raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-02-08 22:56:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
23,195 Commits 18 Branches 453 Tags
dfbd384c95c426af70a48aec2a7dbef4dc25bcf3
Commit Graph

23195 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matt-Yorkley
dfbd384c95 Refactor embedding to a Concern 2022-01-18 12:22:06 +00:00
Matt-Yorkley
4649698fc4 Remove #set_response_headers 2022-01-18 12:19:54 +00:00
Matt-Yorkley
6a3ca98ac6 Add frame-ancestors to CSP 2022-01-18 12:19:54 +00:00
Matt-Yorkley
05abb63036 Remove X-Frame-Options header 
This header is largely deprecated, and is functionally replaced here by use of the frame-ancestors CSP configuration
 2022-01-18 12:19:54 +00:00
Matt-Yorkley
ce9b64a848 Set Angular CSP 
If you don't set this flag, Angular helpfully attempts to check if this is disabled by *triggering* a CSP violation just to see what happens... 🙈
 2022-01-18 12:19:54 +00:00
Matt-Yorkley
114a9d8993 Allow unsafe_inline 2022-01-18 12:19:54 +00:00
Matt-Yorkley
0fc6b4c882 Add some whitelisting 2022-01-18 12:19:54 +00:00
Matt-Yorkley
0dd97a631e Set CSP configuration 2022-01-18 12:19:54 +00:00
Matt-Yorkley
e1849e5fb6 Merge pull request #8752 from openfoodfoundation/dependabot/bundler/bugsnag-6.24.1 
Bump bugsnag from 6.24.0 to 6.24.1
 2022-01-18 12:09:51 +00:00
jibees
8a3c188f31 Merge pull request #8753 from openfoodfoundation/dependabot/bundler/sidekiq-6.3.1 
Bump sidekiq from 6.2.2 to 6.3.1
 2022-01-18 12:17:20 +01:00
Matt-Yorkley
1f31aed56d Merge pull request #8754 from Matt-Yorkley/json 
Bump json gem back up to 2.6.1
 2022-01-18 10:29:26 +00:00
dependabot[bot]
6884da4f50 Bump sidekiq from 6.2.2 to 6.3.1 
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.2.2 to 6.3.1.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.2.2...v6.3.1)

---
updated-dependencies:
- dependency-name: sidekiq
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-18 10:26:09 +00:00
dependabot[bot]
e9dda6cd96 Bump bugsnag from 6.24.0 to 6.24.1 
Bumps [bugsnag](https://github.com/bugsnag/bugsnag-ruby) from 6.24.0 to 6.24.1.
- [Release notes](https://github.com/bugsnag/bugsnag-ruby/releases)
- [Changelog](https://github.com/bugsnag/bugsnag-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bugsnag/bugsnag-ruby/compare/v6.24.0...v6.24.1)

---
updated-dependencies:
- dependency-name: bugsnag
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-18 10:25:40 +00:00
Matt-Yorkley
383d938d7c Bump json back up to 2.6.1 2022-01-18 10:24:43 +00:00
Matt-Yorkley
1fda316d4c Merge pull request #8740 from Matt-Yorkley/rails-bump 
Update Rails from 6.1.4.1 to 6.1.4.4
 2022-01-18 10:19:24 +00:00
Matt-Yorkley
eb12648538 Merge pull request #8742 from openfoodfoundation/dependabot/npm_and_yarn/browserslist-4.19.1 
Bump browserslist from 4.16.3 to 4.19.1
 2022-01-18 09:57:12 +00:00
jibees
fdba942c7e Merge pull request #8734 from mkllnk/dependencies 
Restrict Dependabot to update only the lockfiles
 2022-01-18 10:39:29 +01:00
Maikel
7fb227710f Merge pull request #8728 from shen-sat/6056-improve-auto-test-coverage-on-order-customer-details 
[6045] Add test for hiding billing address form and adding new customer on o…
 2022-01-18 11:46:11 +11:00
dependabot[bot]
98a8036c7b Bump browserslist from 4.16.3 to 4.19.1 
Bumps [browserslist](https://github.com/browserslist/browserslist) from 4.16.3 to 4.19.1.
- [Release notes](https://github.com/browserslist/browserslist/releases)
- [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md)
- [Commits](https://github.com/browserslist/browserslist/compare/4.16.3...4.19.1)

---
updated-dependencies:
- dependency-name: browserslist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-18 00:42:43 +00:00
Maikel
1ad43964c1 Merge pull request #8737 from openfoodfoundation/dependabot/npm_and_yarn/storybook/addon-docs-6.4.13 
Bump @storybook/addon-docs from 6.4.12 to 6.4.13
 2022-01-18 11:31:58 +11:00
dependabot[bot]
de7860fd91 Bump @storybook/addon-docs from 6.4.12 to 6.4.13 
Bumps [@storybook/addon-docs](https://github.com/storybookjs/storybook/tree/HEAD/addons/docs) from 6.4.12 to 6.4.13.
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v6.4.13/addons/docs)

---
updated-dependencies:
- dependency-name: "@storybook/addon-docs"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-18 00:16:49 +00:00
Maikel
ac0c8e8419 Merge pull request #8736 from openfoodfoundation/dependabot/npm_and_yarn/storybook/addon-controls-6.4.13 
Bump @storybook/addon-controls from 6.4.12 to 6.4.13
 2022-01-18 11:09:18 +11:00
dependabot[bot]
8d14b4d1fe Bump @storybook/addon-controls from 6.4.12 to 6.4.13 
Bumps [@storybook/addon-controls](https://github.com/storybookjs/storybook/tree/HEAD/addons/controls) from 6.4.12 to 6.4.13.
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v6.4.13/addons/controls)

---
updated-dependencies:
- dependency-name: "@storybook/addon-controls"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-18 00:05:06 +00:00
Maikel
d5f5b3065a Merge pull request #8735 from openfoodfoundation/dependabot/npm_and_yarn/storybook/server-6.4.13 
Bump @storybook/server from 6.4.12 to 6.4.13
 2022-01-18 11:02:35 +11:00
Matt-Yorkley
8f883d53a3 Update Rails from 6.1.4.1 to 6.1.4.4 2022-01-17 21:37:09 +00:00
Matt-Yorkley
1cbb0d8bbd Update all locales with the latest Transifex translations v4.1.13 2022-01-17 21:00:43 +00:00
Matt-Yorkley
bf6b221aa5 Merge pull request #8720 from openfoodfoundation/transifex 
Transifex
 2022-01-17 20:58:26 +00:00
Matt-Yorkley
632d94ee37 Merge pull request #8733 from Matt-Yorkley/bump-stimulusjs 
Update to StimulusJS 3.0.1
 2022-01-17 20:56:54 +00:00
Filipe
067f90b17c Merge pull request #8712 from Matt-Yorkley/oc-mails 
OC notifications
 2022-01-17 20:30:40 +00:00
Filipe
8114eb1c9f Merge pull request #8666 from openfoodfoundation/stripe-controller 
Extract new StripeController
 2022-01-17 20:21:40 +00:00
Filipe
62f0de75ee Merge pull request #8679 from Matt-Yorkley/drop-jquery-ujs 
Drop jquery_ujs
 2022-01-17 16:30:25 +00:00
Transifex-Openfoodnetwork
084bbe576c Updating translations for config/locales/en_FR.yml 2022-01-17 21:19:59 +11:00
Transifex-Openfoodnetwork
d870e972ae Updating translations for config/locales/fr.yml 2022-01-17 21:11:58 +11:00
dependabot[bot]
6c622b170f Bump @storybook/server from 6.4.12 to 6.4.13 
Bumps [@storybook/server](https://github.com/storybookjs/storybook/tree/HEAD/app/server) from 6.4.12 to 6.4.13.
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v6.4.13/app/server)

---
updated-dependencies:
- dependency-name: "@storybook/server"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-17 09:08:04 +00:00
Maikel Linke
bbafe9ff94 Restrict Dependabot to update only the lockfiles 
This enables us to specify versions in the Gemfile and package.json and
Dependabot won't suggest updates we excluded that way.
 2022-01-17 11:42:14 +11:00
Matt-Yorkley
ac9fef883d Fix Jest issue with updated StimulusJS package 2022-01-16 12:25:54 +00:00
Matt-Yorkley
c499f0757f Bump StimulusJS to 3.0.1 2022-01-16 12:25:54 +00:00
Matt-Yorkley
11578a8852 Merge pull request #8730 from filipefurtad0/address_label_fix 
Fixes translation/rendering inconsistency on Country label (step 3)
 2022-01-15 20:33:02 +00:00
Transifex-Openfoodnetwork
f7e5034f69 Updating translations for config/locales/de_DE.yml 2022-01-16 07:02:27 +11:00
filipefurtad0
e7aa19c95d Fixes translation/rendering inconsistency on Country label(step 3) 2022-01-15 19:43:57 +00:00
Filipe
dfdeb7368e Merge pull request #8681 from SarvarKh/translation-correction 
Add flash message translation for log out
 2022-01-15 14:55:26 +00:00
Shen Sat
c8e8308f22 Add test for hiding billing address form and adding new customer on orders page 2022-01-15 12:37:02 +00:00
Matt-Yorkley
11c6ce16ea Move payment-authorizing tests to stripe controller spec 2022-01-14 19:41:08 +00:00
Matt-Yorkley
2f39f5bac4 Add re-routing for any unprocessed payments still using old return URL 2022-01-14 19:41:08 +00:00
Matt-Yorkley
5a2c14e79a Use new return URL when authorizing Stripe payments in backoffice or subs 2022-01-14 19:41:08 +00:00
Matt-Yorkley
c209be9c17 Clarify params 
Spree::Order.to_param outputs the order *number* (not the id) when used to build URLs. This makes it a bit more explicit.
 2022-01-14 19:41:08 +00:00
Matt-Yorkley
12f7fc98fa Move payment authorization to StripeController 
This Stripe-payment-authorizing logic is used by backoffice and subscriptions orders (but not the checkout), and was previously being handled by the #show action in Spree::OrdersController. It involves the user being redirected back to OFN after visiting a Stripe URL.
 2022-01-14 19:41:08 +00:00
Matt-Yorkley
6c2b623f8b Tidy up OrderController 2022-01-14 19:41:08 +00:00
Matt-Yorkley
5a70664a6a Pull stripe-related tests into new controller spec 2022-01-14 19:41:08 +00:00
Matt-Yorkley
c65beae869 Extract some methods and move to simpler callbacks with guard clauses 2022-01-14 19:41:08 +00:00