Commit graph

400 commits

Author SHA1 Message Date
Paul Chavard
fc75580a3c Start using pundit 2019-07-30 18:09:28 +02:00
clemkeirua
25f81f1d3c download a dossier as zip with all attachments 2019-07-16 09:11:25 +02:00
Pierre de La Morinerie
76335511c8 omniauth: protect against CSRF
See https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284
2019-07-15 18:16:00 +02:00
Mathieu Magnin
b34f8fbe3d Add ActionText 2019-07-03 13:15:49 +02:00
Paul Chavard
fb0ef15e3c Export dossiers v2 2019-07-02 14:20:29 +02:00
dependabot[bot]
18b7ddb2da
build(deps): bump chartkick from 3.0.2 to 3.2.0
Bumps [chartkick](https://github.com/ankane/chartkick) from 3.0.2 to 3.2.0.
- [Release notes](https://github.com/ankane/chartkick/releases)
- [Changelog](https://github.com/ankane/chartkick/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/chartkick/compare/v3.0.2...v3.2.0)

Signed-off-by: dependabot[bot] <support@github.com>
2019-06-12 14:44:56 +00:00
Paul Chavard
51c79ba6a6 Update webpacker and replace vue with react 2019-04-03 14:38:07 +02:00
Paul Chavard
e71cdcd12c Move all the trackers to a separate js pack 2019-04-02 17:33:53 +02:00
Pierre de La Morinerie
2cac1ff383 gems: update devise to 4.6.1 2019-03-20 10:19:36 +01:00
Pierre de La Morinerie
935cfa8693 gems: update rails to 5.2.2.1 2019-03-20 10:18:32 +01:00
Mathieu Magnin
7252c26e93 Gem web-console is back ! 2019-03-12 17:53:11 +01:00
Frederic Merizen
83adb8dcba Bump shoulda matchers
to avoid the warning about the deprecation of BigDecimal.new
2019-03-01 19:00:52 +01:00
gregoirenovel
cfcbe45695 Bump the bundler version 2019-02-25 16:57:51 +01:00
Mathieu Magnin
28fd9051d7 Gem update bootstrap-sass (>= 3.4.1) 2019-02-25 12:01:47 +01:00
Paul Chavard
c2a7460315 Add ruby debugger support 2019-02-14 15:22:57 +01:00
gregoirenovel
005eea26f7 Remove the unused web-console gem 2019-01-07 10:34:55 +01:00
gregoirenovel
9302905271 Remove the unused rack-handlers gem 2019-01-07 10:34:55 +01:00
gregoirenovel
2762a769ca Bump dependencies 2019-01-05 11:47:55 +01:00
gregoirenovel
5fa5f2aa37 Bump development gems
- rubocop (0.61.1 → 0.62.0)
2019-01-05 11:47:55 +01:00
gregoirenovel
ce8f5bf18b Bump test gems
- rails-controller-testing (1.0.3 → 1.0.4)
- webmock (3.4.2 → 3.5.1)
2019-01-05 11:25:12 +01:00
gregoirenovel
e97a16c36c Bump default gems
- bootstrap-sass (dependencies)
- carrierwave (1.2.3 → 1.3.1)
- chartkick (3.0.1 → 3.0.2)
- daemons (1.2.6 → 1.3.1)
- groupdate (4.1.0 → 4.1.1)
- rack-mini-profiler (1.0.0 → 1.1.1)
- sassc-rails (2.0.0 → 2.1.0)
- webpacker (4.0.0.pre.3 → 4.0.0.rc.2)
2019-01-05 11:24:25 +01:00
Pierre de La Morinerie
07d95ce934 Remove the rbnacl gem
Fix #3160
2019-01-03 17:48:53 +01:00
gregoirenovel
564ece37d9 Remove the draper gem 2019-01-03 15:13:22 +01:00
gregoirenovel
4c6f5a4d9f Bump rubocop 2018-12-19 13:56:10 +01:00
Frederic Merizen
57f2895938 [#3133] Bump activestorage-openstack to fix on openstack 2018-12-07 15:19:18 +01:00
Mathieu Magnin
aba9dfdd5c Fix Sentry 105, https://stackoverflow.com/questions/53560064/unknown-keyword-content-type-in-active-storage-5-2-1-1 2018-12-07 10:40:40 +01:00
gregoirenovel
9b380829f8 sass-rails → saasc-rails
saas-rails is deprecated
2018-12-04 15:54:49 +01:00
gregoirenovel
c8958b63fc Bump gem dependencies
- autoprefixer-rails (9.2.0 → 9.4.1)
- bindata (2.4.3 → 2.4.4)
- childprocess (0.8.0 → 0.9.0)
- domain_name (0.5.20170404 → 0.5.20180417)
- haml_lint (0.27.0 → 0.28.0)
- tilt (2.0.8 → 2.0.9)
- mustermann (1.0.2 → 1.0.3)
- rack-oauth2 (1.9.2 → 1.9.3)
- rack-protection (2.0.3 → 2.0.4)
- sass (3.6.0 → 3.7.2)
- selectize-rails (0.12.5 → 0.12.6)
- selenium-webdirver (3.8.0 → 3.141.0)
- sinatra (2.0.3 → 2.0.4)
2018-12-04 15:26:02 +01:00
gregoirenovel
b83ba62587 Bump test gems
- capybara (3.11.0 → 3.12.0)
- rails-controller-testing (1.0.2 → 1.0.3)
2018-12-04 15:26:02 +01:00
gregoirenovel
128da16c43 Bump default gems
- chunky_png (1.3.10 → 1.3.10)
- rgeo-geojson (2.0.0 → 2.1.1)
- simple_form (4.0.1 → 4.1.0)
- skylight (3.1.1 → 3.1.2)
2018-12-04 15:26:02 +01:00
gregoirenovel
121086eedd Bump rails 2018-12-04 11:16:42 +01:00
gregoirenovel
fd90774717 Bump capybara-screenshot (1.0.21 → 1.0.22) 2018-12-04 10:35:13 +01:00
gregoirenovel
478fb88618 Bump capybara (2.18.0 → 3.11.0) 2018-12-04 10:35:13 +01:00
Paul Chavard
cf98e28178 Fix notifications on dossiers with migrated carto 2018-11-22 11:16:01 +01:00
gregoirenovel
c55ae79930 Bump test gems
- guard (2.14.2 → 2.15.0)
2018-11-16 12:05:22 +01:00
gregoirenovel
f7225b0086 Bump development/test gems
- rspec-rails (3.8.0 → 3.8.1)
2018-11-16 12:05:22 +01:00
gregoirenovel
6479de1f6c Bump development gems
- rubocop (0.59.2 → 0.60.0)
2018-11-16 12:05:22 +01:00
gregoirenovel
dcf063f8f8 Bump warden and remove its dependency on the master branch
Now that the fix for wardencommunity/warden#147
is present in a proper release
2018-11-16 11:48:36 +01:00
gregoirenovel
7b98bfb025 Bump default gems
- active_model_serializers (0.10.7 → 0.10.8)
- groupdate (4.0.2 → 4.1.0)
- rails-i18n (5.1.1 → 5.1.2)
- skylight (3.0.0 → 3.1.1)
- typhoeus (1.3.0 → 1.3.1)
2018-11-16 11:46:38 +01:00
Frederic Merizen
e69e459649 [#2180] Add activestorage-openstack 2018-11-16 11:11:40 +01:00
Frederic Merizen
d901cb286b [#2180] Bump fog-openstack 2018-11-16 11:11:39 +01:00
Frederic Merizen
6da33f2387 [#2180] Drop fog 2018-11-16 11:11:39 +01:00
Frederic Merizen
238c0c707b [#2180] Bump Carrierwave 2018-11-16 11:11:39 +01:00
Pierre de La Morinerie
b0541fba79 users: sign-in after confirming an account within a short time 2018-11-06 18:24:34 +01:00
gregoirenovel
b200e054cd Bump loofah 2018-11-05 17:55:43 +01:00
Mathieu Magnin
3c9182d41d Update Mina 2018-10-24 12:22:33 +02:00
Mathieu Magnin
d0a8cedbe2 Unicorn -> Puma 2018-10-24 12:22:33 +02:00
gregoirenovel
5ad6787b82 Bump development gems
- rubocop (0.59.0 → 0.59.2)
- scss_lint (0.57.0 → 0.57.1)
2018-10-16 15:33:23 +02:00
gregoirenovel
2ab38955b7 Bump default gems
- administrate (0.10.0 → 0.11.0)
- groupdate (4.0.1 → 4.0.2)
- spreadsheet_architect (3.1.0 → 3.2.0)
- webpacker (4.0.0.pre.pre.2 → 4.0.0.pre.3)
2018-10-16 15:33:23 +02:00
gregoirenovel
f3caa8ef7f Remove apipie (and maruku) 2018-10-09 17:23:07 +02:00
Paul Chavard
179786380d Use leaflet and freedraw from npm 2018-10-05 09:55:41 +02:00
Paul Chavard
ff9e87b88e Use letter opener 2018-10-04 18:21:43 +02:00
simon lehericey
8c4f8347ca Api Token: store token in an encrypted form 2018-09-27 10:14:32 +02:00
Mathieu Magnin
96b95b90cc [Fix #1285] Add zxcvbn gem 2018-09-26 08:58:43 +02:00
Paul Chavard
c66bb056f5 Remove uglifier 2018-09-25 18:26:19 +02:00
gregoirenovel
abac1d4a1d [Fix #2309] Remove therubyracer 2018-09-25 17:10:13 +02:00
gregoirenovel
31a95cfb4e Bump development/test gems
- rspec-rails (3.8.0)
2018-09-18 15:06:29 +02:00
gregoirenovel
81d8e998b9 Bump test gems
- factory_bot (4.11.0 → 4.11.1)
2018-09-18 15:06:29 +02:00
gregoirenovel
40df5bb1f0 Bump development gems
- rubocop (0.58.2 → 0.59.0)
2018-09-18 15:06:29 +02:00
gregoirenovel
1a33984e8b Bump default gems
- aasm (5.0.0 → 5.0.1)
- pg (1.1.2 → 1.1.3)
- skylight (2.0.2 → 3.0.0)
- uglifier (4.1.18 → 4.1.19)
2018-09-18 15:06:29 +02:00
Pierre de La Morinerie
110f657849 Gemfile: add default ActiveRecord translations
Before:

```ruby
> Commentaire.create!
ActiveRecord::RecordInvalid (translation missing: fr.activerecord.errors.messages.record_invalid)
```

After:

```ruby
> Commentaire.create!
ActiveRecord::RecordInvalid (La validation a échoué : Body Votre message ne peut être vide)
```

Fix #2096
2018-09-18 14:22:08 +02:00
Frederic Merizen
cbd390218d [Fix #1372] Bump spreadsheet architect and axlsx
This allows us to bump rubyzip to a version that is free of CVE-2017-5946
2018-09-06 17:56:57 +02:00
gregoirenovel
49ce7a14c7 Bump FFI to fix a CVE 2018-09-04 14:52:43 +02:00
gregoirenovel
4afc5fd443 Bump test gems
- factory_bot (4.10.0 → 4.11.0)
2018-09-03 21:41:18 +02:00
gregoirenovel
a6702b5889 Bump development gems
- web-console (3.6.2 → 3.7.0)
2018-09-03 21:41:18 +02:00
gregoirenovel
2acbef4d76 Bump default gems
- chartkick (2.3.5 → 3.0.1)
- devise (4.4.3 → 4.5.0)
- pg (1.0.0 → 1.1.2)
- rails (5.2.0 → 5.2.1)
- turbolinks (5.1.1 → 5.2.0)
- uglifier (4.1.17 → 4.1.18)
2018-09-03 21:41:18 +02:00
Paul Chavard
c67f8dcaaa Add after_party 2018-08-30 11:54:54 +01:00
gregoirenovel
c6a839cd64 Add the groupdate gem 2018-08-27 14:00:34 +02:00
Paul Chavard
40a1e22cc9 Remove logstasher and add custom job structured logger 2018-08-16 12:26:13 +02:00
Paul Chavard
a6a4790a35 Replace logstasher with lograge 2018-08-13 12:44:00 +02:00
gregoirenovel
f66474e3a2 Bump development gems
- rubocop (0.58.1 → 0.58.2)
2018-08-01 00:15:00 +02:00
gregoirenovel
32711be333 Bump default gems
- aasm (4.12.3 → 5.0.0)
- apipie-rails (0.5.9 → 0.5.10)
- uglifier (4.1.15 → 4.1.17)
- unicorn (5.4.0 → 5.4.1)
2018-08-01 00:13:20 +02:00
Paul Chavard
bf7c023380 Add webpacker and use it for new_design 2018-07-25 15:14:06 +02:00
gregoirenovel
5d3a77fb6f Bump development, test gems
- dotenv-rails (2.4.0 → 2.5.0)
- rspec_junit_formatter (0.3.0 → 0.4.1)
2018-07-17 17:38:37 +02:00
gregoirenovel
79b91495d3 Bump test gems
- factory_bot (4.8.2 → 4.10.0)
- web mock (3.4.1 → 3.4.2)
2018-07-17 17:38:23 +02:00
gregoirenovel
81ac3d7c6b Bump development gems
- brakeman (4.3.0 → 4.3.1)
- rubocop (0.56.0 → 0.58.1)
2018-07-17 17:33:28 +02:00
gregoirenovel
351dd883b4 Bump default gems
- apipie-rails  (0.5.8 → 0.5.9)
- chartkick (2.3.4 → 2.3.5)
- delayed_job_web (1.4.2 → 1.4.3)
- fog-openstack (0.1.24 → 0.1.27)
- openstack (3.3.18 → 3.3.20)
- sentry-raven (2.7.3 → 2.7.4)
- simple_form (4.0.0 → 4.0.1)
- skylight (2.0.1 → 2.0.2)
- uglifier (4.1.10 → 4.1.15)
2018-07-17 17:33:28 +02:00
Pierre de La Morinerie
394019b70c specs: save a screenshot of failing integration tests 2018-07-04 09:43:22 +02:00
Pierre de La Morinerie
a569a566fc header: use active_link_to for setting the active class on links 2018-06-26 18:04:04 +02:00
Mathieu Magnin
9e4cc14f70 Fix CVE-2018-3760 https://blog.heroku.com/rails-asset-pipeline-vulnerability 2018-06-20 08:59:42 +02:00
Frederic Merizen
ad040e354a [Fix #2071] Let premailer generate a plain text version of html emails 2018-06-09 09:00:33 +02:00
Frederic Merizen
49e0351c35 Bump Sinatra 2018-06-06 12:02:46 +02:00
gregoirenovel
e5869f2bec Remove delayed_job_web version lock
Now that the security patches have been patched
2018-06-01 10:42:40 +02:00
gregoirenovel
661010100d [Fix #1536] Remove stringupcasepatch 2018-05-31 11:49:25 +02:00
Frederic Merizen
fd168c4a72 [Fix #1972] Make devise mails async 2018-05-28 12:02:13 +02:00
gregoirenovel
a8ac59dd4c Remove constraint on rails 2018-05-24 18:17:34 +02:00
gregoirenovel
5a880b5663 Remove constraint on uglifier 2018-05-24 18:17:34 +02:00
gregoirenovel
cf0eec6cd6 Remove the fixed version for guard-livereload 2018-05-24 18:17:34 +02:00
gregoirenovel
682823ec93 Bump gems
- apipie-rails
- brakeman
- dotenv-rails
- openid_connect
- openstack
- rack-mini-profiler
- rubocop
- sentry-raven
- web-console
- webmock
2018-05-18 18:14:17 +02:00
simon lehericey
cbf0a9b340 Skylight: update gem
Cause it's polluting the errors logs with invalid slq parsing error
2018-05-18 17:41:03 +02:00
Paul Chavard
a8e7038ab5 Add aasm 2018-05-17 14:46:48 +02:00
Paul Chavard
27292f7b77 Update flipflop to latests released version 2018-04-26 09:48:58 +02:00
Paul Chavard
482b306920 Show enabled features for admins in manager 2018-04-25 15:42:45 +02:00
gregoirenovel
543c206a13 Bump some dependencies 2018-04-24 16:07:19 +02:00
gregoirenovel
049a2d88b9 Bump rails to 5.2 final 2018-04-24 16:07:19 +02:00
gregoirenovel
8c5bc0b0a5 Bump gems
- administrate
- database_cleaner
- dotenv-rails
- uglifier
- web-console
- simple_form
2018-04-24 16:01:48 +02:00
Paul Chavard
49d9833473 add flipflop gem 2018-04-18 16:51:21 +02:00
Paul Chavard
cee6101008 Fix chromedriver on CI 2018-04-18 15:34:42 +02:00
gregoirenovel
09e0144f30 Bump gems
- apipie-rails
- brakeman
- byebug
- rubocop
- turbolinks
- skylight
- chartkick
- devise
- dotenv-rails
- uglifier
- web-console
- font-awesome-rails
- pg
- deep_cloneable
- delayed_job_active_record
2018-04-17 17:24:10 +02:00
gregoirenovel
6d8497388b Bump rails-html-sanitizer (dependency) 2018-04-17 16:44:21 +02:00
Paul Chavard
714ebda2fe Add SignatureService 2018-04-04 18:44:08 +02:00
Paul Chavard
f35aef0eb6 Use Typhoeus and set agressive timeouts 2018-03-26 16:53:42 +02:00
Frederic Merizen
04b4fac89c Upgrade loofah 2.2.0 -> 2.2.1 to fix CVE-2018-8048 2018-03-21 19:58:37 +01:00
gregoirenovel
a15790160e Bump ffi 2018-03-14 17:46:22 +01:00
gregoirenovel
97a2c9321f Unlock ffi now that a bug has been resolved 2018-03-14 17:46:22 +01:00
gregoirenovel
39f627fdbd Bump default gems
- browser
- chartkick
- openid_connect
- openstack
- uglifier
2018-03-14 17:46:22 +01:00
Mathieu Magnin
25c5873a86 Go back to official smartlisting gem 2018-03-14 17:06:29 +01:00
Frederic Merizen
c23419359b Fix XSS in delayed job web admin
https://github.com/ejschmitt/delayed_job_web/issues/101
2018-03-07 17:04:47 +01:00
gregoirenovel
46f33c519f Revert "Bump openid_connect"
This reverts commit 14bbce0b59.
2018-03-06 18:18:41 +01:00
gregoirenovel
a0a6273ccf Revert "Bump openstack"
This reverts commit 048c898b59.
2018-03-06 18:06:26 +01:00
gregoirenovel
fc2bf52fdb Revert browser bump 2018-03-06 17:55:46 +01:00
gregoirenovel
e26f4148ff Bump development gems
- brakeman
- rubocop
- scss_lint
2018-03-06 16:17:22 +01:00
gregoirenovel
51988b7ccd Bump browser 2018-03-06 16:05:51 +01:00
gregoirenovel
048c898b59 Bump openstack 2018-03-06 15:52:15 +01:00
gregoirenovel
14bbce0b59 Bump openid_connect 2018-03-06 15:33:21 +01:00
gregoirenovel
dc3d1d10a1 Revert "Bump default gems"
This reverts commit 1030a4ae7d.
2018-03-06 15:32:29 +01:00
gregoirenovel
fe7f8da636 Revert "Bump development gems"
This reverts commit d6ad3fc3fd.
2018-03-06 15:11:26 +01:00
gregoirenovel
d6ad3fc3fd Bump development gems
- brakeman
- rubocop
- scss_lint
2018-03-06 10:36:35 +01:00
gregoirenovel
1030a4ae7d Bump default gems
- openid_connect
- openstack
- chartkick
- browser
2018-03-06 10:18:46 +01:00
gregoirenovel
2395e4608e Revert "Bump default gems"
This reverts commit d01a1385b0.
2018-03-05 11:33:14 +01:00
gregoirenovel
2f4a68726d Revert "Bump development gems"
This reverts commit 53e5f26a2e.
2018-03-05 11:33:06 +01:00
gregoirenovel
53e5f26a2e Bump development gems
- brakeman
- scss_lint
2018-03-02 16:27:03 +01:00
gregoirenovel
d01a1385b0 Bump default gems
- openid_connect
- openstack
- chartkick
- browser
2018-03-02 16:26:41 +01:00
simon lehericey
b59e23a619 Gemfile: Add chromedriver-helper 2018-02-27 10:14:55 +01:00
gregoirenovel
eda780d867 Bump the dependencies of some gems
- guard-livereload
- haml-rails
- rest-client
- unicorn
2018-02-23 17:08:13 +01:00
gregoirenovel
dc9430b015 Bump more gems
- administrate
- fog
- openid_connect
2018-02-23 17:08:13 +01:00
gregoirenovel
a6c321e428 Remove an unused gem 2018-02-23 16:45:38 +01:00
Paul Chavard
c876d5e5a2 Lock ffi version to fix builds on Mac 2018-02-22 15:50:35 +01:00
gregoirenovel
54ee79d90b Bump sinatra (security vulnerability) 2018-02-21 12:12:11 +01:00
gregoirenovel
1c74521c6e Bump test gems
- capybara
- byebug
- pry-byebug
- rspec-rails
2018-02-21 12:12:11 +01:00
gregoirenovel
935a022f15 Bump default gems
- sentry-raven
- simple_form
- skylight
- uglifier
- fog-openstack
2018-02-21 12:12:11 +01:00
gregoirenovel
29d9b03672 Bump rails to 5.2.0.rc1 2018-02-07 16:18:42 +01:00
gregoirenovel
f4e2bf2bca Bump default gems
- chunky-png
- administrate
- kaminari
- rails
- uglifier
2018-02-07 10:27:26 +01:00
gregoirenovel
7d6b5f8426 Revert "Point to a forked devise to fix build errors"
This reverts commit 1b58bfad3e.
2018-02-01 17:08:17 +01:00
Paul Chavard
9576a82d2b Revert "Bump default gems"
This reverts commit c67f692ad2.
2018-01-31 16:30:38 +01:00
gregoirenovel
1b58bfad3e Point to a forked devise to fix build errors 2018-01-31 12:18:24 +01:00
gregoirenovel
87acf63f91 Bump devise 2018-01-31 11:56:02 +01:00
gregoirenovel
c67f692ad2 Bump default gems
- chunky-png
- administrate
- kaminari
- rails
- uglifier
2018-01-30 16:56:51 +01:00
Frederic Merizen
0ce26055d8 [#1374] Revert "Merge pull request #1373 from betagouv/fix_pagination"
This reverts commit 5a56fe0182, reversing
changes made to 31aabcd6b6.
2018-01-30 15:04:21 +01:00
Paul Chavard
fdd6cedeb8 Remove data_provide and data_date_format attributes 2018-01-30 13:49:16 +01:00
Mathieu Magnin
da784aa8e9 [Fix #1370] downgrade spreadsheet architecture to support date in ODS 2018-01-29 18:14:57 +01:00
simon lehericey
691b12688d Revert "[#1360] Upgrade SmartListing to fork of 1.2.1"
This reverts commit 506a505477.
2018-01-29 17:43:30 +01:00
Frederic Merizen
506a505477 [#1360] Upgrade SmartListing to fork of 1.2.1 2018-01-25 17:47:10 +01:00
gregoirenovel
a2f4e8b283 factory_girl is now factory_bot 2018-01-23 17:15:42 +01:00
gregoirenovel
f5629f8392 Bump capybara 2018-01-23 16:26:57 +01:00
gregoirenovel
9aea126db0 Bump rubocop-rspec-focused 2018-01-23 16:26:56 +01:00
gregoirenovel
2bb6613ca8 Bump rails-controller-testing 2018-01-23 16:26:56 +01:00
gregoirenovel
2761f8ac86 Bump rspec-rails 2018-01-23 16:26:56 +01:00
gregoirenovel
5340b4ed0d Bump turbolinks 2018-01-23 16:26:56 +01:00
gregoirenovel
12b6d30326 Bump sass-rails 2018-01-23 16:26:56 +01:00