mirror/growstuff
1
0
Fork 0
mirror of https://github.com/Growstuff/growstuff.git synced 2026-03-24 01:32:40 -04:00
Code Issues Packages Projects Releases Wiki Activity
2,704 Commits 64 Branches 76 Tags
34b4d300144e088cc8fb45ecb44d243c8d42e482
Commit Graph

2704 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniel O'Connor
34b4d30014 #645 Enable account creation or authorisation from a facebook signin (and should work for others with minimal extra work) 2015-08-21 13:22:49 +09:30
Daniel O'Connor
89b6c47bfb #645 Configure devise / omniauth in only one spot, to avoid CSRF errors 2015-08-21 12:21:55 +09:30
Daniel O'Connor
70f48108b4 #645 Add handling for facebook 2015-08-21 12:21:23 +09:30
Daniel O'Connor
df5689ec18 #645 Rename 2015-08-21 11:36:26 +09:30
Daniel O'Connor
22d72b13d5 #645 Add example keys 2015-08-21 11:36:17 +09:30
Daniel O'Connor
dee7ff34c9 #645 Indicate that a member is omniauthable, so devise knows to render sign-in-with-facebook 2015-08-21 11:36:04 +09:30
Daniel O'Connor
07eb305992 #645 Ask for name, email address only 2015-08-21 11:25:57 +09:30
Daniel O'Connor
c7f0076ee6 #645 Add facebook omniauth middleware 2015-08-21 11:21:44 +09:30
Daniel O'Connor
93bc5255e7 #645 Add facebook omniauth provider 2015-08-21 11:21:30 +09:30
pozorvlak
c404d8220d Merge pull request #791 from cesy/cachethumbnails 
Cache thumbnails
 2015-08-19 15:11:16 +01:00
Cesy
48409698ab Merge pull request #787 from twconquest/show-roles 
Show roles in member profile page
 2015-08-19 14:13:32 +01:00
pozorvlak
4d7c4f38ae Merge pull request #804 from cesy/issue658i18n 
Issue #658 i18n
 2015-08-17 19:52:10 +01:00
twconquest
c2e4686a23 Add negative tests for roles on profiles 2015-08-17 18:29:00 +00:00
twconquest
24df32ba7f Merge upstream/dev into show-roles and re-add myself to CONTRIBUTORS.md 
Conflicts:
	CONTRIBUTORS.md
 2015-08-17 17:48:50 +00:00
Cesy
744caef4f2 Merge pull request #806 from CloCkWeRX/bump_ruby_2_1_6 
Upgrade to ruby 2.1.6 for CVE-2015-1855
 2015-08-13 09:06:48 +01:00
Daniel O'Connor
5cac8743f8 Upgrade to ruby 2.1.6 for CVE-2015-1855: Ruby OpenSSL Hostname Verification 2015-08-13 15:06:56 +10:00
pozorvlak
9c4d83dad3 Merge pull request #801 from CloCkWeRX/fix_cve_2015_2963 
Fix CVE-2015-2963,  CVE-2015-3448, CVE-2015-1820 & CVE-2015-1840
 2015-08-12 17:08:27 +01:00
Cesy
fd3e69c9ab Removing footer translation as it's now in the CMS 2015-08-12 14:57:13 +00:00
Cesy
b6dfeb980c i18n example 2015-08-12 14:56:36 +00:00
Cesy
e784ec9b33 Making it trigger the crop thumbnail cache properly 2015-08-12 11:45:18 +00:00
Cesy
1df0c36e72 Keying the cache correctly 2015-08-12 10:49:48 +00:00
Cesy
a5e7a8d315 Cache crop thumbnails 2015-08-12 10:49:48 +00:00
Daniel O'Connor
cafd49c143 Name: jquery-rails 
Version: 3.1.2
Advisory: CVE-2015-1840
Criticality: Unknown
URL: https://groups.google.com/forum/#!topic/ruby-security-ann/XIZPbobuwaY
Title: CSRF Vulnerability in jquery-ujs and jquery-rails
Solution: upgrade to >= 4.0.4, ~> 3.1.3
 2015-08-12 16:59:14 +09:30
Daniel O'Connor
7c7c66348c Name: rest-client 
Version: 1.7.2
Advisory: CVE-2015-3448
Criticality: Unknown
URL: http://www.osvdb.org/show/osvdb/117461
Title: Rest-Client Gem for Ruby logs password information in plaintext
Solution: upgrade to >= 1.7.3

Name: rest-client
Version: 1.7.2
Advisory: CVE-2015-1820
Criticality: Unknown
URL: https://github.com/rest-client/rest-client/issues/369
Title: rubygem-rest-client: session fixation vulnerability via Set-Cookie headers in 30x redirection responses
Solution: upgrade to >= 1.8.0
 2015-08-12 16:57:58 +09:30
Daniel O'Connor
00ae4ed49f Name: paperclip 
Version: 4.2.1
Advisory: CVE-2015-2963
Criticality: Medium
URL: https://robots.thoughtbot.com/paperclip-security-release
Title: Paperclip Gem for Ruby vulnerable to content type spoofing
Solution: upgrade to >= 4.2.2
 2015-08-12 16:23:48 +09:30
Cesy
12a1484a26 Merge pull request #800 from CloCkWeRX/fix_all_checkbox_labels 
Fix more checkbox labels in registration and email editing
 2015-08-11 09:51:05 +01:00
Cesy
5bacdb71cc Merge pull request #798 from CloCkWeRX/cve-2015-3226 
Minor rails version upgrade to apply security fixes
 2015-08-11 08:23:58 +01:00
Cesy
6565e79057 Merge pull request #797 from CloCkWeRX/minor_usability_checkbox_login 
Style checkbox for 'remember me'
 2015-08-11 08:21:39 +01:00
Cesy
f4e53a58de Merge pull request #799 from CloCkWeRX/patch-1 
Update CONTRIBUTORS.md
 2015-08-11 08:17:38 +01:00
Daniel O'Connor
97cf1347d5 Fix clickable area for checkboxes in email editing 2015-08-11 13:45:47 +09:30
Daniel O'Connor
367e298d48 Fix clickable area for checkboxes in registration 2015-08-11 13:44:17 +09:30
Daniel O'Connor
e765387e22 Update CONTRIBUTORS.md 2015-08-11 10:31:43 +09:30
Daniel O'Connor
7b30c4237b Name: activesupport 
Version: 4.1.9
Advisory: CVE-2015-3227
Criticality: Unknown
URL: https://groups.google.com/forum/#!topic/rubyonrails-security/bahr2JLnxvk
Title: Possible Denial of Service attack in Active Support
Solution: upgrade to >= 4.2.2, ~> 4.1.11, ~> 3.2.22

Name: activesupport
Version: 4.1.9
Advisory: CVE-2015-3226
Criticality: Unknown
URL: https://groups.google.com/forum/#!topic/ruby-security-ann/7VlB_pck3hU
Title: XSS Vulnerability in ActiveSupport::JSON.encode
Solution: upgrade to >= 4.2.2, ~> 4.1.11
 2015-08-11 10:28:07 +09:30
Daniel O'Connor
b788cb44ef Remember that we're working in haml, not slim. 2015-08-11 10:23:50 +09:30
Daniel O'Connor
f61e2438e8 Style checkbox for 'remember me' and allow it to be clickable (minor usability/mobile UI annoyance) 2015-08-10 16:08:09 +09:30
pozorvlak
e503b1079d Merge pull request #796 from cesy/issue677 
Fix #677 by adding organic/GMO/heirloom to CSV and RSS
 2015-08-06 14:54:10 +01:00
pozorvlak
ccca343959 Merge pull request #795 from cesy/issue788 
Fix issue #788 with uncaught nil
 2015-08-06 14:46:53 +01:00
pozorvlak
63de10efd4 Merge pull request #794 from Growstuff/revert-793-revert-790-homepagetests 
Fixing #790 properly - caching posts on homepage
 2015-08-06 14:30:04 +01:00
Cesy
17c5fd61a3 Fix #677 by adding organic/GMO/heirloom to CSV and RSS 2015-08-06 12:23:00 +00:00
Cesy
44b8500fa8 Fix issue #788 with uncaught nil 2015-08-06 12:12:29 +00:00
Cesy
5a12b47c7c Revert "Revert "Fixing relative caching of post summary on homepage, fixed #789"" 2015-08-06 12:37:59 +01:00
Cesy
3db13785a1 Merge pull request #792 from cesy/removing775 
Revert "Merge pull request #775 from pozorvlak/speed_up_homepage"
 2015-08-06 12:37:35 +01:00
Cesy
69d94f7deb Merge pull request #793 from Growstuff/revert-790-homepagetests 
Revert "Fixing relative caching of post summary on homepage, fixed #789" that wasn't ready to merge yet
 2015-08-06 12:36:54 +01:00
Cesy
1ec188c793 Revert "Fixing relative caching of post summary on homepage, fixed #789" 2015-08-06 12:36:21 +01:00
Cesy
438b2444df Merge pull request #790 from cesy/homepagetests 
Fixing relative caching of post summary on homepage, fixed #789
 2015-08-06 12:34:15 +01:00
Cesy
de981689fc Revert "Merge pull request #775 from pozorvlak/speed_up_homepage" 
This reverts commit fa50ff47bb, reversing
changes made to 5b19d236d0.

Once fixed, please read https://www.kernel.org/pub/software/scm/git/docs/howto/revert-a-faulty-merge.html carefully to get it back in properly.
 2015-08-06 10:56:46 +00:00
Cesy
0681fac406 Correcting view test for posts 2015-08-06 09:51:14 +00:00
Cesy
9682300b85 Merge pull request #785 from sha1sum/notification_pagination 
Resolved #562 - Pagination of notifications.
 2015-08-06 10:40:02 +01:00
Cesy
6f95f1fecf Clarifying comment 2015-08-06 09:20:06 +00:00
Cesy
43fe29f113 Fixing relative caching of post summary on homepage, fixed #789 2015-08-06 09:18:32 +00:00