rack (~> 2.2, >= 2.2.4)
rack-test (2.1.0)
rack (>= 1.3)
rails-dom-testing (2.1.1)
rails-dom-testing (2.2.0)
activesupport (>= 5.0.0)
minitest
nokogiri (>= 1.6)
@ -337,34 +335,35 @@ GEM
rails_multisite (5.0.0)
activerecord (>= 6.0)
railties (>= 6.0)
railties (7.0.5.1)
actionpack (= 7.0.5.1)
activesupport (= 7.0.5.1)
railties (7.0.8)
actionpack (= 7.0.8)
activesupport (= 7.0.8)
method_source
rake (>= 12.2)
thor (~> 1.0)
zeitwerk (~> 2.5)
rainbow (3.1.1)
raindrops (0.20.1)
rake (13.0.6)
rake (13.1.0)
rb-fsevent (0.11.2)
rb-inotify (0.10.1)
ffi (~> 1.0)
rbtrace (0.4.14)
rbtrace (0.5.1)
ffi (>= 1.0.6)
msgpack (>= 0.4.3)
optimist (>= 3.0.0)
rchardet (1.8.0)
redcarpet (3.6.0)
redis (4.8.1)
redis-namespace (1.11.0)
redis (>= 4)
regexp_parser (2.8.1)
regexp_parser (2.9.0)
request_store (1.5.1)
rack (>= 1.4)
rexml (3.2.6)
rinku (2.0.6)
rotp (6.2.2)
rouge (4.1.3)
rotp (6.3.0)
rouge (4.2.0)
rqrcode (2.2.0)
chunky_png (~> 1.0)
rqrcode_core (~> 1.0)
@ -384,7 +383,7 @@ GEM
rspec-mocks (3.12.6)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.12.0)
rspec-rails (6.0.3)
rspec-rails (6.1.1)
actionpack (>= 6.1)
activesupport (>= 6.1)
railties (>= 6.1)
@ -393,57 +392,68 @@ GEM
rspec-mocks (~> 3.12)
rspec-support (~> 3.12)
rspec-support (3.12.1)
rss (0.2.9)
rss (0.3.0)
rexml
rswag-specs (2.10.1)
activesupport (>= 3.1, < 7.1)
json-schema (>= 2.2, < 4.0)
railties (>= 3.1, < 7.1)
rswag-specs (2.13.0)
activesupport (>= 3.1, < 7.2)
json-schema (>= 2.2, < 5.0)
railties (>= 3.1, < 7.2)
rspec-core (>= 2.14)
rtlcss (0.2.1)
mini_racer (>= 0.6.3)
rubocop (1.55.1)
rubocop (1.60.2)
json (~> 2.3)
language_server-protocol (>= 3.17.0)
parallel (~> 1.10)
parser (>= 3.2.2.3)
parser (>= 3.3.0.2)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 1.8, < 3.0)
rexml (>= 3.2.5, < 4.0)
rubocop-ast (>= 1.28.1, < 2.0)
rubocop-ast (>= 1.30.0, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 2.4.0, < 3.0)
rubocop-ast (1.29.0)
rubocop-ast (1.30.0)
parser (>= 3.2.1.0)
rubocop-capybara (2.18.0)
rubocop-capybara (2.20.0)
rubocop (~> 1.41)
rubocop-discourse (3.3.0)
rubocop (>= 1.1.0)
rubocop-rspec (>= 2.0.0)
rubocop-factory_bot (2.23.1)
rubocop (~> 1.33)
rubocop-rspec (2.23.0)
rubocop (~> 1.33)
rubocop-discourse (3.6.0)
rubocop (>= 1.59.0)
rubocop-rspec (>= 2.25.0)
rubocop-factory_bot (2.25.1)
rubocop (~> 1.41)
rubocop-rspec (2.26.1)
rubocop (~> 1.40)
rubocop-capybara (~> 2.17)
rubocop-factory_bot (~> 2.22)
ruby-prof (1.6.3)
ruby-prof (1.7.0)
ruby-progressbar (1.13.0)
ruby-readability (0.7.0)
guess_html_encoding (>= 0.0.4)
nokogiri (>= 1.6.0)
ruby2_keywords (0.0.5)
rubyzip (2.3.2)
sanitize (6.0.2)
sanitize (6.1.0)
crass (~> 1.0.2)
nokogiri (>= 1.12.0)
sass-embedded (1.64.1)
google-protobuf (~> 3.23)
sass-embedded (1.70.0)
google-protobuf (~> 3.25)
rake (>= 13.0.0)
selenium-webdriver (4.10.0)
sass-embedded (1.70.0-arm64-darwin)
google-protobuf (~> 3.25)
sass-embedded (1.70.0-x86_64-darwin)
google-protobuf (~> 3.25)
sassc-embedded (1.70.0)
sass-embedded (~> 1.70)
selenium-devtools (0.121.0)
selenium-webdriver (~> 4.2)
selenium-webdriver (4.17.0)
base64 (~> 0.2)
rexml (~> 3.2, >= 3.2.5)
rubyzip (>= 1.2.2, < 3.0)
websocket (~> 1.0)
sidekiq (6.5.9)
shoulda-matchers (6.1.0)
activesupport (>= 5.2.0)
sidekiq (6.5.12)
connection_pool (>= 2.2.5, < 3)
rack (~> 2.0)
redis (>= 4.5.0, < 5)
@ -462,62 +472,63 @@ GEM
actionpack (>= 5.2)
activesupport (>= 5.2)
sprockets (>= 3.0.0)
sshkey (2.0.0)
stackprof (0.2.25)
syntax_tree (6.1.1)
sqlite3 (1.7.1)
mini_portile2 (~> 2.8.0)
sqlite3 (1.7.1-arm64-darwin)
sqlite3 (1.7.1-x86_64-darwin)
sshkey (3.0.0)
stackprof (0.2.26)
syntax_tree (6.2.0)
prettier_print (>= 1.2.0)
syntax_tree-disable_ternary (1.0.0)
test-prof (1.2.2)
thor (1.2.2)
tilt (2.2.0)
timeout (0.4.0)
test-prof (1.3.1)
thor (1.3.0)
timeout (0.4.1)
tzinfo (2.0.6)
concurrent-ruby (~> 1.0)
tzinfo-data (1.2023.3)
tzinfo-data (1.2023.4)
tzinfo (>= 1.0.0)
uglifier (4.2.0)
execjs (>= 0.3.0, < 3)
unf (0.1.4)
unf_ext
unf_ext (0.0.8.2)
unicode-display_width (2.4.2)
unf_ext (0.0.9.1)
unicode-display_width (2.5.0)
unicorn (6.1.0)
kgio (~> 2.6)
raindrops (~> 0.7)
uniform_notifier (1.16.0)
uri (0.12.2)
uri (0.13.0)
version_gem (1.1.3)
web-push (3.0.0)
hkdf (~> 1.0)
web-push (3.0.1)
jwt (~> 2.0)
openssl (~> 3.0)
webdrivers (5.3.1)
nokogiri (~> 1.6)
rubyzip (>= 1.3.0)
selenium-webdriver (~> 4.0, < 4.11)
webmock (3.18.1)
webmock (3.19.1)
addressable (>= 2.8.0)
crack (>= 0.3.2)
hashdiff (>= 0.4.0, < 2.0.0)
websocket (1.2.9)
websocket (1.2.10)
xpath (3.2.0)
nokogiri (~> 1.8)
yaml-lint (0.1.2)
yard (0.9.34)
zeitwerk (2.6.10)
zeitwerk (2.6.12)
PLATFORMS
arm64-darwin-21
arm64-darwin-22
ruby
x86_64-darwin-22
DEPENDENCIES
actionmailer (= 7.0.5.1)
actionpack (= 7.0.5.1)
actionview (= 7.0.5.1)
actionmailer (< 7.1)
actionpack (< 7.1)
actionview (< 7.1)
actionview_precompiler
active_model_serializers (~> 0.8.3)
activemodel (= 7.0.5.1)
activerecord (= 7.0.5.1)
activesupport (= 7.0.5.1)
activemodel (< 7.1)
activerecord (< 7.1)
activesupport (< 7.1)
addressable
annotate
aws-sdk-s3
@ -535,8 +546,6 @@ DEPENDENCIES
cose
cppjieba_rb
css_parser
dartsass-ruby
dartsass-sprockets
diffy
digest
discourse-fonts
@ -577,6 +586,7 @@ DEPENDENCIES
mini_scheduler
mini_sql
mini_suffix
minio_runner
minitest
mocha
multi_json
@ -604,11 +614,12 @@ DEPENDENCIES
rails-dom-testing
rails_failover
rails_multisite
railties (= 7.0.5.1)
railties (< 7.1)
rake
rb-fsevent
rbtrace
rchardet
redcarpet
redis
redis-namespace
rinku
@ -625,12 +636,15 @@ DEPENDENCIES
ruby-readability
rubyzip
sanitize
selenium-webdriver
shoulda-matchers!
sassc-embedded
selenium-devtools
selenium-webdriver (~> 4.14)
shoulda-matchers
sidekiq
simplecov
sprockets!
sprockets-rails
sqlite3
sshkey
stackprof
syntax_tree
@ -642,10 +656,9 @@ DEPENDENCIES
unf
unicorn
web-push
webdrivers
webmock
yaml-lint
yard
BUNDLED WITH
2.4.13
2.5.9

538
pkgs/servers/web-apps/discourse/rubyEnv/gemset.nix
View File

File diff suppressed because it is too large Load Diff

13
pkgs/servers/web-apps/discourse/unicorn_logging_and_timeout.patch
View File

@ -1,13 +1,13 @@
diff --git a/config/unicorn.conf.rb b/config/unicorn.conf.rb
index e69979adfe..68cb04a036 100644
index 9fd348b074..40eb73b96e 100644
--- a/config/unicorn.conf.rb
+++ b/config/unicorn.conf.rb
@@ -27,18 +27,10 @@ pid (ENV["UNICORN_PID_PATH"] || "#{discourse_path}/tmp/pids/unicorn.pid")
@@ -27,17 +27,9 @@ pid(ENV["UNICORN_PID_PATH"] || "#{discourse_path}/tmp/pids/unicorn.pid")
if ENV["RAILS_ENV"] != "production"
logger Logger.new(STDOUT)
- # we want a longer timeout in dev cause first request can be really slow
- timeout (ENV["UNICORN_TIMEOUT"] && ENV["UNICORN_TIMEOUT"].to_i || 60)
- timeout(ENV["UNICORN_TIMEOUT"] && ENV["UNICORN_TIMEOUT"].to_i || 60)
-else
- # By default, the Unicorn logger will write to stderr.
- # Additionally, some applications/frameworks log to stderr or stdout,
@ -17,9 +17,8 @@ index e69979adfe..68cb04a036 100644
- # nuke workers after 30 seconds instead of 60 seconds (the default)
- timeout 30
end
+timeout (ENV["UNICORN_TIMEOUT"] && ENV["UNICORN_TIMEOUT"].to_i || 60)
+timeout(ENV["UNICORN_TIMEOUT"] && ENV["UNICORN_TIMEOUT"].to_i || 60)
+
# important for Ruby 2.0
preload_app true

19
pkgs/servers/web-apps/discourse/update.py
View File

@ -86,11 +86,12 @@ class DiscourseRepo:
return self._latest_commit_sha
def get_yarn_lock_hash(self, rev: str):
yarnLockText = self.get_file('app/assets/javascripts/yarn.lock', rev)
def get_yarn_lock_hash(self, rev: str, path: str):
yarnLockText = self.get_file(path, rev)
with tempfile.NamedTemporaryFile(mode='w') as lockFile:
lockFile.write(yarnLockText)
return subprocess.check_output(['prefetch-yarn-deps', lockFile.name]).decode('utf-8').strip()
hash = subprocess.check_output(['prefetch-yarn-deps', lockFile.name]).decode().strip()
return subprocess.check_output(["nix", "hash", "to-sri", "--type", "sha256", hash]).decode().strip()
def get_file(self, filepath, rev):
"""Return file contents at a given rev.
@ -224,6 +225,8 @@ def update(rev):
with open(rubyenv_dir / fn, 'w') as f:
f.write(repo.get_file(fn, version.tag))
# work around https://github.com/nix-community/bundix/issues/8
os.environ["BUNDLE_FORCE_RUBY_PLATFORM"] = "true"
subprocess.check_output(['bundle', 'lock'], cwd=rubyenv_dir)
_remove_platforms(rubyenv_dir)
subprocess.check_output(['bundix'], cwd=rubyenv_dir)
@ -231,11 +234,17 @@ def update(rev):
_call_nix_update('discourse', version.version)
old_yarn_hash = _nix_eval('discourse.assets.yarnOfflineCache.outputHash')
new_yarn_hash = repo.get_yarn_lock_hash(version.tag)
click.echo(f"Updating yarn lock hash, {old_yarn_hash} -> {new_yarn_hash}")
new_yarn_hash = repo.get_yarn_lock_hash(version.tag, "app/assets/javascripts/yarn-ember5.lock")
click.echo(f"Updating yarn lock hash: {old_yarn_hash} -> {new_yarn_hash}")
old_yarn_dev_hash = _nix_eval('discourse.assets.yarnDevOfflineCache.outputHash')
new_yarn_dev_hash = repo.get_yarn_lock_hash(version.tag, "yarn.lock")
click.echo(f"Updating yarn dev lock hash: {old_yarn_dev_hash} -> {new_yarn_dev_hash}")
with open(Path(__file__).parent / "default.nix", 'r+') as f:
content = f.read()
content = content.replace(old_yarn_hash, new_yarn_hash)
content = content.replace(old_yarn_dev_hash, new_yarn_dev_hash)
f.seek(0)
f.write(content)
f.truncate()