nairobi

Author	SHA1	Message	Date
Javi Martín	9841a9b03a	Use in_order_of to sort translations by fallback This method was introduced in Rails 7.0, and thanks to it we can simplify the code that gets the translations in order. We tried to use this method to simplify the `Randomizable` concern as well. However, we found out that, when ordering tens of thousands of records, the query could take several minutes, so we aren't using it in this case. Using it for translation fallbacks is OK, since there's a good chance we're never going to have tens of thousands of available locales. Note that automated security tools reported a false positive related to SQL Injection due to the way we used `LEFT JOIN`, so now we get one less false positive in these reports.	2024-07-22 17:50:40 +02:00
Javi Martín	a56e1bf3cf	Simplify strategy to insert records in tests Since Rails 7.0, the `insert` method automatically generates timestamps.	2024-07-22 17:50:40 +02:00
Javi Martín	6628b0f67e	Merge pull request #5493 from consuldemocracy/properties_alphabetical_order Add properties-alphabetical-order Stylelint rule	2024-07-22 17:50:12 +02:00
Javi Martín	2ccf725815	Add properties-alphabetical-order Stylelint rule We hadn't added this rule before because there was no such rule in scss-lint. Instead, we were following it without a linter, and so we unintentionally broke it sometimes. But now we're using Stylelint, so we can add the rule and let the linter check we're still following it.	2024-07-22 17:34:08 +02:00
Javi Martín	2361efb1b5	Merge pull request #5579 from consuldemocracy/dependabot/bundler/rubocop-rspec-3.0.1 Bump rubocop-rspec from 2.27.0 to 3.0.1	2024-07-22 17:31:31 +02:00
Javi Martín	50c8409f41	Merge pull request #5619 from consuldemocracy/dependabot/github_actions/docker/setup-buildx-action-3 Bump docker/setup-buildx-action from 1 to 3	2024-07-21 23:48:05 +02:00
dependabot[bot]	b211cd759b	Bump docker/setup-buildx-action from 1 to 3 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 1 to 3. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v1...v3) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2024-07-21 21:22:31 +00:00
Javi Martín	44c7e47dd4	Merge pull request #5618 from consuldemocracy/dependabot/github_actions/docker/build-push-action-6 Bump docker/build-push-action from 2 to 6	2024-07-21 23:21:13 +02:00
Javi Martín	70f90aba33	Merge pull request #5621 from consuldemocracy/dependabot/github_actions/toshimaru/auto-author-assign-2.1.1 Bump toshimaru/auto-author-assign from 1.4.0 to 2.1.1	2024-07-21 23:20:42 +02:00
Javi Martín	140ca2feb9	Add RSpec/MissingExpectationTargetMethod rule This rule was introduced in rubocop-rspec 3.0.0. We were already following it. It might be helpful because during development I've made typos prevented by this rule a couple of times.	2024-07-21 22:25:45 +02:00
Javi Martín	04eaa802cc	Add RSpec/ExpectInLet rubocop rule This rule was added in rubocop-rspec 2.30.0. We were already following it. It might be useful to detect typos during development.	2024-07-21 22:25:45 +02:00
Javi Martín	d90b799342	Add RSpec/UndescriptiveLiteralsDescription rule This rule was added in rubocop-rspec 2.29.0. We were already following it.	2024-07-21 22:25:45 +02:00
Javi Martín	dea317c614	Add RSpec/EmptyOutput rubocop rule This rule was added in rubocop-rspec 2.29.0. While we never use the `output` matcher, it might actually be a good idea to use it in tests of take tasks, to check the logger output.	2024-07-21 22:25:45 +02:00
dependabot[bot]	cb227e41dc	Bump rubocop-rspec from 2.27.0 to 3.0.1 In this version, the RSpec Rails cops have been extracted to a new `rubocop-rspec_rails` gem [1], and the `RSpec/Capybara/FeatureMethods` has been removed in favor of the `RSpec/Dialect` cop. Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec) from 2.27.0 to 3.0.1. - [Release notes](https://github.com/rubocop/rubocop-rspec/releases) - [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rspec/compare/v2.27.0...v3.0.1) --- updated-dependencies: - dependency-name: rubocop-rspec dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> [1] https://docs.rubocop.org/rubocop-rspec/upgrade_to_version_3.html [2] https://docs.rubocop.org/rubocop-rspec/cops_rspec.html#rspecdialect	2024-07-21 22:25:43 +02:00
Javi Martín	2b69e3c814	Merge pull request #5564 from consuldemocracy/dependabot/bundler/rubocop-1.64.1 Bump rubocop from 1.61.0 to 1.64.1	2024-07-21 22:21:33 +02:00
dependabot[bot]	3be475e582	Bump toshimaru/auto-author-assign from 1.4.0 to 2.1.1 Bumps [toshimaru/auto-author-assign](https://github.com/toshimaru/auto-author-assign) from 1.4.0 to 2.1.1. - [Release notes](https://github.com/toshimaru/auto-author-assign/releases) - [Changelog](https://github.com/toshimaru/auto-author-assign/blob/main/CHANGELOG.md) - [Commits](https://github.com/toshimaru/auto-author-assign/compare/v1.4.0...v2.1.1) --- updated-dependencies: - dependency-name: toshimaru/auto-author-assign dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2024-07-21 20:19:50 +00:00
dependabot[bot]	ca7c9f497a	Bump docker/build-push-action from 2 to 6 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2 to 6. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v2...v6) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2024-07-21 20:19:44 +00:00
Javi Martín	5dc927abf3	Merge pull request #5611 from consuldemocracy/dependabot_github Use dependabot to update github actions dependencies	2024-07-21 22:19:19 +02:00
Javi Martín	16315e14d2	Add and apply Style/SuperArguments rubocop rule This rule was added in rubocop 1.64.0. For clarity, in order to make it obvious that we're modifying the object we received, we're excluding the Ahoy initializer, whose code was copied from the Ahoy documentation. We're also changing the `Types::BaseObject` class so we don't use a variable with the same name as the parameter and we don't get a false positive for this rule.	2024-07-09 11:23:02 +02:00
Javi Martín	46dc4a3163	Add and apply Style/MapIntoArray rubocop rule This rule was added in rubocop 1.63.0.	2024-07-09 11:23:02 +02:00
dependabot[bot]	71d0faf237	Bump rubocop from 1.61.0 to 1.64.1 Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.61.0 to 1.64.1. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.61.0...v1.64.1) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-07-09 11:23:00 +02:00
Javi Martín	c913b8481f	Merge pull request #5598 from consuldemocracy/dependabot/bundler/rubocop-rails-2.25.1 Bump rubocop-rails from 2.23.1 to 2.25.1	2024-07-05 17:47:11 +02:00
Javi Martín	2abe9f27b5	Use ranges instead of comparisons in SQL queries These cases aren't covered by the `Rails/WhereRange` rubocop rule, but IMHO using ranges makes them more consistent. Besides, they generate SQL which is more consistent with what Rails usually generates. For example, `Poll.where("starts_at <= :time and ends_at >= :time", time: Time.current)` generates: ``` SELECT \"polls\".\"id\", (...) WHERE \"polls\".\"hidden_at\" IS NULL AND (starts_at <= '2024-07-(...)' and ends_at >= '2024-07-(...)') ``` And `Poll.where(starts_at: ..Time.current, ends_at: Time.current..)` generates: ``` SELECT \"polls\".\"id\", (...) WHERE \"polls\".\"hidden_at\" IS NULL AND \"polls\".\"starts_at\" <= '2024-07-(...)' AND \"polls\".\"ends_at\" >= '2024-07-(...)'" ``` Note that the `not_archived` scope in proposals slightly changes, since we were using `>` and now we use the equivalent of `>=`. However, since the `created_at` field is a time, this will only mean that a proposal will be archived about one microsecond later. For consistency, we're also changing the `archived` scope, so a proposal is never archived and not archived at the same time (not even for a microsecond).	2024-07-05 17:24:56 +02:00
Javi Martín	fb0c087f95	Add and apply Rails/WhereRange rubocop rule This rule was added in rubocop-rails 2.25.0. Applying it allows us to simplify the code a little bit. For example, now there's no need to specify the `proposals` table in proposal scopes, which was actually causing a bug in the `Legislation::Proposal` model, which was using the `proposals` table instead of the `legislation_proposals` table (but, since we don't use this scope, it didn't affect the application).	2024-07-05 17:11:29 +02:00
dependabot[bot]	8e2bd12c7e	Bump rubocop-rails from 2.23.1 to 2.25.1 Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.23.1 to 2.25.1. - [Release notes](https://github.com/rubocop/rubocop-rails/releases) - [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.23.1...v2.25.1) --- updated-dependencies: - dependency-name: rubocop-rails dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-07-05 17:11:29 +02:00
Javi Martín	f341634f0a	Merge pull request #5592 from consuldemocracy/dependabot/npm_and_yarn/stylelint-scss-6.3.2 Bump stylelint-scss from 6.2.1 to 6.3.2	2024-07-05 16:10:41 +02:00
Javi Martín	c524db9c7b	Add scss/at-mixin-no-risky-nesting-selector rule This rule was added in stylelint-scss 6.3.0. We've always used it so far, so we're adding it to make sure we remain using it, since it prevents a pattern in mixins that makes the code confusing.	2024-07-05 15:54:26 +02:00
dependabot[bot]	761f77779f	Bump stylelint-scss from 6.2.1 to 6.3.2 Bumps [stylelint-scss](https://github.com/stylelint-scss/stylelint-scss) from 6.2.1 to 6.3.2. - [Release notes](https://github.com/stylelint-scss/stylelint-scss/releases) - [Changelog](https://github.com/stylelint-scss/stylelint-scss/blob/master/CHANGELOG.md) - [Commits](https://github.com/stylelint-scss/stylelint-scss/compare/v6.2.1...v6.3.2) --- updated-dependencies: - dependency-name: stylelint-scss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-07-05 15:54:26 +02:00
Javi Martín	2419084745	Don't add the ruby label to dependabot pull requests The "ruby" label was redundant because most our dependencies are ruby gems. We're still keeping the "javascript" dependencies for npm dependencies, though.	2024-07-04 17:19:49 +02:00
Javi Martín	3c17de5435	Use dependabot to update github actions dependencies This way we don't have to update them manually.	2024-07-04 17:19:49 +02:00
Javi Martín	bc1489ce83	Merge pull request #5483 from consuldemocracy/stylelint_code_climate Don't run linters in Code Climate	2024-07-04 17:02:09 +02:00
Javi Martín	8d4d1b7e4b	Don't run linters in Code Climate We're now running the linters in github actions, and code climate doesn't use the same versions of the gems or npm packages that we're using in the application. For example, only a few limited rubocop versions are available, and sometimes code climate breaks because our rubocop version isn't compatible with theirs. Now we're also using a version of stylelint they don't support. All in all, the linters check in code climate isn't helpful at all anymmore.	2024-07-04 16:50:51 +02:00
Javi Martín	8f1739cc6a	Use Stylelint instead of SCSS Lint in Code Climate We forgot to do so in commit `e210682ac`.	2024-07-04 16:50:51 +02:00
Javi Martín	3b802987a7	Merge pull request #5608 from consuldemocracy/prs_in_kanban Remove kanban management github action workflow	2024-07-04 15:52:16 +02:00
Javi Martín	96b43b3c95	Merge pull request #5559 from consuldemocracy/dependabot/bundler/recipient_interceptor-0.3.2 Bump recipient_interceptor from 0.3.1 to 0.3.2	2024-07-02 23:44:41 +02:00
dependabot[bot]	52ef2364a3	Bump recipient_interceptor from 0.3.1 to 0.3.2 Bumps [recipient_interceptor](https://github.com/croaky/recipient_interceptor) from 0.3.1 to 0.3.2. - [Release notes](https://github.com/croaky/recipient_interceptor/releases) - [Commits](https://github.com/croaky/recipient_interceptor/compare/v0.3.1...v0.3.2) --- updated-dependencies: - dependency-name: recipient_interceptor dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-07-02 21:27:08 +00:00
Javi Martín	29b3fbe1cd	Merge pull request #5550 from consuldemocracy/dependabot/npm_and_yarn/stylelint-16.6.1 Bump stylelint from 16.3.1 to 16.6.1	2024-07-02 23:25:35 +02:00
dependabot[bot]	376595fc34	Bump stylelint from 16.3.1 to 16.6.1 Bumps [stylelint](https://github.com/stylelint/stylelint) from 16.3.1 to 16.6.1. - [Release notes](https://github.com/stylelint/stylelint/releases) - [Changelog](https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md) - [Commits](https://github.com/stylelint/stylelint/compare/16.3.1...16.6.1) --- updated-dependencies: - dependency-name: stylelint dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-07-02 23:07:21 +02:00
Javi Martín	ec8473dd85	Merge pull request #5518 from consuldemocracy/dependabot/npm_and_yarn/stylistic/stylelint-plugin-2.1.2 Bump @stylistic/stylelint-plugin from 2.1.1 to 2.1.2	2024-07-02 22:23:53 +02:00
dependabot[bot]	c9c8711356	Bump @stylistic/stylelint-plugin from 2.1.1 to 2.1.2 Bumps [@stylistic/stylelint-plugin](https://github.com/stylelint-stylistic/stylelint-stylistic) from 2.1.1 to 2.1.2. - [Release notes](https://github.com/stylelint-stylistic/stylelint-stylistic/releases) - [Changelog](https://github.com/stylelint-stylistic/stylelint-stylistic/blob/main/CHANGELOG.md) - [Commits](https://github.com/stylelint-stylistic/stylelint-stylistic/compare/v2.1.1...v2.1.2) --- updated-dependencies: - dependency-name: "@stylistic/stylelint-plugin" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-07-02 20:06:23 +00:00
Javi Martín	6dace929a7	Merge pull request #5604 from consuldemocracy/dependabot/bundler/selenium-webdriver-4.22.0 Bump selenium-webdriver from 4.16.0 to 4.22.0	2024-07-02 21:47:05 +02:00
Javi Martín	ad4680788e	Merge pull request #5606 from consuldemocracy/dependabot/bundler/knapsack_pro-7.6.2 Bump knapsack_pro from 7.0.1 to 7.6.2	2024-07-02 21:46:17 +02:00
dependabot[bot]	4e7f5d2454	Bump selenium-webdriver from 4.16.0 to 4.22.0 Bumps [selenium-webdriver](https://github.com/SeleniumHQ/selenium) from 4.16.0 to 4.22.0. - [Release notes](https://github.com/SeleniumHQ/selenium/releases) - [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES) - [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.16.0...selenium-4.22.0) --- updated-dependencies: - dependency-name: selenium-webdriver dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-07-02 19:26:27 +00:00
dependabot[bot]	6dd8f5607c	Bump knapsack_pro from 7.0.1 to 7.6.2 Bumps [knapsack_pro](https://github.com/KnapsackPro/knapsack_pro-ruby) from 7.0.1 to 7.6.2. - [Changelog](https://github.com/KnapsackPro/knapsack_pro-ruby/blob/master/CHANGELOG.md) - [Commits](https://github.com/KnapsackPro/knapsack_pro-ruby/compare/v7.0.1...v7.6.2) --- updated-dependencies: - dependency-name: knapsack_pro dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-07-02 19:26:14 +00:00
Javi Martín	c8d7a1c4d6	Merge pull request #5566 from consuldemocracy/dependabot/bundler/letter_opener_web-3.0.0 Bump letter_opener_web from 2.0.0 to 3.0.0	2024-07-02 21:24:36 +02:00
dependabot[bot]	ad9697b3e1	Bump letter_opener_web from 2.0.0 to 3.0.0 Bumps [letter_opener_web](https://github.com/fgrehm/letter_opener_web) from 2.0.0 to 3.0.0. - [Release notes](https://github.com/fgrehm/letter_opener_web/releases) - [Changelog](https://github.com/fgrehm/letter_opener_web/blob/master/CHANGELOG.md) - [Commits](https://github.com/fgrehm/letter_opener_web/compare/v2.0.0...v3.0.0) --- updated-dependencies: - dependency-name: letter_opener_web dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2024-07-02 19:02:29 +00:00
Javi Martín	ff004c00d8	Merge pull request #5527 from consuldemocracy/dependabot/bundler/spring-4.2.1 Bump spring from 4.1.3 to 4.2.1	2024-07-02 20:57:58 +02:00
dependabot[bot]	05d6eddc63	Bump spring from 4.1.3 to 4.2.1 Bumps [spring](https://github.com/rails/spring) from 4.1.3 to 4.2.1. - [Release notes](https://github.com/rails/spring/releases) - [Changelog](https://github.com/rails/spring/blob/main/CHANGELOG.md) - [Commits](https://github.com/rails/spring/compare/v4.1.3...v4.2.1) --- updated-dependencies: - dependency-name: spring dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-07-02 18:36:07 +00:00
Javi Martín	9bb0484688	Merge pull request #5609 from consuldemocracy/dependabot/bundler/capistrano-3.19.1 Bump capistrano from 3.18.1 to 3.19.1	2024-07-02 20:21:36 +02:00
dependabot[bot]	e0fa4e43ab	Bump capistrano from 3.18.1 to 3.19.1 Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.18.1 to 3.19.1. - [Release notes](https://github.com/capistrano/capistrano/releases) - [Commits](https://github.com/capistrano/capistrano/compare/v3.18.1...v3.19.1) --- updated-dependencies: - dependency-name: capistrano dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-07-02 20:08:49 +02:00

1 2 3 4 5 ...

19503 Commits