Commit graph

573 commits

Author SHA1 Message Date
simon lehericey
74bf19f99c bump to rails 6.1.5.1 2022-04-28 16:05:16 +02:00
simon lehericey
07ab55d83a update brakeman for ruby 3.1 pattern matching 2022-04-28 15:48:54 +02:00
Paul Chavard
1e928a277d chore(devise): drop unmaintained dependencie 2022-04-28 12:28:33 +02:00
Paul Chavard
86df16ebda feat(view_components): add view_components 2022-04-26 14:54:58 +02:00
Paul Chavard
55d6b787c8 feat(js): add turbo 2022-04-21 19:41:27 +02:00
Paul Chavard
64c599e208 refactor(stimulus): initiate react components via stimulus 2022-04-20 14:08:47 +02:00
Paul Chavard
c96adbf2d2 chore(chartkick): upgrade to 4.1 and use built-in lazy loading 2022-04-15 12:12:18 +02:00
simon lehericey
8cbbd10408 add missing net-pop and net-imap missing from ruby 3.1.2 2022-04-13 17:13:55 +02:00
simon lehericey
df6ecb09cb update i18n-tasks 2022-04-13 14:39:20 +02:00
simon lehericey
51b69a5821 update rails to 6.1.5 2022-04-13 14:39:20 +02:00
simon lehericey
1d6b3c6ce5 add matrix needed by prawn 2022-04-13 14:39:20 +02:00
simon lehericey
e326a9b4c2 update bundler 2022-04-13 14:39:20 +02:00
simon lehericey
73bf3c8038 add net-smtp 2022-04-13 14:39:20 +02:00
dependabot[bot]
b2444fb2ec
build(deps): bump devise-two-factor from 4.0.0 to 4.0.2
Bumps [devise-two-factor](https://github.com/tinfoil/devise-two-factor) from 4.0.0 to 4.0.2.
- [Release notes](https://github.com/tinfoil/devise-two-factor/releases)
- [Changelog](https://github.com/tinfoil/devise-two-factor/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tinfoil/devise-two-factor/compare/v4.0.0...v4.0.2)

---
updated-dependencies:
- dependency-name: devise-two-factor
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-12 22:01:21 +00:00
Paul Chavard
433c01b1e6 Revert "Merge pull request #7137 from betagouv/faster_pdf"
This reverts commit 9da44bd913, reversing
changes made to ebac71796c.
2022-04-12 19:22:07 +02:00
simon lehericey
af27af7900 ! instances : prawn does not like svg
win 10% on pdf generation
2022-04-12 11:56:56 +02:00
simon lehericey
5955b1af05 update Nokogiri 2022-04-12 11:50:59 +02:00
Martin
c1884f231c Revert "Merge pull request #7105 from betagouv/US/fix-dossier.processed_in_month"
This reverts commit a0e144b9a7, reversing
changes made to 49848bd150.
2022-04-05 13:39:37 +02:00
Martin
d6d9db9721 tech(Sorbet): prepare usage of sorbet to avoid defensive programming style [casting date to datetime] 2022-04-05 12:14:07 +02:00
Paul Chavard
44c64669e9 Revert "Merge pull request #6787 from tchak/use-vite"
This reverts commit 5d572727b5, reversing
changes made to 43be4482ee.
2022-03-31 12:07:52 +02:00
dependabot[bot]
8ee1913b85
build(deps): bump puma from 5.6.2 to 5.6.4
Bumps [puma](https://github.com/puma/puma) from 5.6.2 to 5.6.4.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.6.2...v5.6.4)

---
updated-dependencies:
- dependency-name: puma
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-30 22:21:24 +00:00
Paul Chavard
187e84a010 feat(assets): use vitejs to build javascript 2022-03-29 16:27:08 +02:00
Pierre de La Morinerie
2e04435117 gems: add strong_migrations 2022-03-16 10:30:25 +01:00
simon lehericey
feeb8b691a bump rails to 6.1.4.7 2022-03-09 10:32:29 +01:00
dependabot[bot]
19cde3140e
chore(deps): bump image_processing from 1.12.1 to 1.12.2
Bumps [image_processing](https://github.com/janko/image_processing) from 1.12.1 to 1.12.2.
- [Release notes](https://github.com/janko/image_processing/releases)
- [Changelog](https://github.com/janko/image_processing/blob/master/CHANGELOG.md)
- [Commits](https://github.com/janko/image_processing/compare/v1.12.1...v1.12.2)

---
updated-dependencies:
- dependency-name: image_processing
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-01 23:35:43 +00:00
simon lehericey
30a7fb25a7 update nokogiri 2022-03-01 10:01:33 +01:00
Pierre de La Morinerie
4cde3623be gems: remove hardcoded git URL for mina
It is not needed anymore.
2022-02-22 09:27:57 +01:00
Pierre de La Morinerie
e6ad411aae gems: remove hardcoded version for zipline
The fix was eventually released.
2022-02-22 09:27:57 +01:00
simon lehericey
6930ddb433 bump rails 2022-02-22 09:19:08 +01:00
dependabot[bot]
6e11c3445d
chore(deps): bump puma from 5.5.1 to 5.6.2
Bumps [puma](https://github.com/puma/puma) from 5.5.1 to 5.6.2.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.5.1...v5.6.2)

---
updated-dependencies:
- dependency-name: puma
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-15 13:44:10 +00:00
François Vantomme
bebc78b587
chore(rubocop): replace deprecated rspec-focused by rubocop-rspec
WARNING: We are no longer maintaining this gem, and will eventually
archive this repo. We recommend you use rubocop-rspec instead.

https://github.com/CarooDev/rubocop-rspec-focused
2022-02-08 12:50:18 +01:00
François Vantomme
f3bf0499b6 chore(rubocop): cleanup dependencies
Using rubocop-rails_config is a nonsense because:
  - it relies on rubocop-minitest which is useless here (we use RSpec)
  - it relies on rubocop-packaging but disables all its cops
  - it targets ruby version 2.7, but we use 3.0
2022-02-08 12:35:08 +01:00
simon lehericey
7839067bcd bump rails to 6.4.4 2022-01-05 12:25:23 +01:00
Martin
252eee272b feat(support#create): block with invisible captcha [avoid painful captcha] 2022-01-04 14:49:00 +01:00
Pierre de La Morinerie
a11c851c79 Update webpacker to v5.4.3.
By running:

```
bundle update webpacker
rails webpacker:binstubs
yarn upgrade @rails/webpacker --latest
yarn upgrade webpack-dev-server --latest
```
2021-12-23 13:44:25 +01:00
Pierre de La Morinerie
dc003113e6 gems: update sentry-rails to 4.8.1 2021-12-07 15:09:56 +01:00
simon lehericey
ab6d97d1ef add rexml
rexml gems are now bundled gems
https://github.com/Shopify/bootsnap/issues/325
2021-11-30 12:04:33 +01:00
simon lehericey
7e76b35297 need bootsnap bump 2021-11-30 09:42:45 +01:00
Pierre de La Morinerie
4b557a4f18 gems: update active_storage_validation to 0.9.6
This allows us to have the %{file_max_size} variable defined in the
error message.

See https://github.com/igorkasyanchuk/active_storage_validations/pull/134
2021-11-24 08:18:18 +01:00
simon lehericey
ed7d776727 Bump jwt dep to decrypt ES256 FCA response 2021-11-23 14:17:59 +01:00
simon lehericey
91109dc944 bump openid connect (mandatory to avoid lets encrypt certs pb) 2021-11-23 14:17:59 +01:00
Pierre de La Morinerie
75e207122b ci: use previous test timings to split the tests 2021-11-09 08:32:31 +01:00
Paul Chavard
36912eded5 chore(gem): update ethon gem 2021-11-04 15:53:45 +01:00
Pierre de La Morinerie
6c60c940d4 gems: update aasm 2021-11-03 19:38:01 +01:00
Pierre de La Morinerie
9fd38cae5e specs: migrate from features to system specs
System specs have been available since Rails 5.1, and are better
integrated with the Rails framework.

- Rename `spec/features` to `spec/system`
- Rename `feature do` to `describe do`
- Configure Capybara for system specs

Steps mostly taken from https://medium.com/table-xi/a-quick-guide-to-rails-system-tests-in-rspec-b6e9e8a8b5f6
2021-10-26 12:24:46 +02:00
Pierre de La Morinerie
df9fa258ae specs: remove database_cleaner
This is not needed for integration tests since Rails 5.1.

See https://www.nicholasjacques.io/blog/you-probably-dont-need-databasecleaner/
2021-10-26 12:24:46 +02:00
Pierre de La Morinerie
2ad9955e10 gems: update phonelib
Fixes a warning during tests:

> /home/runner/work/demarches-simplifiees.fr/demarches-simplifiees.fr/vendor/bundle/ruby/2.7.0/gems/phonelib-0.6.48/lib/validators/phone_validator.rb:65: warning: Using the last argument as keyword parameters is deprecated; maybe ** should be added to the call
> /home/runner/work/demarches-simplifiees.fr/demarches-simplifiees.fr/vendor/bundle/ruby/2.7.0/gems/activemodel-6.1.4.1/lib/active_model/errors.rb:404: warning: The called method `add' is defined here
2021-10-20 09:34:56 +02:00
dependabot[bot]
f9003872e7
build(deps): bump puma from 5.3.1 to 5.5.1
Bumps [puma](https://github.com/puma/puma) from 5.3.1 to 5.5.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.3.1...v5.5.1)

---
updated-dependencies:
- dependency-name: puma
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-12 18:15:29 +00:00
Pierre de La Morinerie
f854e3af63 controllers: use ACSV to import groupe instructeurs
Unlike `CSV`, `ACSV` auto-detect the file encoding and separator type.
2021-10-05 10:58:15 +02:00
Pierre de La Morinerie
275eb389d0 gems: update webpacker to 5.4.3 2021-09-30 17:05:26 +02:00
dependabot[bot]
b2f8c24030
build(deps): bump nokogiri from 1.12.4 to 1.12.5
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.4 to 1.12.5.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.4...v1.12.5)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-28 14:05:09 +00:00
Pierre de La Morinerie
49345e95e0 gems: update zipline
This (unreleased) version contains a fix for a pre-Ruby 3.0 kwargs use.

It fixes a warning in specs using zip files:

> warning: Using the last argument as keyword parameters is deprecated
2021-09-09 09:58:42 -05:00
Pierre de La Morinerie
407f46b7de gems: remove smart_listing
It was only used in the old design, which we recently removed
completely.
2021-09-09 09:58:41 -05:00
Pierre de La Morinerie
f9529da8bd gems: update brakeman
This prevent a false-positive warning about a vulnerable loofah version.

We also need to ignore a new warning, about an unsafe redirect. This is
unsafe when the object given in redirect can be a hash that includes
a `:host` key. But here we are redirecting to a plain string, which is
definitely safe.
2021-09-02 16:11:23 -05:00
Pierre de La Morinerie
27376c00b0 gems: bump rails to 6.1.4.1 2021-09-02 15:50:23 -05:00
Paul Chavard
a3cc072bbd feat(i18n): translate countries selector 2021-08-31 13:15:26 +02:00
Christophe Robillard
83b6c5d7c7 replace deprecated axe-matchers by axe-core-spec 2021-08-24 08:09:17 -05:00
dependabot[bot]
73935c23e4
build(deps): bump addressable from 2.7.0 to 2.8.0
Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/sporkmonger/addressable/releases)
- [Changelog](https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sporkmonger/addressable/compare/addressable-2.7.0...addressable-2.8.0)

---
updated-dependencies:
- dependency-name: addressable
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-07-20 07:13:05 +00:00
kara Diaby
d2d046a39d fix encoding problems with cherlock Holmes gem 2021-07-13 10:58:41 +02:00
Pierre de La Morinerie
9eb2e13d43 config: report job exceptions after max retry count reached
Previously Sentry reported job exceptions even if a retry
strategy was specified. So we had to ignore retried job exceptions
entirely.

Since sentry-delayed-job 0.4.4, we can instead let Sentry report
job exceptions when the retry count is exhausted. Which is
exactly the behavior we want.
2021-07-01 15:06:14 +02:00
Christophe Robillard
b047c38b47 gems: upgrade delayed_job_web
fix error when attempting to "retry" or "reload" a failed job via the web interface.

bump delayed_job_web from 1.4.3 to 1.4.4
See [Changelog](https://github.com/ejschmitt/delayed_job_web/blob/v1.4.4/CHANGELOG.md) from 1.4.3 to 1.4.4
2021-06-24 14:29:54 +02:00
dependabot[bot]
2b1e0f14f6
Bump bindata from 2.4.8 to 2.4.10
Bumps [bindata](https://github.com/dmendel/bindata) from 2.4.8 to 2.4.10.
- [Release notes](https://github.com/dmendel/bindata/releases)
- [Changelog](https://github.com/dmendel/bindata/blob/master/ChangeLog.rdoc)
- [Commits](https://github.com/dmendel/bindata/compare/v2.4.8...v2.4.10)

---
updated-dependencies:
- dependency-name: bindata
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-23 23:43:20 +00:00
Pierre de La Morinerie
895ef98692 gems: upgrade sentry to 4.4.0 2021-05-27 14:33:13 +02:00
dependabot[bot]
fb045f9729 Bump puma from 5.2.1 to 5.3.1
Bumps [puma](https://github.com/puma/puma) from 5.2.1 to 5.3.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.2.1...v5.3.1)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-20 11:43:38 +02:00
dependabot[bot]
7045d8457f Bump nokogiri from 1.11.3 to 1.11.4
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.3 to 1.11.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.11.3...v1.11.4)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-20 11:32:43 +02:00
simon lehericey
19aefa1fd0 update administrate 2021-05-07 11:15:22 +02:00
Pierre de La Morinerie
b398485d97 manager: localize dossier enums
In the previous commit, we cleaned up the localization of the
Dossier.state enum. This prevented administrate from crashing, but now
the dossier enum are no longer localized in the Manager.

By using a `Field::Enum` type, we instruct the administrate plugin
to look up our localized name for the Dossier state enum.
2021-05-06 14:41:08 +02:00
Pierre de La Morinerie
ce6a27d416 manager: upgrade administrate to be compatible with Rails 6.1.3.2
Rails 6.1.3.2 is a security upgrade, and we had to upgrade quickly.
Unfortunately that broke the administrate gem.

A PR has been opened to fix the issues with the newest Rails version,
and will probably be merged quickly. Meanwhile we can fix the manager
by using the version from the PR for now.

Once the PR is merged and a new version of administrate is released,
we can use a released version of administrate again.
2021-05-06 11:17:17 +02:00
simon lehericey
6dd3dd24a4 go to rails 6.1.3.2 2021-05-05 20:54:36 +02:00
dependabot[bot]
ea087af5d9
Bump rexml from 3.2.4 to 3.2.5
Bumps [rexml](https://github.com/ruby/rexml) from 3.2.4 to 3.2.5.
- [Release notes](https://github.com/ruby/rexml/releases)
- [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md)
- [Commits](https://github.com/ruby/rexml/compare/v3.2.4...v3.2.5)

Signed-off-by: dependabot[bot] <support@github.com>
2021-04-30 20:30:05 +00:00
Pierre de La Morinerie
f7d71ba698 gems: update devise-two-factor to a released version
This is the first official release compatible with Rails 6.1.
2021-04-15 16:54:14 +02:00
simon lehericey
43f0a4ba48 update caxlsx (remove mimemagic dep) 2021-04-01 11:57:16 +02:00
simon lehericey
19bc60c555 update rails to 6.1.3 (remove mimemagic dep) 2021-04-01 11:57:16 +02:00
simon lehericey
f6564ddc66 update skylight 2021-04-01 11:57:16 +02:00
simon lehericey
c5bcf62d09 update mimemagic 2021-03-29 18:45:40 +02:00
simon lehericey
d8cb52efa8 remove unused debase 2021-03-29 18:45:40 +02:00
Pierre de La Morinerie
de9fab701a gems: use Rails 6.1 gems 2021-03-25 13:24:53 +01:00
Pierre de La Morinerie
56b3601063 app: enable Bootsnap
Bootsnap speeds up the initial loading of the Rails app by:
- Optimizing the LOAD_PATH dynamically
- Caching the result of Ruby bytecode compilation

Cached data are written to `tmp/cache/bootsnap*`.

This is enabled in the default Rails app template.
2021-03-19 08:05:14 +01:00
Pierre de La Morinerie
4c3fcfeec2 specs: upgrade to rspec 5
Rspec 5 is compatible with Rails 6.1.
2021-03-09 15:51:19 +01:00
Pierre de La Morinerie
5bf499baa0 specs: remove rspec_junit_formatter
It was unsed by CircleCI to generate test reports in the JUnit XML
format, but:

- We now use Github Actions, which has its own reporting system,
- It prevents us to upgrade to rspec > 3.
2021-03-09 15:51:19 +01:00
Pierre de La Morinerie
1ebfdef411 gems: remove ruby-debug-ide
- It was included to make Rubymine happy, but nowadays Rubymine seems
to load the debugger without touching the Gemfile
- It keeps matching an invalid version when `bundle upgrade`-ing the
dependencies.
2021-02-25 10:45:42 +00:00
Pierre de La Morinerie
473a86b861 gems: remove guard
- It doesn't seem used a lot these days
- It has some incompatibility with rspec 4

We need to explicitely add the 'listen' gem now though.
2021-02-25 10:45:42 +00:00
Pierre de La Morinerie
1d7c4f5b02 gems: remove ffi-geos
We don't need it now that we don't link to a compiled geos version
anymore.
2021-02-25 10:45:42 +00:00
Pierre de La Morinerie
0fa3d367c0 gems: use a version of devise-two-factors compatible with Rails 6.1 2021-02-25 10:45:42 +00:00
Pierre de La Morinerie
2e3ddd6190 gems: upgrade to Sprockets 4 2021-02-24 17:09:51 +01:00
Pierre de La Morinerie
e1a450fd6f gems: remove xray-rails
It is not compatible with sprockets-4.
2021-02-24 17:09:51 +01:00
Pierre de La Morinerie
f41c1f9ff4 gems: update all dependencies 2021-02-16 16:31:30 +00:00
Pierre de La Morinerie
aae452cc67 gems: update chunky_png
And pass it a proper IO object, to avoid "Undefined method
`set_encoding`" errors.
2021-02-16 16:31:30 +00:00
Pierre de La Morinerie
b04afed20e gems: update graphql 2021-02-16 16:31:30 +00:00
Paul Chavard
753d0478ef update sentry gems 2021-02-10 17:52:04 +01:00
Pierre de La Morinerie
b204fe74a4 gems: update zip_tricks and zipline
This fixes a Ruby 2.7 deprecation warning:

> /ruby/2.7.0/gems/zip_tricks-5.3.1/lib/zip_tricks/streamer.rb:340: warning: The called method `write_deflated_file' is defined here
2021-02-09 09:20:46 +01:00
Judith
ed10a9dd62 gem i18n-tasks added to Gemfile 2021-02-04 12:15:13 +01:00
Pierre de La Morinerie
705cb2e657 gems: use a zeitwerk-compatible version of byebug
It seems byebug is not compatible with the zeitwerk autoloader, but
byebug-pry is.
2021-02-04 09:42:49 +00:00
Paul Chavard
a503417298 Remove old css and js 2021-02-02 15:26:11 +01:00
Paul Chavard
c46ab38055 Add sentry-rails 2021-01-28 15:31:27 +01:00
dependabot[bot]
f57d45f554 Bump nokogiri from 1.10.10 to 1.11.1
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.10 to 1.11.1.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.10...v1.11.1)

Signed-off-by: dependabot[bot] <support@github.com>
2021-01-18 13:22:09 +00:00
Paul Chavard
5c9f2e8783 Add api education adapter and job 2021-01-14 17:57:48 +01:00
Paul Chavard
371179dc5b Watermark titres identite 2020-11-25 16:19:06 +01:00
Christophe Robillard
9347951cea act as an saml identity provider 2020-11-16 12:19:54 +01:00
Christophe Robillard
2a0ebd062a enable 2FA for manager
when trying to access manager, if superadmin did'nt enable otp, he/she is redirected to a page to enable 2FA. When superadmin is enabling 2FA, he has to to scan a qrcode with the 2FA application client. And afterwards, the superadmin has to log in with email, password and OTP code.
2020-11-05 16:03:55 +01:00