Commit Graph

142 Commits (74ff263f5d8b0c4b0f71613d97dd30a4bfe6a91d)

Author SHA1 Message Date
Renaud Chaput 2a369a8977
Use a system setting for the Referer policy (#33239) 2024-12-10 13:16:52 +00:00
Eugen Rochko 425311e1d9
Change referrer policy to be controlled by header in web UI (#33214) 2024-12-09 22:42:45 +00:00
Matt Jankowski a20dca7327
Restore stdout logging setting in development environment (#33057) 2024-11-24 20:00:37 +00:00
Matt Jankowski 41227aeb95
Update Rails to version 7.2.2 (#30391) 2024-11-07 14:58:20 +00:00
Matt Jankowski 40b4f73c18
Pre-import Rails 7.2 generated config minor changes (#30579) 2024-10-21 08:07:07 +00:00
David Roetzel 388d5473e1
Refactor (ruby) redis configuration (#31694) 2024-09-02 14:19:55 +00:00
Matt Jankowski 222ab80557
Fix `Style/GlobalStdStream` cop in environments/* files (#30694) 2024-06-14 09:50:33 +00:00
Matt Jankowski 0e1110c947
Use `SECRET_KEY_BASE_DUMMY` feature as placeholder during asset compilation (#30505) 2024-06-10 20:08:04 +00:00
Matt Jankowski a5e3b814a2
Remove Status/ivar/shapes regression check from test env (#30580) 2024-06-07 10:00:51 +00:00
Matt Jankowski 3dfc7267e2
Rename deprecated config option to `enable_reloading` in dev env (#30577) 2024-06-07 10:00:27 +00:00
Nick Schonning 13fb54920b
Enable Style/IfUnlessModifier RuboCop (#30260) 2024-05-13 09:54:15 +00:00
Matt Jankowski 1e7d5d2957
Update `devise-two-factor` to version 5.0.0 (#28325)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-05-02 09:31:41 +00:00
Matt Jankowski 369b2ef0ed
Fix `Style/TrailingCommaInHashLiteral` cop (#30004) 2024-04-19 20:52:01 +00:00
Matt Jankowski 933189887b
Fix `Style/StringLiterals` cop (#30005) 2024-04-19 20:33:00 +00:00
Matt Jankowski c8f59d2ca4
Fix `Style/TernaryParentheses` cop (#28387) 2024-01-25 13:28:49 +00:00
Matt Jankowski 42afd30324
Replace Sprockets with Propshaft (#28239) 2023-12-06 10:19:24 +00:00
Matt Jankowski 33cc3ae8fa
Fix `Style/StabbyLambdaParentheses` cop (#27771) 2023-11-08 12:01:18 +00:00
Matt Jankowski 9a3d047f3e
Run `bin/rails app:update` with Rails 7.1 (#27522) 2023-10-25 13:56:09 +00:00
Nick Schonning 85db392464
Autofix Rubocop cops for config/ (#24145) 2023-10-03 15:24:12 +02:00
Claire cab4cbfa5c
Fix “Scoped order is ignored, it's forced to be batch order.” warnings (#26793) 2023-09-05 15:37:23 +02:00
Christian Schmidt 075cc8e8a6
Improve Codespaces port forwarding (#26400) 2023-08-29 10:20:36 +02:00
Matt Jankowski ce43ed144c
Rails 7.0 update (#25668) 2023-07-13 09:36:07 +02:00
Nick Schonning 1d557305d2
Enable Rubocop Style/FrozenStringLiteralComment (#23793) 2023-07-12 09:47:08 +02:00
Eugen Rochko ba06a2f104
Revert "Rails 7 update" (#25667) 2023-07-02 11:14:22 +02:00
Matt Jankowski 50c2a03695
Rails 7 update (#24241) 2023-07-02 10:38:53 +02:00
Nick Schonning 1fe04f740a
Enable Rubocop Rails/FilePath (#23854) 2023-05-04 05:50:40 +02:00
mogaminsk e0d075713f
Change i18n-fallbacks to English (#24727) 2023-04-30 02:22:20 +02:00
Eugen Rochko 0ca54a4105
Remove `Permissions-Policy` header from all responses (#24124) 2023-03-20 20:02:09 +01:00
Jean byroot Boussier 160f38f03d
Workaround the ActiveRecord / Marshal serialization bug on Ruby 3.2 (#24142)
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2023-03-17 14:37:30 +01:00
Eugen Rochko 630436ab2d
Refactor monkey-patching of `PrivateAddressCheck` (#24122) 2023-03-16 04:33:38 +01:00
Eugen Rochko f0e727f958
Add cache headers to static files served through Rails (#24120) 2023-03-16 02:55:54 +01:00
Eugen Rochko 8cb2543ee5
Add `SENDFILE_HEADER` environment variable (#24123) 2023-03-16 02:55:13 +01:00
Eugen Rochko 6fa81ca17e
Remove `bullet` and `active_record_query_trace` gems (#24121) 2023-03-16 02:53:55 +01:00
Jean byroot Boussier 922837dc96
Upgrade to latest redis-rb 4.x and fix deprecations (#23616)
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2023-03-04 16:38:28 +01:00
Claire 02c6bad3ca
Change unintended SMTP read timeout from 5 seconds to 20 seconds (#23750) 2023-03-03 20:37:22 +01:00
Claire cff7d967f9
Fix CSRF protection (#23037)
Fix regression from #23014
2023-01-10 14:33:40 +01:00
Claire aefefc74c4
Change referrer-policy to no-referrer application-wide (#23014) 2023-01-10 05:18:43 +01:00
Rose 4f15fd0ba1
Fix style for hashes (#20518)
* Fix style for hashes

Make the style for hashes consistent.

* New style

More consistency
2022-11-17 11:05:39 +01:00
Yamagishi Kazutoshi 19a8563905
Fix `ENV` (#20377) 2022-11-11 01:33:32 +01:00
F 9feba112a7
Make enable_starttls configurable by envvars (#20321)
ENABLE_STARTTLS is designed to replace ENABLE_STARTTLS_AUTO by accepting
three values: 'auto' (the default), 'always', and 'never'. If
ENABLE_STARTTLS isn't provided, we fall back to ENABLE_STARTTLS_AUTO. In
this way, this change should be fully backwards compatible.

Resolves #20311
2022-11-10 21:06:21 +01:00
Arya K af9c9936dd
Fix I2P HTTPS redirect (#18929) 2022-08-25 04:37:09 +02:00
Yamagishi Kazutoshi 5781d1db84
Fix parsing `TRUSTED_PROXY_IP` (#18051) 2022-04-19 08:11:58 +01:00
Eugen Rochko 8c03b45fff
Fix unset `SMTP_RETURN_PATH` environment variable causing e-mail not to send (#17982) 2022-04-07 13:32:12 +02:00
Eugen Rochko 56edc6552f
Add `SMTP_RETURN_PATH` environment variable to set bounce domain (#17886) 2022-03-28 09:39:31 +02:00
Claire 03d59340da
Fix Sidekiq warnings about JSON serialization (#17381)
* Fix Sidekiq warnings about JSON serialization

This occurs on every symbol argument we pass, and every symbol key in hashes,
because Sidekiq expects strings instead.

See https://github.com/mperham/sidekiq/pull/5071

We do not need to change how workers parse their arguments because this has
not changed and we were already converting to symbols adequately or using
`with_indifferent_access`.

* Set Sidekiq to raise on unsafe arguments in test mode

In order to more easily catch issues that would produce warnings in production
code.
2022-01-28 00:43:56 +01:00
Wonderfall 244726e2e8
disable legacy XSS filtering (#17289)
Browsers are phasing out X-XSS-Protection, but Safari and IE still support it.
2022-01-24 13:14:26 +01:00
tkr b52fdb4c6f
Fix SMTP_ENABLE_STARTTLS_AUTO/SMTP_TLS/SMTP_SSL environment variables don't work (#17216)
#17215
2022-01-13 12:05:22 +01:00
Eugen Rochko fe71548844
Fix warnings on Rails boot (#16946) 2021-12-27 00:47:20 +01:00
Sandro 085da13933
Default to system ca-certificates.crt if none is specified (#10857)
Co-Authored-By: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-10-14 21:05:50 +02:00
Claire 1efcbb9cfe
Add Message-ID header to outgoing emails (#16076)
* Add Message-ID header to outgoing emails

* Use email domain name from SMTP_FROM_ADDRESS, fallback on WEB_DOMAIN on failure

* Use notifications@localhost as fallback for SMTP_FROM_ADDRESS, do not catch parse errors
2021-04-19 18:41:29 +02:00