Release OpenProject 15.3.0

opf · Feb 19, 2025 · c6b3f5c · c6b3f5c
2 parents ef0508f + e68feb7
commit c6b3f5c
Show file tree

Hide file tree

Showing 2,364 changed files with 38,447 additions and 12,176 deletions.
diff --git a/.erb-lint.yml b/.erb-lint.yml
@@ -32,4 +32,4 @@ linters:
       Lint/UselessAssignment:
         Enabled: false
       Rails/OutputSafety:
-        Enabled: false
+        Enabled: true
diff --git a/.erb-linters/erblint-github.rb → .erb_linters/erblint-github.rb b/.erb-linters/erblint-github.rb → .erb_linters/erblint-github.rb
diff --git a/.github/workflows/danger.yml b/.github/workflows/danger.yml
@@ -17,7 +17,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: ruby/setup-ruby@v1
         with:
-          ruby-version: '3.3.4'
+          ruby-version: '3.4.1'
       - uses: MeilCli/danger-action@v6
         with:
           danger_file: 'Dangerfile'

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -53,9 +53,13 @@ jobs:
 
           VERSION=${TAG_REF#v}
           echo "Version: $VERSION"
+          echo "Checkout REF: $CHECKOUT_REF"
           echo "version=$VERSION" >> "$GITHUB_OUTPUT"
           echo "checkout_ref=$CHECKOUT_REF" >> "$GITHUB_OUTPUT"
-      - uses: actions/checkout@v4
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ steps.extract_version.outputs.checkout_ref }}
       - name: Cache NPM
         uses: runs-on/cache@v4
         with:
@@ -136,9 +140,9 @@ jobs:
             runner: runner=4cpu-linux-x64
     steps:
       - name: Checkout
+        uses: actions/checkout@v4
         with:
           ref: ${{ needs.setup.outputs.checkout_ref }}
-        uses: actions/checkout@v4
       - name: Prepare docker files
         run: |
           cp ./docker/prod/Dockerfile ./Dockerfile

diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml
@@ -7,6 +7,7 @@ on:
       - release/*
     paths:
       - 'docs/**'
+      - 'config/static_links.yml'
 
 permissions:
   contents: read

diff --git a/.github/workflows/eslint-core.yml b/.github/workflows/eslint-core.yml
@@ -19,7 +19,7 @@ jobs:
           fetch-depth: 0
       - uses: actions/setup-node@v4
         with:
-          node-version: '18.13'
+          node-version: '20.9'
           cache: npm
           cache-dependency-path: frontend/package-lock.json
       - uses: reviewdog/action-eslint@v1

diff --git a/.github/workflows/pullpreview.yml b/.github/workflows/pullpreview.yml
@@ -33,7 +33,6 @@ jobs:
         echo "OPENPROJECT_FEATURE__SHOW__CHANGES__ACTIVE=true" >> .env.pullpreview
         echo "OPENPROJECT_LOOKBOOK__ENABLED=true" >> .env.pullpreview
         echo "OPENPROJECT_HSTS=false" >> .env.pullpreview
-        echo "OPENPROJECT_FEATURE_PRIMERIZED_WORK_PACKAGE_ACTIVITIES_ACTIVE=true" >> .env.pullpreview
         echo "OPENPROJECT_NOTIFICATIONS_POLLING_INTERVAL=10000" >> .env.pullpreview
     - name: Boot as BIM edition
       if: contains(github.ref, 'bim/') || contains(github.head_ref, 'bim/')

diff --git a/.github/workflows/rubocop-core.yml b/.github/workflows/rubocop-core.yml
@@ -10,9 +10,12 @@ jobs:
     name: rubocop
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: ruby/setup-ruby@v1
-      - uses: reviewdog/action-rubocop@v2
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+      - name: Run Rubocop
+        uses: reviewdog/action-rubocop@v2
         with:
           github_token: ${{ secrets.github_token }}
           rubocop_version: gemfile
@@ -26,3 +29,11 @@ jobs:
             rubocop-rspec_rails:gemfile
           reporter: github-pr-check
           only_changed: true
+      - name: Install erb_lint
+        run: gem install -N erb_lint erblint-github
+      - name: Run erb-lint
+        uses: tk0miya/action-erblint@v1
+        with:
+          github_token: ${{ secrets.github_token }}
+          reporter: github-pr-check
+          fail_on_error: true
diff --git a/.github/workflows/test-frontend-unit.yml b/.github/workflows/test-frontend-unit.yml
@@ -0,0 +1,54 @@
+name: "Frontend test suite"
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - dev
+      - release/*
+    paths:
+      - '**/frontend/**/*.ts'
+      - '**/frontend/**/*.js'
+      - '**/frontend/**/*.json'
+
+  pull_request:
+    types: [opened, reopened, synchronize]
+    paths:
+      - '**/frontend/**/*.ts'
+      - '**/frontend/**/*.js'
+      - '**/frontend/**/*.json'
+
+permissions:
+  contents: read
+
+defaults:
+  run:
+    working-directory: ./frontend
+
+jobs:
+  units:
+    name: Units
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20.9'
+          cache: npm
+          cache-dependency-path: frontend/package-lock.json
+
+      - name: Install Dependencies
+        id: npm-i
+        run: npm i
+
+      - name: Register plugins
+        id: npm-run-ci-plugins-register-frontend
+        run: npm run ci:plugins:register_frontend
+
+      - name: Test (Angular)
+        id: npm-test
+        run: npm test -- --code-coverage
diff --git a/.github/workflows/version-check.yml b/.github/workflows/version-check.yml
@@ -2,15 +2,15 @@ name: Check work package version
 
 on:
   pull_request:
-    types: [labeled, synchronize]
+    types: [labeled, synchronize, ready_for_review]
 
 permissions:
   contents: read # to fetch code (actions/checkout)
   pull-requests: write  # to comment on the PR
 
 jobs:
   version-check:
-    if: contains(github.event.pull_request.labels.*.name, 'needs review')
+    if: github.event.pull_request.draft == false
     runs-on: ubuntu-latest
 
     steps:

diff --git a/.pkgr.yml b/.pkgr.yml
@@ -21,7 +21,7 @@ targets:
     <<: *debian
   ubuntu-22.04:
     <<: *debian
-  centos-8: &centos8
+  centos-9:
     env:
       - NODE_ENV=production
       - NPM_CONFIG_PRODUCTION=false
@@ -30,11 +30,6 @@ targets:
       - ImageMagick
       - unzip
       - poppler-utils
-  centos-9:
-    <<: *centos8
-    env:
-      - NODE_ENV=production
-      - NPM_CONFIG_PRODUCTION=false
   sles-15:
     build_dependencies:
       - sqlite3-devel

diff --git a/.rubocop.yml b/.rubocop.yml
@@ -19,12 +19,18 @@ inherit_mode:
     - Exclude
 
 AllCops:
-  TargetRubyVersion: 3.3
+  TargetRubyVersion: 3.4
   # Enable any new cops in new versions by default
   NewCops: enable
   Exclude:
     - '**/node_modules/**/*'
 
+# Disable it as it is deprecated
+# From https://docs.rubocop.org/rubocop-capybara/cops_capybara.html#capybaraclicklinkorbuttonstyle
+# "This cop is deprecated. We plan to remove this in the next major version update to 3.0."
+Capybara/ClickLinkOrButtonStyle:
+  Enabled: false
+
 FactoryBot/ConsistentParenthesesStyle:
   Enabled: false
 
@@ -326,9 +332,6 @@ Style/ColonMethodCall:
 Style/CommentAnnotation:
   Enabled: false
 
-Style/PreferredHashMethods:
-  Enabled: false
-
 Style/Documentation:
   Enabled: false
 
@@ -341,6 +344,9 @@ Style/EachWithObject:
 Style/EmptyLiteral:
   Enabled: false
 
+Style/EndlessMethod:
+  Enabled: true
+
 Style/EvenOdd:
   Enabled: false
 
@@ -401,6 +407,9 @@ Style/PercentLiteralDelimiters:
 Style/PerlBackrefs:
   Enabled: false
 
+Style/PreferredHashMethods:
+  Enabled: false
+
 Style/Proc:
   Enabled: false
 
@@ -453,7 +462,8 @@ Style/WordArray:
   Enabled: false
 
 Style/FrozenStringLiteralComment:
-  Enabled: false
+  Enabled: true
+  EnforcedStyle: always_true
 
 Style/NumericLiterals:
   Enabled: false

diff --git a/.ruby-version b/.ruby-version
@@ -1 +1 @@
-3.3.4
+3.4.1
diff --git a/Gemfile b/Gemfile
@@ -74,7 +74,7 @@ gem "addressable", "~> 2.8.0"
 gem "auto_strip_attributes", "~> 2.5"
 
 # Provide timezone info for TZInfo used by AR
-gem "tzinfo-data", "~> 1.2024.1"
+gem "tzinfo-data", "~> 1.2025.1"
 
 # to generate html-diffs (e.g. for wiki comparison)
 gem "htmldiff"
@@ -83,7 +83,7 @@ gem "htmldiff"
 gem "stringex", "~> 2.8.5"
 
 # CommonMark markdown parser with GFM extension
-gem "commonmarker", "~> 1.1.3"
+gem "commonmarker", "~> 2.0.2"
 
 # HTML pipeline for transformations on text formatter output
 # such as sanitization or additional features
@@ -95,7 +95,7 @@ gem "escape_utils", "~> 1.3"
 # Syntax highlighting used in html-pipeline with rouge
 gem "rouge", "~> 4.5.1"
 # HTML sanitization used for html-pipeline
-gem "sanitize", "~> 6.1.0"
+gem "sanitize", "~> 7.0.0"
 # HTML autolinking for mails and urls (replaces autolink)
 gem "rinku", "~> 2.0.4", require: %w[rinku rails_rinku]
 # Version parsing with semver
@@ -126,7 +126,7 @@ gem "multi_json", "~> 1.15.0"
 gem "oj", "~> 3.16.0"
 
 gem "daemons"
-gem "good_job", "= 3.26.2" # update should be done manually in sync with saas-openproject version.
+gem "good_job", "= 3.99.1" # update should be done manually in sync with saas-openproject version.
 
 gem "rack-protection", "~> 3.2.0"
 
@@ -137,7 +137,7 @@ gem "rack-protection", "~> 3.2.0"
 gem "rack-attack", "~> 6.7.0"
 
 # CSP headers
-gem "secure_headers", "~> 7.0.0"
+gem "secure_headers", "~> 7.1.0"
 
 # Browser detection for incompatibility checks
 gem "browser", "~> 6.2.0"
@@ -158,7 +158,7 @@ gem "structured_warnings", "~> 0.4.0"
 gem "airbrake", "~> 13.0.0", require: false
 
 gem "markly", "~> 0.10" # another markdown parser like commonmarker, but with AST support used in PDF export
-gem "md_to_pdf", git: "https://github.com/opf/md-to-pdf", ref: "fe05b4f8bae8fd46f4fa93b8e0adee6295ef7388"
+gem "md_to_pdf", git: "https://github.com/opf/md-to-pdf", ref: "965034bdd4b119c7233ea4ecd62d3964d3dec11d"
 gem "prawn", "~> 2.4"
 gem "ttfunk", "~> 1.7.0" # remove after https://github.com/prawnpdf/prawn/issues/1346 resolved.
 
@@ -191,7 +191,7 @@ gem "puma", "~> 6.5"
 gem "puma-plugin-statsd", "~> 2.0"
 gem "rack-timeout", "~> 0.7.0", require: "rack/timeout/base"
 
-gem "nokogiri", "~> 1.17.0"
+gem "nokogiri", "~> 1.18.1"
 
 gem "carrierwave", "~> 1.3.4"
 gem "carrierwave_direct", "~> 2.1.0"
@@ -218,7 +218,7 @@ gem "dry-monads"
 gem "dry-validation"
 
 # ActiveRecord extension which adds typecasting to store accessors
-gem "store_attribute", "~> 1.0"
+gem "store_attribute", "~> 2.0"
 
 # Appsignal integration
 gem "appsignal", "~> 3.10.0", require: false
@@ -237,9 +237,12 @@ gem "turbo-rails", "~> 2.0.0"
 
 gem "httpx"
 
+# Brings actual deep freezing to most ruby objects
+gem "ice_nine"
+
 group :test do
-  gem "launchy", "~> 3.0.0"
-  gem "rack-test", "~> 2.1.0"
+  gem "launchy", "~> 3.1.0"
+  gem "rack-test", "~> 2.2.0"
   gem "shoulda-context", "~> 2.0"
 
   # Test prof provides factories from code
@@ -275,6 +278,7 @@ group :test do
   gem "capybara_accessible_selectors", git: "https://github.com/citizensadvice/capybara_accessible_selectors", tag: "v0.12.0"
   gem "capybara-screenshot", "~> 1.0.17"
   gem "cuprite", "~> 0.15.0"
+  gem "ferrum", github: "toy/ferrum", ref: "mouse-events-buttons-property-0.15"
   gem "rspec-wait"
   gem "selenium-devtools"
   gem "selenium-webdriver", "~> 4.20"
@@ -330,11 +334,11 @@ group :development, :test do
   # Output a stack trace anytime, useful when a process is stuck
   gem "rbtrace"
 
-  # REPL with debug commands
-  gem "debug"
+  # REPL with debug commands, Debug changed to byebug due to the issue below
+  # https://github.com/puma/puma/issues/2835#issuecomment-2302133927
+  gem "byebug"
 
   gem "pry-byebug", "~> 3.10.0", platforms: [:mri]
-  gem "pry-doc"
   gem "pry-rails", "~> 0.3.6"
   gem "pry-rescue", "~> 1.6.0"
 
@@ -353,7 +357,7 @@ group :development, :test do
   gem "erblint-github", require: false
 
   # Brakeman scanner
-  gem "brakeman", "~> 6.2.0"
+  gem "brakeman", "~> 7.0.0"
 
   # i18n-tasks helps find and manage missing and unused translations.
   gem "i18n-tasks", "~> 1.0.13", require: false
@@ -403,4 +407,4 @@ end
 
 gem "openproject-octicons", "~>19.20.0 "
 gem "openproject-octicons_helper", "~>19.20.0 "
-gem "openproject-primer_view_components", "~>0.52.0"
+gem "openproject-primer_view_components", "~>0.54.0"