Commit graph

142 commits

Author SHA1 Message Date
Renaud Chaput
2a369a8977
Use a system setting for the Referer policy (#33239) 2024-12-10 13:16:52 +00:00
Eugen Rochko
425311e1d9
Change referrer policy to be controlled by header in web UI (#33214) 2024-12-09 22:42:45 +00:00
Matt Jankowski
a20dca7327
Restore stdout logging setting in development environment (#33057) 2024-11-24 20:00:37 +00:00
Matt Jankowski
41227aeb95
Update Rails to version 7.2.2 (#30391) 2024-11-07 14:58:20 +00:00
Matt Jankowski
40b4f73c18
Pre-import Rails 7.2 generated config minor changes (#30579) 2024-10-21 08:07:07 +00:00
David Roetzel
388d5473e1
Refactor (ruby) redis configuration (#31694) 2024-09-02 14:19:55 +00:00
Matt Jankowski
222ab80557
Fix Style/GlobalStdStream cop in environments/* files (#30694) 2024-06-14 09:50:33 +00:00
Matt Jankowski
0e1110c947
Use SECRET_KEY_BASE_DUMMY feature as placeholder during asset compilation (#30505) 2024-06-10 20:08:04 +00:00
Matt Jankowski
a5e3b814a2
Remove Status/ivar/shapes regression check from test env (#30580) 2024-06-07 10:00:51 +00:00
Matt Jankowski
3dfc7267e2
Rename deprecated config option to enable_reloading in dev env (#30577) 2024-06-07 10:00:27 +00:00
Nick Schonning
13fb54920b
Enable Style/IfUnlessModifier RuboCop (#30260) 2024-05-13 09:54:15 +00:00
Matt Jankowski
1e7d5d2957
Update devise-two-factor to version 5.0.0 (#28325)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-05-02 09:31:41 +00:00
Matt Jankowski
369b2ef0ed
Fix Style/TrailingCommaInHashLiteral cop (#30004) 2024-04-19 20:52:01 +00:00
Matt Jankowski
933189887b
Fix Style/StringLiterals cop (#30005) 2024-04-19 20:33:00 +00:00
Matt Jankowski
c8f59d2ca4
Fix Style/TernaryParentheses cop (#28387) 2024-01-25 13:28:49 +00:00
Matt Jankowski
42afd30324
Replace Sprockets with Propshaft (#28239) 2023-12-06 10:19:24 +00:00
Matt Jankowski
33cc3ae8fa
Fix Style/StabbyLambdaParentheses cop (#27771) 2023-11-08 12:01:18 +00:00
Matt Jankowski
9a3d047f3e
Run bin/rails app:update with Rails 7.1 (#27522) 2023-10-25 13:56:09 +00:00
Nick Schonning
85db392464
Autofix Rubocop cops for config/ (#24145) 2023-10-03 15:24:12 +02:00
Claire
cab4cbfa5c
Fix “Scoped order is ignored, it's forced to be batch order.” warnings (#26793) 2023-09-05 15:37:23 +02:00
Christian Schmidt
075cc8e8a6
Improve Codespaces port forwarding (#26400) 2023-08-29 10:20:36 +02:00
Matt Jankowski
ce43ed144c
Rails 7.0 update (#25668) 2023-07-13 09:36:07 +02:00
Nick Schonning
1d557305d2
Enable Rubocop Style/FrozenStringLiteralComment (#23793) 2023-07-12 09:47:08 +02:00
Eugen Rochko
ba06a2f104
Revert "Rails 7 update" (#25667) 2023-07-02 11:14:22 +02:00
Matt Jankowski
50c2a03695
Rails 7 update (#24241) 2023-07-02 10:38:53 +02:00
Nick Schonning
1fe04f740a
Enable Rubocop Rails/FilePath (#23854) 2023-05-04 05:50:40 +02:00
mogaminsk
e0d075713f
Change i18n-fallbacks to English (#24727) 2023-04-30 02:22:20 +02:00
Eugen Rochko
0ca54a4105
Remove Permissions-Policy header from all responses (#24124) 2023-03-20 20:02:09 +01:00
Jean byroot Boussier
160f38f03d
Workaround the ActiveRecord / Marshal serialization bug on Ruby 3.2 (#24142)
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2023-03-17 14:37:30 +01:00
Eugen Rochko
630436ab2d
Refactor monkey-patching of PrivateAddressCheck (#24122) 2023-03-16 04:33:38 +01:00
Eugen Rochko
f0e727f958
Add cache headers to static files served through Rails (#24120) 2023-03-16 02:55:54 +01:00
Eugen Rochko
8cb2543ee5
Add SENDFILE_HEADER environment variable (#24123) 2023-03-16 02:55:13 +01:00
Eugen Rochko
6fa81ca17e
Remove bullet and active_record_query_trace gems (#24121) 2023-03-16 02:53:55 +01:00
Jean byroot Boussier
922837dc96
Upgrade to latest redis-rb 4.x and fix deprecations (#23616)
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2023-03-04 16:38:28 +01:00
Claire
02c6bad3ca
Change unintended SMTP read timeout from 5 seconds to 20 seconds (#23750) 2023-03-03 20:37:22 +01:00
Claire
cff7d967f9
Fix CSRF protection (#23037)
Fix regression from #23014
2023-01-10 14:33:40 +01:00
Claire
aefefc74c4
Change referrer-policy to no-referrer application-wide (#23014) 2023-01-10 05:18:43 +01:00
Rose
4f15fd0ba1
Fix style for hashes (#20518)
* Fix style for hashes

Make the style for hashes consistent.

* New style

More consistency
2022-11-17 11:05:39 +01:00
Yamagishi Kazutoshi
19a8563905
Fix ENV (#20377) 2022-11-11 01:33:32 +01:00
F
9feba112a7
Make enable_starttls configurable by envvars (#20321)
ENABLE_STARTTLS is designed to replace ENABLE_STARTTLS_AUTO by accepting
three values: 'auto' (the default), 'always', and 'never'. If
ENABLE_STARTTLS isn't provided, we fall back to ENABLE_STARTTLS_AUTO. In
this way, this change should be fully backwards compatible.

Resolves #20311
2022-11-10 21:06:21 +01:00
Arya K
af9c9936dd
Fix I2P HTTPS redirect (#18929) 2022-08-25 04:37:09 +02:00
Yamagishi Kazutoshi
5781d1db84
Fix parsing TRUSTED_PROXY_IP (#18051) 2022-04-19 08:11:58 +01:00
Eugen Rochko
8c03b45fff
Fix unset SMTP_RETURN_PATH environment variable causing e-mail not to send (#17982) 2022-04-07 13:32:12 +02:00
Eugen Rochko
56edc6552f
Add SMTP_RETURN_PATH environment variable to set bounce domain (#17886) 2022-03-28 09:39:31 +02:00
Claire
03d59340da
Fix Sidekiq warnings about JSON serialization (#17381)
* Fix Sidekiq warnings about JSON serialization

This occurs on every symbol argument we pass, and every symbol key in hashes,
because Sidekiq expects strings instead.

See https://github.com/mperham/sidekiq/pull/5071

We do not need to change how workers parse their arguments because this has
not changed and we were already converting to symbols adequately or using
`with_indifferent_access`.

* Set Sidekiq to raise on unsafe arguments in test mode

In order to more easily catch issues that would produce warnings in production
code.
2022-01-28 00:43:56 +01:00
Wonderfall
244726e2e8
disable legacy XSS filtering (#17289)
Browsers are phasing out X-XSS-Protection, but Safari and IE still support it.
2022-01-24 13:14:26 +01:00
tkr
b52fdb4c6f
Fix SMTP_ENABLE_STARTTLS_AUTO/SMTP_TLS/SMTP_SSL environment variables don't work (#17216)
#17215
2022-01-13 12:05:22 +01:00
Eugen Rochko
fe71548844
Fix warnings on Rails boot (#16946) 2021-12-27 00:47:20 +01:00
Sandro
085da13933
Default to system ca-certificates.crt if none is specified (#10857)
Co-Authored-By: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-10-14 21:05:50 +02:00
Claire
1efcbb9cfe
Add Message-ID header to outgoing emails (#16076)
* Add Message-ID header to outgoing emails

* Use email domain name from SMTP_FROM_ADDRESS, fallback on WEB_DOMAIN on failure

* Use notifications@localhost as fallback for SMTP_FROM_ADDRESS, do not catch parse errors
2021-04-19 18:41:29 +02:00