raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-02-13 23:37:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
34,580 Commits 19 Branches 453 Tags
c05532c166eaa3bd27e16efd977db8fca7436774
Commit Graph

34580 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Rodríguez
c05532c166 Always generate <button> tags, rather than <input> of type "button" 2025-11-24 12:11:03 +01:00
Gaetan Craig-Riou
82139a9ac0 Merge pull request #13747 from mkllnk/doc-reset 
Show reset tasks in task list `./bin/rails -T`
 2025-11-24 13:19:33 +11:00
Gaetan Craig-Riou
6d9946c3c6 Merge pull request #13738 from openfoodfoundation/dependabot/bundler/aws-sdk-s3-1.205.0 
Bump aws-sdk-s3 from 1.151.0 to 1.205.0
 2025-11-24 13:17:41 +11:00
Maikel Linke
f58b6bcada Show reset tasks in task list ./bin/rails -T 
I wrote them a while ago but noticed only now that they don't show up in
the overview.
 2025-11-24 12:59:41 +11:00
Maikel
dc13ef4162 Merge pull request #13743 from deivid-rodriguez/bump-prettier 
Bump prettier and let Dependabot handle further updates
 2025-11-24 12:06:19 +11:00
Maikel
dcb48272f5 Merge pull request #13746 from rioug/security-255-code-injection 
[Security]  Fix potential code injection
 2025-11-24 12:01:44 +11:00
Gaetan Craig-Riou
08bc374576 Merge pull request #13740 from openfoodfoundation/dependabot/bundler/image_processing-1.14.0 
Bump image_processing from 1.12.2 to 1.14.0
 2025-11-24 09:48:37 +11:00
Gaetan Craig-Riou
afbf0a5d0e Merge pull request #13739 from openfoodfoundation/dependabot/bundler/database_cleaner-2.1.0 
Bump database_cleaner from 2.0.2 to 2.1.0
 2025-11-24 09:32:45 +11:00
Gaetan Craig-Riou
7e034a3037 Merge pull request #13737 from openfoodfoundation/dependabot/npm_and_yarn/webpack-4.47.0 
Bump webpack from 4.46.0 to 4.47.0
 2025-11-24 09:21:11 +11:00
Ahmed Ejaz
2db2fb2f11 Update all locales with the latest Transifex translations v5.3.6 2025-11-24 03:07:32 +05:00
Gaetan Craig-Riou
74d2a94181 Add input validation to prevent code injection 
Plus spec
 2025-11-23 13:46:36 +11:00
David Rodríguez
6d0d91c56a Let prettier updates be handled by Dependabot 2025-11-21 12:49:44 +01:00
David Rodríguez
a509d49ec6 Bump prettier to 3.6.2 
And fix new style issues.
 2025-11-21 12:49:06 +01:00
Filipe
dddc945c42 Merge pull request #13679 from deivid-rodriguez/customer-edition 
Improve `/admin/customers` form handling
 2025-11-21 10:51:55 +00:00
Filipe
12c0363b7e Merge pull request #13716 from chahmedejaz/bugfix/13554-sorting-on-demand-products 
"On hand" value influences sorting of "on demand" products/variants
 2025-11-21 10:05:44 +00:00
dependabot[bot]
816e06d37c Bump image_processing from 1.12.2 to 1.14.0 
Bumps [image_processing](https://github.com/janko/image_processing) from 1.12.2 to 1.14.0.
- [Changelog](https://github.com/janko/image_processing/blob/master/CHANGELOG.md)
- [Commits](https://github.com/janko/image_processing/compare/v1.12.2...v1.14.0)

---
updated-dependencies:
- dependency-name: image_processing
  dependency-version: 1.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-21 01:21:08 +00:00
dependabot[bot]
2e80b7d92f Bump database_cleaner from 2.0.2 to 2.1.0 
Bumps [database_cleaner](https://github.com/DatabaseCleaner/database_cleaner) from 2.0.2 to 2.1.0.
- [Changelog](https://github.com/DatabaseCleaner/database_cleaner/blob/main/History.rdoc)
- [Commits](https://github.com/DatabaseCleaner/database_cleaner/compare/v2.0.2...v2.1.0)

---
updated-dependencies:
- dependency-name: database_cleaner
  dependency-version: 2.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-21 01:20:30 +00:00
dependabot[bot]
753173e2be Bump aws-sdk-s3 from 1.151.0 to 1.205.0 
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.151.0 to 1.205.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-version: 1.205.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-21 01:19:54 +00:00
dependabot[bot]
c9954f0823 Bump webpack from 4.46.0 to 4.47.0 
Bumps [webpack](https://github.com/webpack/webpack) from 4.46.0 to 4.47.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v4.46.0...v4.47.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-version: 4.47.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-21 01:18:20 +00:00
Maikel
80f5fa30c4 Merge pull request #13736 from deivid-rodriguez/unify-dependabot-strategy 
Unify dependabot strategy
 2025-11-21 12:17:15 +11:00
Gaetan Craig-Riou
9194d0ba2b Merge pull request #13733 from openfoodfoundation/dependabot/bundler/rubocop-1.81.7 
Bump rubocop from 1.81.6 to 1.81.7
 2025-11-21 10:16:12 +11:00
Gaetan Craig-Riou
e00c993a98 Merge pull request #13732 from openfoodfoundation/dependabot/bundler/undercover-0.8.2 
Bump undercover from 0.8.1 to 0.8.2
 2025-11-21 10:11:54 +11:00
Gaetan Craig-Riou
800333f65b Merge pull request #13731 from openfoodfoundation/dependabot/bundler/arel-helpers-2.17.0 
Bump arel-helpers from 2.14.0 to 2.17.0
 2025-11-21 10:10:33 +11:00
Ahmed Ejaz
64df7cc9bc Refactor backorderable_name tests for clarity and consistency in product sorting 2025-11-20 06:06:56 +05:00
Ahmed Ejaz
b23fec268e fix lint issues 2025-11-20 05:08:07 +05:00
Ahmed Ejaz
7b7a7d3418 Add backorderable_name sorting and enhance combined sorting tests 2025-11-20 05:01:08 +05:00
David Rodríguez
6fa99b187d Unify Dependabot strategy 
Let's do the same we do for Ruby dependencies.
 2025-11-19 14:47:44 +01:00
David Rodríguez
a009dacd41 Pin version of foundation 
Reading through open issues, I think it's more likely that we end up
removing it rather than upgrading it.

So let's fix it like when we don't want certain dependencies to be
managed by Dependabot.
 2025-11-19 14:45:52 +01:00
dependabot[bot]
472ba98ec2 Bump rubocop from 1.81.6 to 1.81.7 
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.81.6 to 1.81.7.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.81.6...v1.81.7)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-version: 1.81.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-19 09:02:45 +00:00
dependabot[bot]
91cd3356b0 Bump undercover from 0.8.1 to 0.8.2 
Bumps [undercover](https://github.com/grodowski/undercover) from 0.8.1 to 0.8.2.
- [Release notes](https://github.com/grodowski/undercover/releases)
- [Changelog](https://github.com/grodowski/undercover/blob/master/CHANGELOG.md)
- [Commits](https://github.com/grodowski/undercover/compare/v0.8.1...v0.8.2)

---
updated-dependencies:
- dependency-name: undercover
  dependency-version: 0.8.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-19 09:02:08 +00:00
dependabot[bot]
67ef142546 Bump arel-helpers from 2.14.0 to 2.17.0 
Bumps [arel-helpers](https://github.com/camertron/arel-helpers) from 2.14.0 to 2.17.0.
- [Changelog](https://github.com/camertron/arel-helpers/blob/master/CHANGELOG.md)
- [Commits](https://github.com/camertron/arel-helpers/compare/v2.14.0...v2.17.0)

---
updated-dependencies:
- dependency-name: arel-helpers
  dependency-version: 2.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-19 09:01:31 +00:00
Maikel
0aa4993a4d Merge pull request #13686 from mkllnk/litefarm-market-organic 
Allow Litefarm and Market.Organic to access DFC API
 2025-11-19 15:11:51 +11:00
Gaetan Craig-Riou
98176bd5de Merge pull request #13730 from openfoodfoundation/dependabot/bundler/redcarpet-3.6.1 
Bump redcarpet from 3.6.0 to 3.6.1
 2025-11-19 10:10:20 +11:00
Gaetan Craig-Riou
dde0e23a79 Merge pull request #13729 from openfoodfoundation/dependabot/bundler/wicked_pdf-2.8.2 
Bump wicked_pdf from 2.8.1 to 2.8.2
 2025-11-19 10:08:42 +11:00
Gaetan Craig-Riou
d1021210e6 Merge pull request #13728 from openfoodfoundation/dependabot/bundler/rubocop-factory_bot-2.28.0 
Bump rubocop-factory_bot from 2.27.1 to 2.28.0
 2025-11-19 10:08:08 +11:00
dependabot[bot]
bfa472a293 Bump redcarpet from 3.6.0 to 3.6.1 
Bumps [redcarpet](https://github.com/vmg/redcarpet) from 3.6.0 to 3.6.1.
- [Release notes](https://github.com/vmg/redcarpet/releases)
- [Changelog](https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md)
- [Commits](https://github.com/vmg/redcarpet/compare/v3.6.0...v3.6.1)

---
updated-dependencies:
- dependency-name: redcarpet
  dependency-version: 3.6.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-18 09:02:38 +00:00
dependabot[bot]
9d14c1026c Bump wicked_pdf from 2.8.1 to 2.8.2 
Bumps [wicked_pdf](https://github.com/mileszs/wicked_pdf) from 2.8.1 to 2.8.2.
- [Release notes](https://github.com/mileszs/wicked_pdf/releases)
- [Changelog](https://github.com/mileszs/wicked_pdf/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mileszs/wicked_pdf/commits)

---
updated-dependencies:
- dependency-name: wicked_pdf
  dependency-version: 2.8.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-18 09:02:04 +00:00
dependabot[bot]
c653743a56 Bump rubocop-factory_bot from 2.27.1 to 2.28.0 
Bumps [rubocop-factory_bot](https://github.com/rubocop/rubocop-factory_bot) from 2.27.1 to 2.28.0.
- [Release notes](https://github.com/rubocop/rubocop-factory_bot/releases)
- [Changelog](https://github.com/rubocop/rubocop-factory_bot/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-factory_bot/compare/v2.27.1...v2.28.0)

---
updated-dependencies:
- dependency-name: rubocop-factory_bot
  dependency-version: 2.28.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-18 09:01:30 +00:00
Filipe
a1ee1eac4c Merge pull request #13680 from rioug/13674-enable-variant-tag-new-enterprise 
[Variant tags] Enable variant tag for enterprise created after 11th of August and super admins
 2025-11-17 23:05:11 +00:00
Gaetan Craig-Riou
84b351e076 Merge pull request #13723 from openfoodfoundation/dependabot/npm_and_yarn/js-yaml-3.14.2 
Bump js-yaml from 3.14.1 to 3.14.2
 2025-11-18 09:51:04 +11:00
Ahmed Ejaz
9f7faac842 Remove .tool-versions file 2025-11-18 03:49:06 +05:00
dependabot[bot]
02c1b309f3 Bump js-yaml from 3.14.1 to 3.14.2 
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.14.1 to 3.14.2.
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-version: 3.14.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-17 22:36:10 +00:00
Gaetan Craig-Riou
58028df3b7 Merge pull request #13721 from openfoodfoundation/dependabot/bundler/newrelic_rpm-9.23.0 
Bump newrelic_rpm from 9.22.0 to 9.23.0
 2025-11-18 09:29:31 +11:00
Gaetan Craig-Riou
638c139bca Merge pull request #13720 from openfoodfoundation/dependabot/bundler/bugsnag-6.28.0 
Bump bugsnag from 6.26.4 to 6.28.0
 2025-11-18 09:28:23 +11:00
Gaetan Craig-Riou
5adfdf11fb Merge pull request #13719 from openfoodfoundation/dependabot/bundler/angular_rails_csrf-7.0.2 
Bump angular_rails_csrf from 6.0.0 to 7.0.2
 2025-11-18 09:26:57 +11:00
dependabot[bot]
152a7b7fe9 Bump newrelic_rpm from 9.22.0 to 9.23.0 
Bumps [newrelic_rpm](https://github.com/newrelic/newrelic-ruby-agent) from 9.22.0 to 9.23.0.
- [Release notes](https://github.com/newrelic/newrelic-ruby-agent/releases)
- [Changelog](https://github.com/newrelic/newrelic-ruby-agent/blob/dev/CHANGELOG.md)
- [Commits](https://github.com/newrelic/newrelic-ruby-agent/compare/9.22.0...9.23.0)

---
updated-dependencies:
- dependency-name: newrelic_rpm
  dependency-version: 9.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-17 09:05:19 +00:00
dependabot[bot]
5c998bfc77 Bump bugsnag from 6.26.4 to 6.28.0 
Bumps [bugsnag](https://github.com/bugsnag/bugsnag-ruby) from 6.26.4 to 6.28.0.
- [Release notes](https://github.com/bugsnag/bugsnag-ruby/releases)
- [Changelog](https://github.com/bugsnag/bugsnag-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bugsnag/bugsnag-ruby/compare/v6.26.4...v6.28.0)

---
updated-dependencies:
- dependency-name: bugsnag
  dependency-version: 6.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-17 09:04:19 +00:00
dependabot[bot]
97ca8702d4 Bump angular_rails_csrf from 6.0.0 to 7.0.2 
Bumps [angular_rails_csrf](https://github.com/jsanders/angular_rails_csrf) from 6.0.0 to 7.0.2.
- [Release notes](https://github.com/jsanders/angular_rails_csrf/releases)
- [Changelog](https://github.com/bodrovis/angular_rails_csrf/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jsanders/angular_rails_csrf/compare/v6.0.0...v7.0.2)

---
updated-dependencies:
- dependency-name: angular_rails_csrf
  dependency-version: 7.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-17 09:03:44 +00:00
Maikel
e194ebf0f3 Merge pull request #13552 from openfoodfoundation/dependabot/npm_and_yarn/jest-30.2.0 
Bump jest from 27.5.1 to 30.2.0
 2025-11-17 15:21:57 +11:00
Gaetan Craig-Riou
f6fc8a6993 Merge pull request #13715 from openfoodfoundation/dependabot/bundler/rexml-3.4.2 
Bump rexml from 3.3.9 to 3.4.2
 2025-11-17 15:07:10 +11:00