raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-02-11 23:17:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
24,559 Commits 19 Branches 453 Tags
006bcd2cf842cba7e2cbd2024b4e0674be3ac37d
Commit Graph

24559 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jean-Baptiste Bellet
006bcd2cf8 Add Symbol class allowed for YAML deserialization 2022-07-27 15:00:19 +02:00
Jean-Baptiste Bellet
7747f2592e Add BigDecimal classe allowed for YAML deserialization 
The soft enforcement of the Rails 6.1.6.1 security update in picked up
one more classes that were serialized in the database with YAML: BigDecimal
 2022-07-27 11:26:42 +02:00
dependabot[bot]
59504c3d84 Bump rails from 6.1.6 to 6.1.6.1 
Bumps [rails](https://github.com/rails/rails) from 6.1.6 to 6.1.6.1.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v6.1.6...v6.1.6.1)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-27 07:29:49 +00:00
jibees
a8d5fede17 Merge pull request #9458 from openfoodfoundation/dependabot/bundler/view_component-2.62.0 
Bump view_component from 2.57.1 to 2.62.0
 2022-07-27 08:27:01 +02:00
dependabot[bot]
506574aefd Bump view_component from 2.57.1 to 2.62.0 
Bumps [view_component](https://github.com/github/view_component) from 2.57.1 to 2.62.0.
- [Release notes](https://github.com/github/view_component/releases)
- [Changelog](https://github.com/github/view_component/blob/main/docs/CHANGELOG.md)
- [Commits](https://github.com/github/view_component/compare/v2.57.1...v2.62.0)

---
updated-dependencies:
- dependency-name: view_component
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-27 02:08:12 +00:00
Maikel
4f099da58f Merge pull request #9452 from openfoodfoundation/dependabot/bundler/rswag-specs-2.5.1 
Bump rswag-specs from 2.4.0 to 2.5.1
 2022-07-27 12:06:50 +10:00
jibees
6baa36cdaa Merge pull request #9454 from openfoodfoundation/dependabot/bundler/rails-i18n-7.0.5 
Bump rails-i18n from 7.0.1 to 7.0.5
 2022-07-26 17:15:10 +02:00
jibees
e0a8b320a9 Merge pull request #9450 from openfoodfoundation/dependabot/bundler/timecop-0.9.5 
Bump timecop from 0.9.4 to 0.9.5
 2022-07-26 17:12:24 +02:00
dependabot[bot]
d54eb48662 Bump rswag-specs from 2.4.0 to 2.5.1 
Bumps [rswag-specs](https://github.com/rswag/rswag) from 2.4.0 to 2.5.1.
- [Release notes](https://github.com/rswag/rswag/releases)
- [Changelog](https://github.com/rswag/rswag/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rswag/rswag/compare/2.4.0...2.5.1)

---
updated-dependencies:
- dependency-name: rswag-specs
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-26 14:13:06 +00:00
dependabot[bot]
542e8e22bf Bump rails-i18n from 7.0.1 to 7.0.5 
Bumps [rails-i18n](https://github.com/svenfuchs/rails-i18n) from 7.0.1 to 7.0.5.
- [Release notes](https://github.com/svenfuchs/rails-i18n/releases)
- [Changelog](https://github.com/svenfuchs/rails-i18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/svenfuchs/rails-i18n/commits/v7.0.5)

---
updated-dependencies:
- dependency-name: rails-i18n
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-26 14:12:46 +00:00
dependabot[bot]
e0426d6dc0 Bump timecop from 0.9.4 to 0.9.5 
Bumps [timecop](https://github.com/travisjeffery/timecop) from 0.9.4 to 0.9.5.
- [Release notes](https://github.com/travisjeffery/timecop/releases)
- [Changelog](https://github.com/travisjeffery/timecop/blob/master/History.md)
- [Commits](https://github.com/travisjeffery/timecop/compare/v0.9.4...v0.9.5)

---
updated-dependencies:
- dependency-name: timecop
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-26 14:10:19 +00:00
jibees
a09900c98d Merge pull request #9433 from openfoodfoundation/dependabot/bundler/rswag-api-2.5.1 
Bump rswag-api from 2.4.0 to 2.5.1
 2022-07-26 16:10:15 +02:00
jibees
f563fcad7f Merge pull request #9434 from openfoodfoundation/dependabot/bundler/letter_opener-1.8.1 
Bump letter_opener from 1.7.0 to 1.8.1
 2022-07-26 16:09:56 +02:00
jibees
34b76f8683 Merge pull request #9401 from openfoodfoundation/dependabot/bundler/selenium-webdriver-4.3.0 
Bump selenium-webdriver from 4.0.3 to 4.3.0
 2022-07-26 16:09:42 +02:00
jibees
ec82bdda97 Merge pull request #9376 from openfoodfoundation/dependabot/bundler/jwt-2.4.1 
Bump jwt from 2.3.0 to 2.4.1
 2022-07-26 16:09:32 +02:00
jibees
e4c2df4989 Merge pull request #9326 from openfoodfoundation/dependabot/bundler/sidekiq-6.5.1 
Bump sidekiq from 6.3.1 to 6.5.1
 2022-07-26 16:09:22 +02:00
jibees
a1f577dc01 Merge pull request #9400 from openfoodfoundation/dependabot/bundler/rswag-ui-2.5.1 
Bump rswag-ui from 2.4.0 to 2.5.1
 2022-07-26 16:09:11 +02:00
jibees
edbf92424d Merge pull request #9377 from openfoodfoundation/dependabot/bundler/paranoia-2.6.0 
Bump paranoia from 2.4.3 to 2.6.0
 2022-07-26 16:08:58 +02:00
jibees
35c18664fc Merge pull request #9389 from jibees/9388-handle-plural-in-order-selection-component 
Handle plural (and 0) on orders selection component
 2022-07-26 15:57:58 +02:00
Maikel
825058472b Merge pull request #9425 from openfoodfoundation/dependabot/npm_and_yarn/stimulus-3.1.0 
Bump stimulus from 3.0.1 to 3.1.0
 2022-07-26 16:49:33 +10:00
dependabot[bot]
cd2119707a Bump rswag-ui from 2.4.0 to 2.5.1 
Bumps [rswag-ui](https://github.com/rswag/rswag) from 2.4.0 to 2.5.1.
- [Release notes](https://github.com/rswag/rswag/releases)
- [Changelog](https://github.com/rswag/rswag/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rswag/rswag/compare/2.4.0...2.5.1)

---
updated-dependencies:
- dependency-name: rswag-ui
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-25 14:56:05 +00:00
dependabot[bot]
8c27406a7a Bump paranoia from 2.4.3 to 2.6.0 
Bumps [paranoia](https://github.com/rubysherpas/paranoia) from 2.4.3 to 2.6.0.
- [Release notes](https://github.com/rubysherpas/paranoia/releases)
- [Changelog](https://github.com/rubysherpas/paranoia/blob/core/CHANGELOG.md)
- [Commits](https://github.com/rubysherpas/paranoia/compare/2.4.3...v2.6.0)

---
updated-dependencies:
- dependency-name: paranoia
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-25 14:55:49 +00:00
dependabot[bot]
b6defc76a8 Bump jwt from 2.3.0 to 2.4.1 
Bumps [jwt](https://github.com/jwt/ruby-jwt) from 2.3.0 to 2.4.1.
- [Release notes](https://github.com/jwt/ruby-jwt/releases)
- [Changelog](https://github.com/jwt/ruby-jwt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jwt/ruby-jwt/compare/v2.3.0...v2.4.1)

---
updated-dependencies:
- dependency-name: jwt
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-25 14:55:29 +00:00
dependabot[bot]
50529d7ab3 Bump sidekiq from 6.3.1 to 6.5.1 
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.3.1 to 6.5.1.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.3.1...v6.5.1)

---
updated-dependencies:
- dependency-name: sidekiq
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-25 14:55:12 +00:00
dependabot[bot]
b695f3d47f Bump selenium-webdriver from 4.0.3 to 4.3.0 
Bumps [selenium-webdriver](https://github.com/SeleniumHQ/selenium) from 4.0.3 to 4.3.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES)
- [Commits](https://github.com/SeleniumHQ/selenium/commits/selenium-4.3.0)

---
updated-dependencies:
- dependency-name: selenium-webdriver
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-25 14:54:43 +00:00
dependabot[bot]
90ce61fa47 Bump letter_opener from 1.7.0 to 1.8.1 
Bumps [letter_opener](https://github.com/ryanb/letter_opener) from 1.7.0 to 1.8.1.
- [Release notes](https://github.com/ryanb/letter_opener/releases)
- [Changelog](https://github.com/ryanb/letter_opener/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ryanb/letter_opener/compare/v1.7.0...v1.8.1)

---
updated-dependencies:
- dependency-name: letter_opener
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-25 14:13:23 +00:00
dependabot[bot]
7c2352f2d6 Bump rswag-api from 2.4.0 to 2.5.1 
Bumps [rswag-api](https://github.com/rswag/rswag) from 2.4.0 to 2.5.1.
- [Release notes](https://github.com/rswag/rswag/releases)
- [Changelog](https://github.com/rswag/rswag/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rswag/rswag/compare/2.4.0...2.5.1)

---
updated-dependencies:
- dependency-name: rswag-api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-25 14:13:07 +00:00
dependabot[bot]
ef7194af85 Bump stimulus from 3.0.1 to 3.1.0 
Bumps [stimulus](https://github.com/stimulusjs/stimulus) from 3.0.1 to 3.1.0.
- [Release notes](https://github.com/stimulusjs/stimulus/releases)
- [Changelog](https://github.com/hotwired/stimulus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/stimulusjs/stimulus/compare/v3.0.1...v3.1.0)

---
updated-dependencies:
- dependency-name: stimulus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-25 14:12:14 +00:00
Jean-Baptiste Bellet
4766c7a00b Update all locales with the latest Transifex translations v4.2.6 2022-07-21 17:42:52 +02:00
jibees
9d470c7a18 Merge pull request #9416 from aintluks/fix-label-button-terms-of-service 
Fix button labels on terms of service
 2022-07-21 17:38:28 +02:00
jibees
9cb0d66f39 Merge pull request #9426 from openfoodfoundation/dependabot/npm_and_yarn/babel/preset-env-7.18.9 
Bump @babel/preset-env from 7.18.6 to 7.18.9
 2022-07-21 17:38:07 +02:00
dependabot[bot]
7ba6f8c04b Bump @babel/preset-env from 7.18.6 to 7.18.9 
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.18.6 to 7.18.9.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.9/packages/babel-preset-env)

---
updated-dependencies:
- dependency-name: "@babel/preset-env"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-21 15:03:18 +00:00
jibees
19ff6d011a Merge pull request #9415 from saunmanoj888/fix-for-shipping-method-radio-button 
Fix text alignment for category radio button under shipping method
 2022-07-21 17:02:29 +02:00
jibees
9b1dcdcc78 Merge pull request #9412 from binarygit/optimize-notes-and-tracking-workflow 
Optimize notes and tracking workflow
 2022-07-21 17:02:03 +02:00
jibees
5eb3c486b2 Merge pull request #9383 from jibees/9382-can-send-invoice-if-ABN-is-not-required 
Can send invoice if ABN is not required
 2022-07-21 17:01:41 +02:00
jibees
20ee0d5009 Merge pull request #9301 from mkllnk/3975-unsupported-image 
Allow SVG images for products and show errors when uploading unsupported file
 2022-07-21 16:56:11 +02:00
jibees
89d68c7708 Merge pull request #9374 from openfoodfoundation/dependabot/bundler/spring-4.0.0 
Bump spring from 3.0.0 to 4.0.0
 2022-07-21 08:56:33 +02:00
jibees
371d517436 Merge pull request #9432 from mkllnk/mayhem 
Run Mayhem for API only when triggered manually
 2022-07-21 08:51:12 +02:00
jibees
17a016eca5 Merge pull request #9431 from mkllnk/roo 
Bump roo from old master to 2.9.0
 2022-07-21 08:46:06 +02:00
Jean-Baptiste Bellet
2b67a0fa80 Specify a list of content-types 
Then remove specific image format that aren't handled by a web browser (such as `image/x+xcf)`

+ List allowed image formats for enterprises and groups
 2022-07-21 08:42:17 +02:00
Maikel Linke
84fcc8f1ac Upgrade spring binstubs 
I ran `bundle exec spring binstub --all` after reading about the update
in the changelog.
 2022-07-21 10:55:31 +10:00
Maikel
baefe37d0b Merge pull request #9367 from openfoodfoundation/dependabot/bundler/activerecord-import-1.4.0 
Bump activerecord-import from 1.3.0 to 1.4.0
 2022-07-21 10:45:56 +10:00
Maikel Linke
1e13d579ba Run Mayhem for API only when triggered manually 
It currently always fails and we are not using it. We may use it in the
future though and the results can be interesting. So I'm keeping it but
it's not triggered on every pull request. How to trigger:

https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow#running-a-workflow
 2022-07-21 10:37:58 +10:00
Maikel Linke
becfb09b3c Bump roo from old master to 2.9.0 
This release doesn't include the latest two pull requests but we don't
need those features and it's an upgrade already. Dependabot will now
pick up new releases instead of every new commit to the master branch of
the gem source. That should be less work for us.
 2022-07-21 10:29:45 +10:00
Filipe
4767030035 Merge pull request #9429 from filipefurtad0/matomo_tag_change 
Adds js window element to container code
 2022-07-20 10:27:16 +01:00
filipefurtad0
b20385db95 Moves matomo tag to upper position within head section 2022-07-20 09:38:37 +01:00
jibees
019911068a Merge pull request #9402 from openfoodfoundation/dependabot/bundler/oauth2-1.4.10 
Bump oauth2 from 1.4.7 to 1.4.10
 2022-07-20 09:36:19 +02:00
jibees
da266fed40 Merge pull request #9428 from openfoodfoundation/dependabot/npm_and_yarn/terser-4.8.1 
Bump terser from 4.8.0 to 4.8.1
 2022-07-20 09:35:39 +02:00
Maikel Linke
dd6c066f5a DRY view with JS translation 2022-07-20 17:01:10 +10:00
dependabot[bot]
9de939c1b1 Bump terser from 4.8.0 to 4.8.1 
Bumps [terser](https://github.com/terser/terser) from 4.8.0 to 4.8.1.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/commits)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-20 05:48:56 +00:00