dba1036d1d
Merge pull request #1478 from openHPI/dependabot/bundler/ims-lti-1.2.7
2022-12-14 03:11:56 +00:00
55ce1ce7a5
Merge pull request #1477 from openHPI/dependabot/npm_and_yarn/i18n-js-4.2.1
2022-12-14 03:09:45 +00:00
fd5b9e37f1
Bump ims-lti from 1.2.6 to 1.2.7
...
Bumps [ims-lti](https://github.com/instructure/ims-lti ) from 1.2.6 to 1.2.7.
- [Release notes](https://github.com/instructure/ims-lti/releases )
- [Commits](https://github.com/instructure/ims-lti/commits )
---
updated-dependencies:
- dependency-name: ims-lti
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-14 03:01:06 +00:00
9a36d13d3e
Bump i18n-js from 4.2.0 to 4.2.1
...
Bumps [i18n-js](https://github.com/fnando/i18n ) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/fnando/i18n/releases )
- [Changelog](https://github.com/fnando/i18n/blob/main/CHANGELOG.md )
- [Commits](https://github.com/fnando/i18n/compare/v4.2.0...v4.2.1 )
---
updated-dependencies:
- dependency-name: i18n-js
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-14 03:00:47 +00:00
a38adce58f
Merge pull request #1474 from openHPI/dependabot/bundler/loofah-2.19.1
2022-12-13 20:32:04 +00:00
90c827c915
Bump loofah from 2.19.0 to 2.19.1
...
Bumps [loofah](https://github.com/flavorjones/loofah ) from 2.19.0 to 2.19.1.
- [Release notes](https://github.com/flavorjones/loofah/releases )
- [Changelog](https://github.com/flavorjones/loofah/blob/main/CHANGELOG.md )
- [Commits](https://github.com/flavorjones/loofah/compare/v2.19.0...v2.19.1 )
---
updated-dependencies:
- dependency-name: loofah
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-13 20:21:16 +00:00
74de1e5510
Update Bundle
2022-12-12 20:54:01 +01:00
7a2e442d91
Reject reference implementations only for Runs
2022-12-12 20:53:46 +01:00
590c4e8417
Merge pull request #1471 from openHPI/dependabot/npm_and_yarn/bootswatch-5.2.3
2022-12-12 03:09:27 +00:00
243985ebaf
Bump bootswatch from 5.2.2 to 5.2.3
...
Bumps [bootswatch](https://github.com/thomaspark/bootswatch ) from 5.2.2 to 5.2.3.
- [Release notes](https://github.com/thomaspark/bootswatch/releases )
- [Commits](https://github.com/thomaspark/bootswatch/compare/v5.2.2...v5.2.3 )
---
updated-dependencies:
- dependency-name: bootswatch
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-12 03:00:57 +00:00
bf077ef478
Fix rubocop offenses
2022-12-09 13:11:46 +01:00
5e784ef8cd
Bundle update
2022-12-09 13:10:57 +01:00
871ec54b99
Merge pull request #1468 from openHPI/dependabot/npm_and_yarn/sass-1.56.2
2022-12-09 03:14:25 +00:00
323daa0a7c
Merge pull request #1469 from openHPI/dependabot/bundler/net-imap-0.3.2
2022-12-09 03:10:06 +00:00
a49940501d
Bump net-imap from 0.3.1 to 0.3.2
...
Bumps [net-imap](https://github.com/ruby/net-imap ) from 0.3.1 to 0.3.2.
- [Release notes](https://github.com/ruby/net-imap/releases )
- [Commits](https://github.com/ruby/net-imap/compare/v0.3.1...v0.3.2 )
---
updated-dependencies:
- dependency-name: net-imap
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-09 03:00:51 +00:00
79e0b937a8
Bump sass from 1.56.1 to 1.56.2
...
Bumps [sass](https://github.com/sass/dart-sass ) from 1.56.1 to 1.56.2.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.56.1...1.56.2 )
---
updated-dependencies:
- dependency-name: sass
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-09 03:00:50 +00:00
838019343e
ProFormA: Hide 'delayed' files by default
2022-12-08 10:57:36 +01:00
a957b203c2
Merge pull request #1464 from openHPI/dependabot/bundler/json_schemer-0.2.24
2022-12-08 03:08:31 +00:00
9eac6745d5
Merge pull request #1465 from openHPI/dependabot/bundler/nokogiri-1.13.10
2022-12-08 03:08:27 +00:00
b3d6655e70
Bump nokogiri from 1.13.9 to 1.13.10
...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.13.9 to 1.13.10.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/v1.13.10/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.13.9...v1.13.10 )
---
updated-dependencies:
- dependency-name: nokogiri
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-08 03:01:08 +00:00
d7614935bb
Bump json_schemer from 0.2.23 to 0.2.24
...
Bumps [json_schemer](https://github.com/davishmcclurg/json_schemer ) from 0.2.23 to 0.2.24.
- [Release notes](https://github.com/davishmcclurg/json_schemer/releases )
- [Commits](https://github.com/davishmcclurg/json_schemer/compare/v0.2.23...v0.2.24 )
---
updated-dependencies:
- dependency-name: json_schemer
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-08 03:00:50 +00:00
09a7c83d51
Add new syntax error to German linter translation
...
Fixes CODEOCEAN-FJ
2022-12-07 23:22:48 +01:00
bec235c8d6
Fix XML parsing with invalid LTI response
...
An invalid XML response may be returned if the LTI provider is unavailable and cannot handle our request. We decided against logging in Sentry as this affects a third party functionality we cannot fix ourselves.
Fixes CODEOCEAN-G2
2022-12-07 23:00:21 +01:00
6bfda8e552
Migrate default intervalstyle in database
...
By switching the `intervalstyle`, we assume to fix CODEOCEAN-FT. It is caused by by PgBouncer providing different database connections to Rails that might behave differently.
2022-12-06 23:43:23 +01:00
bc5baed05e
Use exec_query
for custom SQL execution
...
Also align how we use query Postgres from controllers.
The change is mainly due to regular (but not reproducible) issues with the `intervalstyle` defaulting to `postgres` (instead of `iso8601`) and thereby causing issues. We're just experimenting to see whether this change resolves the issue.
2022-12-06 22:41:00 +01:00
65c95a1f1c
Expire all assets to enable SRI
...
Otherwise, many browsers show issues with caching
2022-12-06 21:23:02 +01:00
1918c152cc
Bundle update
2022-12-06 20:27:56 +01:00
66921d92bb
Fix assets:precompile
to be idempotent again
...
Each execution regenerates the manifest, so that we also need to rewrite the hashes.
2022-12-06 20:21:58 +01:00
7debe371b3
Actually write changed manifest to disk
2022-12-06 19:43:15 +01:00
cfb5fac5b2
Prevent adding duplicate lines for source maps
2022-12-06 19:43:05 +01:00
da9a9b3e76
Ensure all text is visible during page load
...
We introduce the font-display property. See
https://developer.chrome.com/docs/lighthouse/performance/font-display/
2022-12-06 18:36:45 +01:00
75c6dfd20b
Rename actioncable integration (deprecation warning)
2022-12-06 15:26:50 +01:00
de0c1d368c
Add source map for sprockets
2022-12-06 15:26:50 +01:00
7706d8b2ed
Merge pull request #1463 from openHPI/dependabot/bundler/terser-1.1.13
2022-12-06 04:07:10 +00:00
9fa783b0b4
Bump terser from 1.1.12 to 1.1.13
...
Bumps [terser](https://github.com/ahorek/terser-ruby ) from 1.1.12 to 1.1.13.
- [Release notes](https://github.com/ahorek/terser-ruby/releases )
- [Changelog](https://github.com/ahorek/terser-ruby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ahorek/terser-ruby/compare/1.1.12...1.1.13 )
---
updated-dependencies:
- dependency-name: terser
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-06 03:57:46 +00:00
5de5aa8073
Merge pull request #1462 from openHPI/dependabot/npm_and_yarn/webpack-cli-5.0.1
2022-12-06 03:23:47 +00:00
f28b4dbd0f
Bump webpack-cli from 5.0.0 to 5.0.1
...
Bumps [webpack-cli](https://github.com/webpack/webpack-cli ) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/webpack/webpack-cli/releases )
- [Changelog](https://github.com/webpack/webpack-cli/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack/webpack-cli/compare/webpack-cli@5.0.0...webpack-cli@5.0.1 )
---
updated-dependencies:
- dependency-name: webpack-cli
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-06 03:13:18 +00:00
96c3e5b26a
Merge pull request #1461 from openHPI/dependabot/npm_and_yarn/mini-css-extract-plugin-2.7.2
2022-12-06 03:10:48 +00:00
cdc1b0e1a9
Merge pull request #1460 from openHPI/dependabot/npm_and_yarn/webpack-cli/serve-2.0.1
2022-12-06 03:09:06 +00:00
18a5e5b514
Bump mini-css-extract-plugin from 2.7.1 to 2.7.2
...
Bumps [mini-css-extract-plugin](https://github.com/webpack-contrib/mini-css-extract-plugin ) from 2.7.1 to 2.7.2.
- [Release notes](https://github.com/webpack-contrib/mini-css-extract-plugin/releases )
- [Changelog](https://github.com/webpack-contrib/mini-css-extract-plugin/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/mini-css-extract-plugin/compare/v2.7.1...v2.7.2 )
---
updated-dependencies:
- dependency-name: mini-css-extract-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-06 03:00:54 +00:00
0f8350e953
Bump @webpack-cli/serve from 2.0.0 to 2.0.1
...
Bumps [@webpack-cli/serve](https://github.com/webpack/webpack-cli ) from 2.0.0 to 2.0.1.
- [Release notes](https://github.com/webpack/webpack-cli/releases )
- [Changelog](https://github.com/webpack/webpack-cli/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack/webpack-cli/compare/@webpack-cli/serve@2.0.0...@webpack-cli/serve@2.0.1 )
---
updated-dependencies:
- dependency-name: "@webpack-cli/serve"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-06 03:00:42 +00:00
73237412ed
Compress JS and CSS files for production
2022-12-06 01:27:51 +01:00
9977e1614b
Allow external redirect for render host and LTI
...
We only use the `launch_presentation_return_url` provided to the @provider, in order to prevent using an open redirect.
2022-12-05 22:38:13 +01:00
b7a3fd4586
Refactor exercise statistics to use convert times in Ruby
2022-12-05 21:59:34 +01:00
1cfae6101a
Introduce additional time helper for managing intervals and durations
2022-12-05 18:22:18 +01:00
df666b4389
Fix missing whitespace for exercise feedback page
2022-12-05 18:21:44 +01:00
8147669173
Actually enable SRI for all websocket assets
...
Without this setting, no SRI hashes are added to the assets.
2022-12-05 18:21:22 +01:00
4ecaee9d6c
Prevent reloading of SRI helpers in development
...
Otherwise, each code reload would re-add the SRI helpers and thus break the inclusion of asset tags.
2022-12-05 18:20:47 +01:00
53471096ac
Bump d3 from 7.6.1 to 7.7.0
...
Bumps [d3](https://github.com/d3/d3 ) from 7.6.1 to 7.7.0.
- [Release notes](https://github.com/d3/d3/releases )
- [Changelog](https://github.com/d3/d3/blob/main/CHANGES.md )
- [Commits](https://github.com/d3/d3/compare/v7.6.1...v7.7.0 )
---
updated-dependencies:
- dependency-name: d3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-05 13:07:06 +01:00
934fdf5744
Merge pull request #1458 from openHPI/dependabot/bundler/selenium-webdriver-4.7.1
2022-12-05 03:09:03 +00:00