So main has this
TopicEmbed.import_remote(@embed_url, user: User.find_by(username_lower: username.downcase))
and stable has this
TopicEmbed.import_remote(user, @embed_url)
Note the order of the parameters.
Now the backport of the security patch changed the function signature on stable to the new parameter order,so
def self.import_remote(import_user, url, opts = nil)
became
def self.import_remote(url, opts = nil)
and now the url parameter receives a User object.
Changing the function call resolves the issue
diff --git a/lib/topic_retriever.rb b/lib/topic_retriever.rb
index b798df6cd7..6186ce5868 100644
--- a/lib/topic_retriever.rb
+++ b/lib/topic_retriever.rb
@@ -50,6 +50,6 @@ class TopicRetriever
user = User.where(username_lower: username.downcase).first
return if user.blank?
- TopicEmbed.import_remote(user, @embed_url)
+ TopicEmbed.import_remote(@embed_url, user: user)
end
end