cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
14209 commits 4 branches 1 tag 499 MiB
Commit graph

14209 commits

This branch
This branch
All branches
Author SHA1 Message Date
Anton Khorev
5add2d7e1d Reload only changeset element subpages 2024-06-03 14:16:09 +03:00
Anton Khorev
fee3a08368 Refactor common changeset element subpages code 2024-06-03 14:07:23 +03:00
Anton Khorev
b072c2935f Add titles to changeset element page links 2024-06-03 14:07:23 +03:00
Tom Hughes
22a6d24857 Merge remote-tracking branch 'upstream/pull/4864' 2024-06-02 11:19:16 +01:00
Tom Hughes
6baa2ad39f Merge remote-tracking branch 'upstream/pull/4868' 2024-06-02 10:54:37 +01:00
Tom Hughes
a0eeeaac5e Merge remote-tracking branch 'upstream/pull/4867' 2024-06-02 10:52:43 +01:00
Tom Hughes
11fd2c9d62 Merge remote-tracking branch 'upstream/pull/4866' 2024-06-02 10:43:41 +01:00
Tom Hughes
4b8ddc2f68 Merge remote-tracking branch 'upstream/pull/4863' 2024-06-02 10:41:20 +01:00
Anton Khorev
459995ab51 Inline svg sprites on about page 2024-06-01 11:02:16 +03:00
Anton Khorev
1b1d8326d8 Write closed note controls using submit_tag 2024-06-01 09:05:19 +03:00
Anton Khorev
b29d2a9243 Increase font size in search form 2024-06-01 08:19:31 +03:00
Anton Khorev
6d25f54b0b Replace search button text with svg icon 2024-06-01 08:19:31 +03:00
Anton Khorev
5a22464224 Don't include language prefix in wikipedia links 2024-06-01 04:56:57 +03:00
dependabot[bot]
fe0f7733a5
Bump eslint from 9.3.0 to 9.4.0 
Bumps [eslint](https://github.com/eslint/eslint) from 9.3.0 to 9.4.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v9.3.0...v9.4.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-31 23:11:33 +00:00
Tom Hughes
c36f09b28d Merge remote-tracking branch 'upstream/pull/4843' 2024-05-30 16:33:59 +01:00
Tom Hughes
d74e7628fe Merge remote-tracking branch 'upstream/pull/4857' 2024-05-30 16:22:38 +01:00
Tom Hughes
15e86708f1 Merge remote-tracking branch 'upstream/pull/4847' 2024-05-30 16:20:54 +01:00
translatewiki.net
c81602eb59 Localisation updates from https://translatewiki.net. 2024-05-30 14:23:28 +02:00
Nenad Vujicic
523d36bbaa Fixed "or divider" issue described in #4773 by adding mb-2 below "or" divider 2024-05-30 12:02:35 +02:00
Milan Cvetkovic
15623aa35a Social sign-in: avoid re-authorization in users_controller#create 
It does not add any additional guards against malicious users:

Malicious user may attempt to invoke `POST /users/new` with bogus
values for `auth_provider` and `auth_uid` resulting
with a new account to which user would have a way to login, other than
sending a password reset request.

In some cases, re-authorization would introduce additional
"Please login to your social account", or "Are you sure you want to be logged in"
popup triggered by identity provider.

This PR removes the re-authorization request from `POST /users/new` in authorization flow.
 2024-05-30 05:43:45 +00:00
Tom Hughes
d86d2067ee Merge remote-tracking branch 'upstream/pull/4860' 2024-05-29 19:18:23 +01:00
Andy Allan
9adae1c523 Re-enable autocomplete for passwords 
Regression for c4347c8d9a

Thankfully browsers ignore this for login fields, but it shouldn't
be turned off anyway.
 2024-05-29 19:02:25 +01:00
Andy Allan
979d616c38 Re-enable translations for password field 
Fixes regression introduced in c4347c8d9a
 2024-05-29 18:48:01 +01:00
Tom Hughes
2029133a85 Merge remote-tracking branch 'upstream/pull/4859' 2024-05-29 18:47:04 +01:00
Tom Hughes
6f1a783900 Merge remote-tracking branch 'upstream/pull/4853' 2024-05-29 17:58:21 +01:00
Tom Hughes
b5dd8c19b9 Merge remote-tracking branch 'upstream/pull/4849' 2024-05-29 17:52:40 +01:00
Andy Allan
c1cccd40fc Move check_api_readable to api_controller 
It's easier to skip the check in the two places that we need to, and
include it by default everywhere else.
 2024-05-29 14:54:16 +01:00
Andy Allan
0bbfe922ea Test the versions and capabilities api in various statuses 
These both need to keep working, even when the rest of the api is
unavailable, since that's how we communicate that status with the
api clients.
 2024-05-29 14:51:47 +01:00
Andy Allan
f2aaec4735 Standardise on avoiding except lists for check_api_readable 
Although this is technically duplicative, it's much easier to read
and therefore to maintain, particularly if you put the _readable one
first.
 2024-05-29 14:51:47 +01:00
Andy Allan
995bfa91ff Remove duplicate database status checks 
These are already done as part of the api checks
 2024-05-29 14:51:20 +01:00
Andy Allan
91fc588556 Add api_status checks for user preferences API 2024-05-29 14:51:20 +01:00
Andy Allan
9004c2d28d
Merge pull request #4856 from tyrasd/patch-2 
reintroduce unsafe-eval CSP rule for iD (Mapillary layer)
 2024-05-29 13:14:10 +01:00
Martin Raifer
ed15352f56
reintroduce unsafe-eval CSP rule for iD 
fixes https://github.com/openstreetmap/iD/issues/10265
 2024-05-29 11:26:08 +02:00
Nenad Vujicic
1d35daa0b5 Fixed "auth_button_preferred alignment" issue described in #4773 2024-05-29 11:20:13 +02:00
dependabot[bot]
511f9f7d7c
Bump osm-community-index from 5.7.0 to 5.7.1 
Bumps [osm-community-index](https://github.com/osmlab/osm-community-index) from 5.7.0 to 5.7.1.
- [Release notes](https://github.com/osmlab/osm-community-index/releases)
- [Changelog](https://github.com/osmlab/osm-community-index/blob/main/CHANGELOG.md)
- [Commits](https://github.com/osmlab/osm-community-index/compare/v5.7.0...v5.7.1)

---
updated-dependencies:
- dependency-name: osm-community-index
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-28 23:29:15 +00:00
Tom Hughes
d3d0da0328 Fix new rubocop warnings 2024-05-28 17:39:33 +01:00
Tom Hughes
d21cbc0464 Update bundle 2024-05-28 17:30:50 +01:00
Tom Hughes
bd3507291c Merge remote-tracking branch 'upstream/pull/4848' 2024-05-28 08:15:49 +01:00
Dimitar
00251a6621
Added gps.tile.openstreetmap.org as allowed source for images 
Resolves #4845
 2024-05-28 10:12:31 +03:00
Tom Hughes
a90302aecf Merge remote-tracking branch 'upstream/pull/4842' 2024-05-27 15:11:16 +01:00
Tom Hughes
2c9043283e Merge remote-tracking branch 'upstream/pull/4828' 2024-05-27 15:05:43 +01:00
Tom Hughes
49b98c1fdd Merge remote-tracking branch 'upstream/pull/4846' 2024-05-27 15:00:51 +01:00
Milan Cvetkovic
22bceff40b Add proper referrer for authorization scenario 
Fixes the following:
- `users_controller#new` loses referer in authorization scenario, when it was invoked after social signup succeded
- the second invocation of `auth_success`, triggered by re-authorization initiated from `users_controller#create`
  does not have referrer field set
- as a result, the final welcome screen does not offer final authorization, and drops into ID instead

Introduced by #4758.
 2024-05-27 13:31:20 +00:00
translatewiki.net
3765c23518 Localisation updates from https://translatewiki.net. 2024-05-27 14:17:16 +02:00
Tom Hughes
8e5dbbc09f Merge remote-tracking branch 'upstream/pull/4844' 2024-05-27 10:52:32 +01:00
Tom Hughes
7a5524c854 Merge remote-tracking branch 'upstream/pull/4838' 2024-05-27 10:48:30 +01:00
Tom Hughes
26af28b7cb Merge remote-tracking branch 'upstream/pull/4837' 2024-05-27 10:46:38 +01:00
Tom Hughes
94afd0df1c Merge remote-tracking branch 'upstream/pull/4836' 2024-05-27 10:44:26 +01:00
Tom Hughes
d8332d0572 Merge remote-tracking branch 'upstream/pull/4835' 2024-05-27 10:42:50 +01:00
Tom Hughes
c834f9afe7 Merge remote-tracking branch 'upstream/pull/4841' 2024-05-27 10:33:34 +01:00