From f3d61a1ac89fa6c39f06a53a3081e60afbedbec1 Mon Sep 17 00:00:00 2001 From: Juzer Shakir Date: Thu, 12 Dec 2024 09:49:10 +0530 Subject: [PATCH 1/7] Upgrade `rails` to version 8 and `validates_timeliness` to resolve incompatible issues --- Gemfile | 6 +-- Gemfile.lock | 125 ++++++++++++++++++++++++++------------------------- 2 files changed, 66 insertions(+), 65 deletions(-) diff --git a/Gemfile b/Gemfile index a3550572..c6bdce78 100644 --- a/Gemfile +++ b/Gemfile @@ -3,7 +3,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby "~> 3.3.6" -gem "rails", "~> 7.2.2" +gem "rails", "~> 8.0.0" gem "active_record_union" gem "bcrypt", "~> 3.1.20" @@ -21,7 +21,7 @@ gem "prawn", "~> 2.5.0" gem "prawn-table", "~> 0.2.2" gem "propshaft" gem "puma", "~> 6.5.0" -gem "rails-i18n", "~> 7.0.8" +gem "rails-i18n" gem "ransack", "~> 4.2.1" gem "redis", "~> 5.3.0" gem "rolify", "~> 6.0.1" @@ -30,7 +30,7 @@ gem "stimulus-rails" gem "turbo-rails", "~> 2.0.11" gem "tzinfo-data", platforms: %i[mingw mswin x64_mingw jruby] gem "validates_email_format_of", "~> 1.8.2" -gem "validates_timeliness", "~> 7.0.0" +gem "validates_timeliness", "~> 8.0.0.beta1" group :development, :test do # Static analysis for security vulnerabilities [https://brakemanscanner.org/] diff --git a/Gemfile.lock b/Gemfile.lock index 8465d782..117cda3d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,68 +1,67 @@ GEM remote: https://rubygems.org/ specs: - actioncable (7.2.2.1) - actionpack (= 7.2.2.1) - activesupport (= 7.2.2.1) + actioncable (8.0.0.1) + actionpack (= 8.0.0.1) + activesupport (= 8.0.0.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) zeitwerk (~> 2.6) - actionmailbox (7.2.2.1) - actionpack (= 7.2.2.1) - activejob (= 7.2.2.1) - activerecord (= 7.2.2.1) - activestorage (= 7.2.2.1) - activesupport (= 7.2.2.1) + actionmailbox (8.0.0.1) + actionpack (= 8.0.0.1) + activejob (= 8.0.0.1) + activerecord (= 8.0.0.1) + activestorage (= 8.0.0.1) + activesupport (= 8.0.0.1) mail (>= 2.8.0) - actionmailer (7.2.2.1) - actionpack (= 7.2.2.1) - actionview (= 7.2.2.1) - activejob (= 7.2.2.1) - activesupport (= 7.2.2.1) + actionmailer (8.0.0.1) + actionpack (= 8.0.0.1) + actionview (= 8.0.0.1) + activejob (= 8.0.0.1) + activesupport (= 8.0.0.1) mail (>= 2.8.0) rails-dom-testing (~> 2.2) - actionpack (7.2.2.1) - actionview (= 7.2.2.1) - activesupport (= 7.2.2.1) + actionpack (8.0.0.1) + actionview (= 8.0.0.1) + activesupport (= 8.0.0.1) nokogiri (>= 1.8.5) - racc - rack (>= 2.2.4, < 3.2) + rack (>= 2.2.4) rack-session (>= 1.0.1) rack-test (>= 0.6.3) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) useragent (~> 0.16) - actiontext (7.2.2.1) - actionpack (= 7.2.2.1) - activerecord (= 7.2.2.1) - activestorage (= 7.2.2.1) - activesupport (= 7.2.2.1) + actiontext (8.0.0.1) + actionpack (= 8.0.0.1) + activerecord (= 8.0.0.1) + activestorage (= 8.0.0.1) + activesupport (= 8.0.0.1) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.2.2.1) - activesupport (= 7.2.2.1) + actionview (8.0.0.1) + activesupport (= 8.0.0.1) builder (~> 3.1) erubi (~> 1.11) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) active_record_union (1.3.0) activerecord (>= 4.0) - activejob (7.2.2.1) - activesupport (= 7.2.2.1) + activejob (8.0.0.1) + activesupport (= 8.0.0.1) globalid (>= 0.3.6) - activemodel (7.2.2.1) - activesupport (= 7.2.2.1) - activerecord (7.2.2.1) - activemodel (= 7.2.2.1) - activesupport (= 7.2.2.1) + activemodel (8.0.0.1) + activesupport (= 8.0.0.1) + activerecord (8.0.0.1) + activemodel (= 8.0.0.1) + activesupport (= 8.0.0.1) timeout (>= 0.4.0) - activestorage (7.2.2.1) - actionpack (= 7.2.2.1) - activejob (= 7.2.2.1) - activerecord (= 7.2.2.1) - activesupport (= 7.2.2.1) + activestorage (8.0.0.1) + actionpack (= 8.0.0.1) + activejob (= 8.0.0.1) + activerecord (= 8.0.0.1) + activesupport (= 8.0.0.1) marcel (~> 1.0) - activesupport (7.2.2.1) + activesupport (8.0.0.1) base64 benchmark (>= 0.3) bigdecimal @@ -74,6 +73,7 @@ GEM minitest (>= 5.1) securerandom (>= 0.3) tzinfo (~> 2.0, >= 2.0.5) + uri (>= 0.13.1) addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) ast (2.4.2) @@ -213,20 +213,20 @@ GEM rack (>= 1.0.0) rackup (2.2.1) rack (>= 3) - rails (7.2.2.1) - actioncable (= 7.2.2.1) - actionmailbox (= 7.2.2.1) - actionmailer (= 7.2.2.1) - actionpack (= 7.2.2.1) - actiontext (= 7.2.2.1) - actionview (= 7.2.2.1) - activejob (= 7.2.2.1) - activemodel (= 7.2.2.1) - activerecord (= 7.2.2.1) - activestorage (= 7.2.2.1) - activesupport (= 7.2.2.1) + rails (8.0.0.1) + actioncable (= 8.0.0.1) + actionmailbox (= 8.0.0.1) + actionmailer (= 8.0.0.1) + actionpack (= 8.0.0.1) + actiontext (= 8.0.0.1) + actionview (= 8.0.0.1) + activejob (= 8.0.0.1) + activemodel (= 8.0.0.1) + activerecord (= 8.0.0.1) + activestorage (= 8.0.0.1) + activesupport (= 8.0.0.1) bundler (>= 1.15.0) - railties (= 7.2.2.1) + railties (= 8.0.0.1) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) @@ -238,12 +238,12 @@ GEM rails-html-sanitizer (1.6.1) loofah (~> 2.21) nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0) - rails-i18n (7.0.10) + rails-i18n (8.0.1) i18n (>= 0.7, < 2) - railties (>= 6.0.0, < 8) - railties (7.2.2.1) - actionpack (= 7.2.2.1) - activesupport (= 7.2.2.1) + railties (>= 8.0.0, < 9) + railties (8.0.0.1) + actionpack (= 8.0.0.1) + activesupport (= 8.0.0.1) irb (~> 1.13) rackup (>= 1.0.0) rake (>= 12.2) @@ -370,12 +370,13 @@ GEM unicode-display_width (3.1.2) unicode-emoji (~> 4.0, >= 4.0.4) unicode-emoji (4.0.4) + uri (1.0.2) useragent (0.16.11) validates_email_format_of (1.8.2) i18n (>= 0.8.0) simpleidn - validates_timeliness (7.0.0) - activemodel (>= 7.0.0, < 8) + validates_timeliness (8.0.0.beta1) + activemodel (>= 8.0.0, < 9) timeliness (>= 0.3.10, < 1) web-console (4.2.1) actionview (>= 6.0.0) @@ -417,9 +418,9 @@ DEPENDENCIES propshaft puma (~> 6.5.0) rack_session_access - rails (~> 7.2.2) + rails (~> 8.0.0) rails-controller-testing (~> 1.0.5) - rails-i18n (~> 7.0.8) + rails-i18n ransack (~> 4.2.1) redis (~> 5.3.0) rolify (~> 6.0.1) @@ -442,7 +443,7 @@ DEPENDENCIES turbo-rails (~> 2.0.11) tzinfo-data validates_email_format_of (~> 1.8.2) - validates_timeliness (~> 7.0.0) + validates_timeliness (~> 8.0.0.beta1) web-console RUBY VERSION From 29c054352335e23209f05fdb074d67f1142b6a2a Mon Sep 17 00:00:00 2001 From: Juzer Shakir Date: Thu, 12 Dec 2024 12:32:04 +0530 Subject: [PATCH 2/7] Update to rails 8 configurations --- .../stylesheets/application.bootstrap.scss | 16 +- app/views/layouts/application.html.erb | 8 +- bin/brakeman | 7 + bin/dev | 10 +- bin/setup | 17 +- config/application.rb | 2 +- config/environments/development.rb | 33 ++-- config/environments/production.rb | 71 +++---- config/environments/test.rb | 23 +-- .../initializers/filter_parameter_logging.rb | 2 +- config/puma.rb | 11 +- config/routes.rb | 4 +- public/406-unsupported-browser.html | 178 ++++++++++------- public/422.html | 179 +++++++++++------- 14 files changed, 323 insertions(+), 238 deletions(-) create mode 100755 bin/brakeman diff --git a/app/assets/stylesheets/application.bootstrap.scss b/app/assets/stylesheets/application.bootstrap.scss index 1e21e9bd..05b12057 100644 --- a/app/assets/stylesheets/application.bootstrap.scss +++ b/app/assets/stylesheets/application.bootstrap.scss @@ -1,6 +1,18 @@ -// ? Using the 7-1 pattern for a manageable CSS -// More info here: https://openclassrooms.com/en/courses/5625786-produce-maintainable-css-with-sass/5723581-use-the-7-1-pattern-for-a-manageable-codebase +/* +* This is a manifest file that'll be compiled into app/assets/builds/application.css. + * With Propshaft, assets are served efficiently without preprocessing steps. You can still include + * application-wide styles in this file, but keep in mind that CSS precedence will follow the standard + * cascading order, meaning styles declared later in the document or manifest will override earlier ones, + * depending on specificity. + * + * Consider organizing styles into separate files for maintainability. + */ + +/* + ? Using the 7-1 pattern for a manageable CSS + More info here: https://openclassrooms.com/en/courses/5625786-produce-maintainable-css-with-sass/5723581-use-the-7-1-pattern-for-a-manageable-codebase +*/ // ! IMPORTANT - load these files before any other css files @import "abstracts/themes"; @import "abstracts/variables"; diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index 8f4afdab..01541f98 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -4,18 +4,22 @@ <%= content_for :title || "FMB" %> + <%= csrf_meta_tags %> <%= csp_meta_tag %> <%= yield :head %> - + <%# Enable PWA manifest for installable apps (make sure to enable in config/routes.rb too!) %> + <%#= tag.link rel: "manifest", href: pwa_manifest_path(format: :json) %> + - <%= stylesheet_link_tag "application", "data-turbo-track": "reload" %> + <%# Includes all stylesheet files in app/assets/stylesheets %> + <%= stylesheet_link_tag :app, "data-turbo-track": "reload" %> <%= javascript_include_tag "application", "data-turbo-track": "reload", defer: true %> <%= favicon_link_tag asset_path("favicon.ico") %> diff --git a/bin/brakeman b/bin/brakeman new file mode 100755 index 00000000..ace1c9ba --- /dev/null +++ b/bin/brakeman @@ -0,0 +1,7 @@ +#!/usr/bin/env ruby +require "rubygems" +require "bundler/setup" + +ARGV.unshift("--ensure-latest") + +load Gem.bin_path("brakeman", "brakeman") diff --git a/bin/dev b/bin/dev index 74ade166..5f91c205 100755 --- a/bin/dev +++ b/bin/dev @@ -1,8 +1,2 @@ -#!/usr/bin/env sh - -if ! gem list foreman -i --silent; then - echo "Installing foreman..." - gem install foreman -fi - -exec foreman start -f Procfile.dev "$@" +#!/usr/bin/env ruby +exec "./bin/rails", "server", *ARGV diff --git a/bin/setup b/bin/setup index 81dc8f76..3de958a1 100755 --- a/bin/setup +++ b/bin/setup @@ -2,10 +2,9 @@ require "fileutils" APP_ROOT = File.expand_path("..", __dir__) -APP_NAME = "fmb" -def system!(*) - system(*, exception: true) +def system!(*args) + system(*args, exception: true) end FileUtils.chdir APP_ROOT do @@ -14,7 +13,6 @@ FileUtils.chdir APP_ROOT do # Add necessary setup steps to this file. puts "== Installing dependencies ==" - system! "gem install bundler --conservative" system("bundle check") || system!("bundle install") # puts "\n== Copying sample files ==" @@ -28,10 +26,9 @@ FileUtils.chdir APP_ROOT do puts "\n== Removing old logs and tempfiles ==" system! "bin/rails log:clear tmp:clear" - puts "\n== Restarting application server ==" - system! "bin/rails restart" - - # puts "\n== Configuring puma-dev ==" - # system "ln -nfs #{APP_ROOT} ~/.puma-dev/#{APP_NAME}" - # system "curl -Is https://#{APP_NAME}.test/up | head -n 1" + unless ARGV.include?("--skip-server") + puts "\n== Starting development server ==" + $stdout.flush # flush the output before exec(2) so that it displays + exec "bin/dev" + end end diff --git a/config/application.rb b/config/application.rb index 5c38f5cc..7eb29e89 100644 --- a/config/application.rb +++ b/config/application.rb @@ -21,7 +21,7 @@ module Fmb class Application < Rails::Application # Initialize configuration defaults for originally generated Rails version. - config.load_defaults 7.2 + config.load_defaults 8.0 config.time_zone = "Asia/Kolkata" config.i18n.available_locales = [:en] diff --git a/config/environments/development.rb b/config/environments/development.rb index cfc85a5b..4ba93a0c 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -3,9 +3,7 @@ Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # In the development environment your application's code is reloaded any time - # it changes. This slows down response time but is perfect for development - # since you don't have to restart the web server when you make code changes. + # Make code changes take effect immediately without server restart. config.enable_reloading = true # Do not eager load code on boot. @@ -17,53 +15,46 @@ # Enable server timing. config.server_timing = true - # Enable/disable caching. By default caching is disabled. - # Run rails dev:cache to toggle caching. + # Enable/disable Action Controller caching. By default Action Controller caching is disabled. + # Run rails dev:cache to toggle Action Controller caching. if Rails.root.join("tmp/caching-dev.txt").exist? config.action_controller.perform_caching = true config.action_controller.enable_fragment_cache_logging = true - - config.cache_store = :memory_store - config.public_file_server.headers = {"Cache-Control" => "public, max-age=#{2.days.to_i}"} + config.public_file_server.headers = {"cache-control" => "public, max-age=#{2.days.to_i}"} else config.action_controller.perform_caching = false - - config.cache_store = :null_store end + # Change to :null_store to avoid any caching. + config.cache_store = :memory_store + # Store uploaded files on the local file system (see config/storage.yml for options). config.active_storage.service = :local # Don't care if the mailer can't send. config.action_mailer.raise_delivery_errors = false - # Disable caching for Action Mailer templates even if Action Controller - # caching is enabled. + # Make template changes take effect immediately. config.action_mailer.perform_caching = false + # Set localhost to be used by links generated in mailer templates. config.action_mailer.default_url_options = {host: "localhost", port: 3000} # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log - # Raise exceptions for disallowed deprecations. - config.active_support.disallowed_deprecation = :raise - - # Tell Active Support which deprecation messages to disallow. - config.active_support.disallowed_deprecation_warnings = [] - # Raise an error on page load if there are pending migrations. config.active_record.migration_error = :page_load # Highlight code that triggered database queries in logs. config.active_record.verbose_query_logs = true + # Append comments with runtime information tags to SQL queries in logs. + config.active_record.query_log_tags_enabled = true + # Highlight code that enqueued background job in logs. config.active_job.verbose_enqueue_logs = true - # Suppress logger output for asset requests. - config.assets.quiet = true - # Raises error for missing translations. # config.i18n.raise_on_missing_translations = true diff --git a/config/environments/production.rb b/config/environments/production.rb index cc51852b..410c5c02 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -6,41 +6,26 @@ # Code is not reloaded between requests. config.enable_reloading = false - # Eager load code on boot. This eager loads most of Rails and - # your application in memory, allowing both threaded web servers - # and those relying on copy on write to perform better. - # Rake tasks automatically ignore this option for performance. + # Eager load code on boot for better performance and memory savings (ignored by Rake tasks). config.eager_load = true - # Full error reports are disabled and caching is turned on. + # Full error reports are disabled. config.consider_all_requests_local = false - config.action_controller.perform_caching = true - # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment - # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files). - # config.require_master_key = true + # Turn on fragment caching in view templates. + config.action_controller.perform_caching = true - # Disable serving static files from `public/`, relying on NGINX/Apache to do so instead. - # config.public_file_server.enabled = false + # Cache assets for far-future expiry since they are all digest stamped. + config.public_file_server.headers = {"cache-control" => "public, max-age=#{1.year.to_i}"} # Enable serving of images, stylesheets, and JavaScripts from an asset server. # config.asset_host = "http://assets.example.com" - # Specifies the header that your server uses for sending files. - # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache - # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX - # Store uploaded files on the local file system (see config/storage.yml for options). config.active_storage.service = :local - # Mount Action Cable outside main process or domain. - # config.action_cable.mount_path = nil - # config.action_cable.url = "wss://example.com/cable" - # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ] - # Assume all access to the app is happening through a SSL-terminating reverse proxy. - # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies. - # config.assume_ssl = true + config.assume_ssl = true # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. config.force_ssl = true @@ -48,40 +33,45 @@ # Skip http-to-https redirect for the default health check endpoint. # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } } - # Log to STDOUT by default - config.logger = ActiveSupport::Logger.new($stdout) - .tap { |logger| logger.formatter = ::Logger::Formatter.new } - .then { |logger| ActiveSupport::TaggedLogging.new(logger) } - - # Prepend all log lines with the following tags. + # Log to STDOUT with the current request id as a default log tag. config.log_tags = [:request_id] + config.logger = ActiveSupport::TaggedLogging.logger($stdout) - # "info" includes generic and useful information about system operation, but avoids logging too much - # information to avoid inadvertent exposure of personally identifiable information (PII). If you - # want to log everything, set the level to "debug". + # Change to "debug" to log everything (including potentially personally-identifiable information!) config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info") - # Use a different cache store in production. + # Prevent health checks from clogging up the logs. + config.silence_healthcheck_path = "/up" + + # Don't log any deprecations. + config.active_support.report_deprecations = false + + # Replace the default in-process memory cache store with a durable alternative. # config.cache_store = :mem_cache_store - # Use a real queuing backend for Active Job (and separate queues per environment). + # Replace the default in-process and non-durable queuing backend for Active Job. # config.active_job.queue_adapter = :resque - # config.active_job.queue_name_prefix = "fmb_production" - - # Disable caching for Action Mailer templates even if Action Controller caching is enabled. - config.action_mailer.perform_caching = false # Ignore bad email addresses and do not raise email delivery errors. # Set this to true and configure the email server for immediate delivery to raise delivery errors. # config.action_mailer.raise_delivery_errors = false + # Set host to be used by links generated in mailer templates. + # config.action_mailer.default_url_options = {host: "example.com"} + + # Specify outgoing SMTP server. Remember to add smtp/* credentials via rails credentials:edit. + # config.action_mailer.smtp_settings = { + # user_name: Rails.application.credentials.dig(:smtp, :user_name), + # password: Rails.application.credentials.dig(:smtp, :password), + # address: "smtp.example.com", + # port: 587, + # authentication: :plain + # } + # Enable locale fallbacks for I18n (makes lookups for any locale fall back to # the I18n.default_locale when a translation cannot be found). config.i18n.fallbacks = true - # Don't log any deprecations. - config.active_support.report_deprecations = false - # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false @@ -93,6 +83,7 @@ # "example.com", # Allow requests from example.com # /.*\.example\.com/ # Allow requests from subdomains like `www.example.com` # ] + # # Skip DNS rebinding protection for the default health check endpoint. # config.host_authorization = { exclude: ->(request) { request.path == "/up" } } end diff --git a/config/environments/test.rb b/config/environments/test.rb index 5c5658bc..8907814e 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -1,5 +1,3 @@ -require "active_support/core_ext/integer/time" - # The test environment is used exclusively to run your application's # test suite. You never need to work with it otherwise. Remember that # your test database is "scratch space" for the test suite and is wiped @@ -20,12 +18,11 @@ # loading is working properly before deploying your code. config.eager_load = ENV["CI"].present? - # Configure public file server for tests with Cache-Control for performance. - config.public_file_server.headers = {"Cache-Control" => "public, max-age=#{1.hour.to_i}"} + # Configure public file server for tests with cache-control for performance. + config.public_file_server.headers = {"cache-control" => "public, max-age=3600"} - # Show full error reports and disable caching. + # Show full error reports. config.consider_all_requests_local = true - config.action_controller.perform_caching = false config.cache_store = :null_store # Render exception templates for rescuable exceptions and raise for other exceptions. @@ -37,27 +34,17 @@ # Store uploaded files on the local file system in a temporary directory. config.active_storage.service = :test - # Disable caching for Action Mailer templates even if Action Controller caching is enabled. - config.action_mailer.perform_caching = false - # Tell Action Mailer not to deliver emails to the real world. # The :test delivery method accumulates sent emails in the # ActionMailer::Base.deliveries array. config.action_mailer.delivery_method = :test - # Unlike controllers, the mailer instance doesn't have any context about the - # incoming request so you'll need to provide the :host parameter yourself. - config.action_mailer.default_url_options = {host: "www.example.com"} + # Set host to be used by links generated in mailer templates. + # config.action_mailer.default_url_options = {host: "example.com"} # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr - # Raise exceptions for disallowed deprecations. - config.active_support.disallowed_deprecation = :raise - - # Tell Active Support which deprecation messages to disallow. - config.active_support.disallowed_deprecation_warnings = [] - # Raises error for missing translations. # config.i18n.raise_on_missing_translations = true diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb index c010b83d..c0b717f7 100644 --- a/config/initializers/filter_parameter_logging.rb +++ b/config/initializers/filter_parameter_logging.rb @@ -4,5 +4,5 @@ # Use this to limit dissemination of sensitive information. # See the ActiveSupport::ParameterFilter documentation for supported notations and behaviors. Rails.application.config.filter_parameters += [ - :passw, :email, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn + :passw, :email, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn, :cvv, :cvc ] diff --git a/config/puma.rb b/config/puma.rb index 03c166f4..4d352e85 100644 --- a/config/puma.rb +++ b/config/puma.rb @@ -1,13 +1,17 @@ # This configuration file will be evaluated by Puma. The top-level methods that # are invoked here are part of Puma's configuration DSL. For more information # about methods provided by the DSL, see https://puma.io/puma/Puma/DSL.html. - +# # Puma starts a configurable number of processes (workers) and each process # serves each request in a thread from an internal thread pool. # +# You can control the number of workers using ENV["WEB_CONCURRENCY"]. You +# should only set this value when you want to run 2 or more workers. The +# default is already 1. +# # The ideal number of threads per worker depends both on how much time the # application spends waiting for IO operations and on how much you wish to -# to prioritize throughput over latency. +# prioritize throughput over latency. # # As a rule of thumb, increasing the number of threads will increase how much # traffic a given process can handle (throughput), but due to CRuby's @@ -29,6 +33,9 @@ # Allow puma to be restarted by `bin/rails restart` command. plugin :tmp_restart +# Run the Solid Queue supervisor inside of Puma for single-server deployments +# plugin :solid_queue if ENV["SOLID_QUEUE_IN_PUMA"] + # Specify the PID file. Defaults to tmp/pids/server.pid in development. # In other environments, only set the PID file if requested. pidfile ENV["PIDFILE"] if ENV["PIDFILE"] diff --git a/config/routes.rb b/config/routes.rb index 4fcda4ca..71ccd45f 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -44,6 +44,6 @@ match "/500", to: "errors#internal_server", via: :all # Render dynamic PWA files from app/views/pwa/* (remember to link manifest in application.html.erb) - # get "manifest" => "rails/pwa#manifest", as: :pwa_manifest - # get "service-worker" => "rails/pwa#service_worker", as: :pwa_service_worker + # get "manifest" => "rails/pwa#manifest", :as => :pwa_manifest + # get "service-worker" => "rails/pwa#service_worker", :as => :pwa_service_worker end diff --git a/public/406-unsupported-browser.html b/public/406-unsupported-browser.html index 7cf1e168..9532a9cc 100644 --- a/public/406-unsupported-browser.html +++ b/public/406-unsupported-browser.html @@ -1,66 +1,114 @@ - - - - Your browser is not supported (406) - - - - - - -
-
-

Your browser is not supported.

-

Please upgrade your browser to continue.

-
-
- + + + + + + + Your browser is not supported (406 Not Acceptable) + + + + + + + + + + + + + +
+
+ +
+
+

Your browser is not supported.
Please upgrade your browser to continue.

+
+
+ + + diff --git a/public/422.html b/public/422.html index c08eac0d..8bcf0601 100644 --- a/public/422.html +++ b/public/422.html @@ -1,67 +1,114 @@ - - - - The change you wanted was rejected (422) - - - - - - -
-
-

The change you wanted was rejected.

-

Maybe you tried to change something you didn't have access to.

-
-

If you are the application owner check the logs for more information.

-
- + + + + + + + The change you wanted was rejected (422 Unprocessable Entity) + + + + + + + + + + + + + +
+
+ +
+
+

The change you wanted was rejected. Maybe you tried to change something you didn’t have access to. If you’re the application owner check the logs for more information.

+
+
+ + + From 4561bb8f0b25eadcd97d8f117210cec70da1ffae Mon Sep 17 00:00:00 2001 From: Juzer Shakir Date: Thu, 12 Dec 2024 13:18:16 +0530 Subject: [PATCH 3/7] Fetch `active_record_union` from github master branch in support for Rails 8 --- Gemfile | 2 +- Gemfile.lock | 12 +++++++++--- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index c6bdce78..1a2a834a 100644 --- a/Gemfile +++ b/Gemfile @@ -5,7 +5,7 @@ ruby "~> 3.3.6" gem "rails", "~> 8.0.0" -gem "active_record_union" +gem "active_record_union", github: "brianhempel/active_record_union", branch: "master" gem "bcrypt", "~> 3.1.20" gem "bootsnap", require: false gem "cancancan", "~> 3.6.1" diff --git a/Gemfile.lock b/Gemfile.lock index 117cda3d..08402af5 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,3 +1,11 @@ +GIT + remote: https://github.com/brianhempel/active_record_union.git + revision: 8ebe558709aabe039abd24e3e7dd4d4354a6de88 + branch: master + specs: + active_record_union (1.3.0) + activerecord (>= 6.0) + GEM remote: https://rubygems.org/ specs: @@ -44,8 +52,6 @@ GEM erubi (~> 1.11) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - active_record_union (1.3.0) - activerecord (>= 4.0) activejob (8.0.0.1) activesupport (= 8.0.0.1) globalid (>= 0.3.6) @@ -395,7 +401,7 @@ PLATFORMS x86_64-linux DEPENDENCIES - active_record_union + active_record_union! bcrypt (~> 3.1.20) bootsnap brakeman From 369a3a76450c373ea927d545bd4d02067afbc8d4 Mon Sep 17 00:00:00 2001 From: Juzer Shakir Date: Thu, 12 Dec 2024 13:24:58 +0530 Subject: [PATCH 4/7] Update brakeman command in CI workflow --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index fc3d6dc6..eb09f697 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -50,7 +50,7 @@ jobs: bundle install --jobs 4 --retry 3 - name: Scan for common Rails security vulnerabilities using static analysis - run: bundle exec brakeman + run: bin/brakeman - name: Find linting errors run: bundle exec erblint -l From d919f857f731f5320e3eff6e86afffaf4cdd0056 Mon Sep 17 00:00:00 2001 From: Juzer Shakir Date: Thu, 12 Dec 2024 13:25:42 +0530 Subject: [PATCH 5/7] FIX `erblint` depreciation --- .erb-lint.yml => .erb_lint.yml | 0 .github/workflows/test.yml | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) rename .erb-lint.yml => .erb_lint.yml (100%) diff --git a/.erb-lint.yml b/.erb_lint.yml similarity index 100% rename from .erb-lint.yml rename to .erb_lint.yml diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index eb09f697..8937fa2e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -53,7 +53,7 @@ jobs: run: bin/brakeman - name: Find linting errors - run: bundle exec erblint -l + run: bundle exec erb_lint --lint-all - name: Find rubocop errors run: bin/rubocop From 33d74241939dcef40281995b598c39e834461f44 Mon Sep 17 00:00:00 2001 From: Juzer Shakir Date: Thu, 12 Dec 2024 13:28:53 +0530 Subject: [PATCH 6/7] Update schema with Rails 8 configuration --- db/schema.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/db/schema.rb b/db/schema.rb index 5d2ab4e0..7fec87da 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,9 +10,9 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[7.2].define(version: 2024_02_09_122254) do +ActiveRecord::Schema[8.0].define(version: 2024_02_09_122254) do # These are extensions that must be enabled in order to support this database - enable_extension "plpgsql" + enable_extension "pg_catalog.plpgsql" # Custom types defined in this database. # Note that some types may not work with other database engines. Be careful if changing database. From 66362e5f63c6ac17ca783e121dc172574cce8b82 Mon Sep 17 00:00:00 2001 From: Juzer Shakir Date: Thu, 12 Dec 2024 13:29:54 +0530 Subject: [PATCH 7/7] Replace `bundle exec rails` with `bin/rails` in CI --- .github/workflows/test.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8937fa2e..9d2d67e4 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -59,7 +59,7 @@ jobs: run: bin/rubocop - name: Precompile assets - run: bundle exec rails assets:precompile + run: bin/rails assets:precompile - name: Running Tests env: @@ -67,6 +67,6 @@ jobs: RAILS_ENV: test PG_USER: postgres run: | - bundle exec rails db:create - bundle exec rails db:migrate + bin/rails db:create + bin/rails db:migrate bundle exec rspec