]>
git.openstreetmap.org Git - rails.git/log
Tom Hughes [Tue, 1 Mar 2022 22:55:10 +0000 (22:55 +0000)]
Fix rubocop Rails/TimeZone warnings
Tom Hughes [Tue, 1 Mar 2022 18:39:08 +0000 (18:39 +0000)]
Enable open redirect protection
Tom Hughes [Tue, 1 Mar 2022 10:27:30 +0000 (10:27 +0000)]
Merge remote-tracking branch 'upstream/pull/3482'
Tom Hughes [Tue, 1 Mar 2022 10:27:16 +0000 (10:27 +0000)]
Update bundle
Andy Allan [Wed, 23 Feb 2022 16:25:43 +0000 (16:25 +0000)]
Remove redundant presence validation on belongs_to
There's no need for us to have it when rails does this for us.
Tom Hughes [Mon, 28 Feb 2022 18:47:51 +0000 (18:47 +0000)]
Restore asset debugging in development mode
Harry Bond [Mon, 28 Feb 2022 13:18:31 +0000 (13:18 +0000)]
Fix opensearch icon & update attribution
Fixes #3478
Closes #3479
translatewiki.net [Mon, 28 Feb 2022 12:11:32 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Sun, 27 Feb 2022 11:35:31 +0000 (11:35 +0000)]
Add missing PG_MODULE_MAGIC to database function source
Tom Hughes [Sat, 26 Feb 2022 00:39:52 +0000 (00:39 +0000)]
Merge remote-tracking branch 'upstream/pull/3474'
dependabot[bot] [Fri, 25 Feb 2022 23:01:05 +0000 (23:01 +0000)]
Bump eslint from 8.9.0 to 8.10.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.9.0 to 8.10.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.9.0...v8.10.0)
---
updated-dependencies:
- dependency-name: eslint
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
translatewiki.net [Thu, 24 Feb 2022 12:12:32 +0000 (13:12 +0100)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Wed, 23 Feb 2022 20:38:21 +0000 (20:38 +0000)]
Merge remote-tracking branch 'upstream/pull/3470'
Andy Allan [Wed, 23 Feb 2022 15:17:21 +0000 (15:17 +0000)]
Enable active_record.belongs_to_required_by_default
This switches the logic so that belongs_to parent objects must exist
by default, and marks the optional ones explicitly. This is reflected
in the null/not_null status on the relevant db columns.
Tom Hughes [Wed, 23 Feb 2022 19:27:27 +0000 (19:27 +0000)]
Merge remote-tracking branch 'upstream/pull/3469'
Tom Hughes [Wed, 23 Feb 2022 19:23:51 +0000 (19:23 +0000)]
Add inverse_of to relationships that can't detect it automatically
Andy Allan [Wed, 23 Feb 2022 15:22:37 +0000 (15:22 +0000)]
Remove default values from id columns
In both the case of primary keys, and also foreign key references,
there's no need to set a default value.
This doesn't have a big impact in routine situations, but can be
very confusing when debugging corner cases.
Andy Allan [Wed, 23 Feb 2022 15:15:07 +0000 (15:15 +0000)]
Specify inverse_of for trace tags and points
Rails can't automatically detect bi-directional relationships when
`:foreign_key` is present. Adding the `inverse_of` helps when validating
traces and tags that haven't yet been saved.
Tom Hughes [Tue, 22 Feb 2022 19:16:10 +0000 (19:16 +0000)]
Disable partial inserts
Tom Hughes [Tue, 22 Feb 2022 19:12:09 +0000 (19:12 +0000)]
Switch to rails 7 default headers
These are basically all the same as what secure_headers
was already setting for us anyway.
Tom Hughes [Tue, 22 Feb 2022 19:06:43 +0000 (19:06 +0000)]
Merge remote-tracking branch 'upstream/pull/3462'
Tom Hughes [Tue, 22 Feb 2022 18:55:34 +0000 (18:55 +0000)]
Make sure the object layer is kept in front of the data layer
Tom Hughes [Tue, 22 Feb 2022 18:54:40 +0000 (18:54 +0000)]
Don't highlight selected items in the data layer
Routing to the feature page is going to cause them to be overlaid
in orange anyway so there's no need for the blue highlight.
Tom Hughes [Tue, 22 Feb 2022 18:11:16 +0000 (18:11 +0000)]
Update bundle
Tom Hughes [Mon, 21 Feb 2022 22:48:22 +0000 (22:48 +0000)]
Deep copy the original style when highlighting an object
Fixes #3465
Tom Hughes [Mon, 21 Feb 2022 19:11:28 +0000 (19:11 +0000)]
Enable automatic scope inversing
Tom Hughes [Mon, 21 Feb 2022 19:07:38 +0000 (19:07 +0000)]
Use a button element for button_to
Tom Hughes [Mon, 21 Feb 2022 19:07:01 +0000 (19:07 +0000)]
Apply bootstrap styling to "make public" button
Tom Hughes [Mon, 21 Feb 2022 18:43:59 +0000 (18:43 +0000)]
Default to not specifying media restrictions on stylesheet tags
Tom Hughes [Mon, 21 Feb 2022 18:40:30 +0000 (18:40 +0000)]
Enable verification of foreign keys in tests
translatewiki.net [Mon, 21 Feb 2022 12:11:46 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.
Tobias Speicher [Sun, 20 Feb 2022 21:11:11 +0000 (22:11 +0100)]
Replace deprecated String.prototype.substr()
String.prototype.substr() is deprecated (see https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/substr) so we replace it with slice() which works similarily but isn't deprecated.
Signed-off-by: Tobias Speicher <rootcommander@gmail.com>
Tom Hughes [Thu, 17 Feb 2022 19:30:19 +0000 (19:30 +0000)]
Wrap test execution for better isolation
Tom Hughes [Thu, 17 Feb 2022 18:59:28 +0000 (18:59 +0000)]
Enable some rails 7.x defaults
translatewiki.net [Thu, 17 Feb 2022 12:11:27 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Thu, 17 Feb 2022 00:54:11 +0000 (00:54 +0000)]
Default to allowing TLS for SMTP but without peer verification
Tom Hughes [Wed, 16 Feb 2022 22:48:26 +0000 (22:48 +0000)]
Disable peer host name validation when sending email
Tom Hughes [Wed, 16 Feb 2022 18:13:16 +0000 (18:13 +0000)]
Merge remote-tracking branch 'upstream/pull/3398'
Tom Hughes [Wed, 16 Feb 2022 18:12:33 +0000 (18:12 +0000)]
Merge remote-tracking branch 'upstream/pull/3461'
Andy Allan [Wed, 16 Feb 2022 15:16:53 +0000 (15:16 +0000)]
Merge pull request #3414 from tomhughes/rails7
Update to rails 7.x
Andy Allan [Wed, 16 Feb 2022 14:58:30 +0000 (14:58 +0000)]
Merge pull request #3440 from mmd-osm/relationmemberlimit
Introduce relation member limit
Tom Hughes [Thu, 16 Dec 2021 18:51:39 +0000 (18:51 +0000)]
Update to rails 7.0.2.2
Andy Allan [Wed, 16 Feb 2022 11:27:52 +0000 (11:27 +0000)]
Update documentation for how to confirm a new user account
Fixes #3460
Tom Hughes [Tue, 15 Feb 2022 18:36:41 +0000 (18:36 +0000)]
Update bundle
Tom Hughes [Tue, 15 Feb 2022 18:32:33 +0000 (18:32 +0000)]
Merge remote-tracking branch 'upstream/pull/3458'
dependabot[bot] [Mon, 14 Feb 2022 23:00:49 +0000 (23:00 +0000)]
Bump eslint from 8.8.0 to 8.9.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.8.0 to 8.9.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.8.0...v8.9.0)
---
updated-dependencies:
- dependency-name: eslint
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
translatewiki.net [Mon, 14 Feb 2022 12:11:05 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Sun, 13 Feb 2022 19:25:42 +0000 (19:25 +0000)]
Allow trace image URL to be configured in the CSP policy
Tom Hughes [Sun, 13 Feb 2022 18:39:21 +0000 (18:39 +0000)]
Merge remote-tracking branch 'upstream/pull/3345'
Tom Hughes [Sun, 13 Feb 2022 17:39:15 +0000 (17:39 +0000)]
Merge remote-tracking branch 'upstream/pull/3455'
Harry Wood [Sat, 12 Feb 2022 17:58:43 +0000 (17:58 +0000)]
Remove section on removed rake doc:app
Remove the section of contributing docs about how `rake doc:app` can be used to generate some sort of documentation. That will not work any more, since this task was removed from Rails v5 because people don't generally use it! https://stackoverflow.com/a/
36804474 /338265
Harry Wood [Sat, 12 Feb 2022 17:53:39 +0000 (17:53 +0000)]
Fix contrib doc to remove reference to travis
Remove the reference to Travis CI. Our CI pipeline now runs withing github actions.
Tom Hughes [Sat, 12 Feb 2022 10:45:27 +0000 (10:45 +0000)]
Merge remote-tracking branch 'upstream/pull/3454'
Tom Hughes [Sat, 12 Feb 2022 10:45:16 +0000 (10:45 +0000)]
Merge remote-tracking branch 'upstream/pull/3453'
Tom Hughes [Sat, 12 Feb 2022 10:45:13 +0000 (10:45 +0000)]
Merge remote-tracking branch 'upstream/pull/3452'
Brian Kelly [Sat, 12 Feb 2022 00:17:13 +0000 (18:17 -0600)]
Adds advancedcomp to the list of macOS Homebrew dependencies
Harry Wood [Sat, 12 Feb 2022 00:13:42 +0000 (00:13 +0000)]
Fix vagrant storage.yml config
Tell vagrant to copy the example storage.yml config file into place as per INSTALL.md instructions. Allows the migrations to run.
Brian Kelly [Sat, 12 Feb 2022 00:05:20 +0000 (18:05 -0600)]
Updates macOS geckodriver installation command
Tom Hughes [Fri, 11 Feb 2022 22:20:11 +0000 (22:20 +0000)]
Update to rails 6.1.4.6
Tom Hughes [Fri, 11 Feb 2022 22:19:43 +0000 (22:19 +0000)]
Update bundle
translatewiki.net [Thu, 10 Feb 2022 12:11:21 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.
Andy Allan [Thu, 9 Dec 2021 16:12:42 +0000 (16:12 +0000)]
Allow users to delete their own accounts
This PR allows users to delete their own accounts. The logic implemented matches
that currently used by the admins when they manually close accounts, although
there is room to be more complex in future e.g. completely removing accounts
with no content.
The error handling has been slightly adapted for namespaced controllers, by
anchoring the controller name with a leading forward slash.
Tom Hughes [Tue, 8 Feb 2022 18:22:05 +0000 (18:22 +0000)]
Update bundle
translatewiki.net [Mon, 7 Feb 2022 12:10:37 +0000 (13:10 +0100)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Thu, 3 Feb 2022 18:37:12 +0000 (18:37 +0000)]
Merge remote-tracking branch 'upstream/pull/3419'
Tom Hughes [Thu, 3 Feb 2022 18:32:49 +0000 (18:32 +0000)]
Merge remote-tracking branch 'upstream/pull/3446'
Tom Hughes [Thu, 3 Feb 2022 18:32:40 +0000 (18:32 +0000)]
Merge remote-tracking branch 'upstream/pull/3445'
Martin Raifer [Thu, 3 Feb 2022 15:19:01 +0000 (16:19 +0100)]
Update to iD v2.20.4
translatewiki.net [Thu, 3 Feb 2022 12:11:37 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.
Andy Allan [Wed, 2 Feb 2022 17:47:45 +0000 (17:47 +0000)]
Ensure that deactivate isn't available in production
It's only used as a workaround for factories not being able to create
pending users while keeping active as the default
Andy Allan [Wed, 2 Feb 2022 16:37:50 +0000 (16:37 +0000)]
Add extra user transitions needed by the administrators
Morten Bruhn [Wed, 2 Feb 2022 15:13:07 +0000 (16:13 +0100)]
Added some key-value pairs under `railway=`
mmd-osm [Sat, 29 Jan 2022 14:52:21 +0000 (15:52 +0100)]
Introduce relation member limit
Adds a new parameter `max_number_of_relation_members` in settings.yml
Tom Hughes [Tue, 1 Feb 2022 18:59:56 +0000 (18:59 +0000)]
Update bundle
Tom Hughes [Tue, 1 Feb 2022 18:42:07 +0000 (18:42 +0000)]
Index note comments by author and date
Fixes #3443
Tom Hughes [Tue, 1 Feb 2022 18:22:33 +0000 (18:22 +0000)]
Merge remote-tracking branch 'upstream/pull/3442'
Tom Hughes [Tue, 1 Feb 2022 18:13:40 +0000 (18:13 +0000)]
Merge remote-tracking branch 'upstream/pull/3439'
Martin Raifer [Mon, 31 Jan 2022 17:10:00 +0000 (18:10 +0100)]
Update to iD v2.20.3
translatewiki.net [Mon, 31 Jan 2022 12:10:21 +0000 (13:10 +0100)]
Localisation updates from https://translatewiki.net.
dependabot[bot] [Fri, 28 Jan 2022 23:00:33 +0000 (23:00 +0000)]
Bump eslint from 8.7.0 to 8.8.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.7.0 to 8.8.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.7.0...v8.8.0)
---
updated-dependencies:
- dependency-name: eslint
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Tom Hughes [Fri, 28 Jan 2022 12:35:57 +0000 (12:35 +0000)]
Fix route for "go public" button on the account edit page
translatewiki.net [Thu, 27 Jan 2022 12:11:14 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Tue, 25 Jan 2022 18:22:46 +0000 (18:22 +0000)]
Update bundle
translatewiki.net [Mon, 24 Jan 2022 12:12:09 +0000 (13:12 +0100)]
Localisation updates from https://translatewiki.net.
translatewiki.net [Thu, 20 Jan 2022 12:11:20 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Wed, 19 Jan 2022 18:19:10 +0000 (18:19 +0000)]
Merge remote-tracking branch 'upstream/pull/3426'
Andy Allan [Wed, 19 Jan 2022 16:14:03 +0000 (16:14 +0000)]
Allow blank issue templates
This was originally intended in #3397 and I'm not sure why I set this
to false.
Tom Hughes [Tue, 18 Jan 2022 19:03:32 +0000 (19:03 +0000)]
Merge remote-tracking branch 'upstream/pull/3420'
Tom Hughes [Tue, 18 Jan 2022 08:12:14 +0000 (08:12 +0000)]
Update bundle
Tom Hughes [Tue, 18 Jan 2022 08:10:59 +0000 (08:10 +0000)]
Merge remote-tracking branch 'upstream/pull/3425'
dependabot[bot] [Mon, 17 Jan 2022 23:00:46 +0000 (23:00 +0000)]
Bump eslint from 8.6.0 to 8.7.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.6.0 to 8.7.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.6.0...v8.7.0)
---
updated-dependencies:
- dependency-name: eslint
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
translatewiki.net [Mon, 17 Jan 2022 12:11:06 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Mon, 17 Jan 2022 11:01:07 +0000 (11:01 +0000)]
Remove form_action restrictions for sessions#login
Login may redirect to ouath2_authorizations#create which may then
redirect to arbitrary schemes if the application is already authorized
so we need to allow login to redirect to any scheme.
Fixes #3424
Tom Hughes [Mon, 17 Jan 2022 11:00:41 +0000 (11:00 +0000)]
Restore form_action restrictions for ouath2_authorizations#create
Tom Hughes [Mon, 17 Jan 2022 09:33:28 +0000 (09:33 +0000)]
Remove form_action restrictions for ouath2_authorizations#create
Fixes #3424
translatewiki.net [Thu, 13 Jan 2022 12:10:10 +0000 (13:10 +0100)]
Localisation updates from https://translatewiki.net.
Nick Doiron [Thu, 13 Jan 2022 00:16:09 +0000 (19:16 -0500)]
rm spaces
Nick Doiron [Thu, 13 Jan 2022 00:06:18 +0000 (19:06 -0500)]
add dir="auto" to search fields
Improves right-to-left text input support
Tom Hughes [Wed, 12 Jan 2022 18:23:53 +0000 (18:23 +0000)]
Merge remote-tracking branch 'upstream/pull/3418'
Andy Allan [Wed, 5 Jan 2022 18:44:46 +0000 (18:44 +0000)]
Use a state machine for user status
The user status is a bit complex, since there are various states and
not all transitions between them make sense.
Using AASM means that we can name and restrict the transitions, which
hopefully makes them easier to reason about.