openstreetmap-website

Author	SHA1	Message	Date
translatewiki.net	a5a7f45d70	Localisation updates from https://translatewiki.net .	2023-11-09 13:22:02 +01:00
Tom Hughes	68845eb725	Use the URL safe base64 variant for mail tokens	2023-11-08 22:53:18 +00:00
Tom Hughes	690cfb5eaf	Add secrets to gitignore	2023-11-08 19:02:49 +00:00
Tom Hughes	f5c5aacb20	Merge remote-tracking branch 'upstream/pull/4331'	2023-11-08 18:22:50 +00:00
Martin Raifer	b834bd70d0	use api.openstreetmap.org for API calls when running on www.osm.org see https://github.com/openstreetmap/operations/issues/951	2023-11-08 12:52:23 +01:00
Martin Raifer	5c5695d9c1	Update to iD v2.27.3	2023-11-08 12:39:01 +01:00
Tom Hughes	675b89ddb7	Strengthen the tokens used in email reply addresses	2023-11-07 17:52:31 +00:00
Tom Hughes	4b78b0267d	Remove production credentials from the repository These (well master.key at least) should never have been here but fortunately we haven't really been using them.	2023-11-07 17:51:59 +00:00
Tom Hughes	55a05d9e80	Use secure_compare to compare passwords and tokens It's unlikely there is an explotable attack here given than network latencies and variability will swamp any local timing differences but it's best practice and there's no reason not to.	2023-11-07 17:22:40 +00:00
Tom Hughes	58190488f8	Merge remote-tracking branch 'upstream/pull/4322'	2023-11-07 17:07:28 +00:00
Tom Hughes	edd23d1ff1	Update bundle	2023-11-07 17:00:22 +00:00
translatewiki.net	049dfab8ad	Localisation updates from https://translatewiki.net .	2023-11-06 13:23:07 +01:00
dependabot[bot]	729179c9c6	Bump eslint from 8.52.0 to 8.53.0 Bumps [eslint](https://github.com/eslint/eslint) from 8.52.0 to 8.53.0. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/compare/v8.52.0...v8.53.0) --- updated-dependencies: - dependency-name: eslint dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-11-03 23:35:24 +00:00
Andy Allan	f26d5b2b07	Merge pull request #4321 from HolgerJeromin/patch-1 fix link to stateofthemap.africa	2023-11-03 15:00:35 +00:00
Holger Jeromin	6d69b640a2	fix link to stateofthemap.africa	2023-11-03 15:54:24 +01:00
translatewiki.net	34b90f3491	Localisation updates from https://translatewiki.net .	2023-11-02 13:19:27 +01:00
Tom Hughes	dc2c84f194	Fix eslint warnings	2023-11-02 10:11:36 +00:00
Tom Hughes	ef4c9a3306	Make change set comment rate limit errors display properly Fixes #4320	2023-11-02 10:08:19 +00:00
Tom Hughes	83ce0535e1	Use postgres 14 for docker	2023-11-02 08:59:57 +00:00
Tom Hughes	7e974b8662	Add tests for API change rate limits	2023-11-02 08:59:57 +00:00
Tom Hughes	ba503e02d2	Enforce rate limit for API calls which make changes	2023-11-02 08:59:57 +00:00
Tom Hughes	2f11b77309	Add support for per-user limits on the rate changes can be made	2023-11-02 08:59:57 +00:00
Tom Hughes	c6bb4a5f4e	Add importer role that can be associated with higher rate limits	2023-11-02 08:58:12 +00:00
Tom Hughes	b5995c5175	Only count new reports as active for rate limits	2023-11-02 08:44:43 +00:00
Tom Hughes	0e74b21cb2	Fix new rubocop warnings	2023-10-31 18:16:46 +00:00
Tom Hughes	2c9c8f4e93	Update bundle	2023-10-31 18:11:57 +00:00
translatewiki.net	9aa3e7a4c5	Localisation updates from https://translatewiki.net .	2023-10-30 13:20:30 +01:00
Tom Hughes	898a3882c5	Avoid storing user records in the session during signup This works around an issue with rails failing to preserve attribute change flags and is in line with upstream advice against storing models in the session in this way. https://github.com/rails/rails/issues/49826 https://github.com/rails/rails/issues/49827	2023-10-29 10:13:28 +00:00
Tom Hughes	6f60111c92	Switch to rails 7.1 defaults	2023-10-27 18:00:05 +01:00
Tom Hughes	416334cbbc	Change log level for DebugExceptions to error	2023-10-27 17:55:24 +01:00
Tom Hughes	8c998c542c	Use an HTML5 parser for tests	2023-10-27 17:50:46 +01:00
Tom Hughes	64f2517426	Use an HTML5 standards-compliant sanitizer	2023-10-27 17:46:58 +01:00
Tom Hughes	4c6a56d002	Commit transactions exited by return, break or throw	2023-10-27 17:42:23 +01:00
Tom Hughes	ed279071c7	Enable optimisation of checks for parent record existence	2023-10-27 17:38:21 +01:00
Tom Hughes	cae17a1f9f	Limit log file size in development and test	2023-10-27 17:33:54 +01:00
Tom Hughes	39e66c69b7	Stop parameter hashes comparing equal to normal hashes	2023-10-27 17:31:23 +01:00
Tom Hughes	3588e955c5	Drop X-Download-Options from default headers	2023-10-27 17:26:25 +01:00
Tom Hughes	7ba8ac2b61	Stop adding autoloaded paths to $LOAD_PATH	2023-10-27 17:25:50 +01:00
Tom Hughes	f00a12a2ec	Merge remote-tracking branch 'upstream/pull/4308'	2023-10-27 14:26:54 +01:00
Tom Hughes	b89fd03403	Enable rails 7.1 changes to model callbacks	2023-10-26 22:51:55 +01:00
Tom Hughes	60d3448cef	Enable precompilation of filter_parameters	2023-10-26 22:44:02 +01:00
Tom Hughes	e331266687	Enable rails 7.1 defaults that relate to rolling upgrades	2023-10-26 22:43:29 +01:00
Tom Hughes	1bb8d9caf6	Enable rails 7.1 defaults for features we don't use	2023-10-26 22:43:28 +01:00
Tom Hughes	6e1613f73e	Disable deprecated singular association names	2023-10-26 22:19:02 +01:00
Tom Hughes	0844024c8e	Build new relation member indexes concurrently	2023-10-26 19:58:11 +01:00
Tom Hughes	64952fef8b	Disable transactions for relation member index changes	2023-10-26 19:48:25 +01:00
Andy Allan	6e28c5fe19	Merge pull request #4300 from tomhughes/relation-members-primary-key Simplify primary key for relation members tables	2023-10-26 19:40:57 +01:00
Tom Hughes	ee3f045495	Assign proper sequence numbers to relation members in tests	2023-10-26 18:22:41 +01:00
Tom Hughes	4f542ef900	Remove extraneous fields from primary keys for relation members	2023-10-26 18:08:26 +01:00
Tom Hughes	af8e08960e	Merge remote-tracking branch 'upstream/pull/4317'	2023-10-26 13:14:43 +01:00

1 2 3 4 5 ...

13162 commits