Fix wording (docs, UI): change "expiry" to "expiration"

2026-06-13 19:20:00 +00:00 · 2025-10-30 17:58:26 +00:00
parent 809ed5b415
commit 4e73d6c557
21 changed files with 38 additions and 38 deletions
@@ -61,7 +61,7 @@ class UserPassword < ApplicationRecord

  ##
  # Rehash the password using the currently active strategy.
-  # This replaces the password and keeps expiry date identical.
+  # This replaces the password and keeps expiration date identical.
  def rehash_as_active(plain)
    active_class = UserPassword.active_type

@@ -75,8 +75,8 @@ module Users

    def update_message
      update_message = I18n.t(:notice_account_password_updated)
-      expiry_message = I18n.t(:notice_account_other_session_expired)
-      { message_type: :info, message: "#{update_message} #{expiry_message}" }
+      expiration_message = I18n.t(:notice_account_other_session_expired)
+      { message_type: :info, message: "#{update_message} #{expiration_message}" }
    end

    def log_success
@@ -66,7 +66,7 @@ module Users
      token = Token::AutoLogin.create!(user:, data: token_session_information)
      cookie_options = {
        value: token.plain_value,
-        # The autologin expiry is checked on validating the token
+        # The autologin expiration is checked on validating the token
        # but still expire the cookie to avoid unnecessary retries
        expires: token.expires_on,
        path: OpenProject::Configuration["autologin_cookie_path"],
@@ -216,7 +216,7 @@ module Settings
        default: 20
      },
      cache_expires_in_seconds: {
-        description: "Expiration time for memcache entries, empty for no expiry be default",
+        description: "Expiration time for memcache entries, empty for no expiration be default",
        format: :integer,
        default: nil,
        writable: false
@@ -4428,7 +4428,7 @@ en:
  setting_self_registration_manual_activation_caption: >
    Users can register on their own. Their accounts are in a pending state until an administrator
    or user with the global permission to create or manage users activates them.
-  setting_session_ttl: "Session expiry time after inactivity"
+  setting_session_ttl: "Session expiration time after inactivity"
  setting_session_ttl_hint: "Value below 5 works like disabled"
  setting_session_ttl_enabled: "Session expires"
  setting_start_of_week: "Week starts on"
@@ -99,7 +99,7 @@ As OpenProject is a web application, the web session is the central mechanism of
 **Guidelines**

 - Use Rails' built-in secure session cookies for maintaining the users' session. It incorporates best-practices to ensure strong session tokens, tamper resistance, and proper expiration.
- Ensure session cookies are marked `secure` and `httponly`, as well as providing the appropriate `SameSite` and expiry flags according to the instance's configuration.
+- Ensure session cookies are marked `secure` and `httponly`, as well as providing the appropriate `SameSite` and expiration flags according to the instance's configuration.
 - Provide a secure logout mechanism that invalidates the session and clears session cookies. Ensure that users are logged out after a period of inactivity.
 - Implement session fixation protection mechanisms to prevent attackers from fixing a user's session to a known value.
 - Prevent storing sensitive unencrypted session information on the client device
@@ -547,7 +547,7 @@ OPENPROJECT_REMOTE__STORAGE__DOWNLOAD__HOST=mybucket.s3.eu-west.amazonaws.com"

 When using remote storage for attachments via fog - usually S3 (see [`attachments_storage`](#attachments-storage) option) - each attachment download will generate a temporary URL. This option determines how long these links will be valid.

-The default is 21600 seconds, that is 6 hours, which is the maximum expiry time allowed by S3 when using IAM roles for authentication.
+The default is 21600 seconds, that is 6 hours, which is the maximum expiration time allowed by S3 when using IAM roles for authentication.

 *default: 21600*

@@ -698,7 +698,7 @@ OPENPROJECT_SECURITY__BADGE__DISPLAYED="false"
 * When using `redis`, the following configuration option is relevant:
  * `cache_redis_url`: The URL of the Redis host (e.g., `redis://host:6379`)

-* `cache_expires_in`: Expiration time for memcache entries (default: `nil`, no expiry)
+* `cache_expires_in`: Expiration time for memcache entries (default: `nil`, no expiration)
 * `cache_namespace`: Namespace for cache keys, useful when multiple applications use a single memcache server (default: `nil`)

 ### Rails asset host
@@ -153,7 +153,7 @@ OPENPROJECT_BLACKLISTED__ROUTES (default=[]) Blocked routes to prevent access to
 OPENPROJECT_BOARDS__DEMO__DATA__AVAILABLE (default=false) Internal setting determining availability of demo seed data
 OPENPROJECT_BRUTE__FORCE__BLOCK__AFTER__FAILED__LOGINS (default=20) Number of login attempts per user before assuming brute force attack
 OPENPROJECT_BRUTE__FORCE__BLOCK__MINUTES (default=30) Number of minutes to block users after presumed brute force attack
-OPENPROJECT_CACHE__EXPIRES__IN__SECONDS (default=nil) Expiration time for memcache entries, empty for no expiry be default
+OPENPROJECT_CACHE__EXPIRES__IN__SECONDS (default=nil) Expiration time for memcache entries, empty for no expiration be default
 OPENPROJECT_CACHE__FORMATTED__TEXT (default=true) Cache formatted text
 OPENPROJECT_CACHE__MEMCACHE__SERVER (default=nil) The memcache server host and IP
 OPENPROJECT_CACHE__NAMESPACE (default=nil) Namespace for cache keys, useful when multiple applications use a single memcache server
@@ -344,7 +344,7 @@ OPENPROJECT_SELF__REGISTRATION (default=2) Self-registration
 OPENPROJECT_SENDMAIL__ARGUMENTS (default="-i") Arguments to call sendmail with in case it is configured as outgoing email setup
 OPENPROJECT_SENDMAIL__LOCATION (default="/usr/sbin/sendmail") Location of sendmail to call if it is configured as outgoing email setup
 OPENPROJECT_SESSION__COOKIE__NAME (default="_open_project_session") Set session cookie name
-OPENPROJECT_SESSION__TTL (default=120) Session expiry time after inactivity
+OPENPROJECT_SESSION__TTL (default=120) Session expiration time after inactivity
 OPENPROJECT_SESSION__TTL__ENABLED (default=false) Session expires
 OPENPROJECT_SHOW__COMMUNITY__LINKS (default=true) Enable or disable links to OpenProject community instances
 OPENPROJECT_SHOW__PENDING__MIGRATIONS__WARNING (default=true) Enable or disable warning bar in case of pending migrations
@@ -70,7 +70,7 @@
    </IfModule>
  </Directory>

-    # Send expiry headers for assets, that carry an asset id. Assuming, an asset
+    # Send expiration headers for assets, that carry an asset id. Assuming, an asset
    # id is a unix timestamp, which is currently a 10 digit integer. This might
    # change in the far future.
    <FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$">
@@ -99,7 +99,7 @@ Please note that **% Complete** does not adjust automatically when the values of
 - Bugfix: Can not add invited users to existing groups \[[#51679](https://community.openproject.org/wp/51679)\]
 - Bugfix: Project.visible scope slower than it should be \[[#51706](https://community.openproject.org/wp/51706)\]
 - Bugfix: Ongoing meetings are not visible via the Meetings tab in work packages \[[#51715](https://community.openproject.org/wp/51715)\]
- Bugfix: The Access Token expiry date not updated on refresh for FileStorage tokens \[[#51749](https://community.openproject.org/wp/51749)\]
+- Bugfix: The Access Token expiration date not updated on refresh for FileStorage tokens \[[#51749](https://community.openproject.org/wp/51749)\]
 - Bugfix: Work package share permissions not in Work package permission group \[[#52086](https://community.openproject.org/wp/52086)\]
 - Bugfix: lockVersion missing in payload for API WP form when only having change_work_package_status permission \[[#52089](https://community.openproject.org/wp/52089)\]
 - Bugfix: Status cannot be changed in backlogs when only having change_work_package_status permission \[[#52090](https://community.openproject.org/wp/52090)\]
@@ -8,7 +8,7 @@ release_date: 2017-03-20

 # OpenProject 6.1.6

-The release contains an important security fix regarding session expiry.
+The release contains an important security fix regarding session expiration.

 For details on the security fix, take a look at the
 [release news](https://www.openproject.org/blog/openproject-6-1-6-released-security-fix/).
@@ -9,7 +9,7 @@ release_date: 2017-06-29

 # OpenProject 7.0.3

-The release contains an important security fix regarding session expiry
+The release contains an important security fix regarding session expiration
 and several bug fixes.

 For details on the security fix, take a look at the [release
@@ -686,7 +686,7 @@ flowchart LR

 OpenProject makes use of technical cookies to identity the browser client and/or remember information such as 2FA login state. The core application makes use of these cookies:

-| **Cookie name**                                | **Description**                                              | **Expiry**                                                   | **Security flags**                                    | **Implementation**                                           |
+| **Cookie name**                                | **Description**                                              | **Expiration**                                                   | **Security flags**                                    | **Implementation**                                           |
 | ---------------------------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------ | ----------------------------------------------------- | ------------------------------------------------------------ |
 | `_open_project_session` (name is configurable) | contains the information about the logged in user as well as information stored between requests on the user's choices (e.g. the filters for costs are in part stored there) | Session <br>+ configurable server-sideTTL                  | secure<br>httponly<br>Samesite=Lax<br>encrypted | [Code ref](https://github.com/opf/openproject/blob/release/16.0/config/initializers/session_store.rb#L34-L39) |
 | `autologin` (name is configurable)             | (Optional feature, requires opt-in under Administration > Authentication settings) <br>enables the user to automatically log in again after the session expired (e.g. because the browser was closed). It is set when the user checks the '*Stay logged in*' box in the login form.<br> | Cookie 1 year<br>+ server-side token N days (configurable) | secure<br>httponly<br>Samesite=Lax<br>encrypted | [Code ref](https://github.com/opf/openproject/blob/release/16.0/app/services/users/login_service.rb#L58-L74) |
@@ -29,7 +29,7 @@ Under the *Login* tab you can adjust following settings:

 2. Activate the **session expiration option**. 

-3. Set the **duration for inactivity time**, after which a session will expire. Note that any value below 5 will be treated as disabling the session expiry setting.
+3. Set the **duration for inactivity time**, after which a session will expire. Note that any value below 5 will be treated as disabling the session expiration setting.

 4. Define whether **user login, name, and mail address** should be logged for all requests.

@@ -270,11 +270,11 @@ To view and manage your OpenProject sessions navigate to **Account settings** an

 ![Sessions management in OpenProject account settings](openproject_account_settings_sessions_management.png)

-Here you can view and manage all of your active and remembered sessions in one place. Each row shows the browser, device, expiry date and last connection timestamp. For your current session the “Last connection” column displays **“Current (this device)”**.
+Here you can view and manage all of your active and remembered sessions in one place. Each row shows the browser, device, expiration date and last connection timestamp. For your current session the “Last connection” column displays **“Current (this device)”**.

 You can revoke a session at any time by clicking the **×** icon at the end of the row. Hover over the icon to see the **“Revoke”** tooltip. When you click, a confirmation message appears.

-Sessions expire automatically according to your instance’s authentication settings. Remembered sessions show their expiry in relative time (for example “in 5 days”).
+Sessions expire automatically according to your instance’s authentication settings. Remembered sessions show their expiration in relative time (for example “in 5 days”).

 > [!NOTE]
 > Closing a browser does not necessarily terminate the session. It might still be displayed in the list and will be reactivated if you open the browser. This depends on both your browser's and the OpenProject instance's settings.
@@ -127,7 +127,7 @@ RSpec.describe Admin::EnterpriseTokens::TableComponent, type: :component do
      expect(subscription_cells).to all(have_primer_label("Expiring soon", scheme: "attention"))
    end

-    it "has expiry date in :attention color in the dates column" do
+    it "has expiration date in :attention color in the dates column" do
      render_inline(component)

      expect(dates_cells[0]).to have_primer_text(format_date(tokens.first.starts_at), color: "subtle")
@@ -152,7 +152,7 @@ RSpec.describe Admin::EnterpriseTokens::TableComponent, type: :component do
      expect(subscription_cells).to all(have_primer_label("In grace period", scheme: "attention"))
    end

-    it "has expiry date in :attention color in the dates column" do
+    it "has expiration date in :attention color in the dates column" do
      render_inline(component)

      expect(dates_cells[0]).to have_primer_text(format_date(tokens.first.starts_at), color: "subtle")
@@ -178,7 +178,7 @@ RSpec.describe Admin::EnterpriseTokens::TableComponent, type: :component do
      expect(subscription_cells).to all(have_primer_label("Expired", scheme: "danger"))
    end

-    it "has expiry date in :danger color in the dates column" do
+    it "has expiration date in :danger color in the dates column" do
      render_inline(component)

      expect(dates_cells[0]).to have_primer_text(format_date(tokens.first.starts_at), color: "subtle")
@@ -64,19 +64,19 @@ RSpec.describe "Authentication Settings", :js do

    it "allows changing session expiration options" do
      expect(login_page).to have_unchecked_field "Session expires"
-      expect(login_page).to have_no_field "Session expiry time after inactivity"
+      expect(login_page).to have_no_field "Session expiration time after inactivity"

      check "Session expires"
-      expect(login_page).to have_field "Session expiry time after inactivity"
+      expect(login_page).to have_field "Session expiration time after inactivity"

-      fill_in "Session expiry time after inactivity", with: "30"
+      fill_in "Session expiration time after inactivity", with: "30"

      login_page.save
      Setting.clear_cache
      login_page.reload!

      expect(login_page).to have_checked_field "Session expires"
-      expect(login_page).to have_field "Session expiry time after inactivity", with: "30", described_by: "minutes"
+      expect(login_page).to have_field "Session expiration time after inactivity", with: "30", described_by: "minutes"

      uncheck "Session expires"

@@ -85,7 +85,7 @@ RSpec.describe "Authentication Settings", :js do
      login_page.reload!

      expect(login_page).to have_unchecked_field "Session expires"
-      expect(login_page).to have_no_field "Session expiry time after inactivity"
+      expect(login_page).to have_no_field "Session expiration time after inactivity"
    end

    it "allows changing logging options" do
@@ -186,7 +186,7 @@ RSpec.describe "Login" do
      end
    end

-    context "with password expiry", :js do
+    context "with password expiration", :js do
      before do
        user.passwords.update_all(created_at: 31.days.ago,
                                  updated_at: 31.days.ago)
@@ -53,8 +53,8 @@ RSpec.describe Settings::AuthenticationSettingsForm, type: :forms do
    expect(page).to have_unchecked_field "Session expires"
  end

-  it "renders 'Session expiry time after inactivity' number field" do
-    expect(page).to have_field "Session expiry time after inactivity", type: "number"
+  it "renders 'Session expiration time after inactivity' number field" do
+    expect(page).to have_field "Session expiration time after inactivity", type: "number"
  end

  it "renders 'Log user login, name, and mail address for all requests' checkbox" do
@@ -227,12 +227,12 @@ RSpec.describe Attachment do
      let(:url_options) { {} }
      let(:query) { attachment.external_url(**url_options).to_s.split("?").last }

-      it "has a default expiry time" do
+      it "has a default expiration time" do
        expect(query).to include "X-Amz-Expires="
        expect(query).not_to include "X-Amz-Expires=3600"
      end

-      context "with a custom expiry time" do
+      context "with a custom expiration time" do
        let(:url_options) { { expires_in: 1.hour } }

        it "uses that time" do
@@ -240,7 +240,7 @@ RSpec.describe Attachment do
        end
      end

-      context "with expiry time exceeding maximum" do
+      context "with expiration time exceeding maximum" do
        let(:url_options) { { expires_in: 1.year } }

        it "uses the allowed max" do
@@ -36,20 +36,20 @@ RSpec.describe UserPassword do
  let(:password) { create(:user_password, user:, plain_password: "adminAdmin!") }

  describe "#expired?" do
-    context "with expiry value set",
+    context "with expiration value set",
            with_settings: { password_days_valid: 30 } do
-      it "is true for an old password when password expiry is activated" do
+      it "is true for an old password when password expiration is activated" do
        expect(old_password.expired?).to be_truthy
      end

-      it "is false when password expiry is enabled and the password was changed recently" do
+      it "is false when password expiration is enabled and the password was changed recently" do
        expect(password.expired?).to be_falsey
      end
    end

-    context "with expiry value disabled",
+    context "with expiration value disabled",
            with_settings: { password_days_valid: 0 } do
-      it "is false for an old password when password expiry is disabled" do
+      it "is false for an old password when password expiration is disabled" do
        expect(old_password.expired?).to be_falsey
      end
    end