Commit graph

398 commits

Author SHA1 Message Date
Paul Chavard
7136c96a36 feat(procedure): validate external links 2023-07-06 10:27:43 +02:00
Colin Darie
9edf4c6dbe chore(bundle): update rails 7.0.5.1, fix CVE-2023-28362 in redirect_to 2023-06-28 10:00:52 +02:00
Paul Chavard
b3aeb46c1b fix(prefill): it should be possible to prefill a dossier on a test procedure 2023-06-14 09:14:12 +01:00
Paul Chavard
c4432b1b47 perf(carto): use json schema to validate geojson instead of rgeo 2023-06-06 15:43:56 +02:00
Colin Darie
5a35154c37
chore(bundle): update to rails 7.0.4.3 and improve pinning 2023-05-03 11:35:30 +02:00
Nicolas Cavigneaux
42689e34ba
chore: bump Rails (and required dependencies) to 7.0.4.2 2023-05-03 10:10:38 +02:00
Damien Le Thiec
8a7cb3f1fe
Merge branch 'main' into fix/stored_query_issue 2023-03-01 10:22:40 +01:00
Damien Le Thiec
01f142183e Add and correct tests 2023-03-01 10:21:22 +01:00
Martin
4d8b4e078b amelioration(a11y): extrait un nouveau composant pour rendre du texte saisi par un humain accessible 2023-02-23 15:23:20 +01:00
Colin Darie
a71e8d9a81 chore(bundle): setup elastic_apm, disabled by default 2023-02-21 12:30:51 +01:00
Paul Chavard
dfe65136be refactor(repetition): add row_id to champs 2023-01-05 18:04:54 +01:00
Paul Chavard
6ad057dcee feat(graphql): upgrade playground version 2022-11-15 11:48:29 +01:00
simon lehericey
5d38345478 feat(system-spec): display js console error 2022-10-25 14:44:43 +02:00
Paul Chavard
36e9b27e8c chore(webdriver): update 2022-10-12 13:17:44 +02:00
simon lehericey
b966dd3b54 chore: add stackprof and memory_profiler gems 2022-10-06 16:56:26 +02:00
Paul Chavard
432c4690b5 feat(tags): replace regexp based parser with a parser combinator 2022-10-05 11:25:37 +02:00
Christophe Robillard
0ccb85b139 change gem for saml idp 2022-08-23 15:05:20 +02:00
Colin Darie
6b95ce5ecc chore(dev): add more pry features with pry-rails gem 2022-08-02 18:47:58 +02:00
simon lehericey
5d5f46b4d8 instances : prawn does not like svg
win 10% on pdf generation
2022-07-20 15:48:16 +02:00
Paul Chavard
72636f3332 fix(vite): porte vite fallback logic from vite legacy plugin 2022-07-01 10:25:24 +02:00
Paul Chavard
ea18c2b9ba chore(build): use vitejs 2022-06-23 15:22:54 +02:00
Martin
595491fb44 tech(Gemfile): unlock versions for kaminari and delayed_job_web 2022-05-16 16:02:36 +02:00
Paul Chavard
1e928a277d chore(devise): drop unmaintained dependencie 2022-04-28 12:28:33 +02:00
Paul Chavard
86df16ebda feat(view_components): add view_components 2022-04-26 14:54:58 +02:00
Paul Chavard
55d6b787c8 feat(js): add turbo 2022-04-21 19:41:27 +02:00
Paul Chavard
64c599e208 refactor(stimulus): initiate react components via stimulus 2022-04-20 14:08:47 +02:00
simon lehericey
8cbbd10408 add missing net-pop and net-imap missing from ruby 3.1.2 2022-04-13 17:13:55 +02:00
simon lehericey
1d6b3c6ce5 add matrix needed by prawn 2022-04-13 14:39:20 +02:00
simon lehericey
73bf3c8038 add net-smtp 2022-04-13 14:39:20 +02:00
Paul Chavard
433c01b1e6 Revert "Merge pull request #7137 from betagouv/faster_pdf"
This reverts commit 9da44bd913, reversing
changes made to ebac71796c.
2022-04-12 19:22:07 +02:00
simon lehericey
af27af7900 ! instances : prawn does not like svg
win 10% on pdf generation
2022-04-12 11:56:56 +02:00
Martin
c1884f231c Revert "Merge pull request #7105 from betagouv/US/fix-dossier.processed_in_month"
This reverts commit a0e144b9a7, reversing
changes made to 49848bd150.
2022-04-05 13:39:37 +02:00
Martin
c07e0fc13e fix(Dossier.processed_in_month): ensure proper usage via method sig instead of defensive programming style 2022-04-05 12:14:07 +02:00
Martin
d6d9db9721 tech(Sorbet): prepare usage of sorbet to avoid defensive programming style [casting date to datetime] 2022-04-05 12:14:07 +02:00
Paul Chavard
44c64669e9 Revert "Merge pull request #6787 from tchak/use-vite"
This reverts commit 5d572727b5, reversing
changes made to 43be4482ee.
2022-03-31 12:07:52 +02:00
Paul Chavard
187e84a010 feat(assets): use vitejs to build javascript 2022-03-29 16:27:08 +02:00
Pierre de La Morinerie
2e04435117 gems: add strong_migrations 2022-03-16 10:30:25 +01:00
Pierre de La Morinerie
4cde3623be gems: remove hardcoded git URL for mina
It is not needed anymore.
2022-02-22 09:27:57 +01:00
Pierre de La Morinerie
e6ad411aae gems: remove hardcoded version for zipline
The fix was eventually released.
2022-02-22 09:27:57 +01:00
François Vantomme
bebc78b587
chore(rubocop): replace deprecated rspec-focused by rubocop-rspec
WARNING: We are no longer maintaining this gem, and will eventually
archive this repo. We recommend you use rubocop-rspec instead.

https://github.com/CarooDev/rubocop-rspec-focused
2022-02-08 12:50:18 +01:00
François Vantomme
f3bf0499b6 chore(rubocop): cleanup dependencies
Using rubocop-rails_config is a nonsense because:
  - it relies on rubocop-minitest which is useless here (we use RSpec)
  - it relies on rubocop-packaging but disables all its cops
  - it targets ruby version 2.7, but we use 3.0
2022-02-08 12:35:08 +01:00
Martin
252eee272b feat(support#create): block with invisible captcha [avoid painful captcha] 2022-01-04 14:49:00 +01:00
simon lehericey
ab6d97d1ef add rexml
rexml gems are now bundled gems
https://github.com/Shopify/bootsnap/issues/325
2021-11-30 12:04:33 +01:00
Pierre de La Morinerie
75e207122b ci: use previous test timings to split the tests 2021-11-09 08:32:31 +01:00
Pierre de La Morinerie
9fd38cae5e specs: migrate from features to system specs
System specs have been available since Rails 5.1, and are better
integrated with the Rails framework.

- Rename `spec/features` to `spec/system`
- Rename `feature do` to `describe do`
- Configure Capybara for system specs

Steps mostly taken from https://medium.com/table-xi/a-quick-guide-to-rails-system-tests-in-rspec-b6e9e8a8b5f6
2021-10-26 12:24:46 +02:00
Pierre de La Morinerie
df9fa258ae specs: remove database_cleaner
This is not needed for integration tests since Rails 5.1.

See https://www.nicholasjacques.io/blog/you-probably-dont-need-databasecleaner/
2021-10-26 12:24:46 +02:00
Pierre de La Morinerie
f854e3af63 controllers: use ACSV to import groupe instructeurs
Unlike `CSV`, `ACSV` auto-detect the file encoding and separator type.
2021-10-05 10:58:15 +02:00
Pierre de La Morinerie
49345e95e0 gems: update zipline
This (unreleased) version contains a fix for a pre-Ruby 3.0 kwargs use.

It fixes a warning in specs using zip files:

> warning: Using the last argument as keyword parameters is deprecated
2021-09-09 09:58:42 -05:00
Pierre de La Morinerie
407f46b7de gems: remove smart_listing
It was only used in the old design, which we recently removed
completely.
2021-09-09 09:58:41 -05:00
Paul Chavard
a3cc072bbd feat(i18n): translate countries selector 2021-08-31 13:15:26 +02:00
Christophe Robillard
83b6c5d7c7 replace deprecated axe-matchers by axe-core-spec 2021-08-24 08:09:17 -05:00
kara Diaby
d2d046a39d fix encoding problems with cherlock Holmes gem 2021-07-13 10:58:41 +02:00
Christophe Robillard
b047c38b47 gems: upgrade delayed_job_web
fix error when attempting to "retry" or "reload" a failed job via the web interface.

bump delayed_job_web from 1.4.3 to 1.4.4
See [Changelog](https://github.com/ejschmitt/delayed_job_web/blob/v1.4.4/CHANGELOG.md) from 1.4.3 to 1.4.4
2021-06-24 14:29:54 +02:00
simon lehericey
19aefa1fd0 update administrate 2021-05-07 11:15:22 +02:00
Pierre de La Morinerie
b398485d97 manager: localize dossier enums
In the previous commit, we cleaned up the localization of the
Dossier.state enum. This prevented administrate from crashing, but now
the dossier enum are no longer localized in the Manager.

By using a `Field::Enum` type, we instruct the administrate plugin
to look up our localized name for the Dossier state enum.
2021-05-06 14:41:08 +02:00
Pierre de La Morinerie
ce6a27d416 manager: upgrade administrate to be compatible with Rails 6.1.3.2
Rails 6.1.3.2 is a security upgrade, and we had to upgrade quickly.
Unfortunately that broke the administrate gem.

A PR has been opened to fix the issues with the newest Rails version,
and will probably be merged quickly. Meanwhile we can fix the manager
by using the version from the PR for now.

Once the PR is merged and a new version of administrate is released,
we can use a released version of administrate again.
2021-05-06 11:17:17 +02:00
Pierre de La Morinerie
9ad57fde2a initializers: lazy-load Mailjet gem
This fixes an error message on app startup about autoloaded
constants:

> DEPRECATION WARNING: Initialization autoloaded the constants ActionText::ContentHelper and ActionText::TagHelper.

The reason for this error is that the Mailjet gem forces the
immediate loading of `action_mailer`. Which leads to the
following sequence of events:

On app init, when bundler requires all the gems in the Gemfile:
- The Mailjet gem is required,
- It loads `ActionMailer::Base`.

Later, when Rails initializes itself:
- `ActionText` creates an `action_text.helpers` initializer,
- This initializer register hooks to add `ActionText` helpers
when either `action_controller_base` or `action_mailer` are loaded,
- But as `action_mailer` has already been loaded, the hook is trigerred
immediately,
- ActiveSupport::Dependencies notices `ActionText` constants do not
exist yet, auto-load them, and add the constants to
`ActiveSupport::Dependencies.autoloaded_constants`.

And even later, at the end of the Rails initialization process:
- The `:warn_if_autoloaded` initializer is run,
- It notices that `autoloaded_constants` is not empty, and prints the
warning message.

See https://github.com/mailjet/mailjet-gem/issues/213
2021-04-20 15:11:43 +02:00
Pierre de La Morinerie
f7d71ba698 gems: update devise-two-factor to a released version
This is the first official release compatible with Rails 6.1.
2021-04-15 16:54:14 +02:00
Pierre de La Morinerie
56b3601063 app: enable Bootsnap
Bootsnap speeds up the initial loading of the Rails app by:
- Optimizing the LOAD_PATH dynamically
- Caching the result of Ruby bytecode compilation

Cached data are written to `tmp/cache/bootsnap*`.

This is enabled in the default Rails app template.
2021-03-19 08:05:14 +01:00
Pierre de La Morinerie
5bf499baa0 specs: remove rspec_junit_formatter
It was unsed by CircleCI to generate test reports in the JUnit XML
format, but:

- We now use Github Actions, which has its own reporting system,
- It prevents us to upgrade to rspec > 3.
2021-03-09 15:51:19 +01:00
Pierre de La Morinerie
71c4ce67b2 gemfile: don't require i18n-tasks by default
i18n-tasks is only used as a standalone command-line tool. It doesn't
need to be included in the app.

It also prevent a parser warning from appearing when running any rails
command:

> warning: parser/current is loading parser/ruby27, which recognizes
> warning: 2.7.2-compliant syntax, but you are running 2.7.1.
> warning: please see https://github.com/whitequark/parser#compatibility-with-ruby-mri.

Now this (legitimate) warning only appears when running the i18n-tasks
command.
2021-03-04 22:52:19 +01:00
Pierre de La Morinerie
1ebfdef411 gems: remove ruby-debug-ide
- It was included to make Rubymine happy, but nowadays Rubymine seems
to load the debugger without touching the Gemfile
- It keeps matching an invalid version when `bundle upgrade`-ing the
dependencies.
2021-02-25 10:45:42 +00:00
Pierre de La Morinerie
473a86b861 gems: remove guard
- It doesn't seem used a lot these days
- It has some incompatibility with rspec 4

We need to explicitely add the 'listen' gem now though.
2021-02-25 10:45:42 +00:00
Pierre de La Morinerie
1d7c4f5b02 gems: remove ffi-geos
We don't need it now that we don't link to a compiled geos version
anymore.
2021-02-25 10:45:42 +00:00
Pierre de La Morinerie
0fa3d367c0 gems: use a version of devise-two-factors compatible with Rails 6.1 2021-02-25 10:45:42 +00:00
Pierre de La Morinerie
2e3ddd6190 gems: upgrade to Sprockets 4 2021-02-24 17:09:51 +01:00
Pierre de La Morinerie
e1a450fd6f gems: remove xray-rails
It is not compatible with sprockets-4.
2021-02-24 17:09:51 +01:00
Paul Chavard
753d0478ef update sentry gems 2021-02-10 17:52:04 +01:00
Judith
ed10a9dd62 gem i18n-tasks added to Gemfile 2021-02-04 12:15:13 +01:00
Pierre de La Morinerie
705cb2e657 gems: use a zeitwerk-compatible version of byebug
It seems byebug is not compatible with the zeitwerk autoloader, but
byebug-pry is.
2021-02-04 09:42:49 +00:00
Paul Chavard
a503417298 Remove old css and js 2021-02-02 15:26:11 +01:00
Paul Chavard
c46ab38055 Add sentry-rails 2021-01-28 15:31:27 +01:00
Paul Chavard
5c9f2e8783 Add api education adapter and job 2021-01-14 17:57:48 +01:00
Paul Chavard
371179dc5b Watermark titres identite 2020-11-25 16:19:06 +01:00
Christophe Robillard
9347951cea act as an saml identity provider 2020-11-16 12:19:54 +01:00
Christophe Robillard
2a0ebd062a enable 2FA for manager
when trying to access manager, if superadmin did'nt enable otp, he/she is redirected to a page to enable 2FA. When superadmin is enabling 2FA, he has to to scan a qrcode with the 2FA application client. And afterwards, the superadmin has to log in with email, password and OTP code.
2020-11-05 16:03:55 +01:00
Christophe Robillard
305ccdc0cd add recoverable and two_factor stragegy for administration 2020-11-05 16:03:55 +01:00
Christophe Robillard
6c2eb22960 remove github authentication for manager 2020-11-05 16:03:55 +01:00
simon lehericey
d82d1132c2 Remove rack_mini_profiler from prod as it could show env var and force us to allow unsafe_eval and script in csp 2020-10-30 17:08:31 +01:00
clemkeirua
d7fff61d5d ajout de la gem sendinblue 2020-10-13 17:36:43 +02:00
clemkeirua
dfd2c1ee79 reorder gems 2020-09-25 12:53:11 +00:00
kara Diaby
cb4e91c405 Add iban type de champ 2020-09-23 15:56:26 +02:00
simon lehericey
94ab1d4b66 bump rspec 2020-09-21 11:15:25 +02:00
simon lehericey
1f1b54b442 Update rails 2020-09-15 10:01:28 +02:00
Judith
9553dae7bd gem devise-i18n added to Gemfile to remove the config/locales/devises.*.yml files. 2020-09-01 16:47:40 +02:00
Judith
af25fdd77c gem http_accept_language installed and (de)activable with feature flag 2020-08-27 16:15:01 +02:00
Pierre de La Morinerie
1767df33b0 doc: add a visualization of the database models
Re-generate the schema using `bin/rake erd`.

NB: there's a way to update the PDF automatically after each migration.
But it requires `graphviz` to be installed locally, which I'm not
sure I want to require by default.
2020-08-27 12:02:28 +02:00
Pierre de La Morinerie
e6d8581b06 app: add annotate
Annotations will be generated only for models, and sorted (to avoid differences
depending on the order in which migrations are ran).

The annotations will be automatically updated every time `rails db:migrate`
is run on a development environment.
2020-08-12 11:45:53 +02:00
Paul Chavard
fc3aece318 Rails 6 2020-07-07 18:03:56 +02:00
clemkeirua
031f59c9e1 add wcag accessibility tests for usager pages using axe-core 2020-06-26 17:10:26 +02:00
Pierre de La Morinerie
f6d92eb659 gems: upgrade to Rails 5.2.4.3
Fixes:

- CVE-2020-8165
- CVE-2020-8166
- CVE-2020-8162
2020-06-23 15:32:41 +02:00
dependabot[bot]
dc9769c38c build(deps): bump kaminari from 1.1.1 to 1.2.1
Bumps [kaminari](https://github.com/kaminari/kaminari) from 1.1.1 to 1.2.1.
- [Release notes](https://github.com/kaminari/kaminari/releases)
- [Changelog](https://github.com/kaminari/kaminari/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kaminari/kaminari/compare/v1.1.1...v1.2.1)

Signed-off-by: dependabot[bot] <support@github.com>
2020-06-02 07:59:16 +00:00
Pierre de La Morinerie
b5f1d97629 app: disable Turbolinks
Fix #5039
2020-05-13 11:04:16 +02:00
Christophe Robillard
d74b14c205 fetch attestation sociale url 2020-04-29 14:25:55 +02:00
Paul Chavard
053e2db8f7 Fix geos not being properly load in some environements 2020-04-28 12:21:22 +02:00
Paul Chavard
2a3530738d Do not crash on boot if geos is not installed 2020-04-23 20:12:31 +02:00
Paul Chavard
9cb612bb3d Show area and length on champ carto selections utilisateur 2020-04-23 10:21:18 +02:00
Paul Chavard
7c34795a1a Bring back font-awesome-rails
we need it untill we remove all the old admin pages
2020-04-15 17:41:05 +02:00
Paul Chavard
7a8fd3c679 Use graphql playground instead of graphiql 2020-04-09 19:38:19 +02:00
Paul Chavard
6dc1f3e2c4 Use human readable expressions instead of cron gibberish
https://github.com/floraison/fugit#fugitnat
2020-04-07 12:44:58 +02:00