consul/grecia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
20,600 Commits 1 Branch 0 Tags
c1dd2a583a1e81f0abb8b26f0aa0632d449e04a0
Commit Graph

20600 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
c1dd2a583a Bump rubocop-rspec from 3.4.0 to 3.7.0 
We're changing the `.rubocop.yml` file because we were getting a
warning:

```
rubocop-rspec extension supports plugin, specify `plugins:
rubocop-rspec` instead of `require: rubocop-rspec` in .rubocop.yml. For
more information, see
https://docs.rubocop.org/rubocop/plugin_migration_guide.html.
```

Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec) from 3.4.0 to 3.7.0.
- [Release notes](https://github.com/rubocop/rubocop-rspec/releases)
- [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-rspec/compare/v3.4.0...v3.7.0)

---
updated-dependencies:
- dependency-name: rubocop-rspec
  dependency-version: 3.7.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-05 11:23:49 +01:00
Javi Martín
7396452cc6 Merge pull request #6034 from consuldemocracy/dependabot/bundler/rubocop-factory_bot-2.27.1 
Bump rubocop-factory_bot from 2.26.1 to 2.27.1
 2025-11-05 11:23:31 +01:00
dependabot[bot]
6fa2946dd3 Bump rubocop-factory_bot from 2.26.1 to 2.27.1 
We're changing the `.rubocop.yml` file because we were getting a
warning:

```
rubocop-factory_bot extension supports plugin, specify `plugins:
rubocop-factory_bot` instead of `require: rubocop-factory_bot` in
.rubocop.yml.  For more information, see
https://docs.rubocop.org/rubocop/plugin_migration_guide.html
```

---
updated-dependencies:
- dependency-name: rubocop-factory_bot
  dependency-version: 2.27.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-05 11:19:19 +01:00
Javi Martín
37ccc34429 Merge pull request #6056 from consuldemocracy/dependabot/bundler/puma-6.6.1 
Bump puma from 6.6.0 to 6.6.1
 2025-11-04 18:18:33 +01:00
dependabot[bot]
7d47eeb68b Bump puma from 6.6.0 to 6.6.1 
Bumps [puma](https://github.com/puma/puma) from 6.6.0 to 6.6.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v6.6.0...v6.6.1)

---
updated-dependencies:
- dependency-name: puma
  dependency-version: 6.6.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-04 16:37:20 +00:00
Javi Martín
cfcbcf5303 Merge pull request #6021 from consuldemocracy/dependabot/bundler/faraday-retry-2.3.2 
Bump faraday-retry from 2.3.1 to 2.3.2
 2025-11-04 17:22:45 +01:00
dependabot[bot]
de6f76aa3e Bump faraday-retry from 2.3.1 to 2.3.2 
Bumps [faraday-retry](https://github.com/lostisland/faraday-retry) from 2.3.1 to 2.3.2.
- [Release notes](https://github.com/lostisland/faraday-retry/releases)
- [Changelog](https://github.com/lostisland/faraday-retry/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lostisland/faraday-retry/compare/v2.3.1...v2.3.2)

---
updated-dependencies:
- dependency-name: faraday-retry
  dependency-version: 2.3.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-04 16:05:11 +00:00
Javi Martín
efe3b95492 Merge pull request #6130 from consuldemocracy/dependabot/bundler/selenium-webdriver-4.38.0 
Bump selenium-webdriver from 4.33.0 to 4.38.0
 2025-11-04 17:00:01 +01:00
dependabot[bot]
48d0fba91d Bump selenium-webdriver from 4.33.0 to 4.38.0 
Bumps [selenium-webdriver](https://github.com/SeleniumHQ/selenium) from 4.33.0 to 4.38.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES)
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.33.0...selenium-4.38.0)

---
updated-dependencies:
- dependency-name: selenium-webdriver
  dependency-version: 4.38.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-04 15:41:56 +00:00
Javi Martín
83d368ed60 Merge pull request #6060 from consuldemocracy/dependabot/github_actions/browser-actions/setup-chrome-2 
Bump browser-actions/setup-chrome from 1 to 2
 2025-11-04 16:39:08 +01:00
dependabot[bot]
b785f53b20 Bump browser-actions/setup-chrome from 1 to 2 
Bumps [browser-actions/setup-chrome](https://github.com/browser-actions/setup-chrome) from 1 to 2.
- [Release notes](https://github.com/browser-actions/setup-chrome/releases)
- [Changelog](https://github.com/browser-actions/setup-chrome/blob/master/CHANGELOG.md)
- [Commits](https://github.com/browser-actions/setup-chrome/compare/v1...v2)

---
updated-dependencies:
- dependency-name: browser-actions/setup-chrome
  dependency-version: '2'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-04 15:18:36 +00:00
Javi Martín
9e2d7bc9e4 Merge pull request #6138 from consuldemocracy/dependabot/github_actions/actions/upload-artifact-5 
Bump actions/upload-artifact from 4 to 5
 2025-11-04 16:13:01 +01:00
Javi Martín
fb8c4dfc9d Merge pull request #6139 from consuldemocracy/dependabot/github_actions/actions/setup-node-6 
Bump actions/setup-node from 5 to 6
 2025-11-04 16:08:40 +01:00
Javi Martín
0be6970a45 Merge pull request #6035 from consuldemocracy/dependabot/npm_and_yarn/stylelint-scss-6.12.1 
Bump stylelint-scss from 6.12.0 to 6.12.1
 2025-11-04 13:17:53 +01:00
dependabot[bot]
3b7818b592 Bump stylelint-scss from 6.12.0 to 6.12.1 
Bumps [stylelint-scss](https://github.com/stylelint-scss/stylelint-scss) from 6.12.0 to 6.12.1.
- [Release notes](https://github.com/stylelint-scss/stylelint-scss/releases)
- [Changelog](https://github.com/stylelint-scss/stylelint-scss/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint-scss/stylelint-scss/compare/v6.12.0...v6.12.1)

---
updated-dependencies:
- dependency-name: stylelint-scss
  dependency-version: 6.12.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-04 11:58:54 +00:00
Javi Martín
1404197014 Merge pull request #6129 from consuldemocracy/fix_mark_featured_debate 
Fix mark as featured button being rendered to everyone
 2025-11-03 15:55:32 +01:00
Sebastia
7cf5e7fdae Merge pull request #6122 from consuldemocracy/obsolete-meta 
Remove obsolete Foundation meta generator tag from layout
 2025-11-03 15:21:17 +01:00
dependabot[bot]
8338c663fd Bump actions/setup-node from 5 to 6 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 5 to 6.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-01 22:08:13 +00:00
dependabot[bot]
26181b3594 Bump actions/upload-artifact from 4 to 5 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 5.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-01 22:08:08 +00:00
Javi Martín
251968ae72 Fix mark as featured button being rendered to everyone 
We introduced this issue in commit f8faabf7d.

Since this component didn't have any tests (there are system tests for
it, though), we're also adding tests that check that only the right
buttons are rendered when accessing as administrator.
 2025-10-31 16:01:33 +01:00
Javi Martín
90b1f06a7c Merge pull request #6097 from consuldemocracy/dependabot/bundler/simplecov-lcov-0.9.0 
Bump simplecov-lcov from 0.8.0 to 0.9.0
 2025-10-31 13:34:05 +01:00
dependabot[bot]
8ee9491505 Bump simplecov-lcov from 0.8.0 to 0.9.0 
Bumps [simplecov-lcov](https://github.com/fortissimo1997/simplecov-lcov) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/fortissimo1997/simplecov-lcov/releases)
- [Changelog](https://github.com/fortissimo1997/simplecov-lcov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fortissimo1997/simplecov-lcov/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: simplecov-lcov
  dependency-version: 0.9.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-31 11:55:56 +00:00
Javi Martín
60c0b0c7ec Merge pull request #6102 from consuldemocracy/dependabot/bundler/knapsack_pro-8.4.0 
Bump knapsack_pro from 8.3.0 to 8.4.0
 2025-10-31 12:51:12 +01:00
dependabot[bot]
9a800a4145 Bump knapsack_pro from 8.3.0 to 8.4.0 
Bumps [knapsack_pro](https://github.com/KnapsackPro/knapsack_pro-ruby) from 8.3.0 to 8.4.0.
- [Changelog](https://github.com/KnapsackPro/knapsack_pro-ruby/blob/main/CHANGELOG.md)
- [Commits](https://github.com/KnapsackPro/knapsack_pro-ruby/compare/v8.3.0...v8.4.0)

---
updated-dependencies:
- dependency-name: knapsack_pro
  dependency-version: 8.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-31 10:58:54 +00:00
Javi Martín
6bbba8fe88 Merge pull request #6089 from consuldemocracy/dependabot/bundler/factory_bot_rails-6.5.1 
Bump factory_bot_rails from 6.4.4 to 6.5.1
 2025-10-31 11:56:02 +01:00
dependabot[bot]
21869e223d Bump factory_bot_rails from 6.4.4 to 6.5.1 
Bumps [factory_bot_rails](https://github.com/thoughtbot/factory_bot_rails) from 6.4.4 to 6.5.1.
- [Release notes](https://github.com/thoughtbot/factory_bot_rails/releases)
- [Changelog](https://github.com/thoughtbot/factory_bot_rails/blob/main/NEWS.md)
- [Commits](https://github.com/thoughtbot/factory_bot_rails/compare/v6.4.4...v6.5.1)

---
updated-dependencies:
- dependency-name: factory_bot_rails
  dependency-version: 6.5.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-31 10:34:30 +00:00
Javi Martín
c055683bb6 Merge pull request #6025 from consuldemocracy/dependabot/bundler/faker-3.5.2 
Bump faker from 3.5.1 to 3.5.2
 2025-10-31 11:33:10 +01:00
Javi Martín
552c06e8b6 Merge pull request #6107 from consuldemocracy/dependabot/github_actions/actions/checkout-5 
Bump actions/checkout from 4 to 5
 2025-10-31 11:32:18 +01:00
Javi Martín
152378537a Merge pull request #6108 from consuldemocracy/dependabot/github_actions/actions/setup-node-5 
Bump actions/setup-node from 4 to 5
 2025-10-31 11:28:29 +01:00
dependabot[bot]
428a0e287e Bump faker from 3.5.1 to 3.5.2 
Bumps [faker](https://github.com/faker-ruby/faker) from 3.5.1 to 3.5.2.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/main/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v3.5.1...v3.5.2)

---
updated-dependencies:
- dependency-name: faker
  dependency-version: 3.5.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-31 10:13:16 +00:00
Javi Martín
5e3eab1f3c Merge pull request #6114 from consuldemocracy/release_2.4.0 
Release version 2.4.0
 2025-10-27 14:06:38 +01:00
Javi Martín
a70cc6e5b0 Release version 2.4.0 2025-10-27 13:41:10 +01:00
Javi Martín
700f5e47f9 Merge pull request #6127 from consuldemocracy/ruby3.3.10 
Upgrade Ruby to version 3.3.10
 2025-10-27 13:38:30 +01:00
Javi Martín
f35916cbb9 Upgrade Ruby to version 3.3.10 
We're also updating the parser gem so we don't get any warnings.
 2025-10-27 13:18:01 +01:00
taitus
d338417432 Remove obsolete Foundation meta generator tag 
This meta tag was added years ago as a workaround for
foundation-sites issue 12167, in commit 791b2e12 from PR 4753
("Fix invalid HTML in application layout").

Since we now use foundation-sites >= 6.8.1 (fixed in 6.7.1),
the workaround is unnecessary.
 2025-10-23 16:04:34 +02:00
Javi Martín
cb85d5d401 Merge pull request #6121 from consuldemocracy/add_csv_to_gemfile 
Explicitly add csv to Gemfile
 2025-10-23 11:01:23 +02:00
Javi Martín
361e4e08a6 Explicitly add csv to Gemfile 
We were getting a warning on staging and production environments:

```
app/models/local_census_records/import.rb:1: warning: csv was loaded
from the standard library, but will no longer be part of the default
gems starting from Ruby 3.4.0.

You can add csv to your Gemfile or gemspec to silence this warning
```

The reason we weren't getting this warning during development is that we
do have `csv` in our `Gemfile.lock`, but only in development
environments, since it's an indirect dependency of pronto. On production
environments, we don't install pronto or its dependencies, though.

We can reproduce the warning locally by temporarily removing the pronto
gems from the Gemfile, running `bundle install` and starting a rails
console.
 2025-10-22 21:15:58 +02:00
Sebastia
05204f0e5b Merge pull request #6119 from consuldemocracy/i18n_crowdin 
Update translations from Crowdin
 2025-10-22 15:17:31 +02:00
Javi Martín
be6f5857d7 Merge pull request #6113 from consuldemocracy/saml_on_demand 
Only access SAML single sign-on URL when necessary
 2025-10-22 15:17:04 +02:00
Javi Martín
e092034483 Merge pull request #6118 from consuldemocracy/fix_notifications_scopes_tests 
Use match_array in notifications scopes tests
 2025-10-22 15:01:36 +02:00
Javi Martín
4332637c0f Only access SAML single sign-on URL when necessary 
We were calling `parse_remote_to_hash` in the Devise initializer, which
runs when the application starts.

That meant that, if we got an exception when calling that method, the
application wouldn't start. We got exceptions if the single sign-on
(SSO) URL isn't available or we aren't providing the right credentials.

So we're moving the call to `parse_remote_to_hash` to
`OmniauthTenantSetup`, which is only called when actually trying to sign
in with SAML.

Since we're moving the code there, we're also unifying the code so SAML
settings are configured the same way for the main tenant and other
tenants, like we did for OpenID Connect in commit c3b523290.

In order to keep the existing behavior, we're caching the result of
`parse_remote_to_hash` in an instance variable. Not sure about the
advantages and disadvantages of doing so over parsing the remote URL
metadata on every SAML-related request.

Note that the SAML tests in `OmniauthTenantSetup` use the `stub_secrets`
method. But this method is called after the application has started,
meaning it doesn't stub calls to `Rails.application.secrets` in
`config/initializers/`. So, before this commit, the code that parsed the
IDP metadata URL wasn't executed in the tests. Since now we've moved the
code but we don't want to depend on external URLs when running the
tests, we need to stub the call to the external URL. Since we're now
stubbing the call, we're adding expectations in the tests to check that
we correctly use the settings returned in that call.
 2025-10-22 12:25:43 +02:00
Javi Martín
0cb5d253f8 Use match_array in notifications scopes tests 
The scopes don't define the order in which the records are returned, so,
when using `eq`, the tests failed sometimes.
 2025-10-22 12:18:37 +02:00
Javi Martín
75f6bebc30 Don't set issuer and idp_metadata in SAML settings 
The `issuer` setting was renamed to `sp_entity_id` in omniauth-saml [1],
and it's been deprecated in ruby-saml since version 1.11.0, released on
July 24, 2019 [2].

The ruby-saml code currently uses:

```
      def sp_entity_id
        @sp_entity_id || @issuer
      end
```

So setting `issuer` to the same value as `sp_entity_id` if
`sp_entity_id` is present, as we were doing, has no effect.

On the other hand, neither omniauth-saml nor ruby-saml use the
`idp_metadata_url` and `idp_metadata` settings.

[1] https://github.com/omniauth/omniauth-saml/commit/74ed8dfb3aed
[2] https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.11.0
 2025-10-22 11:50:56 +02:00
taitus
5ffee66985 Update translations from Crowdin 2025-10-22 11:38:07 +02:00
Javi Martín
3ad47e4819 Merge pull request #6115 from consuldemocracy/update_rails_in_gemfile 
Update Gemfile to show the right version of Rails
 2025-10-21 15:20:06 +02:00
Javi Martín
3642759ac8 Update Gemfile to show the right version of Rails 
The "~> 7.1.5.1" part made it harder to know that we're using version
7.1.5.2 since commit 4f4bd0f71.
 2025-10-21 12:03:34 +02:00
Javi Martín
c98d328879 Merge pull request #6117 from consuldemocracy/node20.19.5 
Update Node.js from 20.19.2 to 20.19.5
 2025-10-21 12:03:22 +02:00
Javi Martín
7e9e13ee90 Merge pull request #6116 from consuldemocracy/ruby3.3.9 
Upgrade Ruby to version 3.3.9
 2025-10-21 12:02:13 +02:00
Javi Martín
ff9c4b93ae Update Node.js from 20.19.2 to 20.19.5 
This is the latest 20.x release as of October 17, 2025.
 2025-10-17 19:45:07 +02:00
Javi Martín
c29da86a9e Upgrade Ruby to version 3.3.9 
We're also updating the parser gem so we don't get any warnings.
 2025-10-17 18:13:14 +02:00