raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-03-13 04:00:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
34,394 Commits 16 Branches 456 Tags
915d03a66a245be56b48ec28e2e81e2d53e52a08
Commit Graph

34394 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Rodríguez
915d03a66a Change CreditCardRemover specs to not send raw credit card data 
If I re-record cassettes for these specs using my test API key, I get
the following errors:

```
1) Stripe::CreditCardRemover#remove Stripe customer exists and is not deleted deletes the credit card clone and the customer
   Failure/Error:
     Stripe::PaymentMethod.create(
       {
         type: 'card',
         card: {
           number: '4242424242424242',
           exp_month: 8,
           exp_year: Time.zone.now.year.next,
           cvc: '314',
         },
       },

   Stripe::CardError:
     Sending credit card numbers directly to the Stripe API is generally unsafe. We suggest you use test tokens that map to the test card you are using, see https://stripe.com/docs/testing. To enable testing raw card data APIs, see https://support.stripe.com/questions/enabling-access-to-raw-card-data-apis.
   # ./spec/lib/stripe/credit_card_remover_spec.rb:16:in `block (3 levels) in <main>'
   # ./spec/lib/stripe/credit_card_remover_spec.rb:44:in `block (4 levels) in <main>'
   # ./spec/lib/stripe/credit_card_remover_spec.rb:56:in `block (4 levels) in <main>'
   # ./spec/base_spec_helper.rb:208:in `block (2 levels) in <main>'
   # ./spec/base_spec_helper.rb:155:in `block (3 levels) in <main>'
   # ./spec/base_spec_helper.rb:155:in `block (2 levels) in <main>'
   # -e:1:in `<main>'
```

Use test payment methods instead as suggested by the error.
 2025-11-06 18:30:45 +01:00
Filipe
1422b440e4 Merge pull request #13493 from dacook/bump-stripe-v13 
Bump stripe to v13
 2025-11-06 13:48:52 +00:00
Filipe
95ad87d840 Merge pull request #13666 from chahmedejaz/bugfix/13519-order-disappear-from-orders-page 
Order lines are deleted when one tries to capture a payment after order cycle is closed
 2025-11-06 13:07:36 +00:00
Konrad
7357419f6f Merge pull request #13652 from navaneethkp36/13651-fix-button-size-order-confirmation 
Make the width of "Back to Store" and "Back to Website" buttons consistent with other buttons in order confirmation page
 2025-11-05 19:29:42 +01:00
David Cook
8e5fac9fb3 Merge pull request #13632 from rioug/security-247-code-injection 
[security] Fix potential code injection
 2025-11-05 16:34:37 +11:00
Gaetan Craig-Riou
30c0bcc910 Merge pull request #13678 from deivid-rodriguez/remove-debugger-linecache 
Remove debugger-linecache
 2025-11-05 11:14:11 +11:00
Gaetan Craig-Riou
1a4ba9b689 Merge pull request #13672 from openfoodfoundation/dependabot/bundler/i18n-tasks-1.0.15 
Bump i18n-tasks from 1.0.14 to 1.0.15
 2025-11-05 10:21:46 +11:00
Gaetan Craig-Riou
4de8191e27 Merge pull request #13579 from openfoodfoundation/dependabot/bundler/flipper-ui-1.3.6 
Bump flipper-ui from 1.3.0 to 1.3.6
 2025-11-05 10:06:43 +11:00
Gaetan Craig-Riou
472ca5a16b Merge pull request #13490 from openfoodfoundation/dependabot/bundler/turbo_power-0.7.0 
Bump turbo_power from 0.6.2 to 0.7.0
 2025-11-05 10:00:07 +11:00
Gaetan Craig-Riou
dab626031b Merge pull request #13041 from openfoodfoundation/dependabot/npm_and_yarn/turbo_power-0.7.1 
Bump turbo_power from 0.7.0 to 0.7.1
 2025-11-05 09:57:40 +11:00
Ahmed Ejaz
913dded766 Refactor order cycle handling to simplify closed cycle checks and improve redirection messaging 2025-11-05 02:50:01 +05:00
filipefurtad0
a36b7ce01a deletes all old VCR cassettes 2025-11-04 15:40:45 +00:00
David Cook
e4be336630 Bump Stripe to v13 2025-11-04 15:36:53 +00:00
David Cook
cae13df2c7 Bump Stripe to v12 
re-recording cassettes with script/test-stripe-live
 2025-11-04 15:32:05 +00:00
David Cook
81796db6e5 Fix date-dependent spec 2025-11-04 15:17:45 +00:00
David Cook
ba3553854e Allow script to continue if you've already deleted the old files 2025-11-04 15:17:45 +00:00
David Rodríguez
c386d1af01 Remove debugger-linecache 
This gem has not been updated since 2013 and serves no purpose these
days.
 2025-11-04 10:22:37 +01:00
dependabot[bot]
9916b361e4 Bump turbo_power from 0.6.2 to 0.7.0 
Bumps [turbo_power](https://github.com/marcoroth/turbo_power-rails) from 0.6.2 to 0.7.0.
- [Release notes](https://github.com/marcoroth/turbo_power-rails/releases)
- [Commits](https://github.com/marcoroth/turbo_power-rails/compare/v0.6.2...v0.7.0)

---
updated-dependencies:
- dependency-name: turbo_power
  dependency-version: 0.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-03 11:05:43 +00:00
dependabot[bot]
2b9b02aeea Bump i18n-tasks from 1.0.14 to 1.0.15 
Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks) from 1.0.14 to 1.0.15.
- [Release notes](https://github.com/glebm/i18n-tasks/releases)
- [Changelog](https://github.com/glebm/i18n-tasks/blob/main/CHANGES.md)
- [Commits](https://github.com/glebm/i18n-tasks/compare/v1.0.14...v1.0.15)

---
updated-dependencies:
- dependency-name: i18n-tasks
  dependency-version: 1.0.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-03 09:06:01 +00:00
dependabot[bot]
009b5e5ff1 Bump flipper-ui from 1.3.0 to 1.3.6 
Bumps [flipper-ui](https://github.com/flippercloud/flipper) from 1.3.0 to 1.3.6.
- [Release notes](https://github.com/flippercloud/flipper/releases)
- [Changelog](https://github.com/flippercloud/flipper/blob/main/Changelog.md)
- [Commits](https://github.com/flippercloud/flipper/compare/v1.3.0...v1.3.6)

---
updated-dependencies:
- dependency-name: flipper-ui
  dependency-version: 1.3.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-03 17:31:57 +11:00
dependabot[bot]
7c310e7e46 Bump turbo_power from 0.7.0 to 0.7.1 
Bumps [turbo_power](https://github.com/marcoroth/turbo_power) from 0.7.0 to 0.7.1.
- [Release notes](https://github.com/marcoroth/turbo_power/releases)
- [Commits](https://github.com/marcoroth/turbo_power/compare/v0.7.0...v0.7.1)

---
updated-dependencies:
- dependency-name: turbo_power
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-03 05:17:35 +00:00
Gaetan Craig-Riou
bd0db57768 Per review, more concise code 2025-11-03 15:58:27 +11:00
Gaetan Craig-Riou
96f715b62b Merge pull request #13661 from deivid-rodriguez/ruby-3.2 
Bump Ruby from 3.1.7 to 3.2.9
 2025-11-03 13:29:40 +11:00
Maikel
33b4e38fc5 Merge pull request #13664 from openfoodfoundation/dependabot/npm_and_yarn/jasmine-core-5.12.1 
Bump jasmine-core from 5.12.0 to 5.12.1
 2025-11-03 13:11:49 +11:00
Maikel
27e4ae9892 Merge pull request #13639 from deivid-rodriguez/verify-latest-reviewdog 
Upgrade to latest reviewdog
 2025-11-03 12:28:01 +11:00
Gaetan Craig-Riou
f434d8b066 Merge pull request #13658 from openfoodfoundation/dependabot/bundler/paranoia-2.6.4 
Bump paranoia from 2.6.3 to 2.6.4
 2025-11-03 12:05:44 +11:00
Gaetan Craig-Riou
43d471f93d Merge pull request #13657 from openfoodfoundation/dependabot/npm_and_yarn/hotwired/turbo-8.0.20 
Bump @hotwired/turbo from 8.0.13 to 8.0.20
 2025-11-03 12:03:58 +11:00
Ahmed Ejaz
3794f69cad Add shared examples to handle closed order cycle in checkout process 2025-11-02 01:48:10 +05:00
David Rodríguez
0c392d5302 Drop version constraints for pg and pry entirely, so their versions can be fully managed by Dependabot 
Co-authored-by: Maikel <maikel@email.org.au>
 2025-10-31 09:18:12 +01:00
David Rodríguez
e71a2603bd Bump pry to a version that plays nice with Ruby 3.2 
Otherwise you get the following error when starting RSpec:

```
(...)
An error occurred while loading base_spec_helper.
Failure/Error: require 'pry' unless ENV['CI']

NameError:
  undefined method `=~' for class `Pry::Code'
# ./spec/base_spec_helper.rb:10:in `<top (required)>'
No examples found.
(...)
```
 2025-10-31 09:18:11 +01:00
David Rodríguez
5aea527962 Use Bundler version that comes with Ruby 3.2.9 by default 2025-10-31 09:18:11 +01:00
David Rodríguez
05b3e97a0e Bump Ruby from 3.1.7 to 3.2.9 
Release announcements:

* https://www.ruby-lang.org/en/news/2025/07/24/ruby-3-2-9-released/
* https://www.ruby-lang.org/en/news/2025/03/26/ruby-3-2-8-released/
* https://www.ruby-lang.org/en/news/2025/02/04/ruby-3-2-7-released/
* https://www.ruby-lang.org/en/news/2024/10/30/ruby-3-2-6-released/
* https://www.ruby-lang.org/en/news/2024/07/26/ruby-3-2-5-released/
* https://www.ruby-lang.org/en/news/2024/04/23/ruby-3-2-4-released/
* https://www.ruby-lang.org/en/news/2024/01/18/ruby-3-2-3-released/
* https://www.ruby-lang.org/en/news/2023/03/30/ruby-3-2-2-released/
* https://www.ruby-lang.org/en/news/2023/02/08/ruby-3-2-1-released/
* https://www.ruby-lang.org/en/news/2022/12/25/ruby-3-2-0-released/

Also autocorrect new offenses.
 2025-10-31 09:18:11 +01:00
Maikel Linke
f9b76fadbd Update all locales with the latest Transifex translations v5.3.4 2025-10-31 16:05:11 +11:00
Maikel
64f44b8a9b Merge pull request #13571 from pacodelaluna/update_sum_calcultation 
Update sum calculation in order_cycle_customer_totals spec
 2025-10-31 16:03:11 +11:00
Maikel Linke
5dfb7645cb Avoid enabling rubocop rule listed in todo file 2025-10-31 15:39:58 +11:00
Maikel Linke
74927dd03d Regenerate Rubocop todo file 2025-10-31 15:30:17 +11:00
François Turbelin
71dd398131 Apply cosmetics and fix specs 2025-10-31 15:20:44 +11:00
François Turbelin
245f0caedb Adjust sum for remaining reports 2025-10-31 15:20:44 +11:00
François Turbelin
18bc95c6a3 Update sum calculation in order_cycle_customer_totals spec 2025-10-31 15:20:44 +11:00
Ahmed Ejaz
243190491b Fix specs 2025-10-31 04:40:44 +05:00
dependabot[bot]
7213dcf124 Bump jasmine-core from 5.12.0 to 5.12.1 
Bumps [jasmine-core](https://github.com/jasmine/jasmine) from 5.12.0 to 5.12.1.
- [Release notes](https://github.com/jasmine/jasmine/releases)
- [Changelog](https://github.com/jasmine/jasmine/blob/main/RELEASE.md)
- [Commits](https://github.com/jasmine/jasmine/compare/v5.12.0...v5.12.1)

---
updated-dependencies:
- dependency-name: jasmine-core
  dependency-version: 5.12.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-30 09:02:08 +00:00
David Rodríguez
e90569bdcc Adjust error format to latest prettier output 
To avoid generating an unnecessary annotation.
 2025-10-29 11:55:11 +01:00
David Rodríguez
404e27ab71 Run reviewdog directly 
So that we can control the version we run without depending on external
actions, and so that we use a consistent version for all linters.

At the same time, unify to running the latest version of reviewdog,
0.21.0, which also involves changing the deprecated `fail_on_error` flag
previously used by prettier action to `fail_level`.
 2025-10-29 11:55:10 +01:00
David Rodríguez
5af6d534df Use "nofilter" for prettier 
Now that we fixed all prettier issues.
 2025-10-29 11:55:03 +01:00
David Rodríguez
65410aabad Speed up rubocop reviewdog by skipping install 
Since we already run `bundle install` at the beginning of the job.
 2025-10-29 11:55:03 +01:00
David Rodríguez
2e78ea62b6 Change linters workflow label to reviewdog 2025-10-29 11:55:03 +01:00
David Rodríguez
201461918d Fix prettier offense 
I accidentally introduced this, not sure how, when correcting all
prettier issues.
 2025-10-29 11:55:03 +01:00
dependabot[bot]
3efe0c7835 Bump paranoia from 2.6.3 to 2.6.4 
Bumps [paranoia](https://github.com/rubysherpas/paranoia) from 2.6.3 to 2.6.4.
- [Release notes](https://github.com/rubysherpas/paranoia/releases)
- [Changelog](https://github.com/rubysherpas/paranoia/blob/core/CHANGELOG.md)
- [Commits](https://github.com/rubysherpas/paranoia/compare/v2.6.3...v2.6.4)

---
updated-dependencies:
- dependency-name: paranoia
  dependency-version: 2.6.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-29 09:02:20 +00:00
dependabot[bot]
e3d453e397 Bump @hotwired/turbo from 8.0.13 to 8.0.20 
Bumps [@hotwired/turbo](https://github.com/hotwired/turbo) from 8.0.13 to 8.0.20.
- [Release notes](https://github.com/hotwired/turbo/releases)
- [Commits](https://github.com/hotwired/turbo/compare/8.0.13...v8.0.20)

---
updated-dependencies:
- dependency-name: "@hotwired/turbo"
  dependency-version: 8.0.20
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-29 09:01:59 +00:00
Maikel
0ecfc23c67 Merge pull request #13644 from deivid-rodriguez/more-rspec-fixes 
Fix Rspec warnings and the broken Stripe intent API specs that fixing them revealed
 2025-10-29 15:04:22 +11:00