From 4c4ae7e8a0bb1d979f4d53682eda8bdaf485261b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 27 Jan 2022 14:47:49 +0000 Subject: [PATCH 01/18] Bump sidekiq from 6.2.1 to 6.4.0 Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.2.1 to 6.4.0. - [Release notes](https://github.com/mperham/sidekiq/releases) - [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md) - [Commits](https://github.com/mperham/sidekiq/compare/v6.2.1...v6.4.0) --- updated-dependencies: - dependency-name: sidekiq dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index ee7be9a7c..571dbe62e 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -321,7 +321,7 @@ GEM recurrence (1.3.0) activesupport i18n - redis (4.4.0) + redis (4.5.1) repost (0.3.2) responders (2.4.1) actionpack (>= 4.2.0, < 6.0) @@ -351,7 +351,7 @@ GEM activesupport (>= 4) semantic_range (2.3.0) sha3 (1.0.1) - sidekiq (6.2.1) + sidekiq (6.4.0) connection_pool (>= 2.2.2) rack (~> 2.0) redis (>= 4.2.0) From 9d34ffedb316a2b01054c80014c675eae9d1b692 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 27 Feb 2022 10:29:48 +0000 Subject: [PATCH 02/18] Bump url-parse from 1.5.3 to 1.5.10 Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](https://github.com/unshiftio/url-parse/compare/1.5.3...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] --- yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/yarn.lock b/yarn.lock index 047f00494..52a761b1f 100644 --- a/yarn.lock +++ b/yarn.lock @@ -8832,9 +8832,9 @@ urix@^0.1.0: integrity sha1-2pN/emLiH+wf0Y1Js1wpNQZ6bHI= url-parse@^1.4.3, url-parse@^1.5.1: - version "1.5.3" - resolved "https://registry.yarnpkg.com/url-parse/-/url-parse-1.5.3.tgz#71c1303d38fb6639ade183c2992c8cc0686df862" - integrity sha512-IIORyIQD9rvj0A4CLWsHkBBJuNqWpFQe224b6j9t/ABmquIS0qDU2pY6kl6AuOrL5OkCXHMCFNe1jBcuAggjvQ== + version "1.5.10" + resolved "https://registry.yarnpkg.com/url-parse/-/url-parse-1.5.10.tgz#9d3c2f736c1d75dd3bd2be507dcc111f1e2ea9c1" + integrity sha512-WypcfiRhfeUP9vvF0j6rw0J3hrWrw6iZv3+22h6iRMJ/8z1Tj6XfLP4DsUix5MhMPnXpiHDoKyoZ/bdCkwBCiQ== dependencies: querystringify "^2.1.1" requires-port "^1.0.0" From 5eff4e4f41f3c8d88ab145b4cecb198dc2ee514f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 1 Mar 2022 23:31:46 +0000 Subject: [PATCH 03/18] Bump image_processing from 1.12.1 to 1.12.2 Bumps [image_processing](https://github.com/janko/image_processing) from 1.12.1 to 1.12.2. - [Release notes](https://github.com/janko/image_processing/releases) - [Changelog](https://github.com/janko/image_processing/blob/master/CHANGELOG.md) - [Commits](https://github.com/janko/image_processing/compare/v1.12.1...v1.12.2) --- updated-dependencies: - dependency-name: image_processing dependency-type: indirect ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index ee7be9a7c..b3ff80a8d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -143,7 +143,7 @@ GEM i18n (>= 1.6, < 2) faraday (0.17.3) multipart-post (>= 1.2, < 3) - ffi (1.15.4) + ffi (1.15.5) foreman (0.87.0) forgery (0.7.0) friendly_id (5.1.0) @@ -166,7 +166,7 @@ GEM ice_cube (~> 0.16) ice_cube (0.16.3) ice_nine (0.11.2) - image_processing (1.12.1) + image_processing (1.12.2) mini_magick (>= 4.9.5, < 5) ruby-vips (>= 2.0.17, < 3) jaro_winkler (1.5.4) @@ -337,8 +337,8 @@ GEM unicode-display_width (~> 1.4.0) ruby-progressbar (1.10.1) ruby-rc4 (0.1.5) - ruby-vips (2.0.17) - ffi (~> 1.9) + ruby-vips (2.1.4) + ffi (~> 1.12) rubyXL (3.4.14) nokogiri (>= 1.10.8) rubyzip (>= 1.3.0) From 24a048b1d4e92f862ec52dc3e20a4e0971b21f0f Mon Sep 17 00:00:00 2001 From: vincent Date: Tue, 8 Mar 2022 12:16:43 +0100 Subject: [PATCH 04/18] Fix cookies modal's size --- .../src/stylesheets/modules/cookies.scss | 29 ++++++++++++------- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/app/frontend/src/stylesheets/modules/cookies.scss b/app/frontend/src/stylesheets/modules/cookies.scss index 039bf2c60..eb386d59c 100644 --- a/app/frontend/src/stylesheets/modules/cookies.scss +++ b/app/frontend/src/stylesheets/modules/cookies.scss @@ -1,25 +1,28 @@ .cookies-consent { display: flex; position: fixed; - bottom: 3rem; - left: 3rem; - width: 40rem; + right: 0; + bottom: 0; + left: 0; background-color: #f5f5f5; padding: 3rem; flex-direction: column; z-index: 100; - -webkit-box-shadow: 0 4px 10px 2px rgba(224, 224, 224, 0.43); - -moz-box-shadow: 0 4px 10px 2px rgba(224, 224, 224, 0.43); - box-shadow: 0 4px 10px 2px rgba(224, 224, 224, 0.43); + -webkit-box-shadow: 0 4px 10px 2px rgba(0, 0, 0, 0.25); + -moz-box-shadow: 0 4px 10px 2px rgba(0, 0, 0, 0.25); + box-shadow: 0 4px 10px 2px rgba(0, 0, 0, 0.25); .cookies-actions { + flex-wrap: wrap; display: flex; - height: 45px; - + justify-content: space-between; + gap: 1rem; + margin-top: 1rem; + button { - flex-basis: 50%; + @extend .fab-button; + flex: 1; } - button.decline { background-color: transparent; border: 0; @@ -31,4 +34,10 @@ font-size: 17px; } } + + @media (min-width: 480px) { + bottom: 3rem; + left: 3rem; + width: 40rem; + } } From 60f2e9c53398eb6fb7372e8a46ec679c532a15b0 Mon Sep 17 00:00:00 2001 From: Nicolas Florentin Date: Tue, 8 Mar 2022 14:23:55 +0100 Subject: [PATCH 05/18] improves notify_admin_payment_schedule_failed and notify_member_payment_schedule_failed email texts --- config/locales/mails.en.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/locales/mails.en.yml b/config/locales/mails.en.yml index 149f681d5..92cf1b735 100644 --- a/config/locales/mails.en.yml +++ b/config/locales/mails.en.yml @@ -313,13 +313,13 @@ en: body: remember: "In accordance with the %{REFERENCE} payment schedule, a debit by card of %{AMOUNT} was scheduled on %{DATE}." error: "Unfortunately, this card debit was unable to complete successfully." - action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After about 24 hours, the card subscription will be cancelled." + action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After a certain period of time, the card subscription could be cancelled." notify_member_payment_schedule_failed: subject: "[URGENT] Card debit failure" body: remember: "In accordance with your %{REFERENCE} payment schedule, a debit by card of %{AMOUNT} was scheduled on %{DATE}." error: "Unfortunately, this card debit was unable to complete successfully." - action_html: "Please check %{DASHBOARD} or contact a manager before 24 hours, otherwise your subscription may be interrupted." + action_html: "Please check %{DASHBOARD} or contact a manager quickly, otherwise your subscription may be interrupted." your_dashboard: "your dashboard" notify_admin_payment_schedule_gateway_canceled: subject: "[URGENT] Payment schedule canceled by the payment gateway" From c1651cff6525342dc50b40a918eff79908de200a Mon Sep 17 00:00:00 2001 From: Sylvain Date: Tue, 8 Mar 2022 14:29:35 +0100 Subject: [PATCH 06/18] New translations mails.en.yml (French) --- config/locales/mails.fr.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/locales/mails.fr.yml b/config/locales/mails.fr.yml index 3de801a1d..cf302beac 100644 --- a/config/locales/mails.fr.yml +++ b/config/locales/mails.fr.yml @@ -313,13 +313,13 @@ fr: body: remember: "Conformément à l'échéancier de paiement %{REFERENCE}, un prélèvement par carte de %{AMOUNT} était prévu le %{DATE}." error: "Malheureusement, ce prélèvement n'a pas pu être effectué correctement." - action: "Veuillez vous mettre en relation avec le membre au plus tôt, puis vous rendre dans l'interface de gestion des échéanciers afin de régler le problème. Au delà d'environ 24 heures, l'abonnement par carte bancaire sera annulé." + action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After a certain period of time, the card subscription could be cancelled." notify_member_payment_schedule_failed: subject: "[URGENT] Échec du prélèvement par carte" body: remember: "Conformément à votre échéancier de paiement %{REFERENCE}, un prélèvement par carte de %{AMOUNT} était prévu le %{DATE}." error: "Malheureusement, ce prélèvement n'a pas pu être effectué correctement." - action_html: "Veuillez vous rendre dans %{DASHBOARD} ou prendre contact avec un gestionnaire sous 24 heures, faute de quoi votre abonnement risque d'être interrompu." + action_html: "Please check %{DASHBOARD} or contact a manager quickly, otherwise your subscription may be interrupted." your_dashboard: "votre tableau de bord" notify_admin_payment_schedule_gateway_canceled: subject: "[URGENT] Échéancier de paiement annulé par la passerelle de paiement" From 320468c03f13b3ef233be75c00713f952c5ec125 Mon Sep 17 00:00:00 2001 From: Sylvain Date: Tue, 8 Mar 2022 14:29:36 +0100 Subject: [PATCH 07/18] New translations mails.en.yml (Spanish) --- config/locales/mails.es.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/locales/mails.es.yml b/config/locales/mails.es.yml index f0d05d3f7..f82ec81ac 100644 --- a/config/locales/mails.es.yml +++ b/config/locales/mails.es.yml @@ -313,13 +313,13 @@ es: body: remember: "In accordance with the %{REFERENCE} payment schedule, a debit by card of %{AMOUNT} was scheduled on %{DATE}." error: "Unfortunately, this card debit was unable to complete successfully." - action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After about 24 hours, the card subscription will be cancelled." + action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After a certain period of time, the card subscription could be cancelled." notify_member_payment_schedule_failed: subject: "[URGENT] Card debit failure" body: remember: "In accordance with your %{REFERENCE} payment schedule, a debit by card of %{AMOUNT} was scheduled on %{DATE}." error: "Unfortunately, this card debit was unable to complete successfully." - action_html: "Please check %{DASHBOARD} or contact a manager before 24 hours, otherwise your subscription may be interrupted." + action_html: "Please check %{DASHBOARD} or contact a manager quickly, otherwise your subscription may be interrupted." your_dashboard: "your dashboard" notify_admin_payment_schedule_gateway_canceled: subject: "[URGENT] Payment schedule canceled by the payment gateway" From 7b31ce165b631e936080abffc857068205e9a02a Mon Sep 17 00:00:00 2001 From: Sylvain Date: Tue, 8 Mar 2022 14:29:37 +0100 Subject: [PATCH 08/18] New translations mails.en.yml (German) --- config/locales/mails.de.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/locales/mails.de.yml b/config/locales/mails.de.yml index 9888ffc2f..b44103d8d 100644 --- a/config/locales/mails.de.yml +++ b/config/locales/mails.de.yml @@ -313,13 +313,13 @@ de: body: remember: "Gemäß dem Zahlungsplan von %{REFERENCE} wurde für %{DATE} eine Belastung der Karte in Höhe von %{AMOUNT} geplant." error: "Leider konnte die Abbuchung über die Karte nicht erfolgreich abgeschlossen werden." - action: "Bitte kontaktieren Sie das Mitglied so bald wie möglich und lösen Sie dann das Problem in der Verwaltung der Zahlungsfristen. Nach etwa 24 Stunden wird das Kartenabonnement storniert." + action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After a certain period of time, the card subscription could be cancelled." notify_member_payment_schedule_failed: subject: "[URGENT] Kartenbelastungsfehler" body: remember: "Gemäß Ihrem Zahlungsplan von %{REFERENCE} wurde für %{DATE} eine Belastung der Karte in Höhe von %{AMOUNT} geplant." error: "Leider konnte die Abbuchung über die Karte nicht erfolgreich abgeschlossen werden." - action_html: "Bitte überprüfen Sie %{DASHBOARD} oder kontaktieren Sie einen Manager innerhalb von 24 Stunden. Andernfalls kann Ihr Abonnement unterbrochen werden." + action_html: "Please check %{DASHBOARD} or contact a manager quickly, otherwise your subscription may be interrupted." your_dashboard: "Ihr Dashboard" notify_admin_payment_schedule_gateway_canceled: subject: "[URGENT] Zahlungsplan vom Zahlungs-Gateway abgebrochen" From f9c52dd586606bcc40105db3b0f14db25ccff8d2 Mon Sep 17 00:00:00 2001 From: Sylvain Date: Tue, 8 Mar 2022 14:29:38 +0100 Subject: [PATCH 09/18] New translations mails.en.yml (Norwegian) --- config/locales/mails.no.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/locales/mails.no.yml b/config/locales/mails.no.yml index 3685f5538..b02fdc717 100644 --- a/config/locales/mails.no.yml +++ b/config/locales/mails.no.yml @@ -313,13 +313,13 @@ body: remember: "In accordance with the %{REFERENCE} payment schedule, a debit by card of %{AMOUNT} was scheduled on %{DATE}." error: "Unfortunately, this card debit was unable to complete successfully." - action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After about 24 hours, the card subscription will be cancelled." + action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After a certain period of time, the card subscription could be cancelled." notify_member_payment_schedule_failed: subject: "[URGENT] Card debit failure" body: remember: "In accordance with your %{REFERENCE} payment schedule, a debit by card of %{AMOUNT} was scheduled on %{DATE}." error: "Unfortunately, this card debit was unable to complete successfully." - action_html: "Please check %{DASHBOARD} or contact a manager before 24 hours, otherwise your subscription may be interrupted." + action_html: "Please check %{DASHBOARD} or contact a manager quickly, otherwise your subscription may be interrupted." your_dashboard: "your dashboard" notify_admin_payment_schedule_gateway_canceled: subject: "[URGENT] Payment schedule canceled by the payment gateway" From 6a5546d5c7fac8f5f5b91b2cbe08e0479728ced7 Mon Sep 17 00:00:00 2001 From: Sylvain Date: Tue, 8 Mar 2022 14:29:39 +0100 Subject: [PATCH 10/18] New translations mails.en.yml (Portuguese) --- config/locales/mails.pt.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/locales/mails.pt.yml b/config/locales/mails.pt.yml index fcc81dda8..112b236f5 100755 --- a/config/locales/mails.pt.yml +++ b/config/locales/mails.pt.yml @@ -313,13 +313,13 @@ pt: body: remember: "De acordo com o calendário de pagamento de %{REFERENCE}, um débito por cartão de %{AMOUNT} foi agendado em %{DATE}." error: "Infelizmente, não foi possível completar o débito no cartão com sucesso." - action: "Por favor, entre em contato com o membro assim que possível, depois vá à interface de gestão de horários de pagamento para resolver o problema. Após cerca de 24 horas, a assinatura do cartão será cancelada." + action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After a certain period of time, the card subscription could be cancelled." notify_member_payment_schedule_failed: subject: "[URGENT] Falha no débito do cartão" body: remember: "De acordo com a sua agenda de pagamentos %{REFERENCE}, um débito por cartão de %{AMOUNT} foi agendado para %{DATE}." error: "Infelizmente, não foi possível completar o débito no cartão com sucesso." - action_html: "Por favor, verifique %{DASHBOARD} ou entre em contato com um gerente antes de 24 horas, caso contrário sua assinatura pode ser interrompida." + action_html: "Please check %{DASHBOARD} or contact a manager quickly, otherwise your subscription may be interrupted." your_dashboard: "seu dashboard" notify_admin_payment_schedule_gateway_canceled: subject: "[URGENT] Payment schedule canceled by the payment gateway" From c7bb01b92f78efb2cb58c01fcd95be213b18d999 Mon Sep 17 00:00:00 2001 From: Sylvain Date: Tue, 8 Mar 2022 14:29:40 +0100 Subject: [PATCH 11/18] New translations mails.en.yml (Zulu) --- config/locales/mails.zu.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/locales/mails.zu.yml b/config/locales/mails.zu.yml index d01b5f847..aebe7a467 100644 --- a/config/locales/mails.zu.yml +++ b/config/locales/mails.zu.yml @@ -313,13 +313,13 @@ zu: body: remember: "crwdns21134:0%{REFERENCE}crwdnd21134:0%{AMOUNT}crwdnd21134:0%{DATE}crwdne21134:0" error: "crwdns21136:0crwdne21136:0" - action: "crwdns21138:0crwdne21138:0" + action: "crwdns22400:0crwdne22400:0" notify_member_payment_schedule_failed: subject: "crwdns21140:0[URGENT]crwdne21140:0" body: remember: "crwdns21142:0%{REFERENCE}crwdnd21142:0%{AMOUNT}crwdnd21142:0%{DATE}crwdne21142:0" error: "crwdns21144:0crwdne21144:0" - action_html: "crwdns21146:0%{DASHBOARD}crwdne21146:0" + action_html: "crwdns22402:0%{DASHBOARD}crwdne22402:0" your_dashboard: "crwdns21148:0crwdne21148:0" notify_admin_payment_schedule_gateway_canceled: subject: "crwdns22389:0[URGENT]crwdne22389:0" From a03d54f536bb621bfa2dadc57fc69adf22079427 Mon Sep 17 00:00:00 2001 From: Sylvain Date: Tue, 8 Mar 2022 14:38:34 +0100 Subject: [PATCH 12/18] New translations mails.en.yml (French) --- config/locales/mails.fr.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/locales/mails.fr.yml b/config/locales/mails.fr.yml index cf302beac..3611b3d80 100644 --- a/config/locales/mails.fr.yml +++ b/config/locales/mails.fr.yml @@ -313,13 +313,13 @@ fr: body: remember: "Conformément à l'échéancier de paiement %{REFERENCE}, un prélèvement par carte de %{AMOUNT} était prévu le %{DATE}." error: "Malheureusement, ce prélèvement n'a pas pu être effectué correctement." - action: "Please contact the member as soon as possible, then go to the payment schedule management interface to resolve the problem. After a certain period of time, the card subscription could be cancelled." + action: "Veuillez vous mettre en relation avec le membre au plus tôt, puis vous rendre dans l'interface de gestion des échéanciers afin de régler le problème. Au delà d'un certain délai, l'abonnement par carte bancaire pourrait être annulé." notify_member_payment_schedule_failed: subject: "[URGENT] Échec du prélèvement par carte" body: remember: "Conformément à votre échéancier de paiement %{REFERENCE}, un prélèvement par carte de %{AMOUNT} était prévu le %{DATE}." error: "Malheureusement, ce prélèvement n'a pas pu être effectué correctement." - action_html: "Please check %{DASHBOARD} or contact a manager quickly, otherwise your subscription may be interrupted." + action_html: "Veuillez vous rendre dans %{DASHBOARD} ou prendre contact avec un gestionnaire rapidement, faute de quoi votre abonnement risque d'être interrompu." your_dashboard: "votre tableau de bord" notify_admin_payment_schedule_gateway_canceled: subject: "[URGENT] Échéancier de paiement annulé par la passerelle de paiement" From 49dd0d2daba658a33595bd97339e5c9bd020feaa Mon Sep 17 00:00:00 2001 From: Sylvain Date: Tue, 8 Mar 2022 15:48:06 +0100 Subject: [PATCH 13/18] (bug) a sentence was not linked to a translation key --- CHANGELOG.md | 2 ++ app/frontend/templates/projects/index.html | 2 +- config/locales/app.public.en.yml | 1 + .../20220225143203_drop_table_open_api_calls_count_tracings.rb | 3 +++ 4 files changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ce42bfee1..3e2953702 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,7 @@ # Changelog Fab-manager +- Fix a bug: a sentence was not linked to a translation key + ## v5.3.5 2022 March 02 - Added [an option](doc/environment.md#OPENLAB_SSL_VERIFY) to allow set verify ssl option for OpenLab diff --git a/app/frontend/templates/projects/index.html b/app/frontend/templates/projects/index.html index d9d88b243..953dd0c34 100644 --- a/app/frontend/templates/projects/index.html +++ b/app/frontend/templates/projects/index.html @@ -42,7 +42,7 @@
- +
diff --git a/config/locales/app.public.en.yml b/config/locales/app.public.en.yml index 22482bae2..b6fc12eab 100644 --- a/config/locales/app.public.en.yml +++ b/config/locales/app.public.en.yml @@ -165,6 +165,7 @@ en: openlab_search_not_available_at_the_moment: "Search over the whole network is not available at the moment. You still can search over the projects of this platform." project_search_result_is_empty: "Sorry, we found no results matching your search criteria." reset_all_filters: "Reset all filters" + keywords: "Keywords" search: "Search" all_projects: "All projects" my_projects: "My projects" diff --git a/db/migrate/20220225143203_drop_table_open_api_calls_count_tracings.rb b/db/migrate/20220225143203_drop_table_open_api_calls_count_tracings.rb index 444074bce..9c73380e6 100644 --- a/db/migrate/20220225143203_drop_table_open_api_calls_count_tracings.rb +++ b/db/migrate/20220225143203_drop_table_open_api_calls_count_tracings.rb @@ -1,3 +1,6 @@ +# frozen_string_literal: true + +# OpenApiCallsCountTracings was an unused table probably from a wrong copy/paste. We removed this dead code. class DropTableOpenAPICallsCountTracings < ActiveRecord::Migration[5.2] def up drop_table :open_api_calls_count_tracings From cae79b5d5b44ad15ed0d884c20755a9e19b87966 Mon Sep 17 00:00:00 2001 From: Sylvain Date: Tue, 8 Mar 2022 15:53:28 +0100 Subject: [PATCH 14/18] updated environment documentation --- CHANGELOG.md | 1 + doc/environment.md | 9 ++++++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3e2953702..51aed2b3f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,7 @@ # Changelog Fab-manager - Fix a bug: a sentence was not linked to a translation key +- Updated environment documentation ## v5.3.5 2022 March 02 diff --git a/doc/environment.md b/doc/environment.md index 33bdf5030..d1dc87088 100644 --- a/doc/environment.md +++ b/doc/environment.md @@ -278,13 +278,16 @@ Set this variable to `https://openprojects.fab-manager.com` if you want to use t Typically, `DEFAULT_PROTOCOL` will be `https` (`http` if you are in development, or if you set `ALLOW_INSECURE_HTTP`). The variable `DEFAULT_HOST` should be your domain name (eg. fabmanager.example.com), and is also used for visits statistics (configuration of Google Analytics). These two variables are also used for SSO authentication. - - OPENLAB_SSL_VERIFY, OPENLAB_SSL_VERIFY_PEER + OPENLAB_SSL_VERIFY -Set this variable to `false` if you want to disable verify ssl certs. +Set this variable to `false` if you do not want to verify the OpenLab's server's certificate against the CA certificate. + + OPENLAB_SSL_VERIFY_PEER + +Set this variable to `false` if you want to turn off the OpenLab's server's verification but still send client certificate. ## Other settings From 794e1b8269d78282ec99769cd8cac4cbad4ed004 Mon Sep 17 00:00:00 2001 From: Sylvain Date: Wed, 9 Mar 2022 09:43:43 +0100 Subject: [PATCH 15/18] updated changelog --- CHANGELOG.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 51aed2b3f..c52312d90 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,7 +1,8 @@ # Changelog Fab-manager -- Fix a bug: a sentence was not linked to a translation key - Updated environment documentation +- Fix a bug: a sentence was not linked to a translation key +- Fix a security issue: updated image_processing to 1.12.2 to fix [CVE-2022-24720](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24720) ## v5.3.5 2022 March 02 From 8ae4fbc6dc3ab60b83a993c30228cf59e675dc42 Mon Sep 17 00:00:00 2001 From: Sylvain Date: Wed, 9 Mar 2022 09:49:14 +0100 Subject: [PATCH 16/18] updated changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c52312d90..9e42c58f4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ - Updated environment documentation - Fix a bug: a sentence was not linked to a translation key - Fix a security issue: updated image_processing to 1.12.2 to fix [CVE-2022-24720](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24720) +- Fix a security issue: updated url-parse to 1.5.10 to fix [CVE-2022-0686](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0686), [CVE-2022-0691](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0691), [CVE-2022-0639](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0639) and [CVE-2022-0512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0512) ## v5.3.5 2022 March 02 From 2abc0eb3dbcc105051ced01cfa7f25b07635d09a Mon Sep 17 00:00:00 2001 From: Sylvain Date: Wed, 9 Mar 2022 09:52:46 +0100 Subject: [PATCH 17/18] (security) updated rails --- CHANGELOG.md | 1 + Gemfile.lock | 110 +++++++++++++++++++++++++-------------------------- 2 files changed, 56 insertions(+), 55 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9e42c58f4..8a08021dd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,7 @@ - Fix a bug: a sentence was not linked to a translation key - Fix a security issue: updated image_processing to 1.12.2 to fix [CVE-2022-24720](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24720) - Fix a security issue: updated url-parse to 1.5.10 to fix [CVE-2022-0686](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0686), [CVE-2022-0691](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0691), [CVE-2022-0639](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0639) and [CVE-2022-0512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0512) +- Fix a security issue: updated rails to 5.2.6.3 to fix [CVE-2022-21831](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831), [CVE-2022-23633](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633) ## v5.3.5 2022 March 02 diff --git a/Gemfile.lock b/Gemfile.lock index 886138fe3..14f2311f8 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -4,46 +4,46 @@ GEM Ascii85 (1.0.3) aasm (5.0.8) concurrent-ruby (~> 1.0) - actioncable (5.2.6) - actionpack (= 5.2.6) + actioncable (5.2.6.3) + actionpack (= 5.2.6.3) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailer (5.2.6) - actionpack (= 5.2.6) - actionview (= 5.2.6) - activejob (= 5.2.6) + actionmailer (5.2.6.3) + actionpack (= 5.2.6.3) + actionview (= 5.2.6.3) + activejob (= 5.2.6.3) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (5.2.6) - actionview (= 5.2.6) - activesupport (= 5.2.6) + actionpack (5.2.6.3) + actionview (= 5.2.6.3) + activesupport (= 5.2.6.3) rack (~> 2.0, >= 2.0.8) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.0.2) actionpack-page_caching (1.2.2) actionpack (>= 5.0.0) - actionview (5.2.6) - activesupport (= 5.2.6) + actionview (5.2.6.3) + activesupport (= 5.2.6.3) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.0.3) active_record_query_trace (1.7) - activejob (5.2.6) - activesupport (= 5.2.6) + activejob (5.2.6.3) + activesupport (= 5.2.6.3) globalid (>= 0.3.6) - activemodel (5.2.6) - activesupport (= 5.2.6) - activerecord (5.2.6) - activemodel (= 5.2.6) - activesupport (= 5.2.6) + activemodel (5.2.6.3) + activesupport (= 5.2.6.3) + activerecord (5.2.6.3) + activemodel (= 5.2.6.3) + activesupport (= 5.2.6.3) arel (>= 9.0) - activestorage (5.2.6) - actionpack (= 5.2.6) - activerecord (= 5.2.6) + activestorage (5.2.6.3) + actionpack (= 5.2.6.3) + activerecord (= 5.2.6.3) marcel (~> 1.0.0) - activesupport (5.2.6) + activesupport (5.2.6.3) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) @@ -91,7 +91,7 @@ GEM cldr-plurals-runtime-rb (1.0.1) coercible (1.0.0) descendants_tracker (~> 0.0.1) - concurrent-ruby (1.1.8) + concurrent-ruby (1.1.9) connection_pool (2.2.5) coveralls_reborn (0.18.0) simplecov (>= 0.18.1, < 0.20.0) @@ -151,8 +151,8 @@ GEM fugit (1.3.1) et-orbi (~> 1.1, >= 1.1.8) raabro (~> 1.1) - globalid (0.4.2) - activesupport (>= 4.2.0) + globalid (1.0.0) + activesupport (>= 5.0) hashdiff (1.0.1) hashery (2.1.2) hashie (4.1.0) @@ -160,7 +160,7 @@ GEM httparty (0.20.0) mime-types (~> 3.0) multi_xml (>= 0.5.2) - i18n (1.8.10) + i18n (1.10.0) concurrent-ruby (~> 1.0) icalendar (2.5.3) ice_cube (~> 0.16) @@ -193,12 +193,12 @@ GEM listen (3.0.8) rb-fsevent (~> 0.9, >= 0.9.4) rb-inotify (~> 0.9, >= 0.9.7) - loofah (2.9.1) + loofah (2.14.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) mail (2.7.1) mini_mime (>= 0.1.1) - marcel (1.0.1) + marcel (1.0.2) message_format (0.0.6) twitter_cldr (~> 5.0) method_source (1.0.0) @@ -209,9 +209,9 @@ GEM nokogiri (~> 1) rake mini_magick (4.10.1) - mini_mime (1.1.0) - mini_portile2 (2.6.1) - minitest (5.14.4) + mini_mime (1.1.2) + mini_portile2 (2.8.0) + minitest (5.15.0) minitest-reporters (1.4.2) ansi builder @@ -222,8 +222,8 @@ GEM multi_xml (0.6.0) multipart-post (2.1.1) nio4r (2.5.8) - nokogiri (1.12.5) - mini_portile2 (~> 2.6.1) + nokogiri (1.13.3) + mini_portile2 (~> 2.8.0) racc (~> 1.4) notify_with (0.0.2) jbuilder (~> 2.0) @@ -274,30 +274,30 @@ GEM pundit (2.1.0) activesupport (>= 3.0.0) raabro (1.1.6) - racc (1.5.2) + racc (1.6.0) rack (2.2.3) rack-proxy (0.6.5) rack rack-test (1.1.0) rack (>= 1.0, < 3) railroady (1.5.3) - rails (5.2.6) - actioncable (= 5.2.6) - actionmailer (= 5.2.6) - actionpack (= 5.2.6) - actionview (= 5.2.6) - activejob (= 5.2.6) - activemodel (= 5.2.6) - activerecord (= 5.2.6) - activestorage (= 5.2.6) - activesupport (= 5.2.6) + rails (5.2.6.3) + actioncable (= 5.2.6.3) + actionmailer (= 5.2.6.3) + actionpack (= 5.2.6.3) + actionview (= 5.2.6.3) + activejob (= 5.2.6.3) + activemodel (= 5.2.6.3) + activerecord (= 5.2.6.3) + activestorage (= 5.2.6.3) + activesupport (= 5.2.6.3) bundler (>= 1.3.0) - railties (= 5.2.6) + railties (= 5.2.6.3) sprockets-rails (>= 2.0.0) rails-dom-testing (2.0.3) activesupport (>= 4.2.0) nokogiri (>= 1.6) - rails-html-sanitizer (1.3.0) + rails-html-sanitizer (1.4.2) loofah (~> 2.3) rails-observers (0.1.5) activemodel (>= 4.0) @@ -306,14 +306,14 @@ GEM rails_stdout_logging rails_serve_static_assets (0.0.5) rails_stdout_logging (0.0.5) - railties (5.2.6) - actionpack (= 5.2.6) - activesupport (= 5.2.6) + railties (5.2.6.3) + actionpack (= 5.2.6.3) + activesupport (= 5.2.6.3) method_source rake (>= 0.8.7) thor (>= 0.19.0, < 2.0) rainbow (3.0.0) - rake (13.0.3) + rake (13.0.6) rb-fsevent (0.10.3) rb-inotify (0.10.1) ffi (~> 1.0) @@ -371,12 +371,12 @@ GEM spring-watcher-listen (2.0.1) listen (>= 2.7, < 4.0) spring (>= 1.2, < 3.0) - sprockets (4.0.2) + sprockets (4.0.3) concurrent-ruby (~> 1.0) rack (> 1, < 3) - sprockets-rails (3.2.2) - actionpack (>= 4.0) - activesupport (>= 4.0) + sprockets-rails (3.4.2) + actionpack (>= 5.2) + activesupport (>= 5.2) sprockets (>= 3.0.0) ssrf_filter (1.0.7) stripe (5.29.0) @@ -422,7 +422,7 @@ GEM rack-proxy (>= 0.6.1) railties (>= 5.2) semantic_range (>= 2.3.0) - websocket-driver (0.7.3) + websocket-driver (0.7.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) From 5a529e04921d2df6039842c53aba8de039ac2b60 Mon Sep 17 00:00:00 2001 From: Sylvain Date: Wed, 9 Mar 2022 09:57:38 +0100 Subject: [PATCH 18/18] updated changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8a08021dd..4efa63464 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,7 @@ - Fix a security issue: updated image_processing to 1.12.2 to fix [CVE-2022-24720](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24720) - Fix a security issue: updated url-parse to 1.5.10 to fix [CVE-2022-0686](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0686), [CVE-2022-0691](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0691), [CVE-2022-0639](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0639) and [CVE-2022-0512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0512) - Fix a security issue: updated rails to 5.2.6.3 to fix [CVE-2022-21831](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21831), [CVE-2022-23633](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23633) +- Fix a security issue: updated sidekiq to 6.4.0 to fix [CVE-2022-23837](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23837) ## v5.3.5 2022 March 02