Conversation
This commit introduces a custom Rack middleware, Rack::Defense, to enhance application security by blocking PHP-related requests, suspicious headers, and known malicious IPs. Additionally, it configures rate limiting for incoming requests, allowing a maximum of 300 requests every 5 minutes per IP address. These changes improve the overall security posture of the application and help mitigate potential attacks.
This commit modifies the output message in the Rails helper file to clarify the display of the SHOW_BROWSER environment variable. The change enhances readability by adding a question mark to the message, improving the clarity of the test environment output.
This commit updates the editable content system tests to use a more descriptive test type and improves the setup for user roles. The test now utilizes a headless browser for better performance and modifies the expectations for the edit link to enhance readability. These changes contribute to clearer and more maintainable test code.
This commit introduces a custom Rack middleware, Rack::Defense, to block PHP-related requests, suspicious headers, and known malicious IPs. The middleware enhances the application's security posture by preventing potential attacks and ensuring that only legitimate requests are processed. This change builds upon previous security enhancements and contributes to a more robust defense against common vulnerabilities.
This commit modifies the `set_entry_for_profile` method in the `EntriesController` to utilize `policy_scope` for fetching entries. This change ensures that entry retrieval adheres to the defined authorization policies, enhancing security and access control within the application.
This commit updates the user role setup in the profile access system tests to utilize traits for creating users with specific roles. The changes enhance the clarity and maintainability of the test code by streamlining user creation and ensuring that roles are assigned correctly. This refactor contributes to a more efficient testing process and aligns with best practices for test setup.
…ainer retrieval This commit modifies the `set_judging_round` method in the `RoundJudgeAssignmentsController` to utilize `policy_scope` when fetching the container. This change enhances security by ensuring that the retrieval of containers adheres to defined authorization policies. Additionally, it removes unnecessary whitespace in the `create` method for improved code cleanliness.
This commit modifies the `set_user_role` method in the `UserRolesController` to utilize `policy_scope` when fetching user roles. This change enhances security by ensuring that user role retrieval adheres to defined authorization policies, aligning with best practices for access control within the application.
Bumps the bundler group with 1 update in the / directory: [rack](https://github.com/rack/rack). Updates `rack` from 3.1.12 to 3.1.14 - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md) - [Commits](rack/rack@v3.1.12...v3.1.14) --- updated-dependencies: - dependency-name: rack dependency-version: 3.1.14 dependency-type: indirect dependency-group: bundler ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps the npm_and_yarn group with 1 update in the / directory: [trix](https://github.com/basecamp/trix). Updates `trix` from 2.1.12 to 2.1.15 - [Release notes](https://github.com/basecamp/trix/releases) - [Commits](basecamp/trix@v2.1.12...v2.1.15) --- updated-dependencies: - dependency-name: trix dependency-version: 2.1.15 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
This commit adds the `stackprof` gem to the Gemfile and updates the Gemfile.lock accordingly. The inclusion of this gem will facilitate performance profiling, allowing for better insights into application performance and potential optimizations.
….lock This commit updates the Bootstrap dependency in both package.json and yarn.lock to version 5.3.3. This change ensures that the application utilizes the latest features and fixes provided by the Bootstrap framework, contributing to improved UI and styling consistency.
This commit updates the footer partial to enhance the layout of user-specific links by wrapping them in a flex container. It also replaces icon classes with filled variants for better visibility and adds a new link to the departments page. These changes improve the user interface and accessibility of the footer section.
…ability This commit removes unnecessary whitespace in the `_available_contests.html.erb` partial, enhancing the overall readability of the code. Additionally, it ensures proper formatting of the displayed contest information, contributing to a cleaner and more maintainable view structure.
This commit replaces the pencil icon with a send arrow-up icon in the contest table partial of the applicant dashboard. This change enhances the visual representation of the action, making it clearer for users to understand the purpose of the button. Additionally, a newline is added at the end of the file for proper formatting.
This commit introduces a new partial, `_inactive_submissions_summary.html.erb`, to the applicant dashboard. The partial displays a summary of past contest entries, including contest details, submission titles, types, and submission dates. It also provides options to view or download attached entry files, enhancing the user experience by allowing easy access to historical submissions.
…tive contests This commit updates the submissions summary partial to reflect only active contests entered by the applicant. The heading is modified for clarity, and the entries are filtered to include only those associated with active contest instances. Additionally, the layout of the file attachment links is improved for better accessibility and user experience.
…mary and available contests This commit modifies the applicant dashboard view to enhance the layout by adding a new section for available contests and updating the inactive submissions summary. The previous available contests section is removed, and a horizontal rule is added for better visual separation. These changes improve the organization and clarity of the dashboard, providing users with a more structured overview of their submissions and available opportunities.
This commit enhances the container form by adding a section for editable form instructions, improving user guidance during the container creation process. Additionally, it updates the seed data to include instructions for the new form instructions section, ensuring that the necessary content is available for users. These changes contribute to a more informative and user-friendly interface.
…shboard-displays-past-submission-in-cleaner-presentation Add form instructions to container form and update seed data
…2dacb Bump rack from 3.1.12 to 3.1.14 in the bundler group across 1 directory
…yarn-5372b12389 Bump trix from 2.1.12 to 2.1.15 in the npm_and_yarn group across 1 directory
Bumps the bundler group with 1 update in the / directory: [rack-session](https://github.com/rack/rack-session). Updates `rack-session` from 2.0.0 to 2.1.1 - [Release notes](https://github.com/rack/rack-session/releases) - [Changelog](https://github.com/rack/rack-session/blob/main/releases.md) - [Commits](rack/rack-session@v2.0.0...v2.1.1) --- updated-dependencies: - dependency-name: rack-session dependency-version: 2.1.1 dependency-type: indirect dependency-group: bundler ... Signed-off-by: dependabot[bot] <support@github.com>
…6d3c7 Bump rack-session from 2.0.0 to 2.1.1 in the bundler group across 1 directory
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.