raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-01-24 20:36:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
34,599 Commits 21 Branches 450 Tags
700be792e534d4ef8fe797a137c355ce3dac8a2a
Commit Graph

34599 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
700be792e5 Bump turbo-rails from 2.0.5 to 2.0.20 
Bumps [turbo-rails](https://github.com/hotwired/turbo-rails) from 2.0.5 to 2.0.20.
- [Release notes](https://github.com/hotwired/turbo-rails/releases)
- [Commits](https://github.com/hotwired/turbo-rails/compare/v2.0.5...v2.0.20)

---
updated-dependencies:
- dependency-name: turbo-rails
  dependency-version: 2.0.20
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-26 09:04:01 +00:00
Maikel
2662371507 Merge pull request #13755 from deivid-rodriguez/no-default-stylesheet-media 
Pass media attribute explicitly to stylesheet link tags
 2025-11-26 15:45:46 +11:00
Maikel
24fc3e9e86 Merge pull request #13748 from mkllnk/connector 
Bump DFC version from 1.14 to 1.16 with new country and phone format
 2025-11-26 12:32:02 +11:00
Gaetan Craig-Riou
b064173b7a Merge pull request #13758 from openfoodfoundation/dependabot/bundler/debug-1.11.0 
Bump debug from 1.9.2 to 1.11.0
 2025-11-26 10:58:07 +11:00
Gaetan Craig-Riou
f95581cd1f Merge pull request #13756 from openfoodfoundation/dependabot/bundler/whenever-1.1.0 
Bump whenever from 1.0.0 to 1.1.0
 2025-11-26 10:57:13 +11:00
dependabot[bot]
93d73f4763 Bump debug from 1.9.2 to 1.11.0 
Bumps [debug](https://github.com/ruby/debug) from 1.9.2 to 1.11.0.
- [Release notes](https://github.com/ruby/debug/releases)
- [Commits](https://github.com/ruby/debug/compare/v1.9.2...v1.11.0)

---
updated-dependencies:
- dependency-name: debug
  dependency-version: 1.11.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-25 09:06:09 +00:00
dependabot[bot]
154d17969c Bump whenever from 1.0.0 to 1.1.0 
Bumps [whenever](https://github.com/javan/whenever) from 1.0.0 to 1.1.0.
- [Release notes](https://github.com/javan/whenever/releases)
- [Changelog](https://github.com/javan/whenever/blob/main/CHANGELOG.md)
- [Commits](https://github.com/javan/whenever/compare/v1.0.0...v1.1.0)

---
updated-dependencies:
- dependency-name: whenever
  dependency-version: 1.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-25 09:01:45 +00:00
David Rodríguez
e32dcd53b5 Pass media attribute explicitly to stylesheet link tags 
So that we can enable Rails default behavior for potential future such link
tags without changing current behavior.
 2025-11-25 08:08:59 +01:00
David Cook
44c4a66970 Merge pull request #13741 from mkllnk/gem-coop 
Replace rubygems.org with gem.coop
 2025-11-25 13:01:03 +11:00
Gaetan Craig-Riou
d05834b896 Merge pull request #13751 from openfoodfoundation/dependabot/bundler/dotenv-3.1.8 
Bump dotenv from 3.1.2 to 3.1.8
 2025-11-25 11:39:29 +11:00
Gaetan Craig-Riou
854e136d09 Merge pull request #13750 from openfoodfoundation/dependabot/bundler/flipper-active_record-1.3.6 
Bump flipper-active_record from 1.3.0 to 1.3.6
 2025-11-25 11:37:19 +11:00
Gaetan Craig-Riou
7f3fc4ff91 Merge pull request #13749 from openfoodfoundation/dependabot/bundler/view_component-4.1.1 
Bump view_component from 3.12.1 to 4.1.1
 2025-11-25 11:32:31 +11:00
dependabot[bot]
62ae62db5a Bump dotenv from 3.1.2 to 3.1.8 
Bumps [dotenv](https://github.com/bkeepers/dotenv) from 3.1.2 to 3.1.8.
- [Release notes](https://github.com/bkeepers/dotenv/releases)
- [Changelog](https://github.com/bkeepers/dotenv/blob/main/Changelog.md)
- [Commits](https://github.com/bkeepers/dotenv/compare/v3.1.2...v3.1.8)

---
updated-dependencies:
- dependency-name: dotenv
  dependency-version: 3.1.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-24 09:13:22 +00:00
dependabot[bot]
a6fc49abce Bump flipper-active_record from 1.3.0 to 1.3.6 
Bumps [flipper-active_record](https://github.com/flippercloud/flipper) from 1.3.0 to 1.3.6.
- [Release notes](https://github.com/flippercloud/flipper/releases)
- [Changelog](https://github.com/flippercloud/flipper/blob/main/Changelog.md)
- [Commits](https://github.com/flippercloud/flipper/compare/v1.3.0...v1.3.6)

---
updated-dependencies:
- dependency-name: flipper-active_record
  dependency-version: 1.3.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-24 09:12:40 +00:00
dependabot[bot]
528c5a3593 Bump view_component from 3.12.1 to 4.1.1 
Bumps [view_component](https://github.com/viewcomponent/view_component) from 3.12.1 to 4.1.1.
- [Release notes](https://github.com/viewcomponent/view_component/releases)
- [Changelog](https://github.com/ViewComponent/view_component/blob/main/docs/CHANGELOG.md)
- [Commits](https://github.com/viewcomponent/view_component/compare/v3.12.1...v4.1.1)

---
updated-dependencies:
- dependency-name: view_component
  dependency-version: 4.1.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-24 09:12:02 +00:00
Maikel Linke
81165cd82b Replace country names with standard ISO code concepts 
The DFC version 1.16.0 introduced this new standardisation.
 2025-11-24 16:59:41 +11:00
Maikel Linke
faf50a1922 Bump datafoodconsortium-connector from 1.1.0 to 1.2.0 2025-11-24 16:45:06 +11:00
Maikel Linke
5f237adda2 Publish phone numbers as objects 
The standard introduced this a while ago but I didn't notice.

We have to update integrations like Disco Regen now.
 2025-11-24 16:44:23 +11:00
Maikel Linke
2e09a96c4b Document new managedBy attribute on DFC API 2025-11-24 15:19:34 +11:00
Gaetan Craig-Riou
82139a9ac0 Merge pull request #13747 from mkllnk/doc-reset 
Show reset tasks in task list `./bin/rails -T`
 2025-11-24 13:19:33 +11:00
Gaetan Craig-Riou
6d9946c3c6 Merge pull request #13738 from openfoodfoundation/dependabot/bundler/aws-sdk-s3-1.205.0 
Bump aws-sdk-s3 from 1.151.0 to 1.205.0
 2025-11-24 13:17:41 +11:00
Maikel Linke
f58b6bcada Show reset tasks in task list ./bin/rails -T 
I wrote them a while ago but noticed only now that they don't show up in
the overview.
 2025-11-24 12:59:41 +11:00
Maikel
dc13ef4162 Merge pull request #13743 from deivid-rodriguez/bump-prettier 
Bump prettier and let Dependabot handle further updates
 2025-11-24 12:06:19 +11:00
Maikel
dcb48272f5 Merge pull request #13746 from rioug/security-255-code-injection 
[Security]  Fix potential code injection
 2025-11-24 12:01:44 +11:00
Gaetan Craig-Riou
08bc374576 Merge pull request #13740 from openfoodfoundation/dependabot/bundler/image_processing-1.14.0 
Bump image_processing from 1.12.2 to 1.14.0
 2025-11-24 09:48:37 +11:00
Gaetan Craig-Riou
afbf0a5d0e Merge pull request #13739 from openfoodfoundation/dependabot/bundler/database_cleaner-2.1.0 
Bump database_cleaner from 2.0.2 to 2.1.0
 2025-11-24 09:32:45 +11:00
Gaetan Craig-Riou
7e034a3037 Merge pull request #13737 from openfoodfoundation/dependabot/npm_and_yarn/webpack-4.47.0 
Bump webpack from 4.46.0 to 4.47.0
 2025-11-24 09:21:11 +11:00
Ahmed Ejaz
2db2fb2f11 Update all locales with the latest Transifex translations v5.3.6 2025-11-24 03:07:32 +05:00
Gaetan Craig-Riou
74d2a94181 Add input validation to prevent code injection 
Plus spec
 2025-11-23 13:46:36 +11:00
David Rodríguez
6d0d91c56a Let prettier updates be handled by Dependabot 2025-11-21 12:49:44 +01:00
David Rodríguez
a509d49ec6 Bump prettier to 3.6.2 
And fix new style issues.
 2025-11-21 12:49:06 +01:00
Filipe
dddc945c42 Merge pull request #13679 from deivid-rodriguez/customer-edition 
Improve `/admin/customers` form handling
 2025-11-21 10:51:55 +00:00
Filipe
12c0363b7e Merge pull request #13716 from chahmedejaz/bugfix/13554-sorting-on-demand-products 
"On hand" value influences sorting of "on demand" products/variants
 2025-11-21 10:05:44 +00:00
Maikel Linke
78cfc0db65 Replace rubygems.org with gem.coop 
Several maintainers of RubyGems created gem.coop as a community-governed
service after a takeover by RubyCentral, pushed by Shopify.

We are moving with the community that reflects our values best.
 2025-11-21 12:59:30 +11:00
dependabot[bot]
816e06d37c Bump image_processing from 1.12.2 to 1.14.0 
Bumps [image_processing](https://github.com/janko/image_processing) from 1.12.2 to 1.14.0.
- [Changelog](https://github.com/janko/image_processing/blob/master/CHANGELOG.md)
- [Commits](https://github.com/janko/image_processing/compare/v1.12.2...v1.14.0)

---
updated-dependencies:
- dependency-name: image_processing
  dependency-version: 1.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-21 01:21:08 +00:00
dependabot[bot]
2e80b7d92f Bump database_cleaner from 2.0.2 to 2.1.0 
Bumps [database_cleaner](https://github.com/DatabaseCleaner/database_cleaner) from 2.0.2 to 2.1.0.
- [Changelog](https://github.com/DatabaseCleaner/database_cleaner/blob/main/History.rdoc)
- [Commits](https://github.com/DatabaseCleaner/database_cleaner/compare/v2.0.2...v2.1.0)

---
updated-dependencies:
- dependency-name: database_cleaner
  dependency-version: 2.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-21 01:20:30 +00:00
dependabot[bot]
753173e2be Bump aws-sdk-s3 from 1.151.0 to 1.205.0 
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.151.0 to 1.205.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-version: 1.205.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-21 01:19:54 +00:00
dependabot[bot]
c9954f0823 Bump webpack from 4.46.0 to 4.47.0 
Bumps [webpack](https://github.com/webpack/webpack) from 4.46.0 to 4.47.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v4.46.0...v4.47.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-version: 4.47.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-21 01:18:20 +00:00
Maikel
80f5fa30c4 Merge pull request #13736 from deivid-rodriguez/unify-dependabot-strategy 
Unify dependabot strategy
 2025-11-21 12:17:15 +11:00
Gaetan Craig-Riou
9194d0ba2b Merge pull request #13733 from openfoodfoundation/dependabot/bundler/rubocop-1.81.7 
Bump rubocop from 1.81.6 to 1.81.7
 2025-11-21 10:16:12 +11:00
Gaetan Craig-Riou
e00c993a98 Merge pull request #13732 from openfoodfoundation/dependabot/bundler/undercover-0.8.2 
Bump undercover from 0.8.1 to 0.8.2
 2025-11-21 10:11:54 +11:00
Gaetan Craig-Riou
800333f65b Merge pull request #13731 from openfoodfoundation/dependabot/bundler/arel-helpers-2.17.0 
Bump arel-helpers from 2.14.0 to 2.17.0
 2025-11-21 10:10:33 +11:00
Ahmed Ejaz
64df7cc9bc Refactor backorderable_name tests for clarity and consistency in product sorting 2025-11-20 06:06:56 +05:00
Ahmed Ejaz
b23fec268e fix lint issues 2025-11-20 05:08:07 +05:00
Ahmed Ejaz
7b7a7d3418 Add backorderable_name sorting and enhance combined sorting tests 2025-11-20 05:01:08 +05:00
David Rodríguez
6fa99b187d Unify Dependabot strategy 
Let's do the same we do for Ruby dependencies.
 2025-11-19 14:47:44 +01:00
David Rodríguez
a009dacd41 Pin version of foundation 
Reading through open issues, I think it's more likely that we end up
removing it rather than upgrading it.

So let's fix it like when we don't want certain dependencies to be
managed by Dependabot.
 2025-11-19 14:45:52 +01:00
dependabot[bot]
472ba98ec2 Bump rubocop from 1.81.6 to 1.81.7 
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.81.6 to 1.81.7.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.81.6...v1.81.7)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-version: 1.81.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-19 09:02:45 +00:00
dependabot[bot]
91cd3356b0 Bump undercover from 0.8.1 to 0.8.2 
Bumps [undercover](https://github.com/grodowski/undercover) from 0.8.1 to 0.8.2.
- [Release notes](https://github.com/grodowski/undercover/releases)
- [Changelog](https://github.com/grodowski/undercover/blob/master/CHANGELOG.md)
- [Commits](https://github.com/grodowski/undercover/compare/v0.8.1...v0.8.2)

---
updated-dependencies:
- dependency-name: undercover
  dependency-version: 0.8.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-19 09:02:08 +00:00
dependabot[bot]
67ef142546 Bump arel-helpers from 2.14.0 to 2.17.0 
Bumps [arel-helpers](https://github.com/camertron/arel-helpers) from 2.14.0 to 2.17.0.
- [Changelog](https://github.com/camertron/arel-helpers/blob/master/CHANGELOG.md)
- [Commits](https://github.com/camertron/arel-helpers/compare/v2.14.0...v2.17.0)

---
updated-dependencies:
- dependency-name: arel-helpers
  dependency-version: 2.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-19 09:01:31 +00:00