tildeverse
/
tilde.news
mirror of https://github.com/tildeverse/lobsters
5
3
Fork 3
Code Issues 2 Releases Wiki Activity
2,408 Commits 3 Branches 0 Tags 6.6 MiB
Commit Graph

143 Commits

Author SHA1 Message Date
Thomas Dziedzic 7a5fe3d7a9
Update to Rails 7.0 (#1100) 2022-07-06 14:01:46 +00:00
Peter Bhat Harkins 60e86da8cd bump for potential vulnerability 2022-06-01 06:04:06 -05:00
Peter Bhat Harkins fb9e436004 bump for CVE-2022-30122 and CVE-2022-30123 2022-06-01 06:02:48 -05:00
Peter Bhat Harkins aed68f34b5 bump to Rails 6.1.6 for cve 2022-05-18 21:11:36 -05:00
dependabot[bot] 091e49eab6 Bump nokogiri from 1.13.3 to 1.13.4 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.13.3 to 1.13.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.13.3...v1.13.4)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-19 22:47:26 +00:00
dependabot[bot] 70e187bd72 Bump puma from 5.6.2 to 5.6.4 
Bumps [puma](https://github.com/puma/puma) from 5.6.2 to 5.6.4.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.6.2...v5.6.4)

---
updated-dependencies:
- dependency-name: puma
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-06 02:35:45 +00:00
Peter Bhat Harkins e49e1672d7 bump deps for cve, rubocop 2022-03-23 09:35:50 -05:00
Peter Bhat Harkins dff910dda6 bump commonmarker; rubocop 2022-03-04 07:57:27 -06:00
Peter Bhat Harkins be2ccecca1 bump nokogiri for cve 2022-02-26 13:11:00 -06:00
Peter Bhat Harkins fa5e78646e bump puma for cve 2022-02-14 20:00:41 -06:00
Peter Bhat Harkins c543dd5ea6 bump rails for cve; note backup domain 2022-02-13 09:39:52 -06:00
Peter Bhat Harkins ece146bddd bump rails 2022-01-18 22:02:13 -06:00
Peter Bhat Harkins e797af2cb3 rm good_migrations 
My opinion has changed over the years; I don't see value in maintaining
migrations when prod must be the single source of truth on the schema. Better
to pull the schema from prod than maintain a brittle set of scripts to
reproduce it.
 2022-01-04 05:47:36 -06:00
Peter Bhat Harkins 431e67aec3 bump to Rails 6.1.4 2021-10-26 20:54:45 -05:00
Peter Bhat Harkins 666a90bd9c bump puma for CVE-2019-16770 2021-05-23 23:35:54 -05:00
Hunter Madison b8d91ca3c3 Configure Rack::Attack to block misbehaving clients 2021-05-23 23:32:18 -05:00
Peter Bhat Harkins 9341274bc4 bump oauth for CVE-2016-11086 2021-05-16 09:59:13 -05:00
Peter Bhat Harkins 5530adf3e1 bump rails 2021-05-16 09:57:44 -05:00
Peter Bhat Harkins 3b6b4eed80 bump nokogiri for GHSA-vr8q-g5c7-m54m 2021-01-16 12:19:55 -06:00
Peter Bhat Harkins b1048fa7c9 update for cve 2020-09-10 07:42:53 -05:00
Peter Bhat Harkins 3ee84d4a47 replace bullet with mini_profiler 2020-08-27 18:48:45 -05:00
Gabriel Baldão 36677b1d06
add simplecov (#862) 
100% test coverage is not a goal in and of itself.
 2020-08-19 23:24:04 +00:00
Alessandro Minali 142edb664e
Remove 'dynamic_form' (#888) 
Old, unmaintained dep for trivial code.
 2020-08-19 13:58:43 +00:00
Peter Bhat Harkins 8f2f91ab9a bump Rails version for CVE 2020-08-18 20:38:06 -05:00
Thomas Dziedzic 89d6d84f9c
Rails 6 (#723) 2020-08-19 01:24:25 +00:00
Peter Bhat Harkins 0a5b1b1023 add stats page 2020-07-03 18:29:24 -05:00
Peter Bhat Harkins 3f41dc300b bump rack for cve 2020-06-27 08:38:33 -05:00
Thomas Dziedzic b32bac90b4 fix keybase spec 2020-06-13 02:12:49 +00:00
Peter Bhat Harkins 6fa449cc91 bump for cve 2020-06-07 14:36:52 -05:00
Peter Bhat Harkins 77c483fe64 rm scout 2020-06-02 22:05:40 -05:00
Peter Bhat Harkins dba2d722d6 bump puma 2020-05-31 22:22:43 -05:00
Peter Bhat Harkins b5f3ed8de5 pin old sprockets 
As is traditional for every Rails point release, the asset pipeline broke in a
new and obtuse way. In this case, by hanging puma indefinitely after serving
any page, requiring a kill -9. Pinning an old version; I'll burn 20 hours
unfucking whatever new wrong thing it's doing later.

The asset pipeline is nine years old.
 2020-05-19 18:22:52 -05:00
Peter Bhat Harkins 87f2404c08 Ruby 2.7 and bundle update 2020-05-18 23:20:03 -05:00
Peter Bhat Harkins 2d374f01d0 match ruby version for byebug 2020-05-18 19:44:46 -05:00
Peter Bhat Harkins 0105930afa bump rails; rubocop cleanup 2020-05-18 19:28:26 -05:00
Peter Bhat Harkins e2ea9decb2 noreferrer 2020-05-16 14:44:25 -05:00
Peter Bhat Harkins f09aba2ad8 bump rails 2020-05-16 09:13:44 -05:00
Peter Bhat Harkins 789ccf0724 bump rails to 5.2.4.2 2020-05-05 21:20:17 -05:00
Peter Bhat Harkins 8a46f78cf6 bump for DOS CVE 2020-03-02 20:37:21 -06:00
Peter Bhat Harkins 5f50c79a20 PDF parsing support for fetch title 
Merge #707
 2020-03-02 20:34:45 -06:00
Peter Bhat Harkins 9b4382a21d bump rubocop 2020-02-10 06:50:41 -06:00
Peter Bhat Harkins aa5b0788e7 bump to Rails 5.2.4.1 2020-02-05 08:27:32 -06:00
Peter Bhat Harkins 9d9050f57f bump for security release 2019-12-25 12:50:17 -06:00
Peter Bhat Harkins dc4cbc9017 bump loofah dep for vuln 2019-11-11 21:57:06 -06:00
Matthew Chigira 2b6a569a3b Update Scout gem to 2.6.2 for timeline (#773) 2019-10-21 20:46:17 -07:00
Peter Bhat Harkins 21c69e29bf test transaction_retry gem for mitigating deadlocks 
https://github.com/lobsters/lobsters-ansible/issues/39
 2019-10-17 21:29:36 -05:00
Thomas Dziedzic d5016368e5 bump rubocop (#753) 2019-10-06 17:01:18 -07:00
Peter Bhat Harkins be1bec2a74 bump for vulnerability 2019-08-21 08:27:20 -05:00
Thomas Dziedzic 1310166d74 Fix 2fa (#701) 2019-07-10 05:42:43 -07:00
Thomas Dziedzic c143fbcc8b mass bump (#694) 
After this `bundle outdated` shows only 2 packages:

1. capybara which depends on ruby >= 2.4, should be bumped for the rails 6 update
2. tzinfo which is locked to 1.x by activesupport
 2019-06-29 07:20:47 -07:00