raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-02-25 01:23:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
34,450 Commits 17 Branches 454 Tags
cdb572f347126db9512e12569cc01b9e91ea70ca
Commit Graph

34450 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
cdb572f347 Bump paper_trail from 15.1.0 to 17.0.0 
Bumps [paper_trail](https://github.com/paper-trail-gem/paper_trail) from 15.1.0 to 17.0.0.
- [Release notes](https://github.com/paper-trail-gem/paper_trail/releases)
- [Changelog](https://github.com/paper-trail-gem/paper_trail/blob/master/CHANGELOG.md)
- [Commits](https://github.com/paper-trail-gem/paper_trail/compare/v15.1.0...v17.0.0)

---
updated-dependencies:
- dependency-name: paper_trail
  dependency-version: 17.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-10 09:39:38 +00:00
Maikel
7c4714288d Merge pull request #13675 from deivid-rodriguez/unify-linters 
Unify linters and linter related tools
 2025-11-10 16:24:36 +11:00
Maikel
b6e393eabb Merge pull request #13662 from filipefurtad0/spec_deprecation_nil_in_sum 
Catches exceptions on final_weight_volume inputs
 2025-11-10 15:25:49 +11:00
Gaetan Craig-Riou
d18aeb9918 Merge pull request #13687 from openfoodfoundation/dependabot/bundler/openid_connect-2.3.1 
Bump openid_connect from 2.3.0 to 2.3.1
 2025-11-10 15:15:32 +11:00
Maikel
587f76415b Merge pull request #13656 from pacodelaluna/replace-alias-attribute-with-alias-method 
Replace alias_attribute with alias_method
 2025-11-10 11:50:33 +11:00
dependabot[bot]
665aee6eb0 Bump openid_connect from 2.3.0 to 2.3.1 
Bumps [openid_connect](https://github.com/nov/openid_connect) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/nov/openid_connect/releases)
- [Changelog](https://github.com/nov/openid_connect/blob/main/CHANGELOG.md)
- [Commits](https://github.com/nov/openid_connect/compare/v2.3.0...v2.3.1)

---
updated-dependencies:
- dependency-name: openid_connect
  dependency-version: 2.3.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-10 00:48:19 +00:00
Gaetan Craig-Riou
5e505c1240 Merge pull request #13683 from openfoodfoundation/dependabot/bundler/omniauth_openid_connect-0.8.0 
Bump omniauth_openid_connect from 0.7.1 to 0.8.0
 2025-11-10 11:46:51 +11:00
Gaetan Craig-Riou
e948f89625 Merge pull request #13682 from openfoodfoundation/dependabot/bundler/activerecord-session_store-2.2.0 
Bump activerecord-session_store from 2.1.0 to 2.2.0
 2025-11-10 11:31:56 +11:00
Gaetan Craig-Riou
f42b91f414 Merge pull request #13681 from openfoodfoundation/dependabot/bundler/spring-4.4.0 
Bump spring from 4.2.1 to 4.4.0
 2025-11-10 11:25:57 +11:00
Rachel Arnould
94bda6d0f8 Merge pull request #13592 from rioug/13266-tag-variant-tag-rule 
[Variant tags] Add tag rules for variant
 2025-11-07 14:14:50 +01:00
Filipe
1422b440e4 Merge pull request #13493 from dacook/bump-stripe-v13 
Bump stripe to v13
 2025-11-06 13:48:52 +00:00
Filipe
95ad87d840 Merge pull request #13666 from chahmedejaz/bugfix/13519-order-disappear-from-orders-page 
Order lines are deleted when one tries to capture a payment after order cycle is closed
 2025-11-06 13:07:36 +00:00
Konrad
7357419f6f Merge pull request #13652 from navaneethkp36/13651-fix-button-size-order-confirmation 
Make the width of "Back to Store" and "Back to Website" buttons consistent with other buttons in order confirmation page
 2025-11-05 19:29:42 +01:00
filipefurtad0
8e5404a268 Replaces negative assertion with a positive assertion 
Adds test case on white spece

Refactors to have tests as shared_examples
 2025-11-05 11:12:55 +00:00
filipefurtad0
04fc729a5a Changes tests not to trigger error 
after https://github.com/openfoodfoundation/openfoodnetwork/pull/13571 was merged
 2025-11-05 10:34:52 +00:00
filipefurtad0
8818a98230 Catches exceptions on final_weight_volume inputs 2025-11-05 10:34:52 +00:00
David Rodríguez
d3efa3afa6 Remove pretty-quick 
Because:

* We already have reviewdog running prettier in CI.
* We already removed the associated commit hooks.
* Running plain prettier is already very fast in our case.
 2025-11-05 10:08:04 +01:00
David Rodríguez
4414879b3f Completely remove codeclimate as well 
Most of it is already disabled, and the stuff that's not actually
disabled don't seem worth enough for me to keep it.
 2025-11-05 10:08:04 +01:00
David Rodríguez
3c7aac59e9 Remove ancient rubocop plugin from codeclimate config 
We already get RuboCop offense information through reviewdog.
 2025-11-05 10:08:04 +01:00
David Rodríguez
41cd40a55b Completely get rid of hound 
We already get RuboCop offense information through reviewdog.
 2025-11-05 10:08:04 +01:00
David Rodríguez
a0e8111b3a Remove spurious scss-lint configuration 
It was broken due to several reasons:

* Bad globs from not catching up after file renames.
* Bad rule indentation.

Also, the scss-lint project itself recommends using other tools, because
it relies on the ruby SASS implementation while upstream has moved to a
dart-based implementation.

Even when you fix the config and try to run the tool, you feel the pain
of this deviation:

```
$ scss-lint
(...)

app/webpacker/css/admin/grid.scss:10:1 [E] Syntax: Syntax Error: Invalid CSS after "$col-width: math": expected selector or at-rule, was ".div($total-col..."

(...)
```

The grid.scss file use using `math.div` feature, which is only supported
by the `sass` version based on dart. `scss-lint` will never be able to
parse this file at all.

Also, we're already handling scss rule formatting through prettier.

Because of all these reasons, it's best to forget about scss-lint.
 2025-11-05 10:08:03 +01:00
David Rodríguez
8f07ee5bf7 Move haml-lint from hound to reviewdog 
We can somewhat easily get it passing and integrate nice with reviewdog
by adding a TODO file for the rules that we had enabled, so that we
don't need to correct anything now, but we still get alerted for new
offenses. So I say let's keep it and enforce it from now on.
 2025-11-05 10:08:03 +01:00
David Rodríguez
43da235d15 Make sure all linters run even if some of them fails 2025-11-05 10:08:03 +01:00
dependabot[bot]
3252de19a3 Bump omniauth_openid_connect from 0.7.1 to 0.8.0 
Bumps [omniauth_openid_connect](https://github.com/omniauth/omniauth_openid_connect) from 0.7.1 to 0.8.0.
- [Changelog](https://github.com/omniauth/omniauth_openid_connect/blob/master/CHANGELOG.md)
- [Commits](https://github.com/omniauth/omniauth_openid_connect/compare/v0.7.1...v0.8.0)

---
updated-dependencies:
- dependency-name: omniauth_openid_connect
  dependency-version: 0.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-05 09:04:05 +00:00
dependabot[bot]
fd3bd062fe Bump activerecord-session_store from 2.1.0 to 2.2.0 
Bumps [activerecord-session_store](https://github.com/rails/activerecord-session_store) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/rails/activerecord-session_store/releases)
- [Changelog](https://github.com/rails/activerecord-session_store/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/activerecord-session_store/compare/v2.1.0...v2.2.0)

---
updated-dependencies:
- dependency-name: activerecord-session_store
  dependency-version: 2.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-05 09:02:12 +00:00
dependabot[bot]
029d447d98 Bump spring from 4.2.1 to 4.4.0 
Bumps [spring](https://github.com/rails/spring) from 4.2.1 to 4.4.0.
- [Release notes](https://github.com/rails/spring/releases)
- [Changelog](https://github.com/rails/spring/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rails/spring/compare/v4.2.1...v4.4.0)

---
updated-dependencies:
- dependency-name: spring
  dependency-version: 4.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-05 09:01:40 +00:00
David Cook
8e5fac9fb3 Merge pull request #13632 from rioug/security-247-code-injection 
[security] Fix potential code injection
 2025-11-05 16:34:37 +11:00
Gaetan Craig-Riou
30c0bcc910 Merge pull request #13678 from deivid-rodriguez/remove-debugger-linecache 
Remove debugger-linecache
 2025-11-05 11:14:11 +11:00
Gaetan Craig-Riou
1a4ba9b689 Merge pull request #13672 from openfoodfoundation/dependabot/bundler/i18n-tasks-1.0.15 
Bump i18n-tasks from 1.0.14 to 1.0.15
 2025-11-05 10:21:46 +11:00
Gaetan Craig-Riou
4de8191e27 Merge pull request #13579 from openfoodfoundation/dependabot/bundler/flipper-ui-1.3.6 
Bump flipper-ui from 1.3.0 to 1.3.6
 2025-11-05 10:06:43 +11:00
Gaetan Craig-Riou
472ca5a16b Merge pull request #13490 from openfoodfoundation/dependabot/bundler/turbo_power-0.7.0 
Bump turbo_power from 0.6.2 to 0.7.0
 2025-11-05 10:00:07 +11:00
Gaetan Craig-Riou
dab626031b Merge pull request #13041 from openfoodfoundation/dependabot/npm_and_yarn/turbo_power-0.7.1 
Bump turbo_power from 0.7.0 to 0.7.1
 2025-11-05 09:57:40 +11:00
Ahmed Ejaz
913dded766 Refactor order cycle handling to simplify closed cycle checks and improve redirection messaging 2025-11-05 02:50:01 +05:00
filipefurtad0
a36b7ce01a deletes all old VCR cassettes 2025-11-04 15:40:45 +00:00
David Cook
e4be336630 Bump Stripe to v13 2025-11-04 15:36:53 +00:00
David Cook
cae13df2c7 Bump Stripe to v12 
re-recording cassettes with script/test-stripe-live
 2025-11-04 15:32:05 +00:00
David Cook
81796db6e5 Fix date-dependent spec 2025-11-04 15:17:45 +00:00
David Cook
ba3553854e Allow script to continue if you've already deleted the old files 2025-11-04 15:17:45 +00:00
David Rodríguez
c386d1af01 Remove debugger-linecache 
This gem has not been updated since 2013 and serves no purpose these
days.
 2025-11-04 10:22:37 +01:00
dependabot[bot]
9916b361e4 Bump turbo_power from 0.6.2 to 0.7.0 
Bumps [turbo_power](https://github.com/marcoroth/turbo_power-rails) from 0.6.2 to 0.7.0.
- [Release notes](https://github.com/marcoroth/turbo_power-rails/releases)
- [Commits](https://github.com/marcoroth/turbo_power-rails/compare/v0.6.2...v0.7.0)

---
updated-dependencies:
- dependency-name: turbo_power
  dependency-version: 0.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-03 11:05:43 +00:00
François Turbelin
b2d7d797d9 Use wrap_parameters to handle address params on Customer v1 API 2025-11-03 11:35:39 +01:00
François Turbelin
e385b9f708 Revert "Use customer-nested params for Customer v1 API writing operations" 
This reverts commit cf4cd311b3.
 2025-11-03 10:32:26 +01:00
dependabot[bot]
2b9b02aeea Bump i18n-tasks from 1.0.14 to 1.0.15 
Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks) from 1.0.14 to 1.0.15.
- [Release notes](https://github.com/glebm/i18n-tasks/releases)
- [Changelog](https://github.com/glebm/i18n-tasks/blob/main/CHANGES.md)
- [Commits](https://github.com/glebm/i18n-tasks/compare/v1.0.14...v1.0.15)

---
updated-dependencies:
- dependency-name: i18n-tasks
  dependency-version: 1.0.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-03 09:06:01 +00:00
dependabot[bot]
009b5e5ff1 Bump flipper-ui from 1.3.0 to 1.3.6 
Bumps [flipper-ui](https://github.com/flippercloud/flipper) from 1.3.0 to 1.3.6.
- [Release notes](https://github.com/flippercloud/flipper/releases)
- [Changelog](https://github.com/flippercloud/flipper/blob/main/Changelog.md)
- [Commits](https://github.com/flippercloud/flipper/compare/v1.3.0...v1.3.6)

---
updated-dependencies:
- dependency-name: flipper-ui
  dependency-version: 1.3.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-03 17:31:57 +11:00
dependabot[bot]
7c310e7e46 Bump turbo_power from 0.7.0 to 0.7.1 
Bumps [turbo_power](https://github.com/marcoroth/turbo_power) from 0.7.0 to 0.7.1.
- [Release notes](https://github.com/marcoroth/turbo_power/releases)
- [Commits](https://github.com/marcoroth/turbo_power/compare/v0.7.0...v0.7.1)

---
updated-dependencies:
- dependency-name: turbo_power
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-03 05:17:35 +00:00
Gaetan Craig-Riou
bd0db57768 Per review, more concise code 2025-11-03 15:58:27 +11:00
Gaetan Craig-Riou
bb8ecccc31 Fix variant tag rules endpoint 
It now returns tag rules filtered on the preferred variant tags and not
the prefered customer tags
 2025-11-03 15:50:12 +11:00
Gaetan Craig-Riou
ffd5817749 Add spec for variant_tag_rules 2025-11-03 14:25:48 +11:00
Gaetan Craig-Riou
1a68236c3c Add variant_tag_rule ability 
It's needed to allow enterprise user to get a tag autocomplete. Classic
mistake of not testing with a non superadmin user.
 2025-11-03 14:25:48 +11:00
Gaetan Craig-Riou
c057bab493 Use route helpers for autocomplete url 
Co-authored-by: Maikel <maikel@email.org.au>
 2025-11-03 14:25:48 +11:00