consul/nairobi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14,897 Commits 1 Branch 0 Tags
526d161e2d5f07b45da0368f2dd67ec87bd2b992
Commit Graph

380 Commits

Author SHA1 Message Date
dependabot-preview[bot]
781188758a Bump capybara from 2.17.0 to 3.29.0 
Bumps [capybara](https://github.com/teamcapybara/capybara) from 2.17.0 to 3.29.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](https://github.com/teamcapybara/capybara/compare/2.17.0...3.29.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-04-06 20:11:44 +02:00
dependabot-preview[bot]
41777c93e6 [Security] Bump puma from 4.3.1 to 4.3.3 
Bumps [puma](https://github.com/puma/puma) from 4.3.1 to 4.3.3. **This update includes security fixes.**
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.1...v4.3.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-03-01 22:55:54 +00:00
Javier Martín
9bbed55d20 Merge pull request #3840 from consul/omniauth_csrf 
Add CSRF protection to Omniauth requests
 2020-01-28 12:52:17 +01:00
dependabot-preview[bot]
58071fd66b Bump foundation-rails from 6.4.3.0 to 6.6.1.0 
Bumps [foundation-rails](https://get.foundation) from 6.4.3.0 to 6.6.1.0.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-01-18 10:09:00 +00:00
Alberto
34c75fec4b Merge pull request #3606 from consul/fontawesome 
Add Font Awesome icons
 2020-01-18 11:07:03 +01:00
dependabot-preview[bot]
a1d8dd0966 [Security] Bump puma from 4.3.0 to 4.3.1 
Bumps [puma](https://github.com/puma/puma) from 4.3.0 to 4.3.1. **This update includes a security fix.**
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.0...v4.3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-05 19:39:57 +00:00
Javi Martín
92ea3c3d43 Bump knapsack_pro from 1.1.0 to 1.15.0 2019-12-03 14:11:19 +01:00
Javi Martín
c4ebea27a7 Add CSRF protection to Omniauth requests 
More info:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9284
https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284
 2019-11-29 03:18:53 +01:00
Julian Herrero
be4f6bc07e Make it easier to release a new version of CONSUL 
With this change we no longer need the branch `changelog` and it will
be easier to release new versions of CONSUL.
 2019-11-23 14:06:53 +01:00
Javi Martín
442baf8384 Remove browser gem direct dependency 
While the browser gem is great, we don't need it in this case for such a
simple usage.

There are a few really small differences between this code and the old
one: matching `/MSIE/` will return true for Opera 12 and false for
certain versions of IE11. Since we're only rendering a comment for IE8
and below, we don't care about IE11, and Opera 12 is six years old and
its users won't be affected by the comment.

Note we're still using the browser gem because ahoy_matey depends on it,
but now it's an indirect dependency.
 2019-11-18 13:12:35 +01:00
Javier Martín
0824cc3f2d Merge pull request #3848 from consul/dependabot/bundler/sitemap_generator-6.0.2 
Bump sitemap_generator from 6.0.1 to 6.0.2
 2019-11-17 23:19:02 +01:00
Javi Martín
58befabde5 Bump puma from 4.2.1 to 4.3.0 2019-11-12 20:20:45 +01:00
dependabot-preview[bot]
18f8c96073 Bump sitemap_generator from 6.0.1 to 6.0.2 
Bumps [sitemap_generator](https://github.com/kjvarga/sitemap_generator) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/kjvarga/sitemap_generator/releases)
- [Changelog](https://github.com/kjvarga/sitemap_generator/blob/master/CHANGES.md)
- [Commits](https://github.com/kjvarga/sitemap_generator/compare/v6.0.1...v6.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-11-11 14:12:26 +00:00
Javi Martín
f240e0073f Bump ckeditor from 4.2.4 to 4.3.0 
This version solves a security issue:

https://ckeditor.com/cke4/release/CKEditor-4.11.0

Note this version adds a `ckeditor/samples` folder, which is
automatically added to the application's assets manifest even if we
remove all CKEditor references in our application. One of the files in
that folder makes ExecJS raise a syntax error, causing every page to
raise a 500 error.
 2019-11-06 22:05:44 +01:00
Javi Martín
128a816464 Remove collaborative legislation summary 
This feature wasn't properly tested nor reviewed, and after reviewing
several pull requests with a similar status and considering this pull
request is related to the public area of the web, we've decided to
remove it before releasing version 1.1.

This commit reverts commit 4f50e67a.
 2019-11-06 17:21:03 +01:00
Julian Herrero
69838c78b9 Revert "Stop using Knapsack Pro" 
This reverts PR https://github.com/consul/consul/pull/3812
 2019-11-06 18:58:05 +07:00
Javi Martín
ed223e0bd1 Use audited to track investment changes 
Our manual implementation had a few issues. In particular, it didn't
track changes related to associations, which became more of an issue
when we made investments translatable.

Using audited gives us more functionality while at the same time
simplifies our code. However, it adds one more external dependency to
our project.

The reason for choosing audited over paper trail is audited seems to
make it easier to handle associations.
 2019-11-05 13:02:37 +01:00
Julian Herrero
5b3d40ce8e Stop using Knapsack Pro 2019-11-04 16:58:06 +07:00
decabeza
18975a3963 Add font-awesome-sass gem 
Now can use all icons from https://fontawesome.com.
 2019-10-23 15:49:15 +02:00
Javier Martín
7a9fefb933 Merge pull request #3707 from consul/dependabot/bundler/ancestry-3.0.7 
Bump ancestry from 3.0.2 to 3.0.7
 2019-10-23 01:29:42 +02:00
dependabot-preview[bot]
4dbf38195a Bump ancestry from 3.0.2 to 3.0.7 
Bumps [ancestry](https://github.com/stefankroes/ancestry) from 3.0.2 to 3.0.7.
- [Release notes](https://github.com/stefankroes/ancestry/releases)
- [Changelog](https://github.com/stefankroes/ancestry/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stefankroes/ancestry/compare/v3.0.2...v3.0.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-10-22 22:32:10 +00:00
Pierre Mesure
213903ad45 Replace sass-rails gem by sassc-rails 2019-10-22 21:59:14 +02:00
Javi Martín
b36e659f4e Use puma instead of unicorn 
Puma is the server we use in the development environment, so this way we
don't need to maintain two servers. Furthermore, puma seems to offer a
few advantages over unicorn (like multithreading) and no disadvantages.
 2019-10-12 16:50:49 +02:00
dependabot-preview[bot]
22e91271e5 [Security] Bump devise from 4.6.2 to 4.7.1 
Bumps [devise](https://github.com/plataformatec/devise) from 4.6.2 to 4.7.1. **This update includes a security fix.**
- [Release notes](https://github.com/plataformatec/devise/releases)
- [Changelog](https://github.com/plataformatec/devise/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/devise/compare/v4.6.2...v4.7.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-10-09 16:43:34 +00:00
Javier Martín
2c80c05372 Merge pull request #3739 from consul/dependabot/bundler/rubocop-0.75.0 
Bump rubocop from 0.60.0 to 0.75.0
 2019-10-08 13:20:01 +02:00
Javi Martín
63d31f47c7 Add missing rubocop dependencies 
Rails and performance cops have been extracted to separate gems.

Note in the past we had to add these lines in order to activate Rails
cops:

```
Rails:
  Enabled: true
```

But we didn't do it, and so Rails cops were ignored.

With the new version, it's enough to require `rubocop-rails`.
 2019-10-08 12:42:46 +02:00
dependabot-preview[bot]
26201d4fc2 Bump foundation_rails_helper from 2.0.0 to 3.0.0 
Bumps [foundation_rails_helper](https://github.com/sgruhier/foundation_rails_helper) from 2.0.0 to 3.0.0.
- [Release notes](https://github.com/sgruhier/foundation_rails_helper/releases)
- [Changelog](https://github.com/sgruhier/foundation_rails_helper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sgruhier/foundation_rails_helper/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-10-03 03:22:21 +00:00
dependabot-preview[bot]
d827946a10 Bump rubocop from 0.60.0 to 0.75.0 
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.60.0 to 0.75.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.60.0...v0.75.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-10-01 14:32:18 +00:00
dependabot-preview[bot]
dde9caf7fd Merge pull request #3706 from consul/dependabot/bundler/rubocop-rspec-1.35.0 2019-09-19 15:03:06 +00:00
dependabot-preview[bot]
21634cf4fe Bump rubocop-rspec from 1.33.0 to 1.35.0 
Bumps [rubocop-rspec](https://github.com/rubocop-hq/rubocop-rspec) from 1.33.0 to 1.35.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-rspec/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-rspec/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-rspec/compare/v1.33.0...v1.35.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-09-16 16:47:42 +00:00
dependabot-preview[bot]
3786adc8ad Bump puma from 3.12.1 to 4.1.1 
Bumps [puma](https://github.com/puma/puma) from 3.12.1 to 4.1.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v3.12.1...v4.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-09-16 16:46:40 +00:00
dependabot-preview[bot]
32df471946 Bump paranoia from 2.4.1 to 2.4.2 
Bumps [paranoia](https://github.com/rubysherpas/paranoia) from 2.4.1 to 2.4.2.
- [Release notes](https://github.com/rubysherpas/paranoia/releases)
- [Changelog](https://github.com/rubysherpas/paranoia/blob/core/CHANGELOG.md)
- [Commits](https://github.com/rubysherpas/paranoia/compare/v2.4.1...v2.4.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-09-13 17:37:28 +00:00
Javier Martín
edb51c09c2 Merge pull request #3442 from consul/dependabot/bundler/i18n-tasks-0.9.29 
Bump i18n-tasks from 0.9.25 to 0.9.29
 2019-09-13 19:35:37 +02:00
dependabot-preview[bot]
f0d4565815 Bump email_spec from 2.1.1 to 2.2.0 
Bumps [email_spec](https://github.com/email-spec/email-spec) from 2.1.1 to 2.2.0.
- [Release notes](https://github.com/email-spec/email-spec/releases)
- [Changelog](https://github.com/email-spec/email-spec/blob/master/Changelog.md)
- [Commits](https://github.com/email-spec/email-spec/compare/v2.1.1...v2.2.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
 2019-09-12 21:18:16 +00:00
dependabot-preview[bot]
a736252c4b Bump i18n-tasks from 0.9.25 to 0.9.29 
Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks) from 0.9.25 to 0.9.29.
- [Release notes](https://github.com/glebm/i18n-tasks/releases)
- [Changelog](https://github.com/glebm/i18n-tasks/blob/master/CHANGES.md)
- [Commits](https://github.com/glebm/i18n-tasks/compare/v0.9.25...v0.9.29)

Signed-off-by: dependabot[bot] <support@dependabot.com>
 2019-09-11 20:02:35 +00:00
Javi Martín
d93a029ce5 Convert CofeeScript to JavaScript 
Compiled using `coffee -c` with CoffeeScript 1.12.6.
 2019-09-11 14:03:24 +02:00
Javi Martín
9541ce892c Apply Bundler rubocop rules 
We're not using the InsecureProtocolSource rule because I don't feel
it's necessary.
 2019-09-10 21:43:39 +02:00
Javi Martín
8bb5462253 Use capybara-webmock to avoid external requests 
The images from OpenStreetMap take a while to load, sometimes even
causing Net::ReadTimeout errors if the internet connection is slow. It's
happened a lot recently on Travis builds.

Using capybara-webmock we guarantee the test suite doesn't fail due to
network issues.
 2019-09-07 13:09:05 +02:00
Javi Martín
444fc524f7 Use the AttributeDefinedStatically rubocop rule 
Factory bot has stopped supporting dynamic attributes, and we'll have to
change all factories before upgrading.

In order to apply the rubocop rule, we need to bump rubocop-rspec to its
latest version.
 2019-08-07 19:41:45 +02:00
taitus
f53043ee2a Install gem 'translator-text' to conect with MicrosoftTranslation Service 
API Wrapper for the Microsoft Translator Text API 3.0
 2019-06-27 09:19:36 +02:00
German Galia
4f50e67ac3 Collaborative legislation summary 2019-06-03 12:34:25 +02:00
Javi Martín
44d9ba66b7 Use puma as development web server 
It seems to be the default in Rails 5 (we even have a configuration file
for it under `config/puma.rb`) and Capybara seems to need it to run
system specs in Rails 5.1:

https://github.com/teamcapybara/capybara/#setup
 2019-04-29 13:08:43 -05:00
Javi Martín
8094417828 Remove best_in_place 
It was only used in one place, so it's best to remove it and use the
patterns we use everywhere else.
 2019-04-29 12:37:28 -05:00
Javi Martín
f284d5c09e Remove record_tag_helper 
It was only used in one place, and could easily be replaced.

Note we usually use HTML classes like `map-location` instead of
`map_location`, but I've kept the underscore for compatibility with the
previous version.
 2019-04-29 12:36:09 -05:00
decabeza
534ad75206 Downgrade autoprefixer-rails gem 
We need update Node version before upgrade this gem version.
 2019-04-24 14:02:46 +02:00
decabeza
cb22e6cbfb Merge branch 'master' into proposal-dashboard 2019-04-23 17:12:47 +02:00
Julian Herrero
9f97b87304 Upgrade gem devise to version 4.6.2 
There was a security vulnerability with previous version

https://github.com/plataformatec/devise/issues/4981
 2019-04-17 17:40:56 +02:00
Julian Herrero
6e88031537 Fix several rubocop warnings 
Metrics/LineLength: Line is too long.
RSpec/InstanceVariable: Use let instead of an instance variable.
Layout/TrailingBlankLines: Final newline missing.
Style/StringLiterals: Prefer double-quoted strings.
 2019-04-17 17:40:56 +02:00
Julian Herrero
868ae77692 Upgrade gem rails and its dependecies 2019-04-16 17:28:06 +02:00
decabeza
eda6ea7f12 Merge branch 'master' into dashboard 2019-03-26 16:45:48 +01:00