cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10834 commits 4 branches 1 tag 499 MiB
Commit graph

10834 commits

This branch
This branch
All branches
Author SHA1 Message Date
Tom Hughes
f91dd6afc2 Tighten up cookie security 
Mark all cookies as Secure, and the cookies which are not
modified client side as HttpOnly.
 2021-02-19 18:18:13 +00:00
Tom Hughes
56a2aa8efa Merge remote-tracking branch 'upstream/pull/3102' 2021-02-17 18:55:55 +00:00
Andy Allan
501e256419 Refactor the share panel to use bootstrap forms 2021-02-17 17:17:19 +00:00
Andy Allan
5c086dad6e Use bootstrap form-check for overlay selection 2021-02-17 17:05:49 +00:00
Tom Hughes
101c2af87e Merge remote-tracking branch 'upstream/pull/3100' 2021-02-17 11:56:53 +00:00
Andy Allan
8dab3f90fd Bump composite_primary_keys to 12.0.8 
12.0.7 has been yanked
 2021-02-17 11:12:47 +00:00
Andy Allan
5761371a56
Merge pull request #3083 from migurski/migurski/docker-compose-cleanups 
Post-merge Docker Compose cleanup issues
 2021-02-17 10:22:11 +00:00
Tom Hughes
2d50a84004 Fix new rubocop warnings 2021-02-16 21:14:54 +00:00
Tom Hughes
0982f17457 Update bundle 2021-02-16 21:10:28 +00:00
Tom Hughes
3c4f32a760 Validate avatar images 
Closes #3097
 2021-02-16 17:37:18 +00:00
Tom Hughes
80f576a29b Fix avatar mode update on file change 2021-02-16 17:12:34 +00:00
Tom Hughes
017d4a1017 Merge remote-tracking branch 'upstream/pull/3095' 2021-02-16 08:10:49 +00:00
translatewiki.net
cbc3402ffd Localisation updates from https://translatewiki.net. 2021-02-15 14:52:55 +01:00
dependabot[bot]
c53b3ceec5
Bump eslint from 7.19.0 to 7.20.0 
Bumps [eslint](https://github.com/eslint/eslint) from 7.19.0 to 7.20.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.19.0...v7.20.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-02-15 05:01:20 +00:00
Michal Migurski
a3e23096b3 Removed ENABLE_BOOTSNAP environment variable 2021-02-12 22:56:17 -08:00
Michal Migurski
7be797cbe2 Added explanatory notes and comments 2021-02-12 22:56:17 -08:00
Michal Migurski
87c62fec3b Added note about password and privileges for OSM DB user 2021-02-12 22:56:17 -08:00
Michal Migurski
75caec40a5 Moved osm-db-functions.sql to /usr/local/share/ 2021-02-12 22:56:17 -08:00
translatewiki.net
eaf7694e90 Localisation updates from https://translatewiki.net. 2021-02-11 18:59:09 +01:00
Tom Hughes
a11572f3e1 Update to rails 6.0.3.5 2021-02-10 22:42:39 +00:00
Tom Hughes
1f136a84a6 Prevent CSRF bypass with login form 2021-02-10 20:39:23 +00:00
Andy Allan
a17bd24f82 Refactor the third-party login form to use bootstrap 2021-02-10 15:39:55 +00:00
Andy Allan
f9b0490afc Update terms form to use bootstrap 2021-02-10 15:09:29 +00:00
Andy Allan
696db6d433 Convert the new note form to use bootstrap 2021-02-10 14:23:11 +00:00
Andy Allan
8ee31df2a0 Rework changeset comments form to use bootstrap styling 2021-02-10 10:55:41 +00:00
Tom Hughes
51af102c00 Prevent CSRF bypass with password reset form 2021-02-09 23:00:21 +00:00
mmd-osm
c49e400aa3 Prevent CSRF bypass unblocking users 2021-02-09 20:39:04 +00:00
Tom Hughes
7810734ac4 Prevent CSRF bypass updating account details 
Fixes #3089
 2021-02-08 12:24:43 +00:00
Tom Hughes
65c11d3faf Merge remote-tracking branch 'upstream/pull/3088' 2021-02-08 08:09:31 +00:00
Tom Hughes
9f2b7142c5 Merge remote-tracking branch 'upstream/pull/3087' 2021-02-08 08:09:27 +00:00
dependabot[bot]
c3815a8f6d
Update actions/cache requirement to v2.1.4 
Updates the requirements on [actions/cache](https://github.com/actions/cache) to permit the latest version.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](26968a09c0)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-02-08 07:38:32 +00:00
dependabot[bot]
8c3fea3c8c
Bump leaflet.locatecontrol from 0.72.0 to 0.72.2 
Bumps [leaflet.locatecontrol](https://github.com/domoritz/leaflet-locatecontrol) from 0.72.0 to 0.72.2.
- [Release notes](https://github.com/domoritz/leaflet-locatecontrol/releases)
- [Changelog](https://github.com/domoritz/leaflet-locatecontrol/blob/gh-pages/CHANGELOG.md)
- [Commits](https://github.com/domoritz/leaflet-locatecontrol/compare/v0.72.0...v0.72.2)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-02-08 05:01:26 +00:00
Tom Hughes
e430bc0f7f Fix URL generation for atom feed on history page 
Fixes #3085
 2021-02-07 16:24:14 +00:00
Tom Hughes
d15041f847 Use POST to submit OpenID login form 
Fixes #3084
 2021-02-06 15:04:33 +00:00
Tom Hughes
bc233420dd Allow form post to third party authentication providers 2021-02-06 11:10:14 +00:00
Tom Hughes
afce133d86 Merge remote-tracking branch 'upstream/pull/3082' 2021-02-04 08:44:56 +00:00
translatewiki.net
cae9707d0b Localisation updates from https://translatewiki.net. 2021-02-04 09:34:30 +01:00
dependabot[bot]
f1571a1fb5
Update actions/checkout requirement to v2.3.4 
Updates the requirements on [actions/checkout](https://github.com/actions/checkout) to permit the latest version.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](5a4ac9002d)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-02-04 06:45:23 +00:00
Andy Allan
86dbcb55f2
Merge pull request #2409 from jalessio/docker-compose-take2 
Add Docker Compose Support for Development Environment
 2021-02-03 18:07:29 +00:00
Tom Hughes
66b5e85845 Merge remote-tracking branch 'upstream/pull/3078' 2021-02-03 14:48:24 +00:00
Tom Hughes
e4c7342450 Merge remote-tracking branch 'upstream/pull/3079' 2021-02-03 14:48:19 +00:00
Andy Allan
5e307c1ceb Merge branch 'pull/2486' 2021-02-03 14:22:16 +00:00
mmd-osm
4e6d729529 Remove /api/0.6/changes endpoint 
Also removes sql functions which are only used by this endpoint
 2021-02-03 14:06:34 +00:00
Andy Allan
1dc1c03225 Rework welcome message to use bootstrap buttons 
I also reworked the layout to use flex utilities and avoid using a white button border as a spacing hack. In future this will be better done with start/end utilities, avoiding the need to be fancy with negative margins.
 2021-02-03 13:44:52 +00:00
Andy Allan
05dd681abf Refactor the export form to use bootstrap form controls 
I started refatoring the export inputs to use a flex grid instead of
floats, but this is perhaps the one place on the whole site where left/right
makes sense since even in rtl we want min_lon on the left.
 2021-02-03 13:44:52 +00:00
Andy Allan
f173895b00 Use small bootstrap buttons for oauth client actions 2021-02-03 13:44:52 +00:00
Andy Allan
e6dcf94577 Use small bootstrap buttons for message inbox and outbox actions 2021-02-03 13:44:52 +00:00
Andy Allan
fd6273cfb8 Refactor user_blocks revoke form to use bootstrap 2021-02-03 13:44:52 +00:00
Andy Allan
b6277bda20 Use bootstrap form styles for update home checkbox 
This slipped through the refactoring last week.
 2021-02-03 09:39:43 +00:00
Tom Hughes
5912a8011b Update to Omniauth 2.x 
This requires converting all use of the /auth endpoints
to use the POST method as GET is no longer supported.
 2021-02-02 19:49:03 +00:00