grecia

Author	SHA1	Message	Date
dependabot[bot]	428a0e287e	Bump faker from 3.5.1 to 3.5.2 Bumps [faker](https://github.com/faker-ruby/faker) from 3.5.1 to 3.5.2. - [Release notes](https://github.com/faker-ruby/faker/releases) - [Changelog](https://github.com/faker-ruby/faker/blob/main/CHANGELOG.md) - [Commits](https://github.com/faker-ruby/faker/compare/v3.5.1...v3.5.2) --- updated-dependencies: - dependency-name: faker dependency-version: 3.5.2 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-31 10:13:16 +00:00
Javi Martín	f35916cbb9	Upgrade Ruby to version 3.3.10 We're also updating the parser gem so we don't get any warnings.	2025-10-27 13:18:01 +01:00
Javi Martín	361e4e08a6	Explicitly add csv to Gemfile We were getting a warning on staging and production environments: ``` app/models/local_census_records/import.rb:1: warning: csv was loaded from the standard library, but will no longer be part of the default gems starting from Ruby 3.4.0. You can add csv to your Gemfile or gemspec to silence this warning ``` The reason we weren't getting this warning during development is that we do have `csv` in our `Gemfile.lock`, but only in development environments, since it's an indirect dependency of pronto. On production environments, we don't install pronto or its dependencies, though. We can reproduce the warning locally by temporarily removing the pronto gems from the Gemfile, running `bundle install` and starting a rails console.	2025-10-22 21:15:58 +02:00
Javi Martín	3642759ac8	Update Gemfile to show the right version of Rails The "~> 7.1.5.1" part made it harder to know that we're using version 7.1.5.2 since commit `4f4bd0f71`.	2025-10-21 12:03:34 +02:00
Javi Martín	c29da86a9e	Upgrade Ruby to version 3.3.9 We're also updating the parser gem so we don't get any warnings.	2025-10-17 18:13:14 +02:00
Javi Martín	e63d90a9ee	Bump highline from 2.0.3 to 3.1.2 We were getting this warning when running i18n-tasks: ``` lib/ruby/gems/3.3.0/gems/highline-2.0.3/lib/highline/import.rb:10: warning: abbrev was loaded from the standard library, but will no longer be part of the default gems starting from Ruby 3.4.0 ``` We're updating the highline gem so we don't get this warning.	2025-10-16 15:41:39 +02:00
dependabot[bot]	3e51f0f2ac	Bump rack from 2.2.19 to 2.2.20 Bumps [rack](https://github.com/rack/rack) from 2.2.19 to 2.2.20. - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/v2.2.19...v2.2.20) --- updated-dependencies: - dependency-name: rack dependency-version: 2.2.20 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-10 19:08:55 +00:00
dependabot[bot]	720e450954	Bump rack from 2.2.18 to 2.2.19 Bumps [rack](https://github.com/rack/rack) from 2.2.18 to 2.2.19. - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/v2.2.18...v2.2.19) --- updated-dependencies: - dependency-name: rack dependency-version: 2.2.19 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-07 19:53:35 +00:00
dependabot[bot]	66c50a3964	Bump rack from 2.2.17 to 2.2.18 Bumps [rack](https://github.com/rack/rack) from 2.2.17 to 2.2.18. - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/v2.2.17...v2.2.18) --- updated-dependencies: - dependency-name: rack dependency-version: 2.2.18 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-09-25 17:35:03 +00:00
dependabot[bot]	f5372f6267	Bump rexml from 3.4.1 to 3.4.2 Bumps [rexml](https://github.com/ruby/rexml) from 3.4.1 to 3.4.2. - [Release notes](https://github.com/ruby/rexml/releases) - [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md) - [Commits](https://github.com/ruby/rexml/compare/v3.4.1...v3.4.2) --- updated-dependencies: - dependency-name: rexml dependency-version: 3.4.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-09-17 19:21:51 +00:00
Javi Martín	3cf6e9b1ca	Merge pull request #6046 from Anamika1608/oidc_auth Add support for OIDC authentication	2025-09-01 19:55:10 +02:00
dependabot[bot]	4f4bd0f715	Bump activestorage from 7.1.5.1 to 7.1.5.2 Bumps [activestorage](https://github.com/rails/rails) from 7.1.5.1 to 7.1.5.2. - [Release notes](https://github.com/rails/rails/releases) - [Changelog](https://github.com/rails/rails/blob/v8.0.2.1/activestorage/CHANGELOG.md) - [Commits](https://github.com/rails/rails/compare/v7.1.5.1...v7.1.5.2) --- updated-dependencies: - dependency-name: activestorage dependency-version: 7.1.5.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-08-15 10:21:10 +00:00
Javi Martín	24dcff3c1d	Relax Rails dependency to allow security updates Currently dependabot is failing to upgrade some gems that are part of Rails. For example, when there's a security issue in ActiveRecord or ActiveStorage, we get messages like: ``` Dependabot cannot update activestorage to a non-vulnerable version. The latest possible version that can be installed is 7.1.5.1 because of the following conflicting dependencies: rails (7.1.5.1) requires activestorage (= 7.1.5.1) via actionmailbox (7.1.5.1) rails (7.1.5.1) requires activestorage (= 7.1.5.1) via actiontext (7.1.5.1) rails (7.1.5.1) requires activestorage (= 7.1.5.1) The earliest fixed version is 7.1.5.2. ``` So we're relaxing the dependency in order to make it easier for dependabot to upgrade gems that are part of Rails. Note that, with this configuration, Dependabot wouldn't be able to upgrade to Rails 7.1.6 if this releases fixed a security issues in a gem that is part of Rails. We might still need to upgrade Rails manually in this case.	2025-08-15 12:01:27 +02:00
Sebastia	c7a2389d6b	Merge pull request #6022 from consuldemocracy/dependabot/bundler/capistrano3-puma-6.2.0 Bump capistrano3-puma from 6.0.0 to 6.2.0	2025-08-04 16:22:05 +02:00
dependabot[bot]	bebbe8b3a9	Bump ruby-saml from 1.18.0 to 1.18.1 Bumps [ruby-saml](https://github.com/saml-toolkits/ruby-saml) from 1.18.0 to 1.18.1. - [Release notes](https://github.com/saml-toolkits/ruby-saml/releases) - [Changelog](https://github.com/SAML-Toolkits/ruby-saml/blob/master/CHANGELOG.md) - [Commits](https://github.com/saml-toolkits/ruby-saml/compare/v1.18.0...v1.18.1) --- updated-dependencies: - dependency-name: ruby-saml dependency-version: 1.18.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-08-04 11:40:10 +00:00
Anamika Aggarwal	eab5f52e19	Add omniauth_openid_connect gem for OIDC auth	2025-07-24 16:31:33 +00:00
Anamika Aggarwal	5726bcef07	Update the omniauth-saml to 2.2.4	2025-07-23 14:43:44 +02:00
taitus	a4709f9da0	Add omniauth saml section for sign in and sign up page Co-authored-by: Anamika Aggarwal <anamikaagg18@gmail.com>	2025-07-23 14:43:44 +02:00
Sebastia	9d216084a7	Merge pull request #6044 from consuldemocracy/dependabot/bundler/thor-1.4.0 Bump thor from 1.3.2 to 1.4.0	2025-07-22 09:40:36 +02:00
dependabot[bot]	c3c7ba339e	Bump nokogiri from 1.18.8 to 1.18.9 Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.18.8 to 1.18.9. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.18.8...v1.18.9) --- updated-dependencies: - dependency-name: nokogiri dependency-version: 1.18.9 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-07-22 05:30:09 +00:00
dependabot[bot]	18f7e88524	Bump thor from 1.3.2 to 1.4.0 Bumps [thor](https://github.com/rails/thor) from 1.3.2 to 1.4.0. - [Release notes](https://github.com/rails/thor/releases) - [Commits](https://github.com/rails/thor/compare/v1.3.2...v1.4.0) --- updated-dependencies: - dependency-name: thor dependency-version: 1.4.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-07-22 01:37:44 +00:00
dependabot[bot]	65a9219d02	Bump puma from 5.6.9 to 6.6.0 Bumps [puma](https://github.com/puma/puma) from 5.6.9 to 6.6.0. - [Release notes](https://github.com/puma/puma/releases) - [Changelog](https://github.com/puma/puma/blob/master/History.md) - [Commits](https://github.com/puma/puma/compare/v5.6.9...v6.6.0) --- updated-dependencies: - dependency-name: puma dependency-version: 6.6.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-07-07 09:54:34 +02:00
dependabot[bot]	80ca31f83e	Bump capistrano3-puma from 6.0.0 to 6.2.0 Bumps [capistrano3-puma](https://github.com/seuros/capistrano-puma) from 6.0.0 to 6.2.0. - [Changelog](https://github.com/seuros/capistrano-puma/blob/master/CHANGELOG.md) - [Commits](https://github.com/seuros/capistrano-puma/compare/v6.0.0...v6.2.0) --- updated-dependencies: - dependency-name: capistrano3-puma dependency-version: 6.2.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2025-07-01 22:39:58 +00:00
Javi Martín	11b0b8be44	Bump irb from 1.12.0 to 1.13.1 Version 1.13.1 is the default one in Ruby 3.3.8. The reason we're updating it is that IRB improves in every version of Ruby, making development a bit easier. We're also upgrading the reline gem (which IRB depends on) to the version included in Ruby 3.3.8.	2025-06-30 14:58:02 +02:00
Javi Martín	edf3821cbe	Bump stringio from 3.1.0 to 3.1.1 Version 3.1.1 is the one included by default in Ruby 3.3.8. We were getting an error when running `rspec` without `bundle exec` because we had an earlier version of that gem in our Gemfile.	2025-06-18 16:47:27 +02:00
Sebastia	1d12974a27	Merge pull request #6006 from consuldemocracy/dependabot/bundler/rubocop-1.75.8 Bump rubocop from 1.71.2 to 1.76.1	2025-06-16 17:22:00 +02:00
Sebastia	92cb0453cc	Merge pull request #6007 from consuldemocracy/dependabot/bundler/graphql-2.5.8 Bump graphql from 2.4.13 to 2.5.8	2025-06-16 16:50:12 +02:00
dependabot[bot]	123c97771a	Bump rubocop from 1.71.2 to 1.75.8 Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.71.2 to 1.75.8. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.71.2...v1.75.8) --- updated-dependencies: - dependency-name: rubocop dependency-version: 1.75.8 dependency-type: direct:development update-type: version-update:semver-minor ... Notes: This commit also includes several style and lint fixes required after updating RuboCop: - Removed redundant parentheses now detected by improved 'Style/RedundantParentheses' (1.72 and 1.75.3). - Replaced ternary expressions with logical OR when the ternary was returning 'true', as flagged by 'Style/RedundantCondition' (1.73). - Adjusted block variables to resolve new 'Lint/ShadowingOuterLocalVariable' offenses (1.75), helping avoid future conflicts during upgrades with 'rails app:updates' Signed-off-by: dependabot[bot] <support@github.com>	2025-06-16 16:07:32 +02:00
Sebastia	c9b9544880	Merge pull request #6005 from consuldemocracy/dependabot/bundler/pronto-0.11.4 Bump pronto from 0.11.3 to 0.11.4	2025-06-16 15:44:57 +02:00
dependabot[bot]	ec81a397be	Bump pronto from 0.11.3 to 0.11.4 Bumps [pronto](https://github.com/prontolabs/pronto) from 0.11.3 to 0.11.4. - [Release notes](https://github.com/prontolabs/pronto/releases) - [Changelog](https://github.com/prontolabs/pronto/blob/master/CHANGELOG.md) - [Commits](https://github.com/prontolabs/pronto/compare/v0.11.3...v0.11.4) --- updated-dependencies: - dependency-name: pronto dependency-version: 0.11.4 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-06-16 15:23:11 +02:00
Sebastia	82bc9e016e	Merge pull request #5976 from consuldemocracy/dependabot/bundler/sprockets-4.2.2 Bump sprockets from 4.2.1 to 4.2.2	2025-06-16 13:12:42 +02:00
Sebastia	ef732732b7	Merge pull request #6004 from consuldemocracy/dependabot/bundler/knapsack_pro-8.3.0 Bump knapsack_pro from 7.8.0 to 8.3.0	2025-06-12 11:09:54 +02:00
Sebastia	68445bb7fd	Merge pull request #6003 from consuldemocracy/dependabot/bundler/view_component-3.23.2 Bump view_component from 3.23.1 to 3.23.2	2025-06-11 17:38:13 +02:00
dependabot[bot]	c6742f6bb2	Bump graphql from 2.4.13 to 2.5.8 Bumps [graphql](https://github.com/rmosolgo/graphql-ruby) from 2.4.13 to 2.5.8. - [Release notes](https://github.com/rmosolgo/graphql-ruby/releases) - [Changelog](https://github.com/rmosolgo/graphql-ruby/blob/master/CHANGELOG.md) - [Commits](https://github.com/rmosolgo/graphql-ruby/compare/v2.4.13...v2.5.8) --- updated-dependencies: - dependency-name: graphql dependency-version: 2.5.8 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2025-06-11 15:14:09 +00:00
dependabot[bot]	cd8d3fc8d3	Bump groupdate from 6.5.1 to 6.6.0 Bumps [groupdate](https://github.com/ankane/groupdate) from 6.5.1 to 6.6.0. - [Changelog](https://github.com/ankane/groupdate/blob/master/CHANGELOG.md) - [Commits](https://github.com/ankane/groupdate/compare/v6.5.1...v6.6.0) --- updated-dependencies: - dependency-name: groupdate dependency-version: 6.6.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2025-06-11 14:27:29 +00:00
dependabot[bot]	0b7e4bf49e	Bump sprockets from 4.2.1 to 4.2.2 Bumps [sprockets](https://github.com/rails/sprockets) from 4.2.1 to 4.2.2. - [Release notes](https://github.com/rails/sprockets/releases) - [Changelog](https://github.com/rails/sprockets/blob/main/CHANGELOG.md) - [Commits](https://github.com/rails/sprockets/compare/v4.2.1...v4.2.2) --- updated-dependencies: - dependency-name: sprockets dependency-version: 4.2.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-06-11 14:22:24 +00:00
dependabot[bot]	4ce272be98	Bump view_component from 3.23.1 to 3.23.2 Bumps [view_component](https://github.com/viewcomponent/view_component) from 3.23.1 to 3.23.2. - [Release notes](https://github.com/viewcomponent/view_component/releases) - [Changelog](https://github.com/ViewComponent/view_component/blob/main/docs/CHANGELOG.md) - [Commits](https://github.com/viewcomponent/view_component/compare/v3.23.1...v3.23.2) --- updated-dependencies: - dependency-name: view_component dependency-version: 3.23.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-06-11 14:12:09 +00:00
Sebastia	304055edbd	Merge pull request #5994 from consuldemocracy/remove-legacy-ahoy-patch Remove Ahoy ensure_uuid logic and uuidtools dependency	2025-06-11 16:10:45 +02:00
Sebastia	1d61f332c1	Merge pull request #5995 from consuldemocracy/remove-spring-gem Remove Spring from the project	2025-06-11 15:46:24 +02:00
taitus	f45f5fe98f	Remove Ahoy ensure_uuid logic and uuidtools dependency Ahoy 2.0.0 [1] introduced automatic UUID generation for visit_token and visitor_token. As a result, the custom ensure_uuid method is no longer needed and can be safely removed from the initializer. Since we aren't manually generating UUIDs anymore, we no longer need the uuidtools dependency. [1] https://github.com/ankane/ahoy/blob/v2.0.0/README.md#token-generation	2025-06-11 15:45:40 +02:00
Sebastia	c8c7580e25	Merge pull request #5982 from consuldemocracy/dependabot/bundler/pronto-stylelint-0.11.1 Bump pronto-stylelint from 0.11.0 to 0.11.1	2025-06-11 15:43:09 +02:00
Sebastia	0332cd3a56	Merge pull request #5996 from consuldemocracy/dependabot/bundler/selenium-webdriver-4.33.0 Bump selenium-webdriver from 4.29.1 to 4.33.0	2025-06-11 15:20:01 +02:00
taitus	11e84159d9	Remove Spring from the project IMHO, Spring no longer provides benefits in this project and: - Spring was already disabled in the test environment since commit `e4e0cb5d47` - Rails removed Spring as a default installation option in 2021 [1] [1] PR #42997 from https://github.com/rails/rails/	2025-06-11 15:07:17 +02:00
Sebastia	72b92b3c30	Merge pull request #5999 from consuldemocracy/dependabot/bundler/acts-as-taggable-on-12.0.0 Bump acts-as-taggable-on from 11.0.0 to 12.0.0	2025-06-11 12:27:22 +02:00
Sebastia	b986038057	Merge pull request #5998 from consuldemocracy/dependabot/bundler/wkhtmltopdf-binary-0.12.6.9 Bump wkhtmltopdf-binary from 0.12.6.8 to 0.12.6.9	2025-06-11 11:52:58 +02:00
dependabot[bot]	e6d1d80de1	Bump selenium-webdriver from 4.29.1 to 4.33.0 Bumps [selenium-webdriver](https://github.com/SeleniumHQ/selenium) from 4.29.1 to 4.33.0. - [Release notes](https://github.com/SeleniumHQ/selenium/releases) - [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES) - [Commits](https://github.com/SeleniumHQ/selenium/commits/selenium-4.33.0) --- updated-dependencies: - dependency-name: selenium-webdriver dependency-version: 4.33.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2025-06-10 14:23:17 +00:00
dependabot[bot]	4501cc4e1c	Bump pronto-stylelint from 0.11.0 to 0.11.1 Bumps [pronto-stylelint](https://github.com/kevinjalbert/pronto-stylelint) from 0.11.0 to 0.11.1. - [Commits](https://github.com/kevinjalbert/pronto-stylelint/compare/v0.11.0...v0.11.1) --- updated-dependencies: - dependency-name: pronto-stylelint dependency-version: 0.11.1 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-06-10 15:50:51 +02:00
dependabot[bot]	8e9c3d366a	Bump exiftool_vendored from 12.97.0 to 13.30.0 Bumps [exiftool_vendored](https://github.com/exiftool-rb/exiftool_vendored.rb) from 12.97.0 to 13.30.0. - [Commits](https://github.com/exiftool-rb/exiftool_vendored.rb/compare/v12.97.0...v13.30.0) --- updated-dependencies: - dependency-name: exiftool_vendored dependency-version: 13.30.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-06-09 14:03:13 +00:00
Sebastia	e786f09964	Merge pull request #5983 from consuldemocracy/dependabot/bundler/autoprefixer-rails-10.4.21.0 Bump autoprefixer-rails from 10.4.19.0 to 10.4.21.0	2025-06-09 16:01:50 +02:00
dependabot[bot]	dcfd630928	Bump omniauth from 2.1.2 to 2.1.3 Bumps [omniauth](https://github.com/omniauth/omniauth) from 2.1.2 to 2.1.3. - [Release notes](https://github.com/omniauth/omniauth/releases) - [Commits](https://github.com/omniauth/omniauth/compare/v2.1.2...v2.1.3) --- updated-dependencies: - dependency-name: omniauth dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-06-09 09:57:35 +00:00

1 2 3 4 5 ...

1156 Commits