grecia

Author	SHA1	Message	Date
dependabot[bot]	23848dded7	Bump acts-as-taggable-on from 8.1.0 to 9.0.1 Bumps [acts-as-taggable-on](https://github.com/mbleigh/acts-as-taggable-on) from 8.1.0 to 9.0.1. - [Release notes](https://github.com/mbleigh/acts-as-taggable-on/releases) - [Changelog](https://github.com/mbleigh/acts-as-taggable-on/blob/master/CHANGELOG.md) - [Commits](https://github.com/mbleigh/acts-as-taggable-on/compare/v8.1.0...v9.0.1) --- updated-dependencies: - dependency-name: acts-as-taggable-on dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-25 20:30:42 +02:00
Javi Martín	333c51b546	Merge pull request #4939 from consul/dependabot/bundler/master/groupdate-6.1.0 Bump groupdate from 5.2.2 to 6.1.0	2022-08-25 20:29:05 +02:00
Javi Martín	367a3921a4	Merge pull request #4925 from consul/dependabot/bundler/master/ancestry-4.2.0 Bump ancestry from 4.1.0 to 4.2.0	2022-08-25 20:23:14 +02:00
dependabot[bot]	6e03791732	Bump groupdate from 5.2.2 to 6.1.0 Bumps [groupdate](https://github.com/ankane/groupdate) from 5.2.2 to 6.1.0. - [Release notes](https://github.com/ankane/groupdate/releases) - [Changelog](https://github.com/ankane/groupdate/blob/master/CHANGELOG.md) - [Commits](https://github.com/ankane/groupdate/compare/v5.2.2...v6.1.0) --- updated-dependencies: - dependency-name: groupdate dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-25 20:09:04 +02:00
Javi Martín	db7eb81be0	Merge pull request #4924 from consul/dependabot/bundler/master/pg_search-2.3.6 Bump pg_search from 2.3.5 to 2.3.6	2022-08-25 20:04:41 +02:00
dependabot[bot]	9937dd77bf	Bump ancestry from 4.1.0 to 4.2.0 Bumps [ancestry](https://github.com/stefankroes/ancestry) from 4.1.0 to 4.2.0. - [Release notes](https://github.com/stefankroes/ancestry/releases) - [Changelog](https://github.com/stefankroes/ancestry/blob/master/CHANGELOG.md) - [Commits](https://github.com/stefankroes/ancestry/compare/v4.1.0...v4.2.0) --- updated-dependencies: - dependency-name: ancestry dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-25 20:00:28 +02:00
Javi Martín	208e8f2783	Merge pull request #4927 from consul/dependabot/bundler/master/letter_opener_web-2.0.0 Bump letter_opener_web from 1.4.0 to 2.0.0	2022-08-25 19:56:45 +02:00
dependabot[bot]	0ceaf34c57	Bump pg_search from 2.3.5 to 2.3.6 Bumps [pg_search](https://github.com/Casecommons/pg_search) from 2.3.5 to 2.3.6. - [Release notes](https://github.com/Casecommons/pg_search/releases) - [Changelog](https://github.com/Casecommons/pg_search/blob/master/CHANGELOG.md) - [Commits](https://github.com/Casecommons/pg_search/compare/v2.3.5...v2.3.6) --- updated-dependencies: - dependency-name: pg_search dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-25 19:46:55 +02:00
dependabot[bot]	be3b09d29e	Bump letter_opener_web from 1.4.0 to 2.0.0 Bumps [letter_opener_web](https://github.com/fgrehm/letter_opener_web) from 1.4.0 to 2.0.0. - [Release notes](https://github.com/fgrehm/letter_opener_web/releases) - [Changelog](https://github.com/fgrehm/letter_opener_web/blob/master/CHANGELOG.md) - [Commits](https://github.com/fgrehm/letter_opener_web/compare/v1.4.0...v2.0.0) --- updated-dependencies: - dependency-name: letter_opener_web dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-25 19:36:54 +02:00
dependabot[bot]	69cba06044	Bump pg from 1.2.3 to 1.4.3 Bumps [pg](https://github.com/ged/ruby-pg) from 1.2.3 to 1.4.3. - [Release notes](https://github.com/ged/ruby-pg/releases) - [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc) - [Commits](https://github.com/ged/ruby-pg/compare/v1.2.3...v1.4.3) --- updated-dependencies: - dependency-name: pg dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-25 19:25:02 +02:00
dependabot[bot]	5c306e37aa	Bump knapsack_pro from 3.0.0 to 3.3.1 Bumps [knapsack_pro](https://github.com/KnapsackPro/knapsack_pro-ruby) from 3.0.0 to 3.3.1. - [Release notes](https://github.com/KnapsackPro/knapsack_pro-ruby/releases) - [Changelog](https://github.com/KnapsackPro/knapsack_pro-ruby/blob/master/CHANGELOG.md) - [Commits](https://github.com/KnapsackPro/knapsack_pro-ruby/compare/v3.0.0...v3.3.1) --- updated-dependencies: - dependency-name: knapsack_pro dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-25 18:47:39 +02:00
Javi Martín	808e333144	Merge pull request #4923 from consul/dependabot/bundler/master/acts_as_votable-0.13.2 Bump acts_as_votable from 0.13.1 to 0.13.2	2022-08-25 18:46:48 +02:00
Javi Martín	de0a9979a4	Merge pull request #4928 from consul/dependabot/bundler/master/capistrano-3.17.1 Bump capistrano from 3.16.0 to 3.17.1	2022-08-25 18:45:30 +02:00
dependabot[bot]	0c6eee4eff	Bump acts_as_votable from 0.13.1 to 0.13.2 Bumps [acts_as_votable](https://github.com/ryanto/acts_as_votable) from 0.13.1 to 0.13.2. - [Release notes](https://github.com/ryanto/acts_as_votable/releases) - [Commits](https://github.com/ryanto/acts_as_votable/compare/v0.13.1...v0.13.2) --- updated-dependencies: - dependency-name: acts_as_votable dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-25 18:23:27 +02:00
Javi Martín	c8f9592b60	Bump capistrano from 3.16.0 to 3.17.1 Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.16.0 to 3.17.1. - [Release notes](https://github.com/capistrano/capistrano/releases) - [Commits](https://github.com/capistrano/capistrano/compare/v3.16.0...v3.17.1) --- updated-dependencies: - dependency-name: capistrano dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-25 18:17:28 +02:00
dependabot[bot]	38bc78273d	Bump kaminari from 1.2.1 to 1.2.2 Bumps [kaminari](https://github.com/kaminari/kaminari) from 1.2.1 to 1.2.2. - [Release notes](https://github.com/kaminari/kaminari/releases) - [Changelog](https://github.com/kaminari/kaminari/blob/master/CHANGELOG.md) - [Commits](https://github.com/kaminari/kaminari/compare/v1.2.1...v1.2.2) --- updated-dependencies: - dependency-name: kaminari dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-25 17:54:36 +02:00
dependabot[bot]	2ff8eac774	Bump foundation_rails_helper from 4.0.0 to 4.0.1 Bumps [foundation_rails_helper](https://github.com/sgruhier/foundation_rails_helper) from 4.0.0 to 4.0.1. - [Release notes](https://github.com/sgruhier/foundation_rails_helper/releases) - [Changelog](https://github.com/sgruhier/foundation_rails_helper/blob/master/CHANGELOG.md) - [Commits](https://github.com/sgruhier/foundation_rails_helper/commits) --- updated-dependencies: - dependency-name: foundation_rails_helper dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-25 16:19:32 +02:00
Javi Martín	6f7c8ba00a	Merge pull request #4935 from consul/dependabot/bundler/master/capybara-3.37.1 Bump capybara from 3.35.3 to 3.37.1	2022-08-25 16:14:16 +02:00
dependabot[bot]	019bc52c3f	Bump capybara from 3.35.3 to 3.37.1 Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.35.3 to 3.37.1. - [Release notes](https://github.com/teamcapybara/capybara/releases) - [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md) - [Commits](https://github.com/teamcapybara/capybara/compare/3.35.3...3.37.1) --- updated-dependencies: - dependency-name: capybara dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-25 15:52:33 +02:00
dependabot[bot]	bbfebaccf9	Bump capistrano-bundler from 2.0.1 to 2.1.0 Bumps [capistrano-bundler](https://github.com/capistrano/bundler) from 2.0.1 to 2.1.0. - [Release notes](https://github.com/capistrano/bundler/releases) - [Commits](https://github.com/capistrano/bundler/compare/v2.0.1...v2.1.0) --- updated-dependencies: - dependency-name: capistrano-bundler dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-25 15:48:34 +02:00
Javi Martín	fc757428ef	Bump rubocop-rails from 2.11.3 to 2.15.2 Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.11.3 to 2.15.2. - [Release notes](https://github.com/rubocop/rubocop-rails/releases) - [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.11.3...v2.15.2) --- updated-dependencies: - dependency-name: rubocop-rails dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-24 22:11:47 +02:00
dependabot[bot]	57a2566594	Bump wicked_pdf from 2.1.0 to 2.6.3 Bumps [wicked_pdf](https://github.com/mileszs/wicked_pdf) from 2.1.0 to 2.6.3. - [Release notes](https://github.com/mileszs/wicked_pdf/releases) - [Changelog](https://github.com/mileszs/wicked_pdf/blob/master/CHANGELOG.md) - [Commits](https://github.com/mileszs/wicked_pdf/compare/2.1.0...2.6.3) --- updated-dependencies: - dependency-name: wicked_pdf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-24 21:35:54 +02:00
dependabot[bot]	cb72c00b43	Bump sitemap_generator from 6.1.2 to 6.3.0 Bumps [sitemap_generator](https://github.com/kjvarga/sitemap_generator) from 6.1.2 to 6.3.0. - [Release notes](https://github.com/kjvarga/sitemap_generator/releases) - [Changelog](https://github.com/kjvarga/sitemap_generator/blob/master/CHANGES.md) - [Commits](https://github.com/kjvarga/sitemap_generator/compare/v6.1.2...v6.3.0) --- updated-dependencies: - dependency-name: sitemap_generator dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-24 21:19:37 +02:00
dependabot[bot]	3bd6e6da50	Bump caxlsx from 3.1.0 to 3.2.0 Bumps [caxlsx](https://github.com/caxlsx/caxlsx) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/caxlsx/caxlsx/releases) - [Changelog](https://github.com/caxlsx/caxlsx/blob/master/CHANGELOG.md) - [Commits](https://github.com/caxlsx/caxlsx/compare/v3.1.0...v3.2.0) --- updated-dependencies: - dependency-name: caxlsx dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-24 20:58:56 +02:00
Javi Martín	f620f1a385	Merge pull request #4912 from consul/dependabot/bundler/master/daemons-1.4.1 Bump daemons from 1.4.0 to 1.4.1	2022-08-24 20:56:30 +02:00
dependabot[bot]	1149d276e5	Bump daemons from 1.4.0 to 1.4.1 Bumps [daemons](https://github.com/thuehlinger/daemons) from 1.4.0 to 1.4.1. - [Release notes](https://github.com/thuehlinger/daemons/releases) - [Changelog](https://github.com/thuehlinger/daemons/blob/master/Releases) - [Commits](https://github.com/thuehlinger/daemons/compare/v1.4.0...v1.4.1) --- updated-dependencies: - dependency-name: daemons dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-24 20:38:09 +02:00
dependabot[bot]	6a6ad9ee75	Bump caxlsx_rails from 0.6.2 to 0.6.3 Bumps [caxlsx_rails](https://github.com/caxlsx/caxlsx_rails) from 0.6.2 to 0.6.3. - [Release notes](https://github.com/caxlsx/caxlsx_rails/releases) - [Changelog](https://github.com/caxlsx/caxlsx_rails/blob/master/CHANGELOG.md) - [Commits](https://github.com/caxlsx/caxlsx_rails/compare/v0.6.2...v0.6.3) --- updated-dependencies: - dependency-name: caxlsx_rails dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-24 20:11:46 +02:00
dependabot[bot]	c1a6345f06	Bump capistrano3-puma from 5.0.4 to 5.2.0 Bumps [capistrano3-puma](https://github.com/seuros/capistrano-puma) from 5.0.4 to 5.2.0. - [Release notes](https://github.com/seuros/capistrano-puma/releases) - [Changelog](https://github.com/seuros/capistrano-puma/blob/master/CHANGELOG.md) - [Commits](https://github.com/seuros/capistrano-puma/compare/v5.0.4...v5.2.0) --- updated-dependencies: - dependency-name: capistrano3-puma dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-24 19:45:07 +02:00
dependabot[bot]	3b8d990ade	Bump capistrano-rails from 1.6.1 to 1.6.2 Bumps [capistrano-rails](https://github.com/capistrano/rails) from 1.6.1 to 1.6.2. - [Release notes](https://github.com/capistrano/rails/releases) - [Commits](https://github.com/capistrano/rails/compare/v1.6.1...v1.6.2) --- updated-dependencies: - dependency-name: capistrano-rails dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-24 19:40:43 +02:00
dependabot[bot]	809fbb3000	Bump sprockets from 4.0.2 to 4.1.1 Bumps [sprockets](https://github.com/rails/sprockets) from 4.0.2 to 4.1.1. - [Release notes](https://github.com/rails/sprockets/releases) - [Changelog](https://github.com/rails/sprockets/blob/main/CHANGELOG.md) - [Commits](https://github.com/rails/sprockets/compare/v4.0.2...v4.1.1) --- updated-dependencies: - dependency-name: sprockets dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-24 19:23:08 +02:00
Javi Martín	480ab6a9da	Use truncate_all instead of DatabaseCleaner Performance tests show both methods of truncating the database take about the same time, so we can remove one dependency and we don't lose anything in the process.	2022-08-24 18:11:56 +02:00
Javi Martín	4732a6b22d	Bump web-console from 3.7.0 to 4.0.4 We were getting a warning after upgrading to Rails 6: DEPRECATION WARNING: ActionView::Base instances should be constructed with a lookup context, assignments, and a controller. We didn't upgrade web-console earlier because version 4.x isn't compatible with Rails 5.	2022-08-24 14:36:49 +02:00
Javi Martín	a72572eb64	Add image_processing gem dependency It's now used by default to handle image variants. We were getting a warning: DEPRECATION WARNING: Generating image variants will require the image_processing gem in Rails 6.1. Please add `gem 'image_processing', '~> 1.2'` to your Gemfile. Note `mini_magick` is required in order to use the `analyze` method [1]. Since we use it in our image (and site customization image) validations, we're still keeping the explicit dependency in our Gemfile. [1] https://guides.rubyonrails.org/v6.0/active_storage_overview.html#analyzing-files	2022-08-24 14:36:49 +02:00
Javi Martín	ffc14e499a	Upgrade to Rails 6.0 All the code in the `bin/` and the `config/` folders has been generated running `rake app:update`. The only exception is the code in `config/application.rb` where we've excluded the engines that Rails 6.0 has added, since we don't use them. There are a few changes in Active Storage which aren't compatible with the code we were using until now. Since the method to assign an attachment in ActiveStorage has changed and is incompatible with the hack we used to allow assigning `nil` attachments, and since ActiveStorage now supports assigning `nil` attachments, we're removing the mentioned hack. This makes the HasAttachment module redundant, so we're removing it. Another change in ActiveStorage is files are no longer saved before saving the `ActiveStorage::Attachment` record. This means we need to manually upload the file when using direct uploads. We also have to change the width and height validations we used for images; however, doing so results in very complex code, and we currently have to write that code for both images and site customization images. So, for now, we're just uploading the file before checking its dimensions. Not ideal, though. We might use active_storage_validations in the future to fix this issue (when they support a proc/lambda, as mentioned in commit `600f5c35e`). We also need to update a couple of tests due to a small change in response headers. Now the content disposition returns something like: ``` attachment; filename="budget_investments.csv"; filename*=UTF-8''budget_investments.csv ``` So we're updating regular expression we use to check the filename. Finally, Rails 6.0.1 changed the way the host is set in integration tests [1] and so both `Capybara.app_host` and `Capybara.default_host` were ignored when generating URLs in the relationable examples. The only way I've found to make it work is to explicitely assign the host to the integration session. Rails 6.1 will change this setup again, so maybe then we can remove this hack. [1] https://github.com/rails/rails/pull/36283/commits/fe00711e9	2022-08-24 14:33:02 +02:00
Javi Martín	241dd53411	Bump rails from 5.2.7.1 to 5.2.8.1 This release introduces an incompatibility in order to fix a security issue when using YAML for serialization. We use YAML to serialize the `ranges` column in the `legislation_annotations` table, so we have to allow the `ActiveSupport::HashWithIndifferentAccess` class in order to properly read this column. Ideally we'd use a JSONB column for the ranges (like we do in other places), but that would require migrating existing data. Bumps [rails](https://github.com/rails/rails) from 5.2.7.1 to 5.2.8.1. - [Release notes](https://github.com/rails/rails/releases) - [Commits](https://github.com/rails/rails/compare/v5.2.7.1...v5.2.8.1) --- updated-dependencies: - dependency-name: rails ...	2022-07-26 22:58:43 +02:00
dependabot[bot]	706beb05fa	Bump tzinfo from 1.2.9 to 1.2.10 Bumps [tzinfo](https://github.com/tzinfo/tzinfo) from 1.2.9 to 1.2.10. - [Release notes](https://github.com/tzinfo/tzinfo/releases) - [Changelog](https://github.com/tzinfo/tzinfo/blob/master/CHANGES.md) - [Commits](https://github.com/tzinfo/tzinfo/compare/v1.2.9...v1.2.10) --- updated-dependencies: - dependency-name: tzinfo dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2022-07-26 21:48:56 +02:00
dependabot[bot]	4054751bb0	Bump rails-html-sanitizer from 1.3.0 to 1.4.3 Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.3.0 to 1.4.3. - [Release notes](https://github.com/rails/rails-html-sanitizer/releases) - [Changelog](https://github.com/rails/rails-html-sanitizer/blob/master/CHANGELOG.md) - [Commits](https://github.com/rails/rails-html-sanitizer/compare/v1.3.0...v1.4.3) --- updated-dependencies: - dependency-name: rails-html-sanitizer dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2022-07-06 20:08:09 +02:00
Javi Martín	107c856aea	Upgrade Ruby to version 2.7.6 So get the latest fixes in the 2.7.x series. We're also updating the parser gem so we don't get any warnings.	2022-06-03 20:03:39 +02:00
dependabot[bot]	2dcb7116a1	Bump graphql from 1.11.5 to 1.12.14 Bumps [graphql](https://github.com/rmosolgo/graphql-ruby) from 1.11.5 to 1.12.14. - [Release notes](https://github.com/rmosolgo/graphql-ruby/releases) - [Changelog](https://github.com/rmosolgo/graphql-ruby/blob/master/CHANGELOG.md) - [Commits](https://github.com/rmosolgo/graphql-ruby/compare/v1.11.5...v1.12.14) --- updated-dependencies: - dependency-name: graphql dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-02 13:23:56 +02:00
dependabot[bot]	5ae0530700	Bump rack from 2.2.3 to 2.2.3.1 Bumps [rack](https://github.com/rack/rack) from 2.2.3 to 2.2.3.1. - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/2.2.3...2.2.3.1) --- updated-dependencies: - dependency-name: rack dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-30 17:15:25 +02:00
dependabot[bot]	bd3e881aa8	Bump nokogiri from 1.13.4 to 1.13.6 Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.13.4 to 1.13.6. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.13.4...v1.13.6) --- updated-dependencies: - dependency-name: nokogiri dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-23 14:34:52 +02:00
Javi Martín	82ef55256a	Bump Rails from 5.2.7 to 5.2.7.1 This version fixes a couple of security issues in Rails.	2022-05-03 13:17:34 +02:00
dependabot[bot]	079bdc4fad	Bump nokogiri from 1.13.3 to 1.13.4 Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.13.3 to 1.13.4. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/v1.13.4/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.13.3...v1.13.4) --- updated-dependencies: - dependency-name: nokogiri dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2022-04-12 14:40:01 +02:00
dependabot[bot]	b2294460c4	Bump puma from 4.3.11 to 4.3.12 Bumps [puma](https://github.com/puma/puma) from 4.3.11 to 4.3.12. - [Release notes](https://github.com/puma/puma/releases) - [Changelog](https://github.com/puma/puma/blob/master/History.md) - [Commits](https://github.com/puma/puma/compare/v4.3.11...v4.3.12) --- updated-dependencies: - dependency-name: puma dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2022-03-31 13:10:59 +02:00
Javi Martín	7ce263efd6	Bump rails from 5.2.6 to 5.2.7 This version solves a security issue in Active Storage; we're including it even if most probably no CONSUL applications are affected: https://discuss.rubyonrails.org/t/cve-2022-21831-possible-code-injection-vulnerability-in-rails-active-storage/80199	2022-03-16 20:34:13 +01:00
dependabot[bot]	dc0c5c1da0	Bump view_component from 2.37.0 to 2.49.1 Note we don't require the "view_component/engine" in the Gemfile anymore, since it's been deprecated since ViewComponent 2.46.0. Bumps [view_component](https://github.com/github/view_component) from 2.37.0 to 2.49.1. - [Release notes](https://github.com/github/view_component/releases) - [Changelog](https://github.com/github/view_component/blob/main/docs/CHANGELOG.md) - [Commits](https://github.com/github/view_component/compare/v2.37.0...v2.49.1) --- updated-dependencies: - dependency-name: view_component dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2022-03-04 12:53:58 +01:00
dependabot[bot]	2d93c928d9	Bump nokogiri from 1.12.5 to 1.13.3 Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.5 to 1.13.3. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.5...v1.13.3) --- updated-dependencies: - dependency-name: nokogiri dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2022-02-28 12:58:11 +01:00
Javi Martín	7212657c02	Remove Paperclip and use just Active Storage	2022-02-23 18:43:48 +01:00
Javi Martín	600f5c35e9	Use file_validators instead of Papeclip validations Since we're going to remove Paperclip and Active Storage doesn't provide any validations, we have to either write our own validation rules or use a different gem. We're using the file_validators gem instead of the `active_storage_validations` gem because the latter doesn't support proc/lambda objects in size and content type definitions. We need to use them because in our case these values depend on settings stored in the database.	2022-02-23 18:21:38 +01:00
Javi Martín	091abfc944	Use Active Storage to render attachments This way we fix a bug we mentioned in commit `930bb753c` which caused links to documents to be broken when editing their title because the title was used to generate the URL of the document. Note we're still using Paperclip to render cached attachments because this is the only case where we store files with just Paperclip and not Active Storage. With Active Storage, we render attachments just like any other resource, using `polymorphic_path`. Paperclip included the `url` method in the model; since the model doesn't have access to the request parameters (like the host), this was inconvenient because it wasn't possible to generate absolute URLs with Paperclip. In order to simplify the code and make it similar to the way we used Paperclip, we're adding a `variant` method accepting the name of a variant and returning the variant.	2022-02-23 18:21:38 +01:00

1 2 3 4 5 ...

750 Commits