Commit graph

334 commits

Author SHA1 Message Date
dependabot[bot] ac7df62a04 Bump better_errors from 2.4.0 to 2.5.0 (#8946)
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/BetterErrors/better_errors/releases)
- [Changelog](https://github.com/BetterErrors/better_errors/blob/master/CHANGELOG.md)
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.4.0...v2.5.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-10 19:36:41 +02:00
dependabot[bot] 070f817177 Bump bullet from 5.7.5 to 5.7.6 (#8947)
Bumps [bullet](https://github.com/flyerhzm/bullet) from 5.7.5 to 5.7.6.
- [Release notes](https://github.com/flyerhzm/bullet/releases)
- [Changelog](https://github.com/flyerhzm/bullet/blob/master/CHANGELOG.md)
- [Commits](https://github.com/flyerhzm/bullet/compare/5.7.5...5.7.6)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-10 22:09:53 +09:00
dependabot[bot] 47d7381d60 Bump scss_lint from 0.57.0 to 0.57.1 (#8948)
Bumps [scss_lint](https://github.com/brigade/scss-lint) from 0.57.0 to 0.57.1.
- [Release notes](https://github.com/brigade/scss-lint/releases)
- [Changelog](https://github.com/brigade/scss-lint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/brigade/scss-lint/compare/v0.57.0...v0.57.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-10 22:09:23 +09:00
dependabot[bot] 46e4a759bb Bump capistrano-rails from 1.3.1 to 1.4.0 (#8936)
Bumps [capistrano-rails](https://github.com/capistrano/rails) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/capistrano/rails/releases)
- [Changelog](https://github.com/capistrano/rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/capistrano/rails/compare/v1.3.1...v1.4.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-09 19:43:26 +02:00
dependabot[bot] 076ceffa84 Bump dotenv-rails from 2.2.2 to 2.5.0 (#8934)
Bumps [dotenv-rails](https://github.com/bkeepers/dotenv) from 2.2.2 to 2.5.0.
- [Release notes](https://github.com/bkeepers/dotenv/releases)
- [Changelog](https://github.com/bkeepers/dotenv/blob/master/Changelog.md)
- [Commits](https://github.com/bkeepers/dotenv/compare/v2.2.2...v2.5.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-09 19:43:05 +02:00
dependabot[bot] d4b7d75968 Bump faker from 1.8.7 to 1.9.1 (#8935)
Bumps [faker](https://github.com/stympy/faker) from 1.8.7 to 1.9.1.
- [Release notes](https://github.com/stympy/faker/releases)
- [Changelog](https://github.com/stympy/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stympy/faker/compare/v1.8.7...v1.9.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-09 19:59:34 +09:00
dependabot[bot] a47c8545c7 Bump memory_profiler from 0.9.11 to 0.9.12 (#8937)
Bumps [memory_profiler](https://github.com/SamSaffron/memory_profiler) from 0.9.11 to 0.9.12.
- [Release notes](https://github.com/SamSaffron/memory_profiler/releases)
- [Changelog](https://github.com/SamSaffron/memory_profiler/blob/master/CHANGELOG.md)
- [Commits](https://github.com/SamSaffron/memory_profiler/compare/v0.9.11...v0.9.12)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-09 19:39:46 +09:00
dependabot[bot] 4c4ff05a46 Bump capybara from 3.8.2 to 3.9.0 (#8924)
Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.8.2 to 3.9.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](https://github.com/teamcapybara/capybara/compare/3.8.2...3.9.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-08 07:45:31 +02:00
dependabot[bot] 8639f000ea Bump tty-prompt from 0.17.0 to 0.17.1 (#8925)
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt) from 0.17.0 to 0.17.1.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases)
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.17.0...v0.17.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-08 07:45:08 +02:00
dependabot[bot] 10e38b441f Bump aws-sdk-s3 from 1.20.0 to 1.21.0 (#8926)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.20.0 to 1.21.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-08 07:44:53 +02:00
dependabot[bot] 87ad9c408c Bump i18n-tasks from 0.9.21 to 0.9.25 (#8923)
Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks) from 0.9.21 to 0.9.25.
- [Release notes](https://github.com/glebm/i18n-tasks/releases)
- [Changelog](https://github.com/glebm/i18n-tasks/blob/master/CHANGES.md)
- [Commits](https://github.com/glebm/i18n-tasks/compare/v0.9.21...v0.9.25)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-08 14:24:07 +09:00
Eugen Rochko 30dd7f3d90 Remove unused ruby-progressbar dependency (#8896)
* Remove unused ruby-progressbar dependency

* Remove unused colorize dependency
2018-10-06 08:33:26 +09:00
dependabot[bot] 9a42b75f00 Bump omniauth-saml from 1.10.0 to 1.10.1 (#8885)
Bumps [omniauth-saml](https://github.com/omniauth/omniauth-saml) from 1.10.0 to 1.10.1.
- [Release notes](https://github.com/omniauth/omniauth-saml/releases)
- [Changelog](https://github.com/omniauth/omniauth-saml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/omniauth/omniauth-saml/compare/v1.10.0...v1.10.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-05 19:01:00 +02:00
dependabot[bot] 6812f811b1 Bump parallel_tests from 2.21.3 to 2.23.0 (#8884)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.21.3 to 2.23.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.21.3...v2.23.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-05 18:59:35 +02:00
dependabot[bot] 7c154c6afd Bump puma from 3.11.4 to 3.12.0 (#8883)
Bumps [puma](https://github.com/puma/puma) from 3.11.4 to 3.12.0.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v3.11.4...v3.12.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-05 18:58:13 +02:00
dependabot[bot] 028ad4124c [Security] Bump nokogiri from 1.8.4 to 1.8.5 (#8881)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.8.4 to 1.8.5. **This update includes security fixes.**
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.8.4...v1.8.5)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-05 04:07:44 +02:00
dependabot[bot] da8abef56d Bump fog-openstack, rspec-rails and fog-core (#8877)
Bumps [fog-openstack](https://github.com/fog/fog-openstack), [rspec-rails](https://github.com/rspec/rspec-rails) and [fog-core](https://github.com/fog/fog-core). These dependencies needed to be updated together.

Updates `fog-openstack` from 0.3.6 to 1.0.3
- [Release notes](https://github.com/fog/fog-openstack/releases)
- [Changelog](https://github.com/fog/fog-openstack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fog/fog-openstack/compare/v0.3.6...v1.0.3)

Updates `rspec-rails` from 3.7.2 to 3.8.0
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.7.2...v3.8.0)

Updates `fog-core` from 1.45.0 to 2.1.2
- [Release notes](https://github.com/fog/fog-core/releases)
- [Changelog](https://github.com/fog/fog-core/blob/master/changelog.md)
- [Commits](https://github.com/fog/fog-core/compare/v1.45.0...v2.1.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 15:35:18 +02:00
dependabot[bot] 928102284a Bump webmock from 3.3.0 to 3.4.2 (#8874)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.3.0 to 3.4.2.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.3.0...v3.4.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 12:34:17 +02:00
dependabot[bot] 10f7916f37 Bump fuubar from 2.3.1 to 2.3.2 (#8875)
Bumps [fuubar](https://github.com/thekompanee/fuubar) from 2.3.1 to 2.3.2.
- [Release notes](https://github.com/thekompanee/fuubar/releases)
- [Changelog](https://github.com/thekompanee/fuubar/blob/master/CHANGELOG.md)
- [Commits](https://github.com/thekompanee/fuubar/compare/releases/v2.3.1...releases/v2.3.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 12:33:02 +02:00
dependabot[bot] b70de2cf69 Bump http from 3.2.0 to 3.3.0 (#8871)
Bumps [http](https://github.com/httprb/http) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/httprb/http/releases)
- [Changelog](https://github.com/httprb/http/blob/master/CHANGES.md)
- [Commits](https://github.com/httprb/http/compare/v3.2.0...v3.3.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 12:32:26 +02:00
dependabot[bot] ebb3631216 Bump brakeman from 4.2.1 to 4.3.1 (#8872)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.2.1 to 4.3.1.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.2.1...v4.3.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 12:31:22 +02:00
dependabot[bot] ad459ab837 Bump fog-openstack from 0.1.25 to 0.3.6 (#8860)
Bumps [fog-openstack](https://github.com/fog/fog-openstack) from 0.1.25 to 0.3.6.
- [Release notes](https://github.com/fog/fog-openstack/releases)
- [Changelog](https://github.com/fog/fog-openstack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fog/fog-openstack/compare/v0.1.25...v0.3.6)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 01:07:13 +02:00
dependabot[bot] 941c9d0d42 Bump aws-sdk-s3 from 1.9.1 to 1.20.0 (#8848)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.9.1 to 1.20.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 01:06:54 +02:00
dependabot[bot] 3b6ab82db7 Bump capybara from 2.18.0 to 3.8.2 (#8858)
Bumps [capybara](https://github.com/teamcapybara/capybara) from 2.18.0 to 3.8.2.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](https://github.com/teamcapybara/capybara/compare/2.18.0...3.8.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-03 15:24:48 +02:00
dependabot[bot] c62b88e3f2 Bump derailed_benchmarks from 1.3.4 to 1.3.5 (#8857)
Bumps [derailed_benchmarks](https://github.com/schneems/derailed_benchmarks) from 1.3.4 to 1.3.5.
- [Release notes](https://github.com/schneems/derailed_benchmarks/releases)
- [Changelog](https://github.com/schneems/derailed_benchmarks/blob/master/CHANGELOG.md)
- [Commits](https://github.com/schneems/derailed_benchmarks/compare/v1.3.4...v1.3.5)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-03 15:22:06 +02:00
dependabot[bot] 58410a54b0 Bump capistrano-rbenv from 2.1.3 to 2.1.4 (#8859)
Bumps [capistrano-rbenv](https://github.com/capistrano/rbenv) from 2.1.3 to 2.1.4.
- [Release notes](https://github.com/capistrano/rbenv/releases)
- [Changelog](https://github.com/capistrano/rbenv/blob/master/CHANGELOG.md)
- [Commits](https://github.com/capistrano/rbenv/compare/v2.1.3...v2.1.4)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-03 15:21:30 +02:00
dependabot[bot] 730f196b96 Bump pg from 1.0.0 to 1.1.3 (#8856)
Bumps [pg](https://bitbucket.org/ged/ruby-pg) from 1.0.0 to 1.1.3.
- [Changelog](https://bitbucket.org/ged/ruby-pg/src/master/History.rdoc)
- [Commits](https://bitbucket.org/ged/ruby-pg/branches/compare/v1.1.3..v1.0.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-03 15:20:56 +02:00
dependabot[bot] 53275b949e Bump httplog from 1.0.2 to 1.1.1 (#8839)
Bumps [httplog](https://github.com/trusche/httplog) from 1.0.2 to 1.1.1.
- [Release notes](https://github.com/trusche/httplog/releases)
- [Changelog](https://github.com/trusche/httplog/blob/master/CHANGELOG.md)
- [Commits](https://github.com/trusche/httplog/compare/v1.0.2...v1.1.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-03 04:56:00 +02:00
dependabot[bot] 3f62b119e4 Bump rubocop from 0.55.0 to 0.59.2 (#8849)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.55.0 to 0.59.2.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.55.0...v0.59.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-02 20:16:51 +02:00
dependabot[bot] d19b625394 Bump redis from 4.0.1 to 4.0.2 (#8850)
Bumps [redis](https://github.com/redis/redis-rb) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/redis/redis-rb/releases)
- [Changelog](https://github.com/redis/redis-rb/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/redis-rb/compare/v4.0.1...v4.0.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-02 20:16:05 +02:00
dependabot[bot] 3dac956587 Bump fastimage from 2.1.1 to 2.1.4 (#8847)
Bumps [fastimage](https://github.com/sdsykes/fastimage) from 2.1.1 to 2.1.4.
- [Release notes](https://github.com/sdsykes/fastimage/releases)
- [Commits](https://github.com/sdsykes/fastimage/compare/v2.1.1...v2.1.4)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-02 17:20:52 +09:00
dependabot[bot] b95d944625 Bump webpush from 0.3.3 to 0.3.4 (#8846)
Bumps [webpush](https://github.com/zaru/webpush) from 0.3.3 to 0.3.4.
- [Release notes](https://github.com/zaru/webpush/releases)
- [Commits](https://github.com/zaru/webpush/compare/v0.3.3...v0.3.4)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-02 15:37:28 +09:00
dependabot[bot] 194ad2c90b Bump rack-attack from 5.2.0 to 5.4.1 (#8838)
Bumps [rack-attack](https://github.com/kickstarter/rack-attack) from 5.2.0 to 5.4.1.
- [Release notes](https://github.com/kickstarter/rack-attack/releases)
- [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kickstarter/rack-attack/compare/v5.2.0...v5.4.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-01 22:49:26 +02:00
Grey Baker 3a2f007eb0 Promote colorize to top-level dependency (#8844) 2018-10-02 05:34:25 +09:00
dependabot[bot] 793fb7499d Bump annotate from 2.7.3 to 2.7.4 (#8840)
Bumps [annotate](https://github.com/ctran/annotate_models) from 2.7.3 to 2.7.4.
- [Release notes](https://github.com/ctran/annotate_models/releases)
- [Changelog](https://github.com/ctran/annotate_models/blob/develop/CHANGELOG.rdoc)
- [Commits](https://github.com/ctran/annotate_models/compare/v2.7.3...v2.7.4)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-01 14:10:07 +02:00
dependabot[bot] 746da5ccda Bump ox from 2.9.2 to 2.10.0 (#8837)
Bumps [ox](https://github.com/ohler55/ox) from 2.9.2 to 2.10.0.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.9.2...v2.10.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-01 14:08:33 +02:00
dependabot[bot] e02c45941d Bump strong_migrations from 0.2.2 to 0.2.3 (#8818)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.2.2 to 0.2.3.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.2.2...v0.2.3)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-28 13:35:44 +02:00
dependabot[bot] 5da51771cd Bump oj from 3.5.1 to 3.6.11 (#8815)
Bumps [oj](https://github.com/ohler55/oj) from 3.5.1 to 3.6.11.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.5.1...v3.6.11)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-28 13:34:31 +02:00
dependabot[bot] b6985482f7 Bump bootsnap from 1.3.0 to 1.3.2 (#8816)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.3.0 to 1.3.2.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.3.0...v1.3.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-28 13:33:10 +02:00
dependabot[bot] ec745b32de Bump simple_form from 4.0.0 to 4.0.1 (#8814)
Bumps [simple_form](https://github.com/plataformatec/simple_form) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/plataformatec/simple_form/releases)
- [Changelog](https://github.com/plataformatec/simple_form/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/simple_form/compare/v4.0.0...v4.0.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-28 13:32:40 +02:00
dependabot[bot] e046a987f6 Bump capistrano from 3.10.2 to 3.11.0 (#8801)
Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.10.2 to 3.11.0.
- [Release notes](https://github.com/capistrano/capistrano/releases)
- [Changelog](https://github.com/capistrano/capistrano/blob/master/CHANGELOG.md)
- [Commits](https://github.com/capistrano/capistrano/compare/v3.10.2...v3.11.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 18:24:06 +02:00
dependabot[bot] 20a87b2c7f Bump stackprof from 0.2.11 to 0.2.12 (#8803)
Bumps [stackprof](https://github.com/tmm1/stackprof) from 0.2.11 to 0.2.12.
- [Release notes](https://github.com/tmm1/stackprof/releases)
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tmm1/stackprof/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 17:11:54 +02:00
dependabot[bot] 1cb8600a45 Bump tty-command from 0.8.0 to 0.8.2 (#8802)
Bumps [tty-command](https://github.com/piotrmurach/tty-command) from 0.8.0 to 0.8.2.
- [Release notes](https://github.com/piotrmurach/tty-command/releases)
- [Changelog](https://github.com/piotrmurach/tty-command/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-command/compare/v0.8.0...v0.8.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 17:11:29 +02:00
dependabot[bot] 42ab93c8b2 Bump tzinfo-data from 1.2018.4 to 1.2018.5 (#8800)
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data) from 1.2018.4 to 1.2018.5.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases)
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2018.4...v1.2018.5)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 14:59:15 +09:00
dependabot[bot] 7efa3d02c7 Bump sidekiq-scheduler from 2.2.1 to 3.0.0 (#8789)
Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 2.2.1 to 3.0.0.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases)
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v2.2.1...v3.0.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 02:11:21 +09:00
dependabot[bot] 65e7c6d9b5 Bump tty-prompt from 0.16.0 to 0.17.0 (#8791)
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt) from 0.16.0 to 0.17.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases)
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.16.0...v0.17.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 02:02:38 +09:00
dependabot[bot] 30342c865a Bump memory_profiler from 0.9.10 to 0.9.11 (#8790)
Bumps [memory_profiler](https://github.com/SamSaffron/memory_profiler) from 0.9.10 to 0.9.11.
- [Release notes](https://github.com/SamSaffron/memory_profiler/releases)
- [Changelog](https://github.com/SamSaffron/memory_profiler/blob/master/CHANGELOG.md)
- [Commits](https://github.com/SamSaffron/memory_profiler/compare/v0.9.10...v0.9.11)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-26 15:06:05 +09:00
dependabot[bot] 3064917881 Bump pkg-config from 1.3.0 to 1.3.1 (#8788)
Bumps [pkg-config](https://github.com/ruby-gnome2/pkg-config) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/ruby-gnome2/pkg-config/releases)
- [Changelog](https://github.com/ruby-gnome2/pkg-config/blob/master/NEWS)
- [Commits](https://github.com/ruby-gnome2/pkg-config/compare/1.3.0...1.3.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-26 14:50:02 +09:00
Grey Baker 6e075b9cc4 Bump devise from 4.4.3 to 4.5.0 (#8778)
Bumps [devise](https://github.com/plataformatec/devise) from 4.4.3 to 4.5.0.
- [Release notes](https://github.com/plataformatec/devise/releases)
- [Changelog](https://github.com/plataformatec/devise/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/devise/compare/v4.4.3...v4.5.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-26 04:27:53 +09:00
dependabot[bot] 8096df1055 Bump sidekiq from 5.1.3 to 5.2.2 (#8779)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 5.1.3 to 5.2.2.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v5.1.3...v5.2.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-25 20:33:00 +02:00
dependabot[bot] 29e2d9e1b7 Bump mime-types from 3.1 to 3.2.2 (#8781)
Bumps [mime-types](https://github.com/mime-types/ruby-mime-types) from 3.1 to 3.2.2.
- [Release notes](https://github.com/mime-types/ruby-mime-types/releases)
- [Changelog](https://github.com/mime-types/ruby-mime-types/blob/master/History.md)
- [Commits](https://github.com/mime-types/ruby-mime-types/compare/v3.1...v3.2.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-25 20:32:37 +02:00
dependabot[bot] d7f8e2ea41 Bump sanitize from 4.6.4 to 4.6.6 (#8783)
Bumps [sanitize](https://github.com/rgrove/sanitize) from 4.6.4 to 4.6.6.
- [Release notes](https://github.com/rgrove/sanitize/releases)
- [Changelog](https://github.com/rgrove/sanitize/blob/master/HISTORY.md)
- [Commits](https://github.com/rgrove/sanitize/compare/v4.6.4...v4.6.6)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-26 03:31:46 +09:00
dependabot[bot] a7f75485d1 Bump pghero from 2.1.0 to 2.2.0 (#8782)
Bumps [pghero](https://github.com/ankane/pghero) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/ankane/pghero/releases)
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/pghero/compare/v2.1.0...v2.2.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-25 20:31:40 +02:00
Eugen Rochko 56efc28189
Update ruby dependencies (#8743)
* Update ffi to 1.9.25

* Update private_address_check to 0.5.0
2018-09-21 00:42:59 +02:00
Yamagishi Kazutoshi 0ddbccf7e6 Upgrade Babel to version 7.0.0 (#5925) 2018-09-14 17:59:48 +02:00
Alexander 64a5561b5a update devise_pam_authenticatable2, new feature: pam gets ip address of client (#8623) 2018-09-14 17:42:45 +02:00
Eugen Rochko c597249124
Add thor to Gemfile directly (#8467)
It's a common dependency, but just in case
2018-08-26 20:02:32 +02:00
Alexander cfe3cd58d6 fix pam authentication for certain hostnames (#8412) 2018-08-25 22:35:29 +02:00
Eugen Rochko b37ae64578
Upgrade Doorkeeper to 5.0.0 (#8409)
See doorkeeper-gem/doorkeeper#1137
2018-08-24 18:17:11 +02:00
ThibG f06fa09962 Revert to using Paperclip's filesystem storage, and fix dangling records in remove_remote (#8339)
* Fix uncaching worker

* Revert to using Paperclip's filesystem backend instead of fog-local

fog-local has lots of concurrency issues, causing failure to delete files,
dangling file records, and spurious errors UncacheMediaWorker
2018-08-21 17:53:01 +02:00
ThibG 8ac5e651e1 Upgrade doorkeeper to 4.4.2 (#8321) 2018-08-20 22:42:02 +02:00
AkiraFukushima 58ffe3f7c3 Revert "Upgrade Doorkeeper to 4.4.1 (#8197)" (#8231)
* Revert "Upgrade Doorkeeper to 4.4.1 (#8197)"

This reverts commit 464daffdf9.

* Except migration files from revert commit
2018-08-19 03:20:37 +02:00
Eugen Rochko c6eab9e0aa
Add Makara dependency to support read-replicas (#8216)
Not active by default unless config/database.yml is edited
2018-08-18 21:06:12 +02:00
Eugen Rochko 464daffdf9
Upgrade Doorkeeper to 4.4.1 (#8197) 2018-08-14 20:24:47 +02:00
S.H 2aeeffc3ec Update Rails (#8141)
* Update Rails

* fix Update Rails
2018-08-12 12:25:23 +02:00
Daigo 3 Dango cd1b90d223 Update sprockets gem (#7858)
https://blog.heroku.com/rails-asset-pipeline-vulnerability
2018-06-20 15:22:37 +02:00
Eugen Rochko 1a9124f50b
Update bcrypt to 3.1.12 fix issue with Fedora (#7845) 2018-06-19 00:19:17 +02:00
Eugen Rochko 53f0452b70
Remove rack-timeout (#7809)
Timeout considered harmful due to leaving the app in a broken
state, including unreaped database connections
2018-06-15 19:46:25 +02:00
MIYAGI Hikaru 0b1f88cfd5 Upgrade posix-spawn to master (#7542) 2018-05-19 02:20:43 +02:00
MIYAGI Hikaru 6bed372ad2 Fix posix-spawn to version 0.3.12 (#7517)
Because 0.3.13 causes build error in x86 or other ILP32 environments.
closes #7453
2018-05-16 16:52:19 +02:00
Yamagishi Kazutoshi f77b11cd10 Update http_parser.rb to head version (#7467) 2018-05-13 11:32:46 +02:00
Yamagishi Kazutoshi 4d706f9976 Downgrade doorkeeper to version 4.2.6 (#7456)
ref https://github.com/doorkeeper-gem/doorkeeper/pull/1060
2018-05-12 12:08:12 +02:00
Yamagishi Kazutoshi 8c35d163a5 Port travis_retry for CI (#7379)
* Port travis_retry for CI

* Add license
2018-05-06 10:55:50 +02:00
Eugen Rochko a78b27c7cc
Marginally improve convert/ffmpeg calls performance with posix-spawn (#7346) 2018-05-04 13:22:23 +02:00
Shuhei Kitagawa ab773e4d5f Add pry-byebug (#7307) 2018-05-03 12:08:54 +02:00
Eugen Rochko cb5b5cb5f7
Slightly reduce RAM usage (#7301)
* No need to re-require sidekiq plugins, they are required via Gemfile

* Add derailed_benchmarks tool, no need to require TTY gems in Gemfile

* Replace ruby-oembed with FetchOEmbedService

Reduce startup by 45382 allocated objects

* Remove preloaded JSON-LD in favour of caching HTTP responses

Reduce boot RAM by about 6 MiB

* Fix tests

* Fix test suite by stubbing out JSON-LD contexts
2018-05-02 18:58:48 +02:00
Yamagishi Kazutoshi 9613a53cb3 Update dependencies for Ruby (2018-04-23) (#7237)
* Update annotate to version 2.7.3

* Update aws-sdk-s3 to version 1.9.2

* Update browser to version 2.5.3

* Update capistrano to version 3.10.2

* Update domain_name to version 0.5.20180417

* Update http to version 3.2.0

* Update lograge to version 0.10.0

* Update oj to version 3.5.1

* Update parallel_tests to version 2.21.3

* Update puma to version 3.11.4

* Update rubocop to version 0.55.0

* Update scss_lint to version 0.57.0

* Update simplecov to version 0.16.1

* Update tty-command to version 0.8.0

* Update tty-prompt to version 0.16.0

* Update pkg-config to version 1.3.0

* Update fog-local to version 0.5.0

* Update fog-openstack to version 0.1.25

* Update devise-two-factor to version 3.0.3

* bundle update
2018-04-23 11:29:17 +02:00
Yamagishi Kazutoshi b438224751 Introduce rspec-retry (#7206) 2018-04-20 19:31:30 +02:00
Yamagishi Kazutoshi 50529cbceb Upgrade Rails to version 5.2.0 (#5898) 2018-04-12 14:45:17 +02:00
Alexander 8e88a18316 update gem, test pam authentication (#7028)
* update gem, test pam authentication

* add description for test parameters

* fix inclusion of optional group
2018-04-11 21:40:38 +02:00
Eugen Rochko d4de2239b0
Add a circuit breaker for ActivityPub deliveries (#7053) 2018-04-07 21:36:58 +02:00
Pierre-Morgan Gate 47cee7cc8e Upgrade charlock_holmes to version 0.7.6 (#6966)
This version fixes compilation errors when trying to build its native extension with ICU 61.
2018-03-30 09:52:44 +02:00
Yamagishi Kazutoshi 28384c1771 Revert "Revert "Upgrade Paperclip to version 6.0.0" (#6807)" (#6808)
This reverts commit 40871caa4b.
2018-03-24 12:52:45 +01:00
Patrick Figel d97903a358 Update sanitize and loofah (#6855)
Fixes CVE-2018-8048 and CVE-2018-3740, two medium-severity XSS
vulnerabilities present in these gems when built against
libxml2 >= 2.9.2.
2018-03-21 17:43:28 +01:00
Alexander 0306e3e9be bugfixes and gem update (#6831)
* update to new version of devise_pam_authenticatable2

* fix behaviour if suffix is nil, fix environment loading, fix user email creation

* code cleanup/fix linter warning
2018-03-19 20:08:56 +01:00
Eugen Rochko 40871caa4b
Revert "Upgrade Paperclip to version 6.0.0" (#6807)
* Revert "Bump version to 2.3.2rc1"

This reverts commit cdf8b92fea.

* Revert "Downgrade Dockerfile to Ruby 2.4.3 on Alpine 3.6 (#6806)"

This reverts commit 0074cad44f.

* Revert "Handle Mastodon::HostValidationError when pulling remoteable assets (#6782)"

This reverts commit 4a0a19fe54.

* Revert "Correct the reference to user's password in mastodon:add_user task (#6800)"

This reverts commit 338bff8b93.

* Revert "Upgrade Paperclip to version 6.0.0 (#6754)"

This reverts commit b88fcd53f7.
2018-03-17 14:20:35 +01:00
Yamagishi Kazutoshi b88fcd53f7 Upgrade Paperclip to version 6.0.0 (#6754) 2018-03-17 12:37:58 +01:00
Yamagishi Kazutoshi e9e475a29d Upgrade chewy to version 5.0.0 (#6649) 2018-03-06 06:14:26 +01:00
Patrick Figel e4db0f28d2 Update omniauth-saml to 1.10 (#6587)
Fixes CVE-2017-11428
2018-03-02 02:32:08 +01:00
Eugen Rochko 47bdb9b33b
Fix #942: Seamless LDAP login (#6556) 2018-02-28 19:04:53 +01:00
masarakki 22a441e374 remove-uglifier (#6561) 2018-02-26 16:19:48 +01:00
Akihiko Odaki 2e8a492e88 Raise Mastodon::HostValidationError when host for HTTP request is private (#6410) 2018-02-24 19:16:11 +01:00
Eugen Rochko 61ed133fea
Account archive download (#6460)
* Fix #201: Account archive download

* Export actor and private key in the archive

* Optimize BackupService

- Add conversation to cached associations of status, because
  somehow it was forgotten and is source of N+1 queries
- Explicitly call GC between batches of records being fetched
  (Model class allocations are the worst offender)
- Stream media files into the tar in 1MB chunks
  (Do not allocate media file (up to 8MB) as string into memory)
- Use #bytesize instead of #size to calculate file size for JSON
  (Fix FileOverflow error)
- Segment media into subfolders by status ID because apparently
  GIF-to-MP4 media are all named "media.mp4" for some reason

* Keep uniquely generated filename in Paperclip::GifTranscoder

* Ensure dumped files do not overwrite each other by maintaing directory partitions

* Give tar archives a good name

* Add scheduler to remove week-old backups

* Fix code style issue
2018-02-21 23:21:32 +01:00
Eugen Rochko a7171af0a3
Fix avatar and header issues by using custom geometry detector (#6515)
* Fix avatar and header issues by using custom geometry detector

Revert a part of #6508. The file passed to dynamic styles method
was not actually a file, but an instance of Paperclip::Attachment,
which broke all styles by always returning {} from the method.

One problem with GIF avatars was that Paperclip::GeometryDetector
reported wrong dimensions for them, e.g. 120x120 GIF avatar would
for some reason be detected as 120x53. By writing our own geometry
parser, we can use FastImage, which also happens to be faster than
ImageMagick, to detect image dimensions, which are also correct.

Unfortunately, this PR does not implement skipping a `convert`
entirely if the dimensions are already correct, as I found no easy
way to write that behaviour into Paperclip without rewriting the
Paperclip::Thumbnail class.

* Only invoke convert if dimension or format needs to be changed
2018-02-21 03:40:12 +01:00
Eugen Rochko 9dbae6e8a1
Save video metadata and improve video OpenGraph tags (#6481)
* Save metadata from video attachments, put correct dimensions into OG tags

* Add twitter:player for videos

* Fix code style and test
2018-02-16 07:22:20 +01:00
Eugen Rochko cf36d184f4
Interactive rake mastodon:setup task (#6451)
* Add better CLI prompt

* Add rake mastodon:setup interactive wizard

* Test db/redis/smtp configurations and add admin user at the end

* Test database connection even when database does not exist yet
2018-02-11 18:40:57 +01:00
Eugen Rochko 3ebc0ad4d3
Full-text search for authorized statuses (#6423)
* Add full-text search for authorized statuses

- Search API will return statuses that match the query
- Only for logged in users
- Only if you are author of the status,
- Or you were mentioned in it
- Or you favourited or reblogged it
- Configuration over `ES_ENABLED`, `ES_HOST`, `ES_PORT`, `ES_PREFIX`
- Run `rails chewy:deploy` to create & populate index

Fix #5880
Fix #4293
Fix #1152

* Add commented out docker-compose configuration for ES container

* Optimize index import, filter search results

* Add basic normalization to the index

* Add better stemming and normalization to the index

* Skip webfinger request if search query includes both @ and a space

* Fix code style

* Visually separate search result sections

* Fix code style issues
2018-02-09 23:04:47 +01:00
Eugen Rochko 26f21fd5a0
CAS + SAML authentication feature (#6425)
* Cas authentication feature

* Config

* Remove class_eval + Omniauth initializer

* Codeclimate review

* Codeclimate review 2

* Codeclimate review 3

* Remove uid/email reconciliation

* SAML authentication

* Clean up code

* Improve login form

* Fix code style issues

* Add locales
2018-02-04 05:42:13 +01:00
Alexander 04fef7b888 pam authentication (#5303)
* add pam support, without extra column

* bugfixes for pam login

* document options

* fix code style

* fix codestyle

* fix tests

* don't call remember_me without password

* fix codestyle

* improve checks for pam usage (should fix tests)

* fix remember_me part 1

* add remember_token column because :rememberable requires either a password or this column.

* migrate db for remember_token

* move pam_authentication to the right place, fix logic bug in edit.html.haml

* fix tests

* fix pam authentication, improve username lookup, add comment

* valid? is sometimes not honored, return nil instead trying to authenticate with pam

* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests

* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user

* codeconvention fixes

* code convention fixes

* fix idention

* update dependency, explicit conflict check

* fix disabled password updates if in pam mode

* fix check password if password is present, fix templates

* block registration if account is maintained by pam

* Revert "block registration if account is maintained by pam"

This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.

* fix identation error introduced by rebase

* block usernames maintained by pam

* document pam settings better

* fix code style
2018-02-02 10:18:55 +01:00
Rob Watson f4bd51da1e Upgrade Paperclip > 5.2.1 (#6404)
Mitigation for CVE-2017-0889.

https://www.cvedetails.com/cve/CVE-2017-0889/
https://medium.com/in-the-weeds/all-about-paperclips-cve-2017-0889-server-side-request-forgery-ssrf-vulnerability-8cb2b1c96fe8
2018-02-01 17:54:22 +01:00