1
0
mirror of https://github.com/LaCasemate/fab-manager.git synced 2024-11-29 10:24:20 +01:00
Commit Graph

82 Commits

Author SHA1 Message Date
Sylvain
8fca92b8ae prevent version check from running multiple times + updated sidekiq 2020-03-04 10:35:00 +01:00
Sylvain
c5923638f4 updated puma to fix xsrf issue 2020-03-02 16:20:20 +01:00
Sylvain
147a78de96 Merge branch 'tour' into dev 2020-03-02 15:39:45 +01:00
Sylvain
ce3e89c49c Merge branch 'dev' of github.com:sleede/fab-manager into dev 2020-03-02 08:42:58 +01:00
Sylvain
cd61826b6a
Merge branch 'dev' into dependabot/bundler/puma-3.12.3 2020-03-02 08:33:42 +01:00
dependabot[bot]
8c47a14115
Bump puma from 3.10.0 to 3.12.3
Bumps [puma](https://github.com/puma/puma) from 3.10.0 to 3.12.3.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v3.10.0...v3.12.3)

Signed-off-by: dependabot[bot] <support@github.com>
2020-02-28 18:53:21 +00:00
Sylvain
a52861ef57 Merge branch 'dev' of github.com:sleede/fab-manager into dev 2020-02-25 09:28:13 +01:00
Sylvain
9a9f08a1f0
Merge branch 'dev' into dependabot/bundler/nokogiri-1.10.8 2020-02-25 09:21:29 +01:00
dependabot[bot]
f2300c114c
Bump nokogiri from 1.10.4 to 1.10.8
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.4 to 1.10.8.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.4...v1.10.8)

Signed-off-by: dependabot[bot] <support@github.com>
2020-02-25 01:57:36 +00:00
Sylvain
95338e267e possible fix for #49 2020-02-19 16:22:02 +01:00
Sylvain
bc2ad42c26 removed twitter gems 2020-01-17 08:46:45 +01:00
Sylvain
20d2a69ae0
Merge pull request #163 from sleede/dependabot/bundler/rack-1.6.12
Bump rack from 1.6.11 to 1.6.12
2019-12-23 08:48:11 +01:00
dependabot[bot]
07d04c2a4c
Bump rack from 1.6.11 to 1.6.12
Bumps [rack](https://github.com/rack/rack) from 1.6.11 to 1.6.12.
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rack/rack/compare/1.6.11...1.6.12)

Signed-off-by: dependabot[bot] <support@github.com>
2019-12-19 08:48:13 +00:00
Sylvain
7d75810e45
Merge pull request #161 from sleede/dependabot/bundler/puma-3.12.2
Bump puma from 3.10.0 to 3.12.2
2019-12-09 08:31:54 +01:00
dependabot[bot]
2602010770
Bump puma from 3.10.0 to 3.12.2
Bumps [puma](https://github.com/puma/puma) from 3.10.0 to 3.12.2.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v3.10.0...v3.12.2)

Signed-off-by: dependabot[bot] <support@github.com>
2019-12-05 23:00:14 +00:00
Sylvain
eb3c78a61d [poc] show google agenda events in the public calendar 2019-11-26 13:44:43 +01:00
dependabot[bot]
279e5f692b
Bump loofah from 2.3.0 to 2.3.1
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/flavorjones/loofah/releases)
- [Changelog](https://github.com/flavorjones/loofah/blob/master/CHANGELOG.md)
- [Commits](https://github.com/flavorjones/loofah/compare/v2.3.0...v2.3.1)

Signed-off-by: dependabot[bot] <support@github.com>
2019-11-07 18:00:54 +00:00
Sylvain
fdcec06345 CVE-2019-16892 + #49
- updated rubyzip to fix a security issue
- updated axlsx and file writing method as a possible fix for #49
2019-10-21 16:11:49 +02:00
Sylvain
4300f29ad7 [bug] unable to run rake fablab🇪🇸* tasks due to an issue with gem faraday 0.16.x
Gem faraday was updated to 0.17 to solve the issue
2019-10-16 13:11:47 +02:00
Sylvain
5fcf9968cb Updated Omniauth & Omniauth-oauth2 + fixed oauth2 callback url 2019-10-02 16:06:27 +02:00
Sylvain
927479733b migrated links to /users/auth from GET to POST
see https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284 for more info
2019-10-02 14:37:47 +02:00
Sylvain
35b069a4db added gem omniauth-rails_csrf_protection + [ongoing] moving from GET /users/auth/... to POST 2019-10-01 17:14:16 +02:00
David O' Rojo
b45960e343 Move puma gem out of development so it can be installed during image build 2019-09-23 02:23:42 -05:00
Nicolas Florentin
e179955169 updates libv8 2019-09-20 15:00:54 +02:00
Sylvain
c7fbc4d01d Merge branch 'sca' of github.com:sleede/fab-manager into sca 2019-09-12 09:55:34 +02:00
Sylvain
f620393266
Merge branch 'sca' into dependabot/bundler/devise-4.7.1 2019-09-12 09:50:14 +02:00
dependabot[bot]
9e6a69afcd
Bump devise from 4.6.1 to 4.7.1
Bumps [devise](https://github.com/plataformatec/devise) from 4.6.1 to 4.7.1.
- [Release notes](https://github.com/plataformatec/devise/releases)
- [Changelog](https://github.com/plataformatec/devise/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/devise/compare/v4.6.1...v4.7.1)

Signed-off-by: dependabot[bot] <support@github.com>
2019-09-12 00:46:28 +00:00
Sylvain
2ad188b741 [security] updated nokogiri to fix CVE-2019-5477 2019-09-11 17:35:17 +02:00
Sylvain
a0961314a4 [ongoing] upgrade stripe gem & api version to allow SCA 2019-09-05 11:03:22 +02:00
Sylvain
1be7bda603 [security] updated sidekiq to fix 3 security vulnerabilities 2019-07-29 11:34:59 +02:00
dependabot[bot]
210e7ac3c1
Bump mini_magick from 4.2.0 to 4.9.4
Bumps [mini_magick](https://github.com/minimagick/minimagick) from 4.2.0 to 4.9.4.
- [Release notes](https://github.com/minimagick/minimagick/releases)
- [Commits](https://github.com/minimagick/minimagick/compare/v4.2.0...v4.9.4)

Signed-off-by: dependabot[bot] <support@github.com>
2019-07-18 14:44:34 +00:00
Sylvain
528f5b9a00 fix docker build 2019-03-27 12:01:42 +01:00
Sylvain
2ac0336adb Merge branch 'dev' into host 2019-03-25 16:17:23 +01:00
Sylvain
5cdaa014ef [security] updated devise + updated rails 2019-03-25 14:57:48 +01:00
Sylvain
fd55c8d315 use SHA-3 (256 bits) to compute checksums + simplify accounting period integrity check UI 2019-03-21 17:15:41 +01:00
Sylvain
9854a4b965 prevent memory saturation with periodic checks 2019-02-26 15:18:19 +01:00
Sylvain
a687c50338 [security] CVE-2019-8331 2019-02-25 10:07:49 +01:00
Sylvain
746c0538e6 [bug] unable to run rails console 2019-01-22 11:24:00 +01:00
Sylvain
a2eb10331e [ongoing] remove invoicing disabled per user 2019-01-10 16:50:54 +01:00
Sylvain
96a27f8b98 [security] CVE-2018-16476: updated rails to 4.2.11 2018-12-17 11:10:39 +01:00
Sylvain
8e60545753 extend subscription and offer free days will keep track of previous subscription 2018-12-10 13:24:00 +01:00
Sylvain
56a62e975c updated uglifier with es6 support 2018-12-03 10:22:10 +01:00
Sylvain
def19b392b [security] updated ffi to fix CVE-2018-1000201 2018-11-27 17:25:32 +01:00
Sylvain
a9b97c386e [security] updated rubyzip to fix CVE-2018-1000544 2018-11-27 17:20:22 +01:00
Sylvain
2efd7644d2 [security] cve-2018-16468 and cve-2018-16471 2018-11-26 11:12:54 +01:00
Sylvain
efb1f9aec8 removed coffeescript dependency 2018-11-21 15:48:51 +01:00
Sylvain
4499c10e24 [security] fix for CVE-2018-3760 2018-07-12 14:34:20 +02:00
Sylvain
38e425cbc3 [security] fix for CVE-2017-18258 2018-07-12 14:26:21 +02:00
Sylvain
d69007c6c9 [ongoing] migrate es api 2018-06-05 12:30:08 +02:00
Sylvain
3e4e5e3e9b [security] fix for CVE-2018-3741 2018-04-30 07:57:21 +02:00