Tom Hughes [Thu, 29 Oct 2020 21:25:47 +0000 (21:25 +0000)]
Allow redirects to authentication services from the settings page
Chrome and Safari require redirects to match the form-action rule
as well as the original submission address.
translatewiki.net [Thu, 29 Oct 2020 12:26:26 +0000 (13:26 +0100)]
Localisation updates from https://translatewiki.net.
nlaratta [Wed, 28 Oct 2020 17:37:48 +0000 (11:37 -0600)]
Changed Ubuntu 18.04 to 20.04 and Ruby 2.5 to 2.7
Fixes #2909
Closes #2922
Tom Hughes [Wed, 28 Oct 2020 15:56:59 +0000 (15:56 +0000)]
Merge remote-tracking branch 'upstream/pull/2920' into master
Quincy Morgan [Wed, 28 Oct 2020 14:58:57 +0000 (10:58 -0400)]
Update to iD v2.19.2
Tom Hughes [Wed, 28 Oct 2020 14:07:55 +0000 (14:07 +0000)]
Merge remote-tracking branch 'upstream/pull/2919' into master
Andy Allan [Wed, 28 Oct 2020 13:45:15 +0000 (14:45 +0100)]
Avoid some uses of html_safe
We can use `html_safe` on non-interpolated strings, since that's trusted content.
Tom Hughes [Wed, 28 Oct 2020 11:29:57 +0000 (11:29 +0000)]
Merge remote-tracking branch 'upstream/pull/2918' into master
Andy Allan [Wed, 28 Oct 2020 10:49:01 +0000 (11:49 +0100)]
Ensure that test utility methods are marked as private
This allows us to enable the check for test method names.
Andy Allan [Wed, 28 Oct 2020 10:33:51 +0000 (11:33 +0100)]
Refactor test to use general basic_authorization_header method
There's no need for this test to have its own version of the method.
Tom Hughes [Wed, 28 Oct 2020 10:22:01 +0000 (10:22 +0000)]
Merge remote-tracking branch 'upstream/pull/2917' into master
Andy Allan [Wed, 28 Oct 2020 10:07:34 +0000 (11:07 +0100)]
Resolve some extra-long lines
Tom Hughes [Wed, 28 Oct 2020 08:25:02 +0000 (08:25 +0000)]
Merge remote-tracking branch 'upstream/pull/2916' into master
Tom Hughes [Wed, 28 Oct 2020 08:25:00 +0000 (08:25 +0000)]
Merge remote-tracking branch 'upstream/pull/2915' into master
dependabot[bot] [Wed, 28 Oct 2020 05:02:41 +0000 (05:02 +0000)]
Bump puma from 5.0.3 to 5.0.4
Bumps [puma](https://github.com/puma/puma) from 5.0.3 to 5.0.4.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.0.3...v5.0.4)
Signed-off-by: dependabot[bot] <support@github.com>
Quincy Morgan [Wed, 28 Oct 2020 01:17:47 +0000 (21:17 -0400)]
Update to iD v2.19.1
Tom Hughes [Tue, 27 Oct 2020 22:44:07 +0000 (22:44 +0000)]
Merge remote-tracking branch 'upstream/pull/2914' into master
Quincy Morgan [Tue, 27 Oct 2020 21:46:24 +0000 (17:46 -0400)]
Update to iD v2.19.0
Tom Hughes [Tue, 27 Oct 2020 08:10:27 +0000 (08:10 +0000)]
Merge remote-tracking branch 'upstream/pull/2912' into master
Tom Hughes [Tue, 27 Oct 2020 08:10:25 +0000 (08:10 +0000)]
Merge remote-tracking branch 'upstream/pull/2911' into master
Tom Hughes [Tue, 27 Oct 2020 08:10:23 +0000 (08:10 +0000)]
Merge remote-tracking branch 'upstream/pull/2910' into master
dependabot[bot] [Tue, 27 Oct 2020 05:02:12 +0000 (05:02 +0000)]
Bump bootsnap from 1.4.8 to 1.4.9
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.8 to 1.4.9.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.8...v1.4.9)
Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] [Tue, 27 Oct 2020 05:01:35 +0000 (05:01 +0000)]
Bump eslint from 7.12.0 to 7.12.1
Bumps [eslint](https://github.com/eslint/eslint) from 7.12.0 to 7.12.1.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.12.0...v7.12.1)
Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] [Tue, 27 Oct 2020 05:01:29 +0000 (05:01 +0000)]
Bump puma from 5.0.2 to 5.0.3
Bumps [puma](https://github.com/puma/puma) from 5.0.2 to 5.0.3.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.0.2...v5.0.3)
Signed-off-by: dependabot[bot] <support@github.com>
translatewiki.net [Mon, 26 Oct 2020 15:06:52 +0000 (16:06 +0100)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Mon, 26 Oct 2020 08:14:18 +0000 (08:14 +0000)]
Merge remote-tracking branch 'upstream/pull/2907' into master
Tom Hughes [Mon, 26 Oct 2020 08:14:14 +0000 (08:14 +0000)]
Merge remote-tracking branch 'upstream/pull/2906' into master
dependabot[bot] [Mon, 26 Oct 2020 05:02:44 +0000 (05:02 +0000)]
Bump strong_migrations from 0.7.1 to 0.7.2
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.7.1 to 0.7.2.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.7.1...v0.7.2)
Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] [Mon, 26 Oct 2020 05:01:36 +0000 (05:01 +0000)]
Bump eslint from 7.11.0 to 7.12.0
Bumps [eslint](https://github.com/eslint/eslint) from 7.11.0 to 7.12.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.11.0...v7.12.0)
Signed-off-by: dependabot[bot] <support@github.com>
translatewiki.net [Thu, 22 Oct 2020 11:08:56 +0000 (13:08 +0200)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Wed, 21 Oct 2020 19:53:15 +0000 (20:53 +0100)]
Merge remote-tracking branch 'upstream/pull/2890'
Tom Hughes [Wed, 21 Oct 2020 19:49:27 +0000 (20:49 +0100)]
Fix close handler for welcome message
Tom Hughes [Wed, 21 Oct 2020 19:51:03 +0000 (20:51 +0100)]
Merge remote-tracking branch 'upstream/pull/2901'
Andy Allan [Wed, 21 Oct 2020 15:36:26 +0000 (17:36 +0200)]
Merge pull request #2902 from seav/patch-1
Link to official OWG Banner Policy page
Eugene Alvin Villar [Wed, 21 Oct 2020 15:25:51 +0000 (23:25 +0800)]
Link to official OWG Banner Policy page
- Link to the official Banner Policy page on the OWG website instead of a GitHub ticket discussion
- Reformat Markdown lists so that the rendered HTML results in properly nested lists
Andy Allan [Thu, 15 Oct 2020 14:25:33 +0000 (16:25 +0200)]
Use flexbox to position the close icon on the sidebars
This ensures that the text and the close icon don't overlap, regardless
of the length of the title. The title div grows to use all available
space, while ensuring the text breaks if necessary to prevent it from
pushing the close icon offscreen.
Tom Hughes [Wed, 21 Oct 2020 14:12:05 +0000 (15:12 +0100)]
Merge remote-tracking branch 'upstream/pull/2899'
Tom Hughes [Wed, 21 Oct 2020 14:11:15 +0000 (15:11 +0100)]
Merge remote-tracking branch 'upstream/pull/2898'
Andy Allan [Wed, 21 Oct 2020 12:12:14 +0000 (14:12 +0200)]
Avoid various uses of html_safe
We can avoid using `html_safe` in various circumstances, through alternative approaches like i18n keys ending in `_html` or using `safe_join` to avoid converting via unsafe string types.
The `_html` keys approach only work for ActionView helper version of `t`, not the base `I18n.t` method.
Andy Allan [Wed, 21 Oct 2020 13:38:53 +0000 (15:38 +0200)]
Remove unused translation
The code that used this was removed in
9a9e13af901e9d66357135fb39b111fc9e26b3b2
Andy Allan [Wed, 21 Oct 2020 13:37:57 +0000 (15:37 +0200)]
Remove unused translations
The code that used these translations was removed in
aaeca5b5346b01d7ef26a301492804d36049eff8
Tom Hughes [Tue, 20 Oct 2020 12:21:24 +0000 (13:21 +0100)]
Merge remote-tracking branch 'upstream/pull/2896'
Andy Allan [Tue, 20 Oct 2020 11:58:08 +0000 (13:58 +0200)]
Fix call to UserMailer in message delivery
Fixes #2895
Tom Hughes [Tue, 20 Oct 2020 07:17:16 +0000 (08:17 +0100)]
Merge remote-tracking branch 'upstream/pull/2894'
Tom Hughes [Tue, 20 Oct 2020 07:17:12 +0000 (08:17 +0100)]
Merge remote-tracking branch 'upstream/pull/2893'
dependabot[bot] [Tue, 20 Oct 2020 05:03:51 +0000 (05:03 +0000)]
Bump aws-sdk-s3 from 1.83.0 to 1.83.1
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.83.0 to 1.83.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)
Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] [Tue, 20 Oct 2020 05:02:46 +0000 (05:02 +0000)]
Bump omniauth-facebook from 7.0.0 to 8.0.0
Bumps [omniauth-facebook](https://github.com/simi/omniauth-facebook) from 7.0.0 to 8.0.0.
- [Release notes](https://github.com/simi/omniauth-facebook/releases)
- [Changelog](https://github.com/simi/omniauth-facebook/blob/master/CHANGELOG.md)
- [Commits](https://github.com/simi/omniauth-facebook/compare/v7.0.0...v8.0.0)
Signed-off-by: dependabot[bot] <support@github.com>
Tom Hughes [Mon, 19 Oct 2020 18:26:17 +0000 (19:26 +0100)]
Update test results for presence of zh-HK translations
Tom Hughes [Mon, 19 Oct 2020 18:23:48 +0000 (19:23 +0100)]
Merge remote-tracking branch 'upstream/pull/2892'
Tom Hughes [Mon, 19 Oct 2020 18:23:46 +0000 (19:23 +0100)]
Merge remote-tracking branch 'upstream/pull/2891'
translatewiki.net [Mon, 19 Oct 2020 13:01:22 +0000 (15:01 +0200)]
Localisation updates from https://translatewiki.net.
dependabot[bot] [Mon, 19 Oct 2020 05:02:17 +0000 (05:02 +0000)]
Bump webmock from 3.9.2 to 3.9.3
Bumps [webmock](https://github.com/bblimke/webmock) from 3.9.2 to 3.9.3.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.9.2...v3.9.3)
Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] [Mon, 19 Oct 2020 05:01:26 +0000 (05:01 +0000)]
Bump faraday from 1.0.1 to 1.1.0
Bumps [faraday](https://github.com/lostisland/faraday) from 1.0.1 to 1.1.0.
- [Release notes](https://github.com/lostisland/faraday/releases)
- [Changelog](https://github.com/lostisland/faraday/blob/master/CHANGELOG.md)
- [Commits](https://github.com/lostisland/faraday/compare/v1.0.1...v1.1.0)
Signed-off-by: dependabot[bot] <support@github.com>
Hidde Wieringa [Sat, 17 Oct 2020 15:00:40 +0000 (17:00 +0200)]
Also fix private road
Hidde Wieringa [Sat, 17 Oct 2020 14:55:18 +0000 (16:55 +0200)]
Update icon for destination access in map key
Tom Hughes [Fri, 16 Oct 2020 07:26:56 +0000 (08:26 +0100)]
Merge remote-tracking branch 'upstream/pull/2888'
dependabot[bot] [Fri, 16 Oct 2020 05:02:14 +0000 (05:02 +0000)]
Bump activerecord-import from 1.0.6 to 1.0.7
Bumps [activerecord-import](https://github.com/zdennis/activerecord-import) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/zdennis/activerecord-import/releases)
- [Changelog](https://github.com/zdennis/activerecord-import/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zdennis/activerecord-import/compare/v1.0.6...v1.0.7)
Signed-off-by: dependabot[bot] <support@github.com>
Tom Hughes [Thu, 15 Oct 2020 07:12:25 +0000 (08:12 +0100)]
Merge remote-tracking branch 'upstream/pull/2887'
Tom Hughes [Thu, 15 Oct 2020 07:12:21 +0000 (08:12 +0100)]
Merge remote-tracking branch 'upstream/pull/2884'
dependabot[bot] [Thu, 15 Oct 2020 05:01:21 +0000 (05:01 +0000)]
Bump i18n-js from 3.7.1 to 3.8.0
Bumps [i18n-js](https://github.com/fnando/i18n-js) from 3.7.1 to 3.8.0.
- [Release notes](https://github.com/fnando/i18n-js/releases)
- [Changelog](https://github.com/fnando/i18n-js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fnando/i18n-js/compare/v3.7.1...v3.8.0)
Signed-off-by: dependabot[bot] <support@github.com>
Andy Allan [Wed, 14 Oct 2020 13:04:58 +0000 (15:04 +0200)]
Rename Notifier to UserMailer
It's a convention in rails to name your mailers with a Mailer suffix, and is also common to name the class after the recipient (e.g. User, Admin). So UserMailer seems a reasonable choice.
Tom Hughes [Tue, 13 Oct 2020 07:14:20 +0000 (08:14 +0100)]
Merge remote-tracking branch 'upstream/pull/2881'
Tom Hughes [Tue, 13 Oct 2020 07:14:18 +0000 (08:14 +0100)]
Merge remote-tracking branch 'upstream/pull/2880'
dependabot[bot] [Tue, 13 Oct 2020 05:01:31 +0000 (05:01 +0000)]
Bump rubocop from 0.93.0 to 0.93.1
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.93.0 to 0.93.1.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.93.0...v0.93.1)
Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] [Tue, 13 Oct 2020 05:01:16 +0000 (05:01 +0000)]
Bump webmock from 3.9.1 to 3.9.2
Bumps [webmock](https://github.com/bblimke/webmock) from 3.9.1 to 3.9.2.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.9.1...v3.9.2)
Signed-off-by: dependabot[bot] <support@github.com>
Tom Hughes [Mon, 12 Oct 2020 18:08:10 +0000 (19:08 +0100)]
Merge remote-tracking branch 'upstream/pull/2879'
translatewiki.net [Mon, 12 Oct 2020 13:58:23 +0000 (15:58 +0200)]
Localisation updates from https://translatewiki.net.
dependabot[bot] [Mon, 12 Oct 2020 05:01:55 +0000 (05:01 +0000)]
Bump eslint from 7.10.0 to 7.11.0
Bumps [eslint](https://github.com/eslint/eslint) from 7.10.0 to 7.11.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.10.0...v7.11.0)
Signed-off-by: dependabot[bot] <support@github.com>
Tom Hughes [Fri, 9 Oct 2020 07:26:38 +0000 (08:26 +0100)]
Fix new rubocop warnings
Tom Hughes [Fri, 9 Oct 2020 07:21:07 +0000 (08:21 +0100)]
Merge remote-tracking branch 'upstream/pull/2878'
dependabot[bot] [Fri, 9 Oct 2020 05:01:33 +0000 (05:01 +0000)]
Bump rubocop from 0.92.0 to 0.93.0
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.92.0 to 0.93.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.92.0...v0.93.0)
Signed-off-by: dependabot[bot] <support@github.com>
translatewiki.net [Thu, 8 Oct 2020 14:01:10 +0000 (16:01 +0200)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Thu, 8 Oct 2020 08:51:04 +0000 (09:51 +0100)]
Revert accidental changes to database structure
Tom Hughes [Thu, 8 Oct 2020 07:13:22 +0000 (08:13 +0100)]
Merge remote-tracking branch 'upstream/pull/2877'
dependabot[bot] [Thu, 8 Oct 2020 05:01:26 +0000 (05:01 +0000)]
Bump rails from 6.0.3.3 to 6.0.3.4
Bumps [rails](https://github.com/rails/rails) from 6.0.3.3 to 6.0.3.4.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v6.0.3.3...v6.0.3.4)
Signed-off-by: dependabot[bot] <support@github.com>
Tom Hughes [Tue, 6 Oct 2020 22:10:52 +0000 (23:10 +0100)]
Index changeset comments by changeset and date
Tom Hughes [Tue, 6 Oct 2020 21:42:44 +0000 (22:42 +0100)]
Index changeset comments by author and date
translatewiki.net [Mon, 5 Oct 2020 14:05:15 +0000 (16:05 +0200)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Sun, 4 Oct 2020 10:48:42 +0000 (11:48 +0100)]
Update bundle
Tom Hughes [Fri, 2 Oct 2020 11:38:12 +0000 (12:38 +0100)]
Merge remote-tracking branch 'upstream/pull/2875'
translatewiki.net [Fri, 2 Oct 2020 07:14:03 +0000 (09:14 +0200)]
Localisation updates from https://translatewiki.net.
dependabot[bot] [Fri, 2 Oct 2020 05:01:02 +0000 (05:01 +0000)]
Bump better_errors from 2.8.1 to 2.8.2
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.8.1 to 2.8.2.
- [Release notes](https://github.com/BetterErrors/better_errors/releases)
- [Commits](https://github.com/BetterErrors/better_errors/commits)
Signed-off-by: dependabot[bot] <support@github.com>
Tom Hughes [Thu, 1 Oct 2020 07:57:41 +0000 (08:57 +0100)]
Merge remote-tracking branch 'upstream/pull/2868'
Tom Hughes [Thu, 1 Oct 2020 07:57:39 +0000 (08:57 +0100)]
Merge remote-tracking branch 'upstream/pull/2867'
Tom Hughes [Thu, 1 Oct 2020 07:57:36 +0000 (08:57 +0100)]
Merge remote-tracking branch 'upstream/pull/2864'
dependabot[bot] [Thu, 1 Oct 2020 05:01:31 +0000 (05:01 +0000)]
Bump rotp from 6.1.0 to 6.2.0
Bumps [rotp](https://github.com/mdp/rotp) from 6.1.0 to 6.2.0.
- [Release notes](https://github.com/mdp/rotp/releases)
- [Changelog](https://github.com/mdp/rotp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mdp/rotp/commits)
Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] [Thu, 1 Oct 2020 05:01:08 +0000 (05:01 +0000)]
Bump aws-sdk-s3 from 1.81.1 to 1.82.0
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.81.1 to 1.82.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)
Signed-off-by: dependabot[bot] <support@github.com>
Andy Allan [Wed, 30 Sep 2020 13:09:49 +0000 (15:09 +0200)]
Use the db:seed task to load languages
This is seed data that should reasonably be loaded into every database,
even those that are otherwise empty (e.g. no geo data). Using the seeds
process means that it will usually be loaded by default, and is easier
to find for existing rails developers.
Tom Hughes [Wed, 30 Sep 2020 11:40:21 +0000 (12:40 +0100)]
Merge remote-tracking branch 'upstream/pull/2863'
Andy Allan [Wed, 30 Sep 2020 11:17:43 +0000 (13:17 +0200)]
Remove unused locale scripts
We no longer need these scripts, given our current translatewiki workflows
Tom Hughes [Wed, 30 Sep 2020 10:57:18 +0000 (11:57 +0100)]
Merge remote-tracking branch 'upstream/pull/2838'
Tom Hughes [Wed, 30 Sep 2020 10:54:30 +0000 (11:54 +0100)]
Merge remote-tracking branch 'upstream/pull/2839'
Tom Hughes [Wed, 30 Sep 2020 07:28:02 +0000 (08:28 +0100)]
Merge remote-tracking branch 'upstream/pull/2862'
dependabot[bot] [Wed, 30 Sep 2020 05:01:11 +0000 (05:01 +0000)]
Bump autoprefixer-rails from 10.0.0.2 to 10.0.1.0
Bumps [autoprefixer-rails](https://github.com/ai/autoprefixer-rails) from 10.0.0.2 to 10.0.1.0.
- [Release notes](https://github.com/ai/autoprefixer-rails/releases)
- [Changelog](https://github.com/ai/autoprefixer-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ai/autoprefixer-rails/compare/10.0.0.2...10.0.1.0)
Signed-off-by: dependabot[bot] <support@github.com>
Tom Hughes [Tue, 29 Sep 2020 13:22:51 +0000 (14:22 +0100)]
Invalidate existing sessions when changing email or password
As we don't have any way to actually find the active sessions for
an account we instead store a fingerprint in the session, and refuse
to use any session with a different fingerprint.
Tom Hughes [Tue, 29 Sep 2020 12:47:40 +0000 (13:47 +0100)]
Delete any outstanding tokens when a user changes their email
This ensures that any tokens previously sent to the old email address
can no longer be used if somebody were able to access that address.
Tom Hughes [Tue, 29 Sep 2020 07:19:47 +0000 (08:19 +0100)]
Merge remote-tracking branch 'upstream/pull/2859'
Tom Hughes [Tue, 29 Sep 2020 07:19:43 +0000 (08:19 +0100)]
Merge remote-tracking branch 'upstream/pull/2858'
dependabot[bot] [Tue, 29 Sep 2020 05:01:19 +0000 (05:01 +0000)]
Bump puma from 4.3.6 to 5.0.2
Bumps [puma](https://github.com/puma/puma) from 4.3.6 to 5.0.2.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.6...v5.0.2)
Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] [Tue, 29 Sep 2020 05:01:06 +0000 (05:01 +0000)]
Bump brakeman from 4.9.1 to 4.10.0
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.9.1 to 4.10.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.9.1...v4.10.0)
Signed-off-by: dependabot[bot] <support@github.com>
projects / rails.git / log