]> git.openstreetmap.org Git - rails.git/log
rails.git
2 years agoFix rubocop Rails/TimeZone warnings
Tom Hughes [Tue, 1 Mar 2022 22:55:10 +0000 (22:55 +0000)]
Fix rubocop Rails/TimeZone warnings

2 years agoEnable open redirect protection
Tom Hughes [Tue, 1 Mar 2022 18:39:08 +0000 (18:39 +0000)]
Enable open redirect protection

2 years agoMerge remote-tracking branch 'upstream/pull/3482'
Tom Hughes [Tue, 1 Mar 2022 10:27:30 +0000 (10:27 +0000)]
Merge remote-tracking branch 'upstream/pull/3482'

2 years agoUpdate bundle
Tom Hughes [Tue, 1 Mar 2022 10:27:16 +0000 (10:27 +0000)]
Update bundle

2 years agoRemove redundant presence validation on belongs_to
Andy Allan [Wed, 23 Feb 2022 16:25:43 +0000 (16:25 +0000)]
Remove redundant presence validation on belongs_to

There's no need for us to have it when rails does this for us.

2 years agoRestore asset debugging in development mode
Tom Hughes [Mon, 28 Feb 2022 18:47:51 +0000 (18:47 +0000)]
Restore asset debugging in development mode

2 years agoFix opensearch icon & update attribution
Harry Bond [Mon, 28 Feb 2022 13:18:31 +0000 (13:18 +0000)]
Fix opensearch icon & update attribution

Fixes #3478
Closes #3479

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 28 Feb 2022 12:11:32 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoAdd missing PG_MODULE_MAGIC to database function source
Tom Hughes [Sun, 27 Feb 2022 11:35:31 +0000 (11:35 +0000)]
Add missing PG_MODULE_MAGIC to database function source

2 years agoMerge remote-tracking branch 'upstream/pull/3474'
Tom Hughes [Sat, 26 Feb 2022 00:39:52 +0000 (00:39 +0000)]
Merge remote-tracking branch 'upstream/pull/3474'

2 years agoBump eslint from 8.9.0 to 8.10.0
dependabot[bot] [Fri, 25 Feb 2022 23:01:05 +0000 (23:01 +0000)]
Bump eslint from 8.9.0 to 8.10.0

Bumps [eslint](https://github.com/eslint/eslint) from 8.9.0 to 8.10.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.9.0...v8.10.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 24 Feb 2022 12:12:32 +0000 (13:12 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoMerge remote-tracking branch 'upstream/pull/3470'
Tom Hughes [Wed, 23 Feb 2022 20:38:21 +0000 (20:38 +0000)]
Merge remote-tracking branch 'upstream/pull/3470'

2 years agoEnable active_record.belongs_to_required_by_default
Andy Allan [Wed, 23 Feb 2022 15:17:21 +0000 (15:17 +0000)]
Enable active_record.belongs_to_required_by_default

This switches the logic so that belongs_to parent objects must exist
by default, and marks the optional ones explicitly. This is reflected
in the null/not_null status on the relevant db columns.

2 years agoMerge remote-tracking branch 'upstream/pull/3469'
Tom Hughes [Wed, 23 Feb 2022 19:27:27 +0000 (19:27 +0000)]
Merge remote-tracking branch 'upstream/pull/3469'

2 years agoAdd inverse_of to relationships that can't detect it automatically
Tom Hughes [Wed, 23 Feb 2022 19:23:51 +0000 (19:23 +0000)]
Add inverse_of to relationships that can't detect it automatically

2 years agoRemove default values from id columns
Andy Allan [Wed, 23 Feb 2022 15:22:37 +0000 (15:22 +0000)]
Remove default values from id columns

In both the case of primary keys, and also foreign key references,
there's no need to set a default value.

This doesn't have a big impact in routine situations, but can be
very confusing when debugging corner cases.

2 years agoSpecify inverse_of for trace tags and points
Andy Allan [Wed, 23 Feb 2022 15:15:07 +0000 (15:15 +0000)]
Specify inverse_of for trace tags and points

Rails can't automatically detect bi-directional relationships when
`:foreign_key` is present. Adding the `inverse_of` helps when validating
traces and tags that haven't yet been saved.

2 years agoDisable partial inserts
Tom Hughes [Tue, 22 Feb 2022 19:16:10 +0000 (19:16 +0000)]
Disable partial inserts

2 years agoSwitch to rails 7 default headers
Tom Hughes [Tue, 22 Feb 2022 19:12:09 +0000 (19:12 +0000)]
Switch to rails 7 default headers

These are basically all the same as what secure_headers
was already setting for us anyway.

2 years agoMerge remote-tracking branch 'upstream/pull/3462'
Tom Hughes [Tue, 22 Feb 2022 19:06:43 +0000 (19:06 +0000)]
Merge remote-tracking branch 'upstream/pull/3462'

2 years agoMake sure the object layer is kept in front of the data layer
Tom Hughes [Tue, 22 Feb 2022 18:55:34 +0000 (18:55 +0000)]
Make sure the object layer is kept in front of the data layer

2 years agoDon't highlight selected items in the data layer
Tom Hughes [Tue, 22 Feb 2022 18:54:40 +0000 (18:54 +0000)]
Don't highlight selected items in the data layer

Routing to the feature page is going to cause them to be overlaid
in orange anyway so there's no need for the blue highlight.

2 years agoUpdate bundle
Tom Hughes [Tue, 22 Feb 2022 18:11:16 +0000 (18:11 +0000)]
Update bundle

2 years agoDeep copy the original style when highlighting an object
Tom Hughes [Mon, 21 Feb 2022 22:48:22 +0000 (22:48 +0000)]
Deep copy the original style when highlighting an object

Fixes #3465

2 years agoEnable automatic scope inversing
Tom Hughes [Mon, 21 Feb 2022 19:11:28 +0000 (19:11 +0000)]
Enable automatic scope inversing

2 years agoUse a button element for button_to
Tom Hughes [Mon, 21 Feb 2022 19:07:38 +0000 (19:07 +0000)]
Use a button element for button_to

2 years agoApply bootstrap styling to "make public" button
Tom Hughes [Mon, 21 Feb 2022 19:07:01 +0000 (19:07 +0000)]
Apply bootstrap styling to "make public" button

2 years agoDefault to not specifying media restrictions on stylesheet tags
Tom Hughes [Mon, 21 Feb 2022 18:43:59 +0000 (18:43 +0000)]
Default to not specifying media restrictions on stylesheet tags

2 years agoEnable verification of foreign keys in tests
Tom Hughes [Mon, 21 Feb 2022 18:40:30 +0000 (18:40 +0000)]
Enable verification of foreign keys in tests

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 21 Feb 2022 12:11:46 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoReplace deprecated String.prototype.substr()
Tobias Speicher [Sun, 20 Feb 2022 21:11:11 +0000 (22:11 +0100)]
Replace deprecated String.prototype.substr()

String.prototype.substr() is deprecated (see https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/substr) so we replace it with slice() which works similarily but isn't deprecated.
Signed-off-by: Tobias Speicher <rootcommander@gmail.com>
2 years agoWrap test execution for better isolation
Tom Hughes [Thu, 17 Feb 2022 19:30:19 +0000 (19:30 +0000)]
Wrap test execution for better isolation

2 years agoEnable some rails 7.x defaults
Tom Hughes [Thu, 17 Feb 2022 18:59:28 +0000 (18:59 +0000)]
Enable some rails 7.x defaults

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 17 Feb 2022 12:11:27 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoDefault to allowing TLS for SMTP but without peer verification
Tom Hughes [Thu, 17 Feb 2022 00:54:11 +0000 (00:54 +0000)]
Default to allowing TLS for SMTP but without peer verification

2 years agoDisable peer host name validation when sending email
Tom Hughes [Wed, 16 Feb 2022 22:48:26 +0000 (22:48 +0000)]
Disable peer host name validation when sending email

2 years agoMerge remote-tracking branch 'upstream/pull/3398'
Tom Hughes [Wed, 16 Feb 2022 18:13:16 +0000 (18:13 +0000)]
Merge remote-tracking branch 'upstream/pull/3398'

2 years agoMerge remote-tracking branch 'upstream/pull/3461'
Tom Hughes [Wed, 16 Feb 2022 18:12:33 +0000 (18:12 +0000)]
Merge remote-tracking branch 'upstream/pull/3461'

2 years agoMerge pull request #3414 from tomhughes/rails7
Andy Allan [Wed, 16 Feb 2022 15:16:53 +0000 (15:16 +0000)]
Merge pull request #3414 from tomhughes/rails7

Update to rails 7.x

2 years agoMerge pull request #3440 from mmd-osm/relationmemberlimit
Andy Allan [Wed, 16 Feb 2022 14:58:30 +0000 (14:58 +0000)]
Merge pull request #3440 from mmd-osm/relationmemberlimit

Introduce relation member limit

2 years agoUpdate to rails 7.0.2.2
Tom Hughes [Thu, 16 Dec 2021 18:51:39 +0000 (18:51 +0000)]
Update to rails 7.0.2.2

2 years agoUpdate documentation for how to confirm a new user account
Andy Allan [Wed, 16 Feb 2022 11:27:52 +0000 (11:27 +0000)]
Update documentation for how to confirm a new user account

Fixes #3460

2 years agoUpdate bundle
Tom Hughes [Tue, 15 Feb 2022 18:36:41 +0000 (18:36 +0000)]
Update bundle

2 years agoMerge remote-tracking branch 'upstream/pull/3458'
Tom Hughes [Tue, 15 Feb 2022 18:32:33 +0000 (18:32 +0000)]
Merge remote-tracking branch 'upstream/pull/3458'

2 years agoBump eslint from 8.8.0 to 8.9.0
dependabot[bot] [Mon, 14 Feb 2022 23:00:49 +0000 (23:00 +0000)]
Bump eslint from 8.8.0 to 8.9.0

Bumps [eslint](https://github.com/eslint/eslint) from 8.8.0 to 8.9.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.8.0...v8.9.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 14 Feb 2022 12:11:05 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoAllow trace image URL to be configured in the CSP policy
Tom Hughes [Sun, 13 Feb 2022 19:25:42 +0000 (19:25 +0000)]
Allow trace image URL to be configured in the CSP policy

2 years agoMerge remote-tracking branch 'upstream/pull/3345'
Tom Hughes [Sun, 13 Feb 2022 18:39:21 +0000 (18:39 +0000)]
Merge remote-tracking branch 'upstream/pull/3345'

2 years agoMerge remote-tracking branch 'upstream/pull/3455'
Tom Hughes [Sun, 13 Feb 2022 17:39:15 +0000 (17:39 +0000)]
Merge remote-tracking branch 'upstream/pull/3455'

2 years agoRemove section on removed rake doc:app
Harry Wood [Sat, 12 Feb 2022 17:58:43 +0000 (17:58 +0000)]
Remove section on removed rake doc:app

Remove the section of contributing docs about how `rake doc:app` can be used to generate some sort of documentation. That will not work any more, since this task was removed from Rails v5 because people don't generally use it! https://stackoverflow.com/a/36804474/338265

2 years agoFix contrib doc to remove reference to travis
Harry Wood [Sat, 12 Feb 2022 17:53:39 +0000 (17:53 +0000)]
Fix contrib doc to remove reference to travis

Remove the reference to Travis CI. Our CI pipeline now runs withing github actions.

2 years agoMerge remote-tracking branch 'upstream/pull/3454'
Tom Hughes [Sat, 12 Feb 2022 10:45:27 +0000 (10:45 +0000)]
Merge remote-tracking branch 'upstream/pull/3454'

2 years agoMerge remote-tracking branch 'upstream/pull/3453'
Tom Hughes [Sat, 12 Feb 2022 10:45:16 +0000 (10:45 +0000)]
Merge remote-tracking branch 'upstream/pull/3453'

2 years agoMerge remote-tracking branch 'upstream/pull/3452'
Tom Hughes [Sat, 12 Feb 2022 10:45:13 +0000 (10:45 +0000)]
Merge remote-tracking branch 'upstream/pull/3452'

2 years agoAdds advancedcomp to the list of macOS Homebrew dependencies
Brian Kelly [Sat, 12 Feb 2022 00:17:13 +0000 (18:17 -0600)]
Adds advancedcomp to the list of macOS Homebrew dependencies

2 years agoFix vagrant storage.yml config
Harry Wood [Sat, 12 Feb 2022 00:13:42 +0000 (00:13 +0000)]
Fix vagrant storage.yml config

Tell vagrant to copy the example storage.yml config file into place as per INSTALL.md instructions. Allows the migrations to run.

2 years agoUpdates macOS geckodriver installation command
Brian Kelly [Sat, 12 Feb 2022 00:05:20 +0000 (18:05 -0600)]
Updates macOS geckodriver installation command

2 years agoUpdate to rails 6.1.4.6
Tom Hughes [Fri, 11 Feb 2022 22:20:11 +0000 (22:20 +0000)]
Update to rails 6.1.4.6

2 years agoUpdate bundle
Tom Hughes [Fri, 11 Feb 2022 22:19:43 +0000 (22:19 +0000)]
Update bundle

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 10 Feb 2022 12:11:21 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoAllow users to delete their own accounts
Andy Allan [Thu, 9 Dec 2021 16:12:42 +0000 (16:12 +0000)]
Allow users to delete their own accounts

This PR allows users to delete their own accounts. The logic implemented matches
that currently used by the admins when they manually close accounts, although
there is room to be more complex in future e.g. completely removing accounts
with no content.

The error handling has been slightly adapted for namespaced controllers, by
anchoring the controller name with a leading forward slash.

2 years agoUpdate bundle
Tom Hughes [Tue, 8 Feb 2022 18:22:05 +0000 (18:22 +0000)]
Update bundle

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 7 Feb 2022 12:10:37 +0000 (13:10 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoMerge remote-tracking branch 'upstream/pull/3419'
Tom Hughes [Thu, 3 Feb 2022 18:37:12 +0000 (18:37 +0000)]
Merge remote-tracking branch 'upstream/pull/3419'

2 years agoMerge remote-tracking branch 'upstream/pull/3446'
Tom Hughes [Thu, 3 Feb 2022 18:32:49 +0000 (18:32 +0000)]
Merge remote-tracking branch 'upstream/pull/3446'

2 years agoMerge remote-tracking branch 'upstream/pull/3445'
Tom Hughes [Thu, 3 Feb 2022 18:32:40 +0000 (18:32 +0000)]
Merge remote-tracking branch 'upstream/pull/3445'

2 years agoUpdate to iD v2.20.4
Martin Raifer [Thu, 3 Feb 2022 15:19:01 +0000 (16:19 +0100)]
Update to iD v2.20.4

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 3 Feb 2022 12:11:37 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoEnsure that deactivate isn't available in production
Andy Allan [Wed, 2 Feb 2022 17:47:45 +0000 (17:47 +0000)]
Ensure that deactivate isn't available in production

It's only used as a workaround for factories not being able to create
pending users while keeping active as the default

2 years agoAdd extra user transitions needed by the administrators
Andy Allan [Wed, 2 Feb 2022 16:37:50 +0000 (16:37 +0000)]
Add extra user transitions needed by the administrators

2 years agoAdded some key-value pairs under `railway=`
Morten Bruhn [Wed, 2 Feb 2022 15:13:07 +0000 (16:13 +0100)]
Added some key-value pairs under `railway=`

2 years agoIntroduce relation member limit
mmd-osm [Sat, 29 Jan 2022 14:52:21 +0000 (15:52 +0100)]
Introduce relation member limit

Adds a new parameter `max_number_of_relation_members` in settings.yml

2 years agoUpdate bundle
Tom Hughes [Tue, 1 Feb 2022 18:59:56 +0000 (18:59 +0000)]
Update bundle

2 years agoIndex note comments by author and date
Tom Hughes [Tue, 1 Feb 2022 18:42:07 +0000 (18:42 +0000)]
Index note comments by author and date

Fixes #3443

2 years agoMerge remote-tracking branch 'upstream/pull/3442'
Tom Hughes [Tue, 1 Feb 2022 18:22:33 +0000 (18:22 +0000)]
Merge remote-tracking branch 'upstream/pull/3442'

2 years agoMerge remote-tracking branch 'upstream/pull/3439'
Tom Hughes [Tue, 1 Feb 2022 18:13:40 +0000 (18:13 +0000)]
Merge remote-tracking branch 'upstream/pull/3439'

2 years agoUpdate to iD v2.20.3
Martin Raifer [Mon, 31 Jan 2022 17:10:00 +0000 (18:10 +0100)]
Update to iD v2.20.3

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 31 Jan 2022 12:10:21 +0000 (13:10 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoBump eslint from 8.7.0 to 8.8.0
dependabot[bot] [Fri, 28 Jan 2022 23:00:33 +0000 (23:00 +0000)]
Bump eslint from 8.7.0 to 8.8.0

Bumps [eslint](https://github.com/eslint/eslint) from 8.7.0 to 8.8.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.7.0...v8.8.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2 years agoFix route for "go public" button on the account edit page
Tom Hughes [Fri, 28 Jan 2022 12:35:57 +0000 (12:35 +0000)]
Fix route for "go public" button on the account edit page

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 27 Jan 2022 12:11:14 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoUpdate bundle
Tom Hughes [Tue, 25 Jan 2022 18:22:46 +0000 (18:22 +0000)]
Update bundle

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 24 Jan 2022 12:12:09 +0000 (13:12 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 20 Jan 2022 12:11:20 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoMerge remote-tracking branch 'upstream/pull/3426'
Tom Hughes [Wed, 19 Jan 2022 18:19:10 +0000 (18:19 +0000)]
Merge remote-tracking branch 'upstream/pull/3426'

2 years agoAllow blank issue templates
Andy Allan [Wed, 19 Jan 2022 16:14:03 +0000 (16:14 +0000)]
Allow blank issue templates

This was originally intended in #3397 and I'm not sure why I set this
to false.

2 years agoMerge remote-tracking branch 'upstream/pull/3420'
Tom Hughes [Tue, 18 Jan 2022 19:03:32 +0000 (19:03 +0000)]
Merge remote-tracking branch 'upstream/pull/3420'

2 years agoUpdate bundle
Tom Hughes [Tue, 18 Jan 2022 08:12:14 +0000 (08:12 +0000)]
Update bundle

2 years agoMerge remote-tracking branch 'upstream/pull/3425'
Tom Hughes [Tue, 18 Jan 2022 08:10:59 +0000 (08:10 +0000)]
Merge remote-tracking branch 'upstream/pull/3425'

2 years agoBump eslint from 8.6.0 to 8.7.0
dependabot[bot] [Mon, 17 Jan 2022 23:00:46 +0000 (23:00 +0000)]
Bump eslint from 8.6.0 to 8.7.0

Bumps [eslint](https://github.com/eslint/eslint) from 8.6.0 to 8.7.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.6.0...v8.7.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 17 Jan 2022 12:11:06 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoRemove form_action restrictions for sessions#login
Tom Hughes [Mon, 17 Jan 2022 11:01:07 +0000 (11:01 +0000)]
Remove form_action restrictions for sessions#login

Login may redirect to ouath2_authorizations#create which may then
redirect to arbitrary schemes if the application is already authorized
so we need to allow login to redirect to any scheme.

Fixes #3424

2 years agoRestore form_action restrictions for ouath2_authorizations#create
Tom Hughes [Mon, 17 Jan 2022 11:00:41 +0000 (11:00 +0000)]
Restore form_action restrictions for ouath2_authorizations#create

2 years agoRemove form_action restrictions for ouath2_authorizations#create
Tom Hughes [Mon, 17 Jan 2022 09:33:28 +0000 (09:33 +0000)]
Remove form_action restrictions for ouath2_authorizations#create

Fixes #3424

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 13 Jan 2022 12:10:10 +0000 (13:10 +0100)]
Localisation updates from https://translatewiki.net.

2 years agorm spaces
Nick Doiron [Thu, 13 Jan 2022 00:16:09 +0000 (19:16 -0500)]
rm spaces

2 years agoadd dir="auto" to search fields
Nick Doiron [Thu, 13 Jan 2022 00:06:18 +0000 (19:06 -0500)]
add dir="auto" to search fields

Improves right-to-left text input support

2 years agoMerge remote-tracking branch 'upstream/pull/3418'
Tom Hughes [Wed, 12 Jan 2022 18:23:53 +0000 (18:23 +0000)]
Merge remote-tracking branch 'upstream/pull/3418'

2 years agoUse a state machine for user status
Andy Allan [Wed, 5 Jan 2022 18:44:46 +0000 (18:44 +0000)]
Use a state machine for user status

The user status is a bit complex, since there are various states and
not all transitions between them make sense.

Using AASM means that we can name and restrict the transitions, which
hopefully makes them easier to reason about.