]>
git.openstreetmap.org Git - rails.git/log
Tom Hughes [Mon, 27 Jul 2020 18:11:03 +0000 (19:11 +0100)]
Fix the Command Injection warnings from Brakeman
translatewiki.net [Thu, 30 Jul 2020 13:35:19 +0000 (15:35 +0200)]
Localisation updates from https://translatewiki.net.
Andy Allan [Wed, 29 Jul 2020 10:15:07 +0000 (12:15 +0200)]
Merge pull request #2737 from openstreetmap/dependabot/bundler/strong_migrations-0.7.1
Bump strong_migrations from 0.7.0 to 0.7.1
dependabot[bot] [Tue, 28 Jul 2020 05:02:40 +0000 (05:02 +0000)]
Bump strong_migrations from 0.7.0 to 0.7.1
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.7.0 to 0.7.1.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.7.0...v0.7.1)
Signed-off-by: dependabot[bot] <support@github.com>
translatewiki.net [Mon, 27 Jul 2020 16:29:55 +0000 (18:29 +0200)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Mon, 27 Jul 2020 14:20:39 +0000 (15:20 +0100)]
Merge remote-tracking branch 'upstream/pull/2734'
Peter [Mon, 27 Jul 2020 11:04:52 +0000 (13:04 +0200)]
turn_costs=true only for car
I know there was a bit forth and back in #2695 and my last recommendation was to use turn_costs=true. This was not intended for bike and foot.
Tom Hughes [Thu, 23 Jul 2020 20:32:58 +0000 (21:32 +0100)]
Merge remote-tracking branch 'upstream/pull/2731'
Andy Allan [Thu, 23 Jul 2020 06:44:39 +0000 (08:44 +0200)]
Merge pull request #2730 from openstreetmap/dependabot/bundler/bootsnap-1.4.7
Bump bootsnap from 1.4.6 to 1.4.7
Andy Allan [Thu, 23 Jul 2020 06:44:11 +0000 (08:44 +0200)]
Merge pull request #2729 from Firefishy/remove-legacy-openlayers
Remove legacy OpenLayers files
dependabot[bot] [Thu, 23 Jul 2020 06:40:23 +0000 (06:40 +0000)]
Bump strong_migrations from 0.6.8 to 0.7.0
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.6.8 to 0.7.0.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.6.8...v0.7.0)
Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] [Thu, 23 Jul 2020 05:10:39 +0000 (05:10 +0000)]
Bump bootsnap from 1.4.6 to 1.4.7
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.6 to 1.4.7.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.6...v1.4.7)
Signed-off-by: dependabot[bot] <support@github.com>
Grant Slater [Wed, 22 Jul 2020 22:10:32 +0000 (23:10 +0100)]
Remove legacy OpenLayers
Remove legacy OpenLayers code, which for www.openstreetmap.org is
now managed by https://github.com/openstreetmap/chef/tree/master/cookbooks/web/files/default/static/openlayers
Tom Hughes [Wed, 22 Jul 2020 19:57:16 +0000 (20:57 +0100)]
Fix the CrossSiteScripting warnings from Brakeman
Tom Hughes [Wed, 22 Jul 2020 18:29:08 +0000 (19:29 +0100)]
Merge remote-tracking branch 'upstream/pull/2727'
Tom Hughes [Wed, 22 Jul 2020 18:29:05 +0000 (19:29 +0100)]
Merge remote-tracking branch 'upstream/pull/2725'
Tom Hughes [Wed, 22 Jul 2020 18:13:19 +0000 (19:13 +0100)]
Fix the Redirect warnings from Brakeman
Unfortunately I've had to leave the check disabed as Brakeman
can't see inside the safe_referer method so doesn't realise that
it is cleaning the referer.
Andy Allan [Wed, 22 Jul 2020 15:54:10 +0000 (17:54 +0200)]
Use the worldCopyJump option for leaflet overlays
This means that if you pan to a 'copy' of the world, the overlays
reappear on that copy.
Fixes #2040
Andy Allan [Wed, 22 Jul 2020 15:51:43 +0000 (17:51 +0200)]
Add some changsets that shouldn't be selected
Tom Hughes [Wed, 22 Jul 2020 15:48:53 +0000 (16:48 +0100)]
Merge remote-tracking branch 'upstream/pull/2726'
Quincy Morgan [Wed, 22 Jul 2020 15:44:42 +0000 (11:44 -0400)]
Update to iD v2.18.3
Andy Allan [Wed, 22 Jul 2020 15:25:10 +0000 (17:25 +0200)]
Refactor changeset index testing to assert against objects, not db queries
This avoids the situation where tests pass despite an empty db.
Refs #2614
Andy Allan [Wed, 22 Jul 2020 14:10:15 +0000 (16:10 +0200)]
Refator way_full test to avoid relying on non-existant fixtures
Refs #2614
Tom Hughes [Wed, 22 Jul 2020 14:02:51 +0000 (15:02 +0100)]
Merge remote-tracking branch 'upstream/pull/2723'
Tom Hughes [Wed, 22 Jul 2020 12:44:37 +0000 (13:44 +0100)]
Merge remote-tracking branch 'upstream/pull/2724'
Andy Allan [Wed, 22 Jul 2020 12:18:01 +0000 (14:18 +0200)]
Add a browse map link to notes
This matches the one for nodes. Fixes #1355. Replacement for #1773.
An unstyled list works better for the details section, particularly
when all three are shown.
Andy Allan [Wed, 22 Jul 2020 12:04:42 +0000 (14:04 +0200)]
Use a named path instead of explicit controllers and actions
Andy Allan [Wed, 22 Jul 2020 11:37:38 +0000 (13:37 +0200)]
Use Brakeman for static code analysis
Tom Hughes [Wed, 22 Jul 2020 07:33:38 +0000 (08:33 +0100)]
Merge remote-tracking branch 'upstream/pull/2722'
dependabot[bot] [Wed, 22 Jul 2020 05:03:19 +0000 (05:03 +0000)]
Bump aws-sdk-s3 from 1.74.0 to 1.75.0
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.74.0 to 1.75.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)
Signed-off-by: dependabot[bot] <support@github.com>
Tom Hughes [Tue, 21 Jul 2020 14:46:47 +0000 (15:46 +0100)]
Merge remote-tracking branch 'upstream/pull/2720'
Quincy Morgan [Tue, 21 Jul 2020 14:30:16 +0000 (10:30 -0400)]
Update to iD v2.18.2
Quincy Morgan [Tue, 21 Jul 2020 13:22:23 +0000 (09:22 -0400)]
Use legacy build of iD
Quincy Morgan [Tue, 21 Jul 2020 00:46:26 +0000 (20:46 -0400)]
Properly include iD's external data files
Quincy Morgan [Mon, 20 Jul 2020 20:14:28 +0000 (16:14 -0400)]
Update iD initialization for v2.18.1
Quincy Morgan [Mon, 20 Jul 2020 20:12:50 +0000 (16:12 -0400)]
Update to iD v2.18.1
translatewiki.net [Mon, 20 Jul 2020 17:53:23 +0000 (19:53 +0200)]
Localisation updates from https://translatewiki.net.
Quincy Morgan [Mon, 20 Jul 2020 16:53:19 +0000 (12:53 -0400)]
Update to iD v2.18.0
Tom Hughes [Mon, 20 Jul 2020 10:46:27 +0000 (11:46 +0100)]
Merge remote-tracking branch 'upstream/pull/2719'
Tom Hughes [Mon, 20 Jul 2020 10:46:21 +0000 (11:46 +0100)]
Merge remote-tracking branch 'upstream/pull/2718'
dependabot[bot] [Mon, 20 Jul 2020 05:18:59 +0000 (05:18 +0000)]
Bump rubocop-performance from 1.7.0 to 1.7.1
Bumps [rubocop-performance](https://github.com/rubocop-hq/rubocop-performance) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/rubocop-hq/rubocop-performance/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-performance/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-performance/compare/v1.7.0...v1.7.1)
Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] [Mon, 20 Jul 2020 05:18:58 +0000 (05:18 +0000)]
Bump eslint from 7.4.0 to 7.5.0
Bumps [eslint](https://github.com/eslint/eslint) from 7.4.0 to 7.5.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.4.0...v7.5.0)
Signed-off-by: dependabot[bot] <support@github.com>
Tom Hughes [Sun, 19 Jul 2020 18:54:17 +0000 (19:54 +0100)]
Fix eslint warnings
Tom Hughes [Sun, 19 Jul 2020 18:38:10 +0000 (19:38 +0100)]
Drop ch.disable from graphhopper parameters
Tom Hughes [Fri, 17 Jul 2020 08:05:12 +0000 (09:05 +0100)]
Merge remote-tracking branch 'upstream/pull/2712'
dependabot[bot] [Fri, 17 Jul 2020 07:20:55 +0000 (07:20 +0000)]
Bump lodash from 4.17.15 to 4.17.19
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.19.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.19)
Signed-off-by: dependabot[bot] <support@github.com>
Tom Hughes [Thu, 16 Jul 2020 18:30:55 +0000 (19:30 +0100)]
Merge remote-tracking branch 'upstream/pull/2695'
Tom Hughes [Wed, 15 Jul 2020 20:31:18 +0000 (21:31 +0100)]
Merge remote-tracking branch 'upstream/pull/2711'
Andy Allan [Wed, 15 Jul 2020 17:13:35 +0000 (19:13 +0200)]
Remove unused warning css
Andy Allan [Wed, 15 Jul 2020 17:10:59 +0000 (19:10 +0200)]
Convert data feature warning to use bootstrap alert
Also rearrange dialog to fit with standard sidebar layouts, so that
the close icon and load buttons are not within the paragraph.
There may be a better way to construct this!
Andy Allan [Wed, 15 Jul 2020 17:09:46 +0000 (19:09 +0200)]
Convert warnings to use bootstrap alerts
The new note is guidance, rather than a warning, so it gets the info
background
Tom Hughes [Wed, 15 Jul 2020 13:37:59 +0000 (14:37 +0100)]
Merge remote-tracking branch 'upstream/pull/2710'
Tom Hughes [Wed, 15 Jul 2020 13:14:39 +0000 (14:14 +0100)]
Merge remote-tracking branch 'upstream/pull/2709'
Andy Allan [Wed, 15 Jul 2020 13:12:30 +0000 (15:12 +0200)]
Rephrase 'replying' text to clarify what will actually happen
Fixes #2166
Andy Allan [Wed, 15 Jul 2020 11:58:56 +0000 (13:58 +0200)]
Remove unnecessary css
Images have no border in modern browsers, and bootstrap's reset also
sets this.
Andy Allan [Wed, 15 Jul 2020 10:27:15 +0000 (12:27 +0200)]
Remove unused css
Andy Allan [Wed, 15 Jul 2020 10:12:35 +0000 (12:12 +0200)]
Use bootstrap backgrounds and text utilities for read issue reports
Andy Allan [Wed, 15 Jul 2020 09:38:07 +0000 (11:38 +0200)]
Rename nav-related body classes
This makes it clearer that the classes are only for navigation menu
matters. Other things should be done on media queries, or ideally,
using bootstrap components like grids.
This has a side effect of removing the smaller font size from the
body when the navigation menu is in the small-nav state.
Andy Allan [Wed, 15 Jul 2020 09:21:08 +0000 (11:21 +0200)]
Move the login form rules to be based on screen size
Ideally this would be refactored to be mobile-first, but is likely
to be replaced by more general bootstrap form refactoring anyway.
Andy Allan [Wed, 15 Jul 2020 09:18:56 +0000 (11:18 +0200)]
Remove webkit-appearance: none
This is the default anyway, and we don't need this for anything specific.
Andy Allan [Wed, 15 Jul 2020 08:47:58 +0000 (10:47 +0200)]
Rework the about header size change to be based on the screen width, not the menu state
Also reworks to be mobile-first
Andy Allan [Wed, 15 Jul 2020 08:35:19 +0000 (10:35 +0200)]
Remove dead CSS code - nothing has the user_map class
translatewiki.net [Tue, 14 Jul 2020 08:23:56 +0000 (10:23 +0200)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Tue, 14 Jul 2020 07:16:03 +0000 (08:16 +0100)]
Merge remote-tracking branch 'upstream/pull/2707'
dependabot[bot] [Tue, 14 Jul 2020 05:02:13 +0000 (05:02 +0000)]
Bump autoprefixer-rails from 9.8.4 to 9.8.5
Bumps [autoprefixer-rails](https://github.com/ai/autoprefixer-rails) from 9.8.4 to 9.8.5.
- [Release notes](https://github.com/ai/autoprefixer-rails/releases)
- [Changelog](https://github.com/ai/autoprefixer-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ai/autoprefixer-rails/compare/9.8.4...9.8.5)
Signed-off-by: dependabot[bot] <support@github.com>
translatewiki.net [Fri, 10 Jul 2020 09:38:55 +0000 (11:38 +0200)]
Localisation updates from https://translatewiki.net.
Andy Allan [Thu, 9 Jul 2020 11:24:45 +0000 (13:24 +0200)]
Merge pull request #2702 from openstreetmap/dependabot/bundler/aws-sdk-s3-1.74.0
Bump aws-sdk-s3 from 1.73.0 to 1.74.0
Andy Allan [Thu, 9 Jul 2020 11:24:25 +0000 (13:24 +0200)]
Merge pull request #2701 from openstreetmap/dependabot/bundler/factory_bot_rails-6.1.0
Bump factory_bot_rails from 6.0.0 to 6.1.0
dependabot[bot] [Thu, 9 Jul 2020 05:01:45 +0000 (05:01 +0000)]
Bump aws-sdk-s3 from 1.73.0 to 1.74.0
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.73.0 to 1.74.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)
Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] [Thu, 9 Jul 2020 05:01:27 +0000 (05:01 +0000)]
Bump factory_bot_rails from 6.0.0 to 6.1.0
Bumps [factory_bot_rails](https://github.com/thoughtbot/factory_bot_rails) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/thoughtbot/factory_bot_rails/releases)
- [Changelog](https://github.com/thoughtbot/factory_bot_rails/blob/master/NEWS.md)
- [Commits](https://github.com/thoughtbot/factory_bot_rails/compare/v6.0.0...v6.1.0)
Signed-off-by: dependabot[bot] <support@github.com>
Tom Hughes [Wed, 8 Jul 2020 18:25:03 +0000 (19:25 +0100)]
Fix eslint warning
Tom Hughes [Wed, 8 Jul 2020 18:10:01 +0000 (19:10 +0100)]
Merge remote-tracking branch 'upstream/pull/2698'
Tom Hughes [Wed, 8 Jul 2020 18:09:55 +0000 (19:09 +0100)]
Merge remote-tracking branch 'upstream/pull/2696'
Tom Hughes [Wed, 8 Jul 2020 18:07:49 +0000 (19:07 +0100)]
Allow image loading from tileserver.memomaps.de
Tom Hughes [Wed, 8 Jul 2020 18:04:04 +0000 (19:04 +0100)]
Merge remote-tracking branch 'upstream/pull/2670'
Tom Hughes [Wed, 8 Jul 2020 17:57:32 +0000 (18:57 +0100)]
Merge remote-tracking branch 'upstream/pull/2697'
Tom Hughes [Wed, 8 Jul 2020 17:43:26 +0000 (18:43 +0100)]
Merge remote-tracking branch 'upstream/pull/2700'
Tom Hughes [Wed, 8 Jul 2020 17:33:21 +0000 (18:33 +0100)]
Merge remote-tracking branch 'upstream/pull/2699'
Andy Allan [Wed, 8 Jul 2020 16:51:27 +0000 (18:51 +0200)]
Remove unnecessary layout calls from api controllers
These were left over from the refactoring of the controllers into api and non-api versions.
Andy Allan [Wed, 8 Jul 2020 16:43:30 +0000 (18:43 +0200)]
Rename the notes#mine action to index
Andy Allan [Wed, 8 Jul 2020 13:34:50 +0000 (15:34 +0200)]
Use bootstrap text-muted in place of custom deemphasze class
This avoids changing anything related to forms, since they will be
switched over to bootstrap separately.
Andy Allan [Wed, 8 Jul 2020 14:57:49 +0000 (16:57 +0200)]
Remove some extraneous css
The trace part is actually removing html, but I thought it was CSS
when I first noticed the blank space on the page.
Andy Allan [Wed, 8 Jul 2020 14:46:15 +0000 (16:46 +0200)]
Rework the users#show page to avoid custom column css
This uses bootstrap instead, ensuring the map shows before the
text on small screens, but to the right of it on md+ widths. The
height of the map also changes at this breakpoint instead of being
based on the menu width (body.small).
The account edit page was also changed to match the content_map
changes, and a full width map is now used. This can be changed, if
required, using bootstrap breakpoints but I like it as it is.
Simon Poole [Wed, 8 Jul 2020 14:04:11 +0000 (16:04 +0200)]
Tuen on turn restriction support for graphhopper
No way of actually testing if this works, but it is based on https://docs.graphhopper.com/#operation/getRoute/parameters/point and https://www.graphhopper.com/blog/2020/07/08/turn-restriction-support-for-graphhoppers-directions-api/
Tom Hughes [Tue, 7 Jul 2020 09:44:52 +0000 (10:44 +0100)]
Fix new rubocop warnings
Tom Hughes [Tue, 7 Jul 2020 09:41:34 +0000 (10:41 +0100)]
Merge remote-tracking branch 'upstream/pull/2693'
Tom Hughes [Tue, 7 Jul 2020 09:37:56 +0000 (10:37 +0100)]
Only report traces as offline when they are offline
Tom Hughes [Tue, 7 Jul 2020 09:37:39 +0000 (10:37 +0100)]
Remove some debug logging comitted by mistake
dependabot[bot] [Tue, 7 Jul 2020 05:02:03 +0000 (05:02 +0000)]
Bump rubocop-performance from 1.6.1 to 1.7.0
Bumps [rubocop-performance](https://github.com/rubocop-hq/rubocop-performance) from 1.6.1 to 1.7.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-performance/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-performance/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-performance/compare/v1.6.1...v1.7.0)
Signed-off-by: dependabot[bot] <support@github.com>
translatewiki.net [Mon, 6 Jul 2020 16:51:54 +0000 (18:51 +0200)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Mon, 6 Jul 2020 07:33:51 +0000 (08:33 +0100)]
Merge remote-tracking branch 'upstream/pull/2691'
dependabot[bot] [Mon, 6 Jul 2020 05:01:13 +0000 (05:01 +0000)]
Bump eslint from 7.3.1 to 7.4.0
Bumps [eslint](https://github.com/eslint/eslint) from 7.3.1 to 7.4.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.3.1...v7.4.0)
Signed-off-by: dependabot[bot] <support@github.com>
Tom Hughes [Sun, 5 Jul 2020 13:49:12 +0000 (14:49 +0100)]
Fix errors with GPX offline mode
Tom Hughes [Sat, 4 Jul 2020 22:57:12 +0000 (23:57 +0100)]
Merge remote-tracking branch 'upstream/pull/2689'
Andy Allan [Sat, 4 Jul 2020 16:26:04 +0000 (18:26 +0200)]
Rephrase the 'used_by' text on the about page.
Tom Hughes [Sat, 4 Jul 2020 09:39:07 +0000 (10:39 +0100)]
Merge remote-tracking branch 'upstream/pull/2688'
Tom Hughes [Sat, 4 Jul 2020 09:39:02 +0000 (10:39 +0100)]
Merge remote-tracking branch 'upstream/pull/2687'
Andy Allan [Sat, 4 Jul 2020 09:20:46 +0000 (11:20 +0200)]
Make the back button not look disabled
This switches the message buttons to use bootstrap, so that we can have a back button that looks clickable.
Alternative implementation of #2386
Andy Allan [Sat, 4 Jul 2020 08:51:16 +0000 (10:51 +0200)]
Avoid list markers for the richtext help text
Andy Allan [Sat, 4 Jul 2020 08:12:18 +0000 (10:12 +0200)]
Merge pull request #2674 from openstreetmap/dependabot/bundler/bootstrap-4.5.0
Bump bootstrap from 4.3.1 to 4.5.0