8cd962348a
Freeze string literals in app/validators
...
rubocop -A --only Style/FrozenStringLiteralComment,Layout/EmptyLineAfterMagicComment,Style/RedundantFreeze app/validators
2025-07-18 17:44:01 +01:00
4911b8a149
remove years from copyrights (except for COPYRIGHT file)
2024-07-31 15:02:49 +02:00
3b2121f733
Revert "Merge remote-tracking branch 'origin/release/13.4' into dev"
...
This reverts commit 40b2bbeb09b4c6cb17cc
2024-03-21 11:31:17 +01:00
7787e457a3
Revert "Merge branch 'dev' into release/13.4"
...
This reverts commit a901541269e573ca00b7
2024-03-20 20:19:08 +01:00
9e4934cd0a
change quotes using rubocop --only Style/StringLiterals,Style/QuotedSymbols -a
2024-03-20 18:05:22 +01:00
c795874f7f
Update copyright year for 2024
...
command used: `rg -l 'Copyright \(C\) 2012-202\d the OpenProject' | xargs -n 100 sed -i -r 's/Copyright \(C\) 2012-202. the OpenProject/Copyright (C) 2012-2024 the OpenProject/'`
2024-01-02 16:23:54 +01:00
26cee2729e
Fixes Performance/RegexpMatch offenses
2023-09-06 12:50:32 +02:00
cb60af9055
Merge remote-tracking branch 'origin/upgrade-to-ruby-3.2' into dev
2023-01-03 14:15:03 +01:00
21a696ef9b
Update copyright information for 2023
2022-12-30 15:51:26 +01:00
d2658792c3
Handle URI.parse returning empty string in host instead of nil
...
See https://hackerone.com/reports/156615
and https://github.com/ruby/ruby/commit/dd5118f8524c425894d4716
to know more.
2022-12-30 11:49:20 +01:00
8230707bcf
Use same Secure Context validation for OAuth applications
...
Currently redirect_uri field of OAuth applications (Doorkeeper
Applications) did only check for 'localhost', which is not
complete. Other loopback URLs are also valid, such as
'http://127.0.0.1 '.
Now, it is coherent with the allowed hosts of ::Storages::Storage
2022-07-27 18:29:28 +02:00
b20d4db965
Add validation for file storages: Host attribute needs to provide a secure context
2022-07-27 18:29:28 +02:00
Alexander Brandon Coles