raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-01-31 21:37:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
34,180 Commits 18 Branches 452 Tags
de8029f877c25e57c593caa2bdec8ee7dff254e6
Commit Graph

34180 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Maikel
de8029f877 Merge pull request #13564 from mkllnk/config-log 
Make log-level configurable in staging
 2025-10-08 13:24:56 +11:00
Gaetan Craig-Riou
d818162a9f Merge pull request #13568 from openfoodfoundation/dependabot/bundler/undercover-0.8.1 
Bump undercover from 0.7.4 to 0.8.1
 2025-10-08 09:56:22 +11:00
Gaetan Craig-Riou
9bd4d29027 Merge pull request #13567 from openfoodfoundation/dependabot/bundler/mime-types-3.7.0 
Bump mime-types from 3.5.2 to 3.7.0
 2025-10-08 09:51:59 +11:00
Gaetan Craig-Riou
742d442929 Merge pull request #13566 from openfoodfoundation/dependabot/bundler/rails-i18n-7.0.10 
Bump rails-i18n from 7.0.9 to 7.0.10
 2025-10-08 09:45:04 +11:00
Gaetan Craig-Riou
f08f744077 Merge pull request #13565 from openfoodfoundation/dependabot/npm_and_yarn/jasmine-core-5.12.0 
Bump jasmine-core from 5.11.0 to 5.12.0
 2025-10-08 09:44:05 +11:00
Gaetan Craig-Riou
72ab0ba3f5 Merge pull request #13573 from openfoodfoundation/dependabot/bundler/rack-2.2.19 
Bump rack from 2.2.18 to 2.2.19
 2025-10-08 09:39:42 +11:00
dependabot[bot]
bb4b483469 Bump rack from 2.2.18 to 2.2.19 
Bumps [rack](https://github.com/rack/rack) from 2.2.18 to 2.2.19.
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rack/rack/compare/v2.2.18...v2.2.19)

---
updated-dependencies:
- dependency-name: rack
  dependency-version: 2.2.19
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-07 19:44:09 +00:00
David Cook
7098cf2224 Merge pull request #13570 from openfoodfoundation/task/13521-move-dependabot-to-code-review 
Remove project write permissions from Dependabot PR workflow
 2025-10-07 10:12:55 +11:00
Ahmed Ejaz
4713e9046c Remove project write permissions from Dependabot PR workflow 2025-10-07 03:57:11 +05:00
David Cook
037030cf60 Merge pull request #13548 from mkllnk/test_rake 
Configure rake specs in one place
 2025-10-07 09:31:02 +11:00
dependabot[bot]
286f05d05c Bump undercover from 0.7.4 to 0.8.1 
Bumps [undercover](https://github.com/grodowski/undercover) from 0.7.4 to 0.8.1.
- [Release notes](https://github.com/grodowski/undercover/releases)
- [Changelog](https://github.com/grodowski/undercover/blob/master/CHANGELOG.md)
- [Commits](https://github.com/grodowski/undercover/compare/v0.7.4...v0.8.1)

---
updated-dependencies:
- dependency-name: undercover
  dependency-version: 0.8.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-06 09:06:51 +00:00
dependabot[bot]
e9a750ce6d Bump mime-types from 3.5.2 to 3.7.0 
Bumps [mime-types](https://github.com/mime-types/ruby-mime-types) from 3.5.2 to 3.7.0.
- [Changelog](https://github.com/mime-types/ruby-mime-types/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mime-types/ruby-mime-types/compare/v3.5.2...v3.7.0)

---
updated-dependencies:
- dependency-name: mime-types
  dependency-version: 3.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-06 09:06:17 +00:00
dependabot[bot]
8942f3c72b Bump rails-i18n from 7.0.9 to 7.0.10 
Bumps [rails-i18n](https://github.com/svenfuchs/rails-i18n) from 7.0.9 to 7.0.10.
- [Changelog](https://github.com/svenfuchs/rails-i18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/svenfuchs/rails-i18n/compare/v7.0.9...v7.0.10)

---
updated-dependencies:
- dependency-name: rails-i18n
  dependency-version: 7.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-06 09:05:35 +00:00
dependabot[bot]
23b2c8e11b Bump jasmine-core from 5.11.0 to 5.12.0 
Bumps [jasmine-core](https://github.com/jasmine/jasmine) from 5.11.0 to 5.12.0.
- [Release notes](https://github.com/jasmine/jasmine/releases)
- [Changelog](https://github.com/jasmine/jasmine/blob/main/RELEASE.md)
- [Commits](https://github.com/jasmine/jasmine/compare/v5.11.0...v5.12.0)

---
updated-dependencies:
- dependency-name: jasmine-core
  dependency-version: 5.12.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-06 09:05:06 +00:00
Gaetan Craig-Riou
9a9e9763cc Merge pull request #13546 from openfoodfoundation/task/13521-move-dependabot-to-code-review 
Automate Dependabot PRs to Code Review column via GitHub Action
 2025-10-06 16:21:14 +11:00
Maikel Linke
90cd2e0ba2 Make log-level configurable in staging 
The new comment and code come from the Rails 8.0 default files.
 2025-10-06 15:20:25 +11:00
Maikel
8c02bde7f2 Merge pull request #13472 from openfoodfoundation/dependabot/bundler/rswag-ui-2.16.0 
Bump rswag-ui from 2.13.0 to 2.16.0
 2025-10-06 15:14:58 +11:00
dependabot[bot]
8c1e0bae92 Bump rswag-ui from 2.13.0 to 2.16.0 
Bumps [rswag-ui](https://github.com/rswag/rswag) from 2.13.0 to 2.16.0.
- [Release notes](https://github.com/rswag/rswag/releases)
- [Changelog](https://github.com/rswag/rswag/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rswag/rswag/compare/2.13.0...2.16.0)

---
updated-dependencies:
- dependency-name: rswag-ui
  dependency-version: 2.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-06 03:54:07 +00:00
Maikel
09c7288b11 Merge pull request #13471 from openfoodfoundation/dependabot/bundler/rspec-rails-7.1.1 
Bump rspec-rails from 6.1.2 to 7.1.1
 2025-10-06 14:51:22 +11:00
dependabot[bot]
d27ffe5fca Bump rspec-rails from 6.1.2 to 7.1.1 
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 6.1.2 to 7.1.1.
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v6.1.2...v7.1.1)

---
updated-dependencies:
- dependency-name: rspec-rails
  dependency-version: 7.1.1
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-06 02:34:38 +00:00
David Cook
6c94650e51 Merge pull request #13516 from mkllnk/lock-sprockets 
Lock sprockets dependency to major version 3
 2025-10-06 12:05:10 +11:00
Ahmed Ejaz
79bb469332 Update all locales with the latest Transifex translations v5.3.0 2025-10-06 03:54:40 +05:00
Ahmed Ejaz
2c4df63879 Add permissions for contents, pull-requests, and project in workflow 2025-10-06 03:35:57 +05:00
Ahmed Ejaz
9f5d73184f Add .secrets file to define GitHub secrets values locally 2025-10-04 19:24:07 +05:00
Ahmed Ejaz
4a5938c0f7 Add installation retrieval mode and payload for Dependabot token generation 2025-10-04 18:50:47 +05:00
Filipe
ef4d3ec138 Merge pull request #13506 from chahmedejaz/task/13505-remove-stripe-redirect-monkey-patch 
Remove Stripe redirect monkeypatch and ensure reliable checkout flow
 2025-10-01 13:03:58 +01:00
Gaetan Craig-Riou
f5a9ec7fa9 Merge pull request #13551 from openfoodfoundation/dependabot/npm_and_yarn/jasmine-core-5.11.0 
Bump jasmine-core from 5.10.0 to 5.11.0
 2025-10-01 09:29:17 +10:00
filipefurtad0
e190b87f12 Update all locales with the latest Transifex translations v5.2.5 2025-09-29 15:54:51 +01:00
Filipe
ff2e0f4d45 Merge pull request #13533 from chahmedejaz/task/13435-sort-products-by-on-hand-amount 
Sort product list by 'on hand' amount
 2025-09-29 15:07:00 +01:00
dependabot[bot]
d50bcbb70a Bump jasmine-core from 5.10.0 to 5.11.0 
Bumps [jasmine-core](https://github.com/jasmine/jasmine) from 5.10.0 to 5.11.0.
- [Release notes](https://github.com/jasmine/jasmine/releases)
- [Changelog](https://github.com/jasmine/jasmine/blob/main/RELEASE.md)
- [Commits](https://github.com/jasmine/jasmine/compare/v5.10.0...v5.11.0)

---
updated-dependencies:
- dependency-name: jasmine-core
  dependency-version: 5.11.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-29 10:21:25 +00:00
Ahmed Ejaz
782f813a15 Add Dependabot PR test event and update workflow for token generation 2025-09-29 11:35:48 +05:00
Gaetan Craig-Riou
9b0545c33f Merge pull request #13550 from openfoodfoundation/dependabot/bundler/rack-2.2.18 
Bump rack from 2.2.14 to 2.2.18
 2025-09-29 09:39:35 +10:00
dependabot[bot]
7631fd422e Bump rack from 2.2.14 to 2.2.18 
Bumps [rack](https://github.com/rack/rack) from 2.2.14 to 2.2.18.
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rack/rack/compare/v2.2.14...v2.2.18)

---
updated-dependencies:
- dependency-name: rack
  dependency-version: 2.2.18
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-25 17:32:06 +00:00
Gaetan Craig-Riou
693789d526 Merge pull request #13549 from openfoodfoundation/dependabot/npm_and_yarn/leaflet-geosearch-4.2.2 
Bump leaflet-geosearch from 4.2.1 to 4.2.2
 2025-09-24 09:49:41 +10:00
dependabot[bot]
d26b407801 Bump leaflet-geosearch from 4.2.1 to 4.2.2 
Bumps [leaflet-geosearch](https://github.com/smeijer/leaflet-geosearch) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/smeijer/leaflet-geosearch/releases)
- [Commits](https://github.com/smeijer/leaflet-geosearch/compare/v4.2.1...v4.2.2)

---
updated-dependencies:
- dependency-name: leaflet-geosearch
  dependency-version: 4.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-22 09:12:58 +00:00
Maikel Linke
6d284023fe Configure rake specs in one place 
So we don't have to add it to every rake spec file.
 2025-09-22 17:27:58 +10:00
Maikel Linke
570b72868b Simplify task loading code 2025-09-22 17:27:58 +10:00
Maikel Linke
286d9f8e7d Remove unneeded declaration of Rails environment task in specs 2025-09-22 17:27:58 +10:00
Ahmed Ejaz
b0c3265cdb update migration test to assert nil cvv_response_message for ineligible payments 2025-09-22 11:57:38 +05:00
Ahmed Ejaz
6bb709e85e update test description to reflect patching of redirect_auth_url in cvv_result 2025-09-22 11:57:37 +05:00
filipefurtad0
fe257162b7 Update all locales with the latest Transifex translations 2025-09-22 07:56:21 +01:00
Ahmed Ejaz
b510736a8d refactor migration to use SpreePayment model instead of Spree::Payment 2025-09-22 11:55:43 +05:00
Ahmed Ejaz
2df0078ea9 fix lint issues 2025-09-22 11:55:43 +05:00
Ahmed Ejaz
ca079e6e26 add migration to migrate cvv_message_response value to redirect_auth_url 
- As per the patch, cvv_message_response contains 3D verification URL for those payments which require it. So need to migrate to the new column to maintain data integrity
 2025-09-22 11:55:43 +05:00
Ahmed Ejaz
ac06126f59 replace cvv_response_message usage with redirect_auth_url 2025-09-22 11:55:43 +05:00
Ahmed Ejaz
aecb5f49c9 fix spec as per current response we get for cvv_result 2025-09-22 11:54:20 +05:00
Ahmed Ejaz
a18fd54916 Simplify redirect logic in PaymentsController 2025-09-22 11:54:20 +05:00
Ahmed Ejaz
626b802ea7 add redirect_auth_url column and replace cvv_response_message for redirection 
- Added redirect_auth_url column to spree_payments table
- Updated payment redirection logic to use redirect_auth_url instead of cvv_response_message
- Cleans up old monkeypatch usage and improves Stripe checkout reliability
 2025-09-22 11:54:20 +05:00
Ahmed Ejaz
28ab41c47f Potential fix for code scanning alert no. 253: Workflow does not contain permissions 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
 2025-09-18 03:17:22 +05:00
Ahmed Ejaz
17a85e9c1c Update GitHub Actions workflow to use specific Dependabot token and set organization name explicitly 2025-09-18 03:01:44 +05:00