From d14e72b4440e7721dd8bf0706155d8c6cb8bda34 Mon Sep 17 00:00:00 2001 From: Brian Austin Date: Sat, 27 Jan 2024 11:50:22 -0500 Subject: [PATCH 01/22] Initial migration (gem update, script) --- Gemfile | 3 +- Gemfile.lock | 508 +++++++++--------- bin/rails | 2 +- bin/setup | 18 +- config/environments/development.rb | 18 +- config/environments/production.rb | 54 +- config/environments/test.rb | 4 +- config/initializers/assets.rb | 2 +- .../initializers/content_security_policy.rb | 45 +- config/initializers/cors.rb | 4 +- .../initializers/filter_parameter_logging.rb | 8 +- config/initializers/inflections.rb | 8 +- .../new_framework_defaults_7_0.rb | 128 +++++ db/schema.rb | 2 +- 14 files changed, 454 insertions(+), 350 deletions(-) create mode 100644 config/initializers/new_framework_defaults_7_0.rb diff --git a/Gemfile b/Gemfile index f8280b5d433..e97158fb196 100644 --- a/Gemfile +++ b/Gemfile @@ -6,7 +6,7 @@ gem 'test-unit', '~> 3.2' gem 'bundler' -gem "rails", "~> 6.1.7" +gem "rails", "~> 7.0.8" gem "rails-i18n" gem "rack", "~> 2.2" gem "sprockets", "< 4" @@ -147,7 +147,6 @@ group :test, :development do gem 'whiny_validation' gem "factory_bot_rails" gem 'minitest' - gem "listen", "~> 3.3" gem "i18n-tasks", require: false end diff --git a/Gemfile.lock b/Gemfile.lock index 413b9392b37..b1d2dfd5fd2 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,10 +1,10 @@ GIT remote: https://github.com/globalize/globalize - revision: 76b808b13d15c2b7158c0f61ff000b05de47afe6 + revision: 278b9f95feef3838d434226c8a3836cb4e7880ec specs: - globalize (6.0.1) - activemodel (>= 4.2, < 7.0) - activerecord (>= 4.2, < 7.0) + globalize (6.3.0) + activemodel (>= 4.2, < 7.2) + activerecord (>= 4.2, < 7.2) request_store (~> 1.0) GIT @@ -24,121 +24,128 @@ GEM remote: https://rubygems.org/ specs: aaronh-chronic (0.3.9) - actioncable (6.1.7.4) - actionpack (= 6.1.7.4) - activesupport (= 6.1.7.4) + actioncable (7.0.8) + actionpack (= 7.0.8) + activesupport (= 7.0.8) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (6.1.7.4) - actionpack (= 6.1.7.4) - activejob (= 6.1.7.4) - activerecord (= 6.1.7.4) - activestorage (= 6.1.7.4) - activesupport (= 6.1.7.4) + actionmailbox (7.0.8) + actionpack (= 7.0.8) + activejob (= 7.0.8) + activerecord (= 7.0.8) + activestorage (= 7.0.8) + activesupport (= 7.0.8) mail (>= 2.7.1) - actionmailer (6.1.7.4) - actionpack (= 6.1.7.4) - actionview (= 6.1.7.4) - activejob (= 6.1.7.4) - activesupport (= 6.1.7.4) + net-imap + net-pop + net-smtp + actionmailer (7.0.8) + actionpack (= 7.0.8) + actionview (= 7.0.8) + activejob (= 7.0.8) + activesupport (= 7.0.8) mail (~> 2.5, >= 2.5.4) + net-imap + net-pop + net-smtp rails-dom-testing (~> 2.0) - actionpack (6.1.7.4) - actionview (= 6.1.7.4) - activesupport (= 6.1.7.4) - rack (~> 2.0, >= 2.0.9) + actionpack (7.0.8) + actionview (= 7.0.8) + activesupport (= 7.0.8) + rack (~> 2.0, >= 2.2.4) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) actionpack-page_caching (1.2.4) actionpack (>= 4.0.0) - actiontext (6.1.7.4) - actionpack (= 6.1.7.4) - activerecord (= 6.1.7.4) - activestorage (= 6.1.7.4) - activesupport (= 6.1.7.4) + actiontext (7.0.8) + actionpack (= 7.0.8) + activerecord (= 7.0.8) + activestorage (= 7.0.8) + activesupport (= 7.0.8) + globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (6.1.7.4) - activesupport (= 6.1.7.4) + actionview (7.0.8) + activesupport (= 7.0.8) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0) - active_record_query_trace (1.8) - activejob (6.1.7.4) - activesupport (= 6.1.7.4) + active_record_query_trace (1.8.2) + activerecord (>= 6.0.0) + activejob (7.0.8) + activesupport (= 7.0.8) globalid (>= 0.3.6) - activemodel (6.1.7.4) - activesupport (= 6.1.7.4) + activemodel (7.0.8) + activesupport (= 7.0.8) activemodel-serializers-xml (1.0.2) activemodel (> 5.x) activesupport (> 5.x) builder (~> 3.1) - activerecord (6.1.7.4) - activemodel (= 6.1.7.4) - activesupport (= 6.1.7.4) - activestorage (6.1.7.4) - actionpack (= 6.1.7.4) - activejob (= 6.1.7.4) - activerecord (= 6.1.7.4) - activesupport (= 6.1.7.4) + activerecord (7.0.8) + activemodel (= 7.0.8) + activesupport (= 7.0.8) + activestorage (7.0.8) + actionpack (= 7.0.8) + activejob (= 7.0.8) + activerecord (= 7.0.8) + activesupport (= 7.0.8) marcel (~> 1.0) mini_mime (>= 1.1.0) - activesupport (6.1.7.4) + activesupport (7.0.8) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) tzinfo (~> 2.0) - zeitwerk (~> 2.3) acts_as_list (0.9.19) activerecord (>= 3.0) - addressable (2.8.0) - public_suffix (>= 2.0.2, < 5.0) - after_commit_everywhere (1.1.0) + addressable (2.8.6) + public_suffix (>= 2.0.2, < 6.0) + after_commit_everywhere (1.3.1) activerecord (>= 4.2) activesupport akismetor (1.0.0) ast (2.4.2) - audited (5.3.3) - activerecord (>= 5.0, < 7.1) + audited (5.4.3) + activerecord (>= 5.0, < 7.2) request_store (~> 1.2) awesome_print (1.9.2) - aws-eventstream (1.2.0) - aws-partitions (1.553.0) - aws-sdk-core (3.126.0) - aws-eventstream (~> 1, >= 1.0.2) - aws-partitions (~> 1, >= 1.525.0) - aws-sigv4 (~> 1.1) - jmespath (~> 1.0) - aws-sdk-kms (1.54.0) - aws-sdk-core (~> 3, >= 3.126.0) + aws-eventstream (1.3.0) + aws-partitions (1.883.0) + aws-sdk-core (3.191.0) + aws-eventstream (~> 1, >= 1.3.0) + aws-partitions (~> 1, >= 1.651.0) + aws-sigv4 (~> 1.8) + jmespath (~> 1, >= 1.6.1) + aws-sdk-kms (1.77.0) + aws-sdk-core (~> 3, >= 3.191.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.112.0) - aws-sdk-core (~> 3, >= 3.126.0) + aws-sdk-s3 (1.143.0) + aws-sdk-core (~> 3, >= 3.191.0) aws-sdk-kms (~> 1) - aws-sigv4 (~> 1.4) - aws-sigv4 (1.4.0) + aws-sigv4 (~> 1.8) + aws-sigv4 (1.8.0) aws-eventstream (~> 1, >= 1.0.2) - backports (3.23.0) base64 (0.2.0) - bcrypt (3.1.16) - better_html (2.0.1) + bcrypt (3.1.20) + better_html (2.0.2) actionview (>= 6.0) activesupport (>= 6.0) ast (~> 2.0) erubi (~> 1.4) parser (>= 2.4) smart_properties - brakeman (5.2.1) + brakeman (6.1.1) + racc builder (3.2.4) - bullet (7.0.1) + bullet (7.1.6) activesupport (>= 3.0.0) uniform_notifier (~> 1.11) - bundler-audit (0.9.0.1) + bundler-audit (0.9.1) bundler (>= 1.2.0, < 3) thor (~> 1.0) byebug (11.1.3) - capistrano (2.15.9) + capistrano (2.15.11) highline net-scp (>= 1.0.0) net-sftp (>= 2.0.0) @@ -149,11 +156,11 @@ GEM capistrano-gitflow_version (0.0.3.1) capistrano-ext (>= 1.2.1) stringex - capybara (3.37.1) + capybara (3.40.0) addressable matrix mini_mime (>= 0.1.3) - nokogiri (~> 1.8) + nokogiri (~> 1.11) rack (>= 1.6.0) rack-test (>= 0.6.3) regexp_parser (>= 1.5, < 3.0) @@ -162,55 +169,62 @@ GEM capybara (>= 1.0, < 4) launchy chronic (0.10.2) - climate_control (0.2.0) + climate_control (1.2.0) coderay (1.1.3) concurrent-ruby (1.2.3) - connection_pool (2.2.5) + connection_pool (2.4.1) crack (0.4.5) rexml crass (1.0.6) - css_parser (1.11.0) + css_parser (1.16.0) addressable - cucumber (3.2.0) - builder (>= 2.1.2) - cucumber-core (~> 3.2.0) - cucumber-expressions (~> 6.0.1) - cucumber-wire (~> 0.0.1) - diff-lcs (~> 1.3) - gherkin (~> 5.1.0) - multi_json (>= 1.7.5, < 2.0) - multi_test (>= 0.1.2) - cucumber-core (3.2.1) - backports (>= 3.8.0) - cucumber-tag_expressions (~> 1.1.0) - gherkin (~> 5.0) - cucumber-expressions (6.0.1) - cucumber-rails (2.1.0) - capybara (>= 2.12, < 4) - cucumber (>= 3.0.2, < 5) - mime-types (>= 2.0, < 4) - nokogiri (~> 1.8) - rails (>= 4.2, < 7) - cucumber-tag_expressions (1.1.1) + cucumber (9.1.2) + builder (~> 3.2, >= 3.2.4) + cucumber-ci-environment (~> 9.2, >= 9.2.0) + cucumber-core (~> 12.0) + cucumber-cucumber-expressions (~> 17.0) + cucumber-gherkin (> 24, < 27) + cucumber-html-formatter (> 20.3, < 22) + cucumber-messages (> 19, < 25) + diff-lcs (~> 1.5) + mini_mime (~> 1.1, >= 1.1.5) + multi_test (~> 1.1, >= 1.1.0) + sys-uname (~> 1.2, >= 1.2.3) + cucumber-ci-environment (9.2.0) + cucumber-core (12.0.0) + cucumber-gherkin (>= 25, < 27) + cucumber-messages (>= 20, < 23) + cucumber-tag-expressions (~> 5.0, >= 5.0.4) + cucumber-cucumber-expressions (17.0.1) + cucumber-gherkin (26.2.0) + cucumber-messages (>= 19.1.4, < 22.1) + cucumber-html-formatter (21.2.0) + cucumber-messages (> 19, < 25) + cucumber-messages (22.0.0) + cucumber-rails (3.0.0) + capybara (>= 3.11, < 4) + cucumber (>= 5, < 10) + railties (>= 5.2, < 8) + cucumber-tag-expressions (5.0.6) cucumber-timecop (0.0.6) chronic cucumber timecop - cucumber-wire (0.0.1) - dalli (3.2.3) - database_cleaner (2.0.1) - database_cleaner-active_record (~> 2.0.0) - database_cleaner-active_record (2.0.1) + dalli (3.2.6) + database_cleaner (2.0.2) + database_cleaner-active_record (>= 2, < 3) + database_cleaner-active_record (2.1.0) activerecord (>= 5.a) database_cleaner-core (~> 2.0.0) database_cleaner-core (2.0.1) + date (3.3.4) delorean (2.1.0) chronic - departure (6.5.0) - activerecord (>= 5.2.0, < 7.1, != 7.0.0) + departure (6.6.0) + activerecord (>= 5.2.0, < 7.2.0, != 7.0.0) mysql2 (>= 0.4.0, <= 0.5.5) - railties (>= 5.2.0, < 7.1, != 7.0.0) - devise (4.8.1) + railties (>= 5.2.0, < 7.2.0, != 7.0.0) + devise (4.9.3) bcrypt (~> 3.0) orm_adapter (~> 0.1) railties (>= 4.1.0) @@ -221,8 +235,7 @@ GEM devise (>= 4.0) diff-lcs (1.5.0) docile (1.4.0) - domain_name (0.5.20190701) - unf (>= 0.0.5, < 1.0.0) + domain_name (0.6.20240107) elasticsearch (7.17.1) elasticsearch-api (= 7.17.1) elasticsearch-transport (= 7.17.1) @@ -245,14 +258,14 @@ GEM escape_utils (1.2.1) et-orbi (1.2.7) tzinfo - factory_bot (6.2.1) + factory_bot (6.4.5) activesupport (>= 5.0.0) - factory_bot_rails (6.2.0) - factory_bot (~> 6.2.0) + factory_bot_rails (6.4.3) + factory_bot (~> 6.4) railties (>= 5.0.0) - faker (2.19.0) - i18n (>= 1.6, < 2) - faraday (1.9.3) + faker (3.2.3) + i18n (>= 1.8.11, < 2) + faraday (1.10.3) faraday-em_http (~> 1.0) faraday-em_synchrony (~> 1.0) faraday-excon (~> 1.1) @@ -268,24 +281,23 @@ GEM faraday-em_synchrony (1.0.0) faraday-excon (1.1.0) faraday-httpclient (1.0.1) - faraday-multipart (1.0.3) - multipart-post (>= 1.2, < 3) + faraday-multipart (1.0.4) + multipart-post (~> 2) faraday-net_http (1.0.1) faraday-net_http_persistent (1.2.0) faraday-patron (1.0.0) faraday-rack (1.0.0) faraday-retry (1.0.3) - fastimage (2.2.6) + fastimage (2.3.0) ffi (1.16.3) fugit (1.9.0) et-orbi (~> 1, >= 1.2.7) raabro (~> 1.4) - gherkin (5.1.0) - globalid (1.0.1) - activesupport (>= 5.0) + globalid (1.2.1) + activesupport (>= 6.1) god (0.13.7) - hashdiff (1.0.1) - highline (2.0.3) + hashdiff (1.1.0) + highline (3.0.1) htmlentities (4.3.4) http-accept (1.7.0) http-cookie (1.0.5) @@ -293,95 +305,108 @@ GEM httparty (0.21.0) mini_mime (>= 1.0.0) multi_xml (>= 0.5.2) - i18n (1.13.0) + i18n (1.14.1) concurrent-ruby (~> 1.0) - i18n-tasks (1.0.12) + i18n-tasks (1.0.13) activesupport (>= 4.0.2) ast (>= 2.1.0) better_html (>= 1.0, < 3.0) erubi highline (>= 2.0.0) i18n - parser (>= 2.2.3.0) + parser (>= 3.2.2.1) rails-i18n rainbow (>= 2.2.2, < 4.0) terminal-table (>= 1.5.1) - jmespath (1.6.1) - json (2.6.1) + jmespath (1.6.2) + json (2.7.1) kgio (2.10.0) - kt-paperclip (7.1.0) + kt-paperclip (7.2.2) activemodel (>= 4.2.0) activesupport (>= 4.2.0) marcel (~> 1.0.1) mime-types - terrapin (~> 0.6.0) - launchy (2.5.0) - addressable (~> 2.7) - listen (3.8.0) - rb-fsevent (~> 0.10, >= 0.10.3) - rb-inotify (~> 0.9, >= 0.9.10) - lograge (0.11.2) + terrapin (>= 0.6.0, < 2.0) + launchy (2.5.2) + addressable (~> 2.8) + lograge (0.14.0) actionpack (>= 4) activesupport (>= 4) railties (>= 4) request_store (~> 1.0) - loofah (2.19.1) + loofah (2.22.0) crass (~> 1.0.2) - nokogiri (>= 1.5.9) - mail (2.7.1) + nokogiri (>= 1.12.0) + mail (2.8.1) mini_mime (>= 0.1.1) + net-imap + net-pop + net-smtp marcel (1.0.2) matrix (0.4.2) - mechanize (2.8.5) + mechanize (2.10.0) addressable (~> 2.8) + base64 domain_name (~> 0.5, >= 0.5.20190701) http-cookie (~> 1.0, >= 1.0.3) mime-types (~> 3.0) net-http-digest_auth (~> 1.4, >= 1.4.1) net-http-persistent (>= 2.5.2, < 5.0.dev) + nkf nokogiri (~> 1.11, >= 1.11.2) rubyntlm (~> 0.6, >= 0.6.3) webrick (~> 1.7) webrobots (~> 0.1.2) method_source (1.0.0) - mime-types (3.4.1) + mime-types (3.5.2) mime-types-data (~> 3.2015) - mime-types-data (3.2022.0105) + mime-types-data (3.2023.1205) mimemagic (0.3.10) nokogiri (~> 1) rake - mini_mime (1.1.2) - mini_portile2 (2.8.2) - minitest (5.17.0) + mini_mime (1.1.5) + mini_portile2 (2.8.5) + minitest (5.21.2) mono_logger (1.1.2) multi_json (1.15.0) - multi_test (0.1.2) + multi_test (1.1.0) multi_xml (0.6.0) - multipart-post (2.1.1) + multipart-post (2.3.0) mustermann (3.0.0) ruby2_keywords (~> 0.0.1) - mysql2 (0.5.4) - n_plus_one_control (0.6.2) + mysql2 (0.5.5) + n_plus_one_control (0.7.1) net-http-digest_auth (1.4.1) - net-http-persistent (4.0.1) + net-http-persistent (4.0.2) connection_pool (~> 2.2) - net-scp (3.0.0) - net-ssh (>= 2.6.5, < 7.0.0) - net-sftp (3.0.0) - net-ssh (>= 5.0.0, < 7.0.0) - net-ssh (6.1.0) + net-imap (0.4.9.1) + date + net-protocol + net-pop (0.1.2) + net-protocol + net-protocol (0.2.2) + timeout + net-scp (4.0.0) + net-ssh (>= 2.6.5, < 8.0.0) + net-sftp (4.0.0) + net-ssh (>= 5.0.0, < 8.0.0) + net-smtp (0.4.0.1) + net-protocol + net-ssh (7.2.1) net-ssh-gateway (2.0.0) net-ssh (>= 4.0.0) netrc (0.11.0) - newrelic_rpm (8.16.0) - nio4r (2.5.8) - nokogiri (1.14.3) - mini_portile2 (~> 2.8.0) + newrelic_rpm (9.7.1) + nio4r (2.7.0) + nkf (0.2.0) + nokogiri (1.16.0) + mini_portile2 (~> 2.8.2) racc (~> 1.4) orm_adapter (0.5.0) - parallel (1.23.0) - parser (3.1.0.0) + parallel (1.24.0) + parser (3.3.0.5) ast (~> 2.4.1) + racc permit_yo (2.1.3) phraseapp-in-context-editor-ruby (1.4.0) i18n (>= 0.6) @@ -389,79 +414,78 @@ GEM phraseapp-ruby (~> 1.3) request_store (~> 1.3) phraseapp-ruby (1.6.0) - pickle (0.6.2) - cucumber (>= 3.0, < 8.0) + pickle (0.9.0) + cucumber (>= 3.0, < 10.0) rake - power_assert (2.0.1) - pry (0.13.1) + power_assert (2.0.3) + pry (0.14.2) coderay (~> 1.1) method_source (~> 1.0) - pry-byebug (3.9.0) + pry-byebug (3.10.1) byebug (~> 11.0) - pry (~> 0.13.0) - public_suffix (4.0.7) - pundit (2.1.1) + pry (>= 0.13, < 0.15) + public_suffix (5.0.4) + pundit (2.3.1) activesupport (>= 3.0.0) raabro (1.4.0) - racc (1.7.1) - rack (2.2.6.4) - rack-attack (6.6.0) - rack (>= 1.0, < 3) - rack-dev-mark (0.7.9) - rack (>= 1.1, < 2.3) + racc (1.7.3) + rack (2.2.8) + rack-attack (6.7.0) + rack (>= 1.0, < 4) + rack-dev-mark (0.8.0) + rack (>= 1.1, < 4.0) rack-protection (3.2.0) base64 (>= 0.1.0) rack (~> 2.2, >= 2.2.4) - rack-test (2.0.2) + rack-test (2.1.0) rack (>= 1.3) - rails (6.1.7.4) - actioncable (= 6.1.7.4) - actionmailbox (= 6.1.7.4) - actionmailer (= 6.1.7.4) - actionpack (= 6.1.7.4) - actiontext (= 6.1.7.4) - actionview (= 6.1.7.4) - activejob (= 6.1.7.4) - activemodel (= 6.1.7.4) - activerecord (= 6.1.7.4) - activestorage (= 6.1.7.4) - activesupport (= 6.1.7.4) + rails (7.0.8) + actioncable (= 7.0.8) + actionmailbox (= 7.0.8) + actionmailer (= 7.0.8) + actionpack (= 7.0.8) + actiontext (= 7.0.8) + actionview (= 7.0.8) + activejob (= 7.0.8) + activemodel (= 7.0.8) + activerecord (= 7.0.8) + activestorage (= 7.0.8) + activesupport (= 7.0.8) bundler (>= 1.15.0) - railties (= 6.1.7.4) - sprockets-rails (>= 2.0.0) + railties (= 7.0.8) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) activesupport (>= 5.0.1.rc1) - rails-dom-testing (2.0.3) - activesupport (>= 4.2.0) + rails-dom-testing (2.2.0) + activesupport (>= 5.0.0) + minitest nokogiri (>= 1.6) - rails-html-sanitizer (1.5.0) - loofah (~> 2.19, >= 2.19.1) - rails-i18n (7.0.3) + rails-html-sanitizer (1.6.0) + loofah (~> 2.21) + nokogiri (~> 1.14) + rails-i18n (7.0.8) i18n (>= 0.7, < 2) railties (>= 6.0.0, < 8) - railties (6.1.7.4) - actionpack (= 6.1.7.4) - activesupport (= 6.1.7.4) + railties (7.0.8) + actionpack (= 7.0.8) + activesupport (= 7.0.8) method_source rake (>= 12.2) thor (~> 1.0) + zeitwerk (~> 2.5) rainbow (3.1.1) - raindrops (0.20.0) - rake (13.0.6) - rb-fsevent (0.11.2) - rb-inotify (0.10.1) - ffi (~> 1.0) + raindrops (0.20.1) + rake (13.1.0) redis (3.3.5) - redis-namespace (1.8.1) + redis-namespace (1.8.2) redis (>= 3.0.4) - regexp_parser (2.5.0) + regexp_parser (2.9.0) request_store (1.5.1) rack (>= 1.4) - responders (3.0.1) - actionpack (>= 5.0) - railties (>= 5.0) + responders (3.1.1) + actionpack (>= 5.2) + railties (>= 5.2) resque (2.6.0) mono_logger (~> 1.0) multi_json (~> 1.0) @@ -477,16 +501,16 @@ GEM http-cookie (>= 1.0.2, < 2.0) mime-types (>= 1.16, < 4.0) netrc (~> 0.8) - rexml (3.2.5) + rexml (3.2.6) rollout (2.4.3) - rspec-core (3.10.2) - rspec-support (~> 3.10.0) - rspec-expectations (3.10.2) + rspec-core (3.12.2) + rspec-support (~> 3.12.0) + rspec-expectations (3.12.3) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.10.0) - rspec-mocks (3.10.3) + rspec-support (~> 3.12.0) + rspec-mocks (3.12.6) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.10.0) + rspec-support (~> 3.12.0) rspec-rails (4.0.2) actionpack (>= 4.2) activesupport (>= 4.2) @@ -495,7 +519,7 @@ GEM rspec-expectations (~> 3.10) rspec-mocks (~> 3.10) rspec-support (~> 3.10) - rspec-support (3.10.3) + rspec-support (3.12.1) rubocop (1.22.1) parallel (~> 1.10) parser (>= 3.0.0.0) @@ -505,8 +529,8 @@ GEM rubocop-ast (>= 1.12.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 3.0) - rubocop-ast (1.15.2) - parser (>= 3.0.1.1) + rubocop-ast (1.30.0) + parser (>= 3.2.1.0) rubocop-rails (2.12.4) activesupport (>= 4.2.0) rack (>= 1.1) @@ -521,10 +545,11 @@ GEM fugit (~> 1.1, >= 1.1.6) rvm-capistrano (1.5.6) capistrano (~> 2.15.4) - sanitize (6.0.2) + sanitize (6.1.0) crass (~> 1.0.2) nokogiri (>= 1.12.0) - selenium-webdriver (4.8.1) + selenium-webdriver (4.17.0) + base64 (~> 0.2) rexml (~> 3.2, >= 3.2.5) rubyzip (>= 1.2.2, < 3.0) websocket (~> 1.0) @@ -534,7 +559,7 @@ GEM shoulda-context (2.0.0) shoulda-matchers (4.5.1) activesupport (>= 4.2.0) - simplecov (0.21.2) + simplecov (0.22.0) docile (~> 1.1) simplecov-html (~> 0.11) simplecov_json_formatter (~> 0.1) @@ -542,7 +567,7 @@ GEM rexml simplecov (~> 0.19) simplecov-html (0.12.3) - simplecov_json_formatter (0.1.3) + simplecov_json_formatter (0.1.4) sinatra (3.2.0) mustermann (~> 3.0) rack (~> 2.2, >= 2.2.4) @@ -552,57 +577,53 @@ GEM sprockets (3.7.2) concurrent-ruby (~> 1.0) rack (> 1, < 3) - sprockets-rails (3.4.2) - actionpack (>= 5.2) - activesupport (>= 5.2) - sprockets (>= 3.0.0) - stringex (2.8.5) + stringex (2.8.6) + sys-uname (1.2.3) + ffi (~> 1.1) terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) - terrapin (0.6.0) - climate_control (>= 0.0.3, < 1.0) - test-unit (3.5.3) + terrapin (1.0.1) + climate_control + test-unit (3.6.1) power_assert - thor (1.2.1) + thor (1.3.0) tilt (2.3.0) - timecop (0.9.4) - timeliness (0.4.4) + timecop (0.9.8) + timeliness (0.4.5) + timeout (0.4.1) tzinfo (2.0.6) concurrent-ruby (~> 1.0) - unf (0.1.4) - unf_ext - unf_ext (0.0.8.2) unicode (0.4.4.4) - unicode-display_width (1.8.0) + unicode-display_width (2.5.0) unicode_utils (1.4.0) unicorn (5.8.0) kgio (~> 2.6) raindrops (~> 0.7) unidecoder (1.1.2) - uniform_notifier (1.14.2) + uniform_notifier (1.16.0) vcr (3.0.3) warden (1.2.9) rack (>= 2.0.9) - webmock (3.18.1) + webmock (3.19.1) addressable (>= 2.8.0) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) - webrick (1.7.0) + webrick (1.8.1) webrobots (0.1.2) - websocket (1.2.9) - websocket-driver (0.7.5) + websocket (1.2.10) + websocket-driver (0.7.6) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) whenever (0.6.8) aaronh-chronic (>= 0.3.9) activesupport (>= 2.3.4) - whiny_validation (1.0) + whiny_validation (1.1) activemodel activesupport - will_paginate (3.3.1) + will_paginate (4.0.0) xpath (3.2.0) nokogiri (~> 1.8) - zeitwerk (2.6.8) + zeitwerk (2.6.12) PLATFORMS ruby @@ -654,7 +675,6 @@ DEPENDENCIES kgio (= 2.10.0) kt-paperclip (>= 5.2.0) launchy - listen (~> 3.3) lograge mechanize mimemagic (= 0.3.10) @@ -671,7 +691,7 @@ DEPENDENCIES rack (~> 2.2) rack-attack rack-dev-mark (>= 0.7.8) - rails (~> 6.1.7) + rails (~> 7.0.8) rails-controller-testing rails-i18n rails-observers! diff --git a/bin/rails b/bin/rails index 6fb4e4051c4..efc0377492f 100755 --- a/bin/rails +++ b/bin/rails @@ -1,4 +1,4 @@ #!/usr/bin/env ruby -APP_PATH = File.expand_path('../config/application', __dir__) +APP_PATH = File.expand_path("../config/application", __dir__) require_relative "../config/boot" require "rails/commands" diff --git a/bin/setup b/bin/setup index 57923026c41..ec47b79b3b3 100755 --- a/bin/setup +++ b/bin/setup @@ -2,7 +2,7 @@ require "fileutils" # path to your application root. -APP_ROOT = File.expand_path('..', __dir__) +APP_ROOT = File.expand_path("..", __dir__) def system!(*args) system(*args) || abort("\n== Command #{args} failed ==") @@ -13,21 +13,21 @@ FileUtils.chdir APP_ROOT do # This script is idempotent, so that you can run it at any time and get an expectable outcome. # Add necessary setup steps to this file. - puts '== Installing dependencies ==' - system! 'gem install bundler --conservative' - system('bundle check') || system!('bundle install') + puts "== Installing dependencies ==" + system! "gem install bundler --conservative" + system("bundle check") || system!("bundle install") # puts "\n== Copying sample files ==" - # unless File.exist?('config/database.yml') - # FileUtils.cp 'config/database.yml.sample', 'config/database.yml' + # unless File.exist?("config/database.yml") + # FileUtils.cp "config/database.yml.sample", "config/database.yml" # end puts "\n== Preparing database ==" - system! 'bin/rails db:prepare' + system! "bin/rails db:prepare" puts "\n== Removing old logs and tempfiles ==" - system! 'bin/rails log:clear tmp:clear' + system! "bin/rails log:clear tmp:clear" puts "\n== Restarting application server ==" - system! 'bin/rails restart' + system! "bin/rails restart" end diff --git a/config/environments/development.rb b/config/environments/development.rb index e0abce56047..cd68be1d8a8 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -12,6 +12,9 @@ # Show full error reports. config.consider_all_requests_local = true + # Enable server timing + config.server_timing = true + # Enable/disable caching. By default caching is disabled. # Run rails dev:cache to toggle caching. if Rails.root.join("tmp/caching-dev.txt").exist? @@ -22,6 +25,9 @@ memcached_servers = YAML.load_file(Rails.root.join("config/local.yml")).fetch("MEMCACHED_SERVERS", memcached_servers) if File.file?(Rails.root.join("config/local.yml")) config.cache_store = :mem_cache_store, memcached_servers, { namespace: "ao3-v2-dev", compress: true, pool_size: 10 } + config.public_file_server.headers = { + "Cache-Control" => "public, max-age=#{2.days.to_i}" + } else config.action_controller.perform_caching = false @@ -54,24 +60,12 @@ # Highlight code that triggered database queries in logs. config.active_record.verbose_query_logs = true - # Debug mode disables concatenation and preprocessing of assets. - # This option may cause significant delays in view rendering with a large - # number of complex assets. - config.assets.debug = true - - # Suppress logger output for asset requests. - config.assets.quiet = true - # Raises error for missing translations. config.i18n.raise_on_missing_translations = true # Annotate rendered view with file names. # config.action_view.annotate_rendered_view_with_filenames = true - # Use an evented file watcher to asynchronously detect changes in source code, - # routes, locales, etc. This feature depends on the listen gem. - config.file_watcher = ActiveSupport::EventedFileUpdateChecker - # Uncomment if you wish to allow Action Cable access from any origin. # config.action_cable.disable_request_forgery_protection = true diff --git a/config/environments/production.rb b/config/environments/production.rb index 3e29fe4d98d..9aa280fdc0f 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -18,9 +18,6 @@ config.consider_all_requests_local = false config.action_controller.perform_caching = true - # Disable IP spoofing protection - config.action_dispatch.ip_spoofing_check = false - # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"] # or in config/master.key. This key is used to decrypt credentials (and other encrypted files). # config.require_master_key = true @@ -29,18 +26,12 @@ # Apache or NGINX already handles this. config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present? - # Compress CSS using a preprocessor. - # config.assets.css_compressor = :sass - - # Do not fallback to assets pipeline if a precompiled asset is missed. - config.assets.compile = false - # Enable serving of images, stylesheets, and JavaScripts from an asset server. - # config.asset_host = 'http://assets.example.com' + # config.asset_host = "http://assets.example.com" # Specifies the header that your server uses for sending files. - # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache - # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX + # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache + # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX # Store uploaded files on the local file system (see config/storage.yml for options). config.active_storage.service = :local @@ -51,8 +42,8 @@ # Mount Action Cable outside main process or domain. # config.action_cable.mount_path = nil - # config.action_cable.url = 'wss://example.com/cable' - # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ] + # config.action_cable.url = "wss://example.com/cable" + # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ] # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # config.force_ssl = true @@ -82,51 +73,24 @@ # the I18n.default_locale when a translation cannot be found). config.i18n.fallbacks = true - # Send deprecation notices to registered listeners. - config.active_support.deprecation = :notify + # Don't log any deprecations. + config.active_support.report_deprecations = false config.middleware.use Rack::Attack - # Log disallowed deprecations. - config.active_support.disallowed_deprecation = :log - - # Tell Active Support which deprecation messages to disallow. - config.active_support.disallowed_deprecation_warnings = [] - # Use default logging formatter so that PID and timestamp are not suppressed. config.log_formatter = ::Logger::Formatter.new # Use a different logger for distributed setups. # require "syslog/logger" - # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name') + # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name") if ENV["RAILS_LOG_TO_STDOUT"].present? - logger = ActiveSupport::Logger.new($stdout) + logger = ActiveSupport::Logger.new(STDOUT) logger.formatter = config.log_formatter config.logger = ActiveSupport::TaggedLogging.new(logger) end # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false - - # Inserts middleware to perform automatic connection switching. - # The `database_selector` hash is used to pass options to the DatabaseSelector - # middleware. The `delay` is used to determine how long to wait after a write - # to send a subsequent read to the primary. - # - # The `database_resolver` class is used by the middleware to determine which - # database is appropriate to use based on the time delay. - # - # The `database_resolver_context` class is used by the middleware to set - # timestamps for the last write to the primary. The resolver uses the context - # class timestamps to determine how long to wait before reading from the - # replica. - # - # By default Rails will store a last write timestamp in the session. The - # DatabaseSelector middleware is designed as such you can define your own - # strategy for connection switching and pass that into the middleware through - # these configuration options. - # config.active_record.database_selector = { delay: 2.seconds } - # config.active_record.database_resolver = ActiveRecord::Middleware::DatabaseSelector::Resolver - # config.active_record.database_resolver_context = ActiveRecord::Middleware::DatabaseSelector::Resolver::Session end diff --git a/config/environments/test.rb b/config/environments/test.rb index f5e791a061f..ab3fa19c3dd 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -8,6 +8,7 @@ Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. + # Turn false under Spring and add config.action_view.cache_template_loading = true. config.cache_classes = true # Do not eager load code on boot, except in CI. This avoids loading your whole application @@ -54,9 +55,6 @@ # Configure strong parameters to raise an exception if an unpermitted attribute is used config.action_controller.action_on_unpermitted_parameters = :raise - config.serve_static_files = true - config.assets.enabled = false - # Make sure that we don't have a host mismatch: config.action_controller.default_url_options = { host: "http://www.example.com", port: nil } config.action_mailer.default_url_options = config.action_controller.default_url_options diff --git a/config/initializers/assets.rb b/config/initializers/assets.rb index fe48fc34ee2..d6156df0120 100644 --- a/config/initializers/assets.rb +++ b/config/initializers/assets.rb @@ -1,7 +1,7 @@ # Be sure to restart your server when you modify this file. # Version of your assets, change this if you want to expire all your assets. -Rails.application.config.assets.version = '1.0' +# Rails.application.config.assets.version = "1.0" # Add additional assets to the asset load path. # Rails.application.config.assets.paths << Emoji.images_path diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 41c43016f1d..54f47cf15fe 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -1,28 +1,25 @@ # Be sure to restart your server when you modify this file. -# Define an application-wide content security policy -# For further information see the following documentation -# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy +# Define an application-wide content security policy. +# See the Securing Rails Applications Guide for more information: +# https://guides.rubyonrails.org/security.html#content-security-policy-header -# Rails.application.config.content_security_policy do |policy| -# policy.default_src :self, :https -# policy.font_src :self, :https, :data -# policy.img_src :self, :https, :data -# policy.object_src :none -# policy.script_src :self, :https -# policy.style_src :self, :https - -# # Specify URI for violation reports -# # policy.report_uri "/csp-violation-report-endpoint" +# Rails.application.configure do +# config.content_security_policy do |policy| +# policy.default_src :self, :https +# policy.font_src :self, :https, :data +# policy.img_src :self, :https, :data +# policy.object_src :none +# policy.script_src :self, :https +# policy.style_src :self, :https +# # Specify URI for violation reports +# # policy.report_uri "/csp-violation-report-endpoint" +# end +# +# # Generate session nonces for permitted importmap and inline scripts +# config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s } +# config.content_security_policy_nonce_directives = %w(script-src) +# +# # Report violations without enforcing the policy. +# # config.content_security_policy_report_only = true # end - -# If you are using UJS then enable automatic nonce generation -# Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) } - -# Set the nonce only to specific directives -# Rails.application.config.content_security_policy_nonce_directives = %w(script-src) - -# Report CSP violations to a specified URI -# For further information see the following documentation: -# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only -# Rails.application.config.content_security_policy_report_only = true diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb index 3b1c1b5ed14..e5a82f162c4 100644 --- a/config/initializers/cors.rb +++ b/config/initializers/cors.rb @@ -7,9 +7,9 @@ # Rails.application.config.middleware.insert_before 0, Rack::Cors do # allow do -# origins 'example.com' +# origins "example.com" # -# resource '*', +# resource "*", # headers: :any, # methods: [:get, :post, :put, :patch, :delete, :options, :head] # end diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb index 4a994e1e7bb..adc6568ce83 100644 --- a/config/initializers/filter_parameter_logging.rb +++ b/config/initializers/filter_parameter_logging.rb @@ -1,4 +1,8 @@ # Be sure to restart your server when you modify this file. -# Configure sensitive parameters which will be filtered from the log file. -Rails.application.config.filter_parameters += [:password] +# Configure parameters to be filtered from the log file. Use this to limit dissemination of +# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported +# notations and behaviors. +Rails.application.config.filter_parameters += [ + :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn +] diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb index ac033bf9dc8..3860f659ead 100644 --- a/config/initializers/inflections.rb +++ b/config/initializers/inflections.rb @@ -4,13 +4,13 @@ # are locale specific, and you may define rules for as many different # locales as you wish. All of these examples are active by default: # ActiveSupport::Inflector.inflections(:en) do |inflect| -# inflect.plural /^(ox)$/i, '\1en' -# inflect.singular /^(ox)en/i, '\1' -# inflect.irregular 'person', 'people' +# inflect.plural /^(ox)$/i, "\\1en" +# inflect.singular /^(ox)en/i, "\\1" +# inflect.irregular "person", "people" # inflect.uncountable %w( fish sheep ) # end # These inflection rules are supported but not enabled by default: # ActiveSupport::Inflector.inflections(:en) do |inflect| -# inflect.acronym 'RESTful' +# inflect.acronym "RESTful" # end diff --git a/config/initializers/new_framework_defaults_7_0.rb b/config/initializers/new_framework_defaults_7_0.rb new file mode 100644 index 00000000000..927e3119531 --- /dev/null +++ b/config/initializers/new_framework_defaults_7_0.rb @@ -0,0 +1,128 @@ +# Be sure to restart your server when you modify this file. +# +# This file eases your Rails 7.0 framework defaults upgrade. +# +# Uncomment each configuration one by one to switch to the new default. +# Once your application is ready to run with all new defaults, you can remove +# this file and set the `config.load_defaults` to `7.0`. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. +# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html + +# `button_to` view helper will render `