Foodsoft/foodsoft
1
1
Fork 0
Code Issues 36 Pull requests 5 Projects 1 Releases Wiki Activity
2232 commits 22 branches 1 tag 31 MiB
Commit graph

208 commits

Author SHA1 Message Date
Patrick Gansterer
7657b05787 Add links plugin 
This can be used to link to external services related to the foodcoop.
With the indirect mode it is possible to implement a secure login to other
services. In that case Foodsoft will send a HTTP GET request and redirect
the user to the returned Location header. This allows the generation of
a one-time login URL.
A typical use-case would be that a workgroup, which is responsible for
the email account, does not need to share the login credentials and can
use a link within the Foodsoft instead.
 2020-07-29 11:25:04 +02:00
dependabot[bot]
b089b7c186
Bump json from 2.2.0 to 2.3.1 (#739) 
Bumps [json](https://github.com/flori/json) from 2.2.0 to 2.3.1.
- [Release notes](https://github.com/flori/json/releases)
- [Changelog](https://github.com/flori/json/blob/master/CHANGES.md)
- [Commits](https://github.com/flori/json/compare/v2.2.0...v2.3.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-07-28 18:14:56 +00:00
dependabot[bot]
682d9d23b5 Bump kaminari from 1.1.1 to 1.2.1 
Bumps [kaminari](https://github.com/kaminari/kaminari) from 1.1.1 to 1.2.1.
- [Release notes](https://github.com/kaminari/kaminari/releases)
- [Changelog](https://github.com/kaminari/kaminari/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kaminari/kaminari/compare/v1.1.1...v1.2.1)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-06-22 16:54:33 +02:00
dependabot[bot]
cc15ea16dc Bump websocket-extensions from 0.1.4 to 0.1.5 
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-ruby) from 0.1.4 to 0.1.5.
- [Release notes](https://github.com/faye/websocket-extensions-ruby/releases)
- [Changelog](https://github.com/faye/websocket-extensions-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faye/websocket-extensions-ruby/compare/0.1.4...0.1.5)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-06-22 16:53:55 +02:00
dependabot[bot]
2b9b4a1ca7 Bump puma from 4.3.3 to 4.3.5 
Bumps [puma](https://github.com/puma/puma) from 4.3.3 to 4.3.5.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-06-22 16:53:24 +02:00
dependabot[bot]
ae0a0f40cf Bump doorkeeper from 5.0.2 to 5.0.3 
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.0.2 to 5.0.3.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.0.2...v5.0.3)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-06-22 16:52:52 +02:00
dependabot[bot]
b6542fb711
Bump puma from 4.3.1 to 4.3.3 (#723) 
Bumps [puma](https://github.com/puma/puma) from 4.3.1 to 4.3.3.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.1...v4.3.3)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-02-29 19:36:40 +00:00
dependabot[bot]
62e7550a8b
Bump nokogiri from 1.10.4 to 1.10.8 (#721) 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.4 to 1.10.8.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.4...v1.10.8)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-02-29 14:48:19 +00:00
dependabot[bot]
54f9ffcc52 Bump puma from 4.2.1 to 4.3.1 
Bumps [puma](https://github.com/puma/puma) from 4.2.1 to 4.3.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.2.1...v4.3.1)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-02-24 14:31:23 +01:00
Patrick Gansterer
d476993321 Add polls plugin 2020-02-24 14:27:22 +01:00
dependabot[bot]
b0ae35f73a Bump rack from 1.6.11 to 1.6.12 (PR #713) 
Bumps [rack](https://github.com/rack/rack) from 1.6.11 to 1.6.12.
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rack/rack/compare/1.6.11...1.6.12)

Signed-off-by: dependabot[bot] <support@github.com>
 2019-12-19 12:59:08 +00:00
dependabot[bot]
f84e111b79 Bump rack-cors from 1.0.3 to 1.0.6 
Bumps [rack-cors](https://github.com/cyu/rack-cors) from 1.0.3 to 1.0.6.
- [Release notes](https://github.com/cyu/rack-cors/releases)
- [Changelog](https://github.com/cyu/rack-cors/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cyu/rack-cors/compare/v1.0.3...v1.0.6)

Signed-off-by: dependabot[bot] <support@github.com>
 2019-11-16 00:30:19 +01:00
Martin Meyerhoff
5d82f16c70 Lock SQLite3 to < 1.4 2019-11-12 06:51:24 +01:00
Patrick Gansterer
39aff78f11 Remove protected_attributes gem 
We do not enforce the rules, so removing it and switching the existing
annotations to strong_parameters does not make our situation worse.
 2019-10-29 18:09:24 +01:00
Patrick Gansterer
bee671c90e Remove deprecated and obsolete quiet_assets gem 
As of sprockets-rails version 3.1.0 the same functionality can be
enabled via config.assets.quiet.
 2019-10-29 09:40:22 +01:00
wvengen
6d9c35db20 Move to apparition for integration tests 2019-10-28 17:58:14 +00:00
wvengen
8823ca2060 Bundle update (except capybara) 2019-10-28 17:58:14 +00:00
wvengen
84319d2c1a Update midi-smtp-server and silence test messages 2019-10-28 17:58:14 +00:00
wvengen
f2cb17bcd6 Upgrade factory_bot, faker 2019-10-28 17:58:14 +00:00
wvengen
900cc91197 API documentation and spec setup 2019-04-03 17:08:38 +00:00
Tom Carchrae
0d9acd3082 localize without errors applying to non-string values 2019-04-03 17:07:46 +00:00
wvengen
bb4d9d132c Add missing explicit dependency (#640) 2019-03-27 16:50:12 +01:00
Patrick Gansterer
c56a936aea Bundle update (CVE-2018-16468, CVE-2018-16471, CVE-2018-16476) 2018-12-18 16:27:52 +01:00
wvengen
110c7cc3e9 API v1 user endpoint 2018-10-13 20:41:47 +02:00
wvengen
fd96b6ccc1
Prepare for API v1 (PR #570) 2018-10-13 20:16:35 +02:00
wvengen
d9ae0d11b0
Bundle update (CVE-2018-3760, requires Ruby 2.3, PR #561) 2018-10-13 20:04:00 +02:00
wvengen
6ee1ce51f0 Bundle update nokogiri rails-html-sanitizer (CVE-2017-15412, CVE-2018-3741) 2018-03-24 15:35:43 +01:00
wvengen
3afbeb1be3 Bundle update nokogiri sinatra (CVE-2017-15412, CVE-2018-7212) 2018-03-16 14:25:14 +01:00
wvengen
f5bea41ccf
Remove Capistrano (#491, PR #521) 2017-10-28 19:50:02 +02:00
wvengen
8a5c130875 Bundle update 2017-10-27 23:21:31 +02:00
Patrick Gansterer
da1ebe915c Use deface in wiki plugin 2017-10-26 21:23:51 +02:00
Patrick Gansterer
c3927e4013 Enable documents plugin by default 2017-10-12 20:46:39 +02:00
Patrick Gansterer
380bd62168 Bundle update #470 2017-10-09 22:23:23 +02:00
wvengen
5ca61dca82 Bundle update 2017-10-01 00:23:10 +02:00
Patrick Gansterer
185f682f6c Remove useless text from received mails via the email_reply_trimmer gem 2017-09-30 18:06:03 +02:00
Patrick Gansterer
7d594bf391 Move SMTP server from messages plugin into core 2017-09-30 13:44:04 +02:00
Patrick Gansterer
0edc780ec7 Add Discourse plugin 2017-09-22 13:58:00 +02:00
wvengen
6fddef354d Bundle update nokogiri and mail (CVE-2017-5029, CVE-2015-9097) 2017-07-31 23:32:19 +02:00
Robin Schneider
897d31e340 Install all dependencies in an authenticated way (https) 
git:// is unauthenticated!!!
 2017-04-10 09:26:33 +02:00
wvengen
240decb4f3 Relax deface version (fixes USN-3235-1) 2017-04-01 16:09:27 +02:00
wvengen
b857b10814 Fix specs after update (switching to webkit) 2017-04-01 15:18:56 +02:00
wvengen
ddf7402a3b Bundle update (includes CVE-2017-5946) 2017-04-01 15:18:56 +02:00
Patrick Gansterer
3a49e79548 Add mini-smtp-server gem dependency 2017-02-04 07:17:17 +01:00
wvengen
9e53b01ca3 Update Gemfile versions where it doesn't break things 2016-06-11 19:42:14 +02:00
wvengen
c2dc1d8697 Bundle update 2016-06-11 19:23:46 +02:00
Patrick Gansterer
749791bb7a Add possibility to add an attachment to an invoice #345 2016-05-06 15:04:58 +02:00
wvengen
2e2efec5e7 Get rid of coffeescript. 2016-04-25 20:34:30 +02:00
wvengen
61189dc035 Bundle update 2016-04-07 16:07:58 +02:00
Patrick Gansterer
4e35e2d58e Add handling for message reply via email 
If the reply_email_domain configuration is set the messages plugin will
use unique Reply-To addresses for every email. They contain enough
information to reconstruct the message context and a hash to avoid
user forgery and spam.
A mail transfer agent must be configured to call the new rake task
foodsoft:parse_reply_email for incoming mails. The rake task requires
the receipt of the mail in the RECIPIENT variable and the raw message
via standard input. An example invocation would look like:
rake foodsoft:parse_reply_email RECIPIENT=f.1.1.HASH < test.eml
 2016-03-04 18:11:27 +01:00
wvengen
9f919c3e54 Bundle update (for CVE-2016-2098) 2016-03-02 23:10:01 +01:00