From 5d1acbf9c246814b59fe70c94d3f6a2bd9520dbe Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 3 Apr 2024 13:19:02 +0000 Subject: [PATCH 01/16] Bump rails from 7.0.8 to 7.1.3.2 Bumps [rails](https://github.com/rails/rails) from 7.0.8 to 7.1.3.2. - [Release notes](https://github.com/rails/rails/releases) - [Commits](https://github.com/rails/rails/compare/v7.0.8...v7.1.3.2) --- updated-dependencies: - dependency-name: rails dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 173 ++++++++++++++++++++++++++++++--------------------- 2 files changed, 102 insertions(+), 73 deletions(-) diff --git a/Gemfile b/Gemfile index 3c6f9e60e8..7fe9f25a93 100644 --- a/Gemfile +++ b/Gemfile @@ -6,7 +6,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby '3.2.3' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem 'rails', '7.0.8' +gem 'rails', '7.1.3.2' # Use PostgreSQL as the database for Active Record gem 'pg' diff --git a/Gemfile.lock b/Gemfile.lock index 3322da475e..776ba3da69 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -43,79 +43,88 @@ GEM specs: aasm (5.5.0) concurrent-ruby (~> 1.0) - actioncable (7.0.8) - actionpack (= 7.0.8) - activesupport (= 7.0.8) + actioncable (7.1.3.2) + actionpack (= 7.1.3.2) + activesupport (= 7.1.3.2) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (7.0.8) - actionpack (= 7.0.8) - activejob (= 7.0.8) - activerecord (= 7.0.8) - activestorage (= 7.0.8) - activesupport (= 7.0.8) + zeitwerk (~> 2.6) + actionmailbox (7.1.3.2) + actionpack (= 7.1.3.2) + activejob (= 7.1.3.2) + activerecord (= 7.1.3.2) + activestorage (= 7.1.3.2) + activesupport (= 7.1.3.2) mail (>= 2.7.1) net-imap net-pop net-smtp - actionmailer (7.0.8) - actionpack (= 7.0.8) - actionview (= 7.0.8) - activejob (= 7.0.8) - activesupport (= 7.0.8) + actionmailer (7.1.3.2) + actionpack (= 7.1.3.2) + actionview (= 7.1.3.2) + activejob (= 7.1.3.2) + activesupport (= 7.1.3.2) mail (~> 2.5, >= 2.5.4) net-imap net-pop net-smtp - rails-dom-testing (~> 2.0) - actionpack (7.0.8) - actionview (= 7.0.8) - activesupport (= 7.0.8) - rack (~> 2.0, >= 2.2.4) + rails-dom-testing (~> 2.2) + actionpack (7.1.3.2) + actionview (= 7.1.3.2) + activesupport (= 7.1.3.2) + nokogiri (>= 1.8.5) + racc + rack (>= 2.2.4) + rack-session (>= 1.0.1) rack-test (>= 0.6.3) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (7.0.8) - actionpack (= 7.0.8) - activerecord (= 7.0.8) - activestorage (= 7.0.8) - activesupport (= 7.0.8) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + actiontext (7.1.3.2) + actionpack (= 7.1.3.2) + activerecord (= 7.1.3.2) + activestorage (= 7.1.3.2) + activesupport (= 7.1.3.2) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.0.8) - activesupport (= 7.0.8) + actionview (7.1.3.2) + activesupport (= 7.1.3.2) builder (~> 3.1) - erubi (~> 1.4) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.1, >= 1.2.0) + erubi (~> 1.11) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) active_model_serializers (0.10.14) actionpack (>= 4.1) activemodel (>= 4.1) case_transform (>= 0.2) jsonapi-renderer (>= 0.1.1.beta1, < 0.3) - activejob (7.0.8) - activesupport (= 7.0.8) + activejob (7.1.3.2) + activesupport (= 7.1.3.2) globalid (>= 0.3.6) - activemodel (7.0.8) - activesupport (= 7.0.8) + activemodel (7.1.3.2) + activesupport (= 7.1.3.2) activemodel-serializers-xml (1.0.2) activemodel (> 5.x) activesupport (> 5.x) builder (~> 3.1) - activerecord (7.0.8) - activemodel (= 7.0.8) - activesupport (= 7.0.8) - activestorage (7.0.8) - actionpack (= 7.0.8) - activejob (= 7.0.8) - activerecord (= 7.0.8) - activesupport (= 7.0.8) + activerecord (7.1.3.2) + activemodel (= 7.1.3.2) + activesupport (= 7.1.3.2) + timeout (>= 0.4.0) + activestorage (7.1.3.2) + actionpack (= 7.1.3.2) + activejob (= 7.1.3.2) + activerecord (= 7.1.3.2) + activesupport (= 7.1.3.2) marcel (~> 1.0) - mini_mime (>= 1.1.0) - activesupport (7.0.8) + activesupport (7.1.3.2) + base64 + bigdecimal concurrent-ruby (~> 1.0, >= 1.0.2) + connection_pool (>= 2.2.5) + drb i18n (>= 1.6, < 2) minitest (>= 5.1) + mutex_m tzinfo (~> 2.0) addressable (2.8.6) public_suffix (>= 2.0.2, < 6.0) @@ -191,7 +200,7 @@ GEM activerecord (>= 5.a) database_cleaner-core (~> 2.0.0) database_cleaner-core (2.0.1) - date (3.3.3) + date (3.3.4) debug_inspector (1.2.0) declarative (0.0.20) deep_merge (1.2.2) @@ -211,6 +220,7 @@ GEM activesupport (>= 5.0) request_store (>= 1.0) ruby2_keywords + drb (2.2.1) dry-container (0.11.0) concurrent-ruby (~> 1.0) erb_lint (0.5.0) @@ -333,6 +343,10 @@ GEM httpclient (2.8.3) i18n (1.14.4) concurrent-ruby (~> 1.0) + io-console (0.7.2) + irb (1.12.0) + rdoc + reline (>= 0.4.2) jsbundling-rails (1.3.0) railties (>= 6.0.0) json (2.7.2) @@ -393,7 +407,7 @@ GEM net-imap net-pop net-smtp - marcel (1.0.2) + marcel (1.0.4) matrix (0.4.2) method_source (1.0.0) mini_mime (1.1.5) @@ -402,21 +416,22 @@ GEM msgpack (1.7.2) multi_json (1.15.0) multi_xml (0.6.0) + mutex_m (0.2.0) nenv (0.3.0) net-http (0.4.1) uri net-http-persistent (4.0.1) connection_pool (~> 2.2) - net-imap (0.4.2) + net-imap (0.4.10) date net-protocol net-pop (0.1.2) net-protocol - net-protocol (0.2.1) + net-protocol (0.2.2) timeout - net-smtp (0.4.0) + net-smtp (0.5.0) net-protocol - nio4r (2.7.0) + nio4r (2.7.1) nokogiri (1.16.4-arm64-darwin) racc (~> 1.4) nokogiri (1.16.4-x86_64-darwin) @@ -476,6 +491,8 @@ GEM pry (>= 0.13, < 0.15) pry-rails (0.3.9) pry (>= 0.10.4) + psych (5.1.2) + stringio public_suffix (5.0.5) puma (6.4.2) nio4r (~> 2.0) @@ -495,22 +512,27 @@ GEM rack (>= 2.1.0) rack-protection (3.1.0) rack (~> 2.2, >= 2.2.4) + rack-session (1.0.2) + rack (< 3) rack-test (2.1.0) rack (>= 1.3) - rails (7.0.8) - actioncable (= 7.0.8) - actionmailbox (= 7.0.8) - actionmailer (= 7.0.8) - actionpack (= 7.0.8) - actiontext (= 7.0.8) - actionview (= 7.0.8) - activejob (= 7.0.8) - activemodel (= 7.0.8) - activerecord (= 7.0.8) - activestorage (= 7.0.8) - activesupport (= 7.0.8) + rackup (1.0.0) + rack (< 3) + webrick + rails (7.1.3.2) + actioncable (= 7.1.3.2) + actionmailbox (= 7.1.3.2) + actionmailer (= 7.1.3.2) + actionpack (= 7.1.3.2) + actiontext (= 7.1.3.2) + actionview (= 7.1.3.2) + activejob (= 7.1.3.2) + activemodel (= 7.1.3.2) + activerecord (= 7.1.3.2) + activestorage (= 7.1.3.2) + activesupport (= 7.1.3.2) bundler (>= 1.15.0) - railties (= 7.0.8) + railties (= 7.1.3.2) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) @@ -531,22 +553,27 @@ GEM rack railties (>= 5.1) semantic_logger (~> 4.13) - railties (7.0.8) - actionpack (= 7.0.8) - activesupport (= 7.0.8) - method_source + railties (7.1.3.2) + actionpack (= 7.1.3.2) + activesupport (= 7.1.3.2) + irb + rackup (>= 1.0.0) rake (>= 12.2) - thor (~> 1.0) - zeitwerk (~> 2.5) + thor (~> 1.0, >= 1.2.2) + zeitwerk (~> 2.6) rainbow (3.1.1) rake (13.2.1) rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) rb-readline (0.5.5) + rdoc (6.6.3.1) + psych (>= 4.0.0) redcarpet (3.6.0) redis (4.8.1) regexp_parser (2.9.0) + reline (0.5.0) + io-console (~> 0.5) representable (3.2.0) declarative (< 0.1.0) trailblazer-option (>= 0.1.1, < 0.2.0) @@ -674,6 +701,7 @@ GEM actionpack (>= 5.2) activesupport (>= 5.2) sprockets (>= 3.0.0) + stringio (3.1.0) super_diff (0.11.0) attr_extras (>= 6.2.4) diff-lcs @@ -688,7 +716,7 @@ GEM unicode-display_width (>= 1.1.1, < 3) thor (1.3.1) timecop (0.9.8) - timeout (0.4.0) + timeout (0.4.1) trailblazer-option (0.1.2) tzinfo (2.0.6) concurrent-ruby (~> 1.0) @@ -715,6 +743,7 @@ GEM addressable (>= 2.8.0) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) + webrick (1.8.1) websocket-driver (0.7.6) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) @@ -802,7 +831,7 @@ DEPENDENCIES puma (~> 6.4) pundit rack-cors - rails (= 7.0.8) + rails (= 7.1.3.2) rails-controller-testing rails-erd rails_semantic_logger From 0d4057a86bae49f6453dcdec871cd10b6d5e469f Mon Sep 17 00:00:00 2001 From: Iain McNulty Date: Wed, 10 Apr 2024 14:24:10 +0100 Subject: [PATCH 02/16] Update some rails files --- config/initializers/assets.rb | 18 ++++++++++++++---- .../initializers/content_security_policy.rb | 2 +- config/initializers/permissions_policy.rb | 19 ++++++++++--------- 3 files changed, 25 insertions(+), 14 deletions(-) diff --git a/config/initializers/assets.rb b/config/initializers/assets.rb index 5d42cecaf8..7e26995076 100644 --- a/config/initializers/assets.rb +++ b/config/initializers/assets.rb @@ -1,13 +1,23 @@ # frozen_string_literal: true -# govuk-frontend related assets -Rails.application.config.assets.paths << Rails.root.join('node_modules/govuk-frontend/dist/govuk/assets/images') -Rails.application.config.assets.paths << Rails.root.join('node_modules/govuk-frontend/dist/govuk/assets/fonts') +# Be sure to restart your server when you modify this file. -# Add Yarn node_modules folder to the asset load path. +# Add additional assets to the asset load path. Rails.application.config.assets.paths << Rails.root.join('node_modules') # GOVUK Deps Rails.application.config.assets.precompile += %w[ accessible-autocomplete/dist/accessible-autocomplete.min.css ] + +# Version of your assets, change this if you want to expire all your assets. +Rails.application.config.assets.version = "1.0" + +# Precompile additional assets. +# application.js, application.css, and all non-JS/CSS in the app/assets +# folder are already added. +# Rails.application.config.assets.precompile += %w( admin.js admin.css ) + +# govuk-frontend related assets +Rails.application.config.assets.paths << Rails.root.join('node_modules/govuk-frontend/dist/govuk/assets/images') +Rails.application.config.assets.paths << Rails.root.join('node_modules/govuk-frontend/dist/govuk/assets/fonts') diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 5ed2bbe9cf..34a4df6b28 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -4,7 +4,7 @@ # Define an application-wide content security policy # For further information see the following documentation -# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy +# https://guides.rubyonrails.org/security.html#content-security-policy-header Rails.application.configure do config.content_security_policy do |policy| diff --git a/config/initializers/permissions_policy.rb b/config/initializers/permissions_policy.rb index 810aadeb98..b635b527ea 100644 --- a/config/initializers/permissions_policy.rb +++ b/config/initializers/permissions_policy.rb @@ -1,13 +1,14 @@ # frozen_string_literal: true +# Be sure to restart your server when you modify this file. # Define an application-wide HTTP permissions policy. For further -# information see https://developers.google.com/web/updates/2018/06/feature-policy -# -# Rails.application.config.permissions_policy do |f| -# f.camera :none -# f.gyroscope :none -# f.microphone :none -# f.usb :none -# f.fullscreen :self -# f.payment :self, "https://secure.example.com" +# information see: https://developers.google.com/web/updates/2018/06/feature-policy + +# Rails.application.config.permissions_policy do |policy| +# policy.camera :none +# policy.gyroscope :none +# policy.microphone :none +# policy.usb :none +# policy.fullscreen :self +# policy.payment :self, "https://secure.example.com" # end From 171937d02b6b18802ac1f6b52e05b94bcce38557 Mon Sep 17 00:00:00 2001 From: Iain McNulty Date: Wed, 10 Apr 2024 15:31:51 +0100 Subject: [PATCH 03/16] Update production --- config/environments/production.rb | 51 +++++++++++++++++++++++++------ 1 file changed, 41 insertions(+), 10 deletions(-) diff --git a/config/environments/production.rb b/config/environments/production.rb index af775dea39..729b18ca62 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -1,10 +1,12 @@ # frozen_string_literal: true +require "active_support/core_ext/integer/time" + Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. # Code is not reloaded between requests. - config.cache_classes = true + config.enable_reloading = false # Eager load code on boot. This eager loads most of Rails and # your application in memory, allowing both threaded web servers @@ -13,29 +15,43 @@ config.eager_load = true # Full error reports are disabled and caching is turned on. - config.consider_all_requests_local = false + config.consider_all_requests_local = false config.action_controller.perform_caching = true - # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"] - # or in config/master.key. This key is used to decrypt credentials (and other encrypted files). + # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment + # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files). # config.require_master_key = true - # Disable serving static files from the `/public` folder by default since - # Apache or NGINX already handles this. + # Disable serving static files from `public/`, relying on NGINX/Apache to do so instead. config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? + # Compress CSS using a preprocessor. + # config.assets.css_compressor = :sass + + # Do not fall back to assets pipeline if a precompiled asset is missed. + config.assets.compile = false + # Enable serving of images, stylesheets, and JavaScripts from an asset server. config.action_controller.asset_host = proc do |_source, request| Settings.find_assets_url if Settings.find_url.include?(request.host) end # Specifies the header that your server uses for sending files. - # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache - # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX + # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache + # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX # Store uploaded files on the local file system (see config/storage.yml for options). config.active_storage.service = :local + # Mount Action Cable outside main process or domain. + # config.action_cable.mount_path = nil + # config.action_cable.url = "wss://example.com/cable" + # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ] + + # Assume all access to the app is happening through a SSL-terminating reverse proxy. + # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies. + # config.assume_ssl = true + # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # config.force_ssl = true @@ -44,11 +60,19 @@ config.active_record.logger = nil # Don't log SQL in production + # Prepend all log lines with the following tags. + # config.log_tags = [:request_id] + + # "info" includes generic and useful information about system operation, but avoids logging too much + # information to avoid inadvertent exposure of personally identifiable information (PII). If you + # want to log everything, set the level to "debug". + config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info") + # Use a different cache store in production. config.cache_store = :redis_cache_store, { url: ENV.fetch('REDIS_CACHE_URL') } # Use a real queuing backend for Active Job (and separate queues per environment). - # config.active_job.queue_adapter = :resque + # config.active_job.queue_adapter = :resque # config.active_job.queue_name_prefix = "manage_courses_backend_production" config.action_mailer.perform_caching = false @@ -62,7 +86,7 @@ config.i18n.fallbacks = true # Send deprecation notices to registered listeners. - config.active_support.deprecation = :notify + config.active_support.report_deprecations = :notify # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false @@ -89,4 +113,11 @@ # config.active_record.database_selector = { delay: 2.seconds } # config.active_record.database_resolver = ActiveRecord::Middleware::DatabaseSelector::Resolver # config.active_record.database_resolver_context = ActiveRecord::Middleware::DatabaseSelector::Resolver::Session + # Enable DNS rebinding protection and other `Host` header attacks. + # config.hosts = [ + # "example.com", # Allow requests from example.com + # /.*\.example\.com/ # Allow requests from subdomains like `www.example.com` + # ] + # Skip DNS rebinding protection for the default health check endpoint. + # config.host_authorization = { exclude: ->(request) { request.path == "/up" } } end From 06dc369f9731b4c1008e11833ac7202dfc352af1 Mon Sep 17 00:00:00 2001 From: Iain McNulty Date: Wed, 10 Apr 2024 15:38:38 +0100 Subject: [PATCH 04/16] Update test.rb --- config/environments/test.rb | 34 ++++++++++++++++++++++------------ 1 file changed, 22 insertions(+), 12 deletions(-) diff --git a/config/environments/test.rb b/config/environments/test.rb index 1da1fb5a33..d4c446e5f5 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -1,5 +1,7 @@ # frozen_string_literal: true +require "active_support/core_ext/integer/time" + # The test environment is used exclusively to run your application's # test suite. You never need to work with it otherwise. Remember that # your test database is "scratch space" for the test suite and is wiped @@ -8,26 +10,28 @@ Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - config.cache_classes = false + # While tests run files are not watched, reloading is not necessary. + config.enable_reloading = false - # Do not eager load code on boot. This avoids loading your whole application - # just for the purpose of running a single test. If you are using a tool that - # preloads Rails for running tests, you may have to set it to true. - config.eager_load = ENV['CI'].present? + # Eager loading loads your entire application. When running a single test locally, + # this is usually not necessary, and can slow down your test suite. However, it's + # recommended that you enable it in continuous integration systems to ensure eager + # loading is working properly before deploying your code. + config.eager_load = ENV["CI"].present? # Configure public file server for tests with Cache-Control for performance. config.public_file_server.enabled = true config.public_file_server.headers = { - 'Cache-Control' => "public, max-age=#{1.hour.to_i}" + "Cache-Control" => "public, max-age=#{1.hour.to_i}" } # Show full error reports and disable caching. - config.consider_all_requests_local = true + config.consider_all_requests_local = true config.action_controller.perform_caching = false config.cache_store = :memory_store - # Raise exceptions instead of rendering exception templates. - config.action_dispatch.show_exceptions = false + # Render exception templates for rescuable exceptions and raise for other exceptions. + config.action_dispatch.show_exceptions = :rescuable # Disable request forgery protection in test environment. config.action_controller.allow_forgery_protection = false @@ -45,9 +49,6 @@ # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr - # Raises error for missing translations. - # config.action_view.raise_on_missing_translations = true - config.authentication_token = 'bats' # Check for N+1 queries @@ -64,4 +65,13 @@ # Tell Active Support which deprecation messages to disallow. config.active_support.disallowed_deprecation_warnings = [] + + # Raises error for missing translations. + # config.i18n.raise_on_missing_translations = true + + # Annotate rendered view with file names. + # config.action_view.annotate_rendered_view_with_filenames = true + + # Raise error when a before_action's only/except options reference missing actions + config.action_controller.raise_on_missing_callback_actions = true end From 2ae45ccebdcbe74f31d8c15502fe1d98310cc9d3 Mon Sep 17 00:00:00 2001 From: Iain McNulty Date: Wed, 10 Apr 2024 15:41:37 +0100 Subject: [PATCH 05/16] Update development.rb --- config/environments/development.rb | 27 ++++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) diff --git a/config/environments/development.rb b/config/environments/development.rb index 2b5467d2f7..d0f3809f3a 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -1,12 +1,14 @@ # frozen_string_literal: true +require "active_support/core_ext/integer/time" + Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # In the development environment your application's code is reloaded on - # every request. This slows down response time but is perfect for development + # In the development environment your application's code is reloaded any time + # it changes. This slows down response time but is perfect for development # since you don't have to restart the web server when you make code changes. - config.cache_classes = false + config.enable_reloading = true # Do not eager load code on boot. config.eager_load = false @@ -19,13 +21,13 @@ # Enable/disable caching. By default caching is disabled. # Run rails dev:cache to toggle caching. - if Rails.root.join('tmp/caching-dev.txt').exist? + if Rails.root.join("tmp/caching-dev.txt").exist? config.action_controller.perform_caching = true config.action_controller.enable_fragment_cache_logging = true config.cache_store = :memory_store config.public_file_server.headers = { - 'Cache-Control' => "public, max-age=#{2.days.to_i}" + "Cache-Control" => "public, max-age=#{2.days.to_i}" } else config.action_controller.perform_caching = false @@ -56,6 +58,12 @@ # Highlight code that triggered database queries in logs. config.active_record.verbose_query_logs = true + # Highlight code that enqueued background job in logs. + config.active_job.verbose_enqueue_logs = true + + # Suppress logger output for asset requests. + config.assets.quiet = true + # Raises error for missing translations. config.i18n.raise_on_missing_translations = true @@ -63,5 +71,14 @@ # routes, locales, etc. This feature depends on the listen gem. config.file_watcher = ActiveSupport::EventedFileUpdateChecker + # Annotate rendered view with file names. + # config.action_view.annotate_rendered_view_with_filenames = true + + # Uncomment if you wish to allow Action Cable access from any origin. + # config.action_cable.disable_request_forgery_protection = true + + # Raise error when a before_action's only/except options reference missing actions + config.action_controller.raise_on_missing_callback_actions = true + config.authentication_token = ENV.fetch('AUTHENTICATION_TOKEN', 'bats') end From 22665a7488851070adb3f09768d1bb47849dd65e Mon Sep 17 00:00:00 2001 From: Iain McNulty Date: Wed, 10 Apr 2024 15:44:03 +0100 Subject: [PATCH 06/16] Upgrade RAils --- bin/setup | 6 +++++- config/application.rb | 7 ++++++- config/boot.rb | 6 +++--- config/environment.rb | 2 +- 4 files changed, 15 insertions(+), 6 deletions(-) diff --git a/bin/setup b/bin/setup index 5628e5b87d..21f8ff6995 100755 --- a/bin/setup +++ b/bin/setup @@ -5,7 +5,7 @@ require "fileutils" APP_ROOT = File.expand_path("..", __dir__) def system!(*args) - system(*args) || abort("\n== Command #{args} failed ==") + system(*args, exception: true) end FileUtils.chdir APP_ROOT do @@ -31,6 +31,10 @@ FileUtils.chdir APP_ROOT do puts "\n== Install process manager foreman ==" system! "gem install foreman" + # puts "\n== Copying sample files ==" + # unless File.exist?("config/database.yml") + # FileUtils.cp "config/database.yml.sample", "config/database.yml" + # end puts "\n== Preparing database ==" system! "bin/rails db:prepare" diff --git a/config/application.rb b/config/application.rb index a4b7bd297f..24c76088c7 100644 --- a/config/application.rb +++ b/config/application.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true +require_relative "boot" -require_relative 'boot' require 'rails/all' require 'active_support/core_ext/integer/time' @@ -15,6 +15,11 @@ class Application < Rails::Application # Initialize configuration defaults for originally generated Rails version. config.load_defaults 7.0 + # Please, add to the `ignore` list any other `lib` subdirectories that do + # not contain `.rb` files, or that should not be reloaded or eager loaded. + # Common ones are `templates`, `generators`, or `middleware`, for example. + config.autoload_lib(ignore: %w(assets tasks)) + # Configuration for the application, engines, and railties goes here. # # These settings can be overridden in specific environments using the files diff --git a/config/boot.rb b/config/boot.rb index c04863fa7d..aef6d031ee 100644 --- a/config/boot.rb +++ b/config/boot.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) +ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__) -require 'bundler/setup' # Set up gems listed in the Gemfile. -require 'bootsnap/setup' # Speed up boot time by caching expensive operations. +require "bundler/setup" # Set up gems listed in the Gemfile. +require "bootsnap/setup" # Speed up boot time by caching expensive operations. diff --git a/config/environment.rb b/config/environment.rb index d5abe55806..7df99e89c6 100644 --- a/config/environment.rb +++ b/config/environment.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true # Load the Rails application. -require_relative 'application' +require_relative "application" # Initialize the Rails application. Rails.application.initialize! From 6e179f8ebb95e7a196d64293629401b72d63886c Mon Sep 17 00:00:00 2001 From: Iain McNulty Date: Wed, 10 Apr 2024 15:44:31 +0100 Subject: [PATCH 07/16] Progressive upgrade file --- .../new_framework_defaults_7_1.rb | 284 ++++++++++++++++++ 1 file changed, 284 insertions(+) create mode 100644 config/initializers/new_framework_defaults_7_1.rb diff --git a/config/initializers/new_framework_defaults_7_1.rb b/config/initializers/new_framework_defaults_7_1.rb new file mode 100644 index 0000000000..4ba02970b6 --- /dev/null +++ b/config/initializers/new_framework_defaults_7_1.rb @@ -0,0 +1,284 @@ +# Be sure to restart your server when you modify this file. +# +# This file eases your Rails 7.1 framework defaults upgrade. +# +# Uncomment each configuration one by one to switch to the new default. +# Once your application is ready to run with all new defaults, you can remove +# this file and set the `config.load_defaults` to `7.1`. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. +# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html + +### +# No longer add autoloaded paths into `$LOAD_PATH`. This means that you won't be able +# to manually require files that are managed by the autoloader, which you shouldn't do anyway. +# +# This will reduce the size of the load path, making `require` faster if you don't use bootsnap, or reduce the size +# of the bootsnap cache if you use it. +# +# To set this configuration, add the following line to `config/application.rb` (NOT this file): +# config.add_autoload_paths_to_load_path = false + +### +# Remove the default X-Download-Options headers since it is used only by Internet Explorer. +# If you need to support Internet Explorer, add back `"X-Download-Options" => "noopen"`. +#++ +# Rails.application.config.action_dispatch.default_headers = { +# "X-Frame-Options" => "SAMEORIGIN", +# "X-XSS-Protection" => "0", +# "X-Content-Type-Options" => "nosniff", +# "X-Permitted-Cross-Domain-Policies" => "none", +# "Referrer-Policy" => "strict-origin-when-cross-origin" +# } + +### +# Do not treat an `ActionController::Parameters` instance +# as equal to an equivalent `Hash` by default. +#++ +# Rails.application.config.action_controller.allow_deprecated_parameters_hash_equality = false + +### +# Active Record Encryption now uses SHA-256 as its hash digest algorithm. +# +# There are 3 scenarios to consider. +# +# 1. If you have data encrypted with previous Rails versions, and you have +# +config.active_support.key_generator_hash_digest_class+ configured as SHA1 (the default +# before Rails 7.0), you need to configure SHA-1 for Active Record Encryption too: +#++ +# Rails.application.config.active_record.encryption.hash_digest_class = OpenSSL::Digest::SHA1 +# +# 2. If you have +config.active_support.key_generator_hash_digest_class+ configured as SHA256 (the new default +# in 7.0), then you need to configure SHA-256 for Active Record Encryption: +#++ +# Rails.application.config.active_record.encryption.hash_digest_class = OpenSSL::Digest::SHA256 +# +# 3. If you don't currently have data encrypted with Active Record encryption, you can disable this setting to +# configure the default behavior starting 7.1+: +#++ +# Rails.application.config.active_record.encryption.support_sha1_for_non_deterministic_encryption = false + +### +# No longer run after_commit callbacks on the first of multiple Active Record +# instances to save changes to the same database row within a transaction. +# Instead, run these callbacks on the instance most likely to have internal +# state which matches what was committed to the database, typically the last +# instance to save. +#++ +# Rails.application.config.active_record.run_commit_callbacks_on_first_saved_instances_in_transaction = false + +### +# Configures SQLite with a strict strings mode, which disables double-quoted string literals. +# +# SQLite has some quirks around double-quoted string literals. +# It first tries to consider double-quoted strings as identifier names, but if they don't exist +# it then considers them as string literals. Because of this, typos can silently go unnoticed. +# For example, it is possible to create an index for a non existing column. +# See https://www.sqlite.org/quirks.html#double_quoted_string_literals_are_accepted for more details. +#++ +# Rails.application.config.active_record.sqlite3_adapter_strict_strings_by_default = true + +### +# Disable deprecated singular associations names. +#++ +# Rails.application.config.active_record.allow_deprecated_singular_associations_name = false + +### +# Enable the Active Job `BigDecimal` argument serializer, which guarantees +# roundtripping. Without this serializer, some queue adapters may serialize +# `BigDecimal` arguments as simple (non-roundtrippable) strings. +# +# When deploying an application with multiple replicas, old (pre-Rails 7.1) +# replicas will not be able to deserialize `BigDecimal` arguments from this +# serializer. Therefore, this setting should only be enabled after all replicas +# have been successfully upgraded to Rails 7.1. +#++ +# Rails.application.config.active_job.use_big_decimal_serializer = true + +### +# Specify if an `ArgumentError` should be raised if `Rails.cache` `fetch` or +# `write` are given an invalid `expires_at` or `expires_in` time. +# Options are `true`, and `false`. If `false`, the exception will be reported +# as `handled` and logged instead. +#++ +# Rails.application.config.active_support.raise_on_invalid_cache_expiration_time = true + +### +# Specify whether Query Logs will format tags using the SQLCommenter format +# (https://open-telemetry.github.io/opentelemetry-sqlcommenter/), or using the legacy format. +# Options are `:legacy` and `:sqlcommenter`. +#++ +# Rails.application.config.active_record.query_log_tags_format = :sqlcommenter + +### +# Specify the default serializer used by `MessageEncryptor` and `MessageVerifier` +# instances. +# +# The legacy default is `:marshal`, which is a potential vector for +# deserialization attacks in cases where a message signing secret has been +# leaked. +# +# In Rails 7.1, the new default is `:json_allow_marshal` which serializes and +# deserializes with `ActiveSupport::JSON`, but can fall back to deserializing +# with `Marshal` so that legacy messages can still be read. +# +# In Rails 7.2, the default will become `:json` which serializes and +# deserializes with `ActiveSupport::JSON` only. +# +# Alternatively, you can choose `:message_pack` or `:message_pack_allow_marshal`, +# which serialize with `ActiveSupport::MessagePack`. `ActiveSupport::MessagePack` +# can roundtrip some Ruby types that are not supported by JSON, and may provide +# improved performance, but it requires the `msgpack` gem. +# +# For more information, see +# https://guides.rubyonrails.org/v7.1/configuring.html#config-active-support-message-serializer +# +# If you are performing a rolling deploy of a Rails 7.1 upgrade, wherein servers +# that have not yet been upgraded must be able to read messages from upgraded +# servers, first deploy without changing the serializer, then set the serializer +# in a subsequent deploy. +#++ +# Rails.application.config.active_support.message_serializer = :json_allow_marshal + +### +# Enable a performance optimization that serializes message data and metadata +# together. This changes the message format, so messages serialized this way +# cannot be read by older versions of Rails. However, messages that use the old +# format can still be read, regardless of whether this optimization is enabled. +# +# To perform a rolling deploy of a Rails 7.1 upgrade, wherein servers that have +# not yet been upgraded must be able to read messages from upgraded servers, +# leave this optimization off on the first deploy, then enable it on a +# subsequent deploy. +#++ +# Rails.application.config.active_support.use_message_serializer_for_metadata = true + +### +# Set the maximum size for Rails log files. +# +# `config.load_defaults 7.1` does not set this value for environments other than +# development and test. +#++ +# if Rails.env.local? +# Rails.application.config.log_file_size = 100 * 1024 * 1024 +# end + +### +# Enable raising on assignment to attr_readonly attributes. The previous +# behavior would allow assignment but silently not persist changes to the +# database. +#++ +# Rails.application.config.active_record.raise_on_assign_to_attr_readonly = true + +### +# Enable validating only parent-related columns for presence when the parent is mandatory. +# The previous behavior was to validate the presence of the parent record, which performed an extra query +# to get the parent every time the child record was updated, even when parent has not changed. +#++ +# Rails.application.config.active_record.belongs_to_required_validates_foreign_key = false + +### +# Enable precompilation of `config.filter_parameters`. Precompilation can +# improve filtering performance, depending on the quantity and types of filters. +#++ +# Rails.application.config.precompile_filter_parameters = true + +### +# Enable before_committed! callbacks on all enrolled records in a transaction. +# The previous behavior was to only run the callbacks on the first copy of a record +# if there were multiple copies of the same record enrolled in the transaction. +#++ +# Rails.application.config.active_record.before_committed_on_all_records = true + +### +# Disable automatic column serialization into YAML. +# To keep the historic behavior, you can set it to `YAML`, however it is +# recommended to explicitly define the serialization method for each column +# rather than to rely on a global default. +#++ +# Rails.application.config.active_record.default_column_serializer = nil + +### +# Enable a performance optimization that serializes Active Record models +# in a faster and more compact way. +# +# To perform a rolling deploy of a Rails 7.1 upgrade, wherein servers that have +# not yet been upgraded must be able to read caches from upgraded servers, +# leave this optimization off on the first deploy, then enable it on a +# subsequent deploy. +#++ +# Rails.application.config.active_record.marshalling_format_version = 7.1 + +### +# Run `after_commit` and `after_*_commit` callbacks in the order they are defined in a model. +# This matches the behaviour of all other callbacks. +# In previous versions of Rails, they ran in the inverse order. +#++ +# Rails.application.config.active_record.run_after_transaction_callbacks_in_order_defined = true + +### +# Whether a `transaction` block is committed or rolled back when exited via `return`, `break` or `throw`. +#++ +# Rails.application.config.active_record.commit_transaction_on_non_local_return = true + +### +# Controls when to generate a value for has_secure_token declarations. +#++ +# Rails.application.config.active_record.generate_secure_token_on = :initialize + +### +# ** Please read carefully, this must be configured in config/application.rb ** +# +# Change the format of the cache entry. +# +# Changing this default means that all new cache entries added to the cache +# will have a different format that is not supported by Rails 7.0 +# applications. +# +# Only change this value after your application is fully deployed to Rails 7.1 +# and you have no plans to rollback. +# When you're ready to change format, add this to `config/application.rb` (NOT +# this file): +# config.active_support.cache_format_version = 7.1 + + +### +# Configure Action View to use HTML5 standards-compliant sanitizers when they are supported on your +# platform. +# +# `Rails::HTML::Sanitizer.best_supported_vendor` will cause Action View to use HTML5-compliant +# sanitizers if they are supported, else fall back to HTML4 sanitizers. +# +# In previous versions of Rails, Action View always used `Rails::HTML4::Sanitizer` as its vendor. +#++ +# Rails.application.config.action_view.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor + + +### +# Configure Action Text to use an HTML5 standards-compliant sanitizer when it is supported on your +# platform. +# +# `Rails::HTML::Sanitizer.best_supported_vendor` will cause Action Text to use HTML5-compliant +# sanitizers if they are supported, else fall back to HTML4 sanitizers. +# +# In previous versions of Rails, Action Text always used `Rails::HTML4::Sanitizer` as its vendor. +#++ +# Rails.application.config.action_text.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor + + +### +# Configure the log level used by the DebugExceptions middleware when logging +# uncaught exceptions during requests. +#++ +# Rails.application.config.action_dispatch.debug_exception_log_level = :error + + +### +# Configure the test helpers in Action View, Action Dispatch, and rails-dom-testing to use HTML5 +# parsers. +# +# Nokogiri::HTML5 isn't supported on JRuby, so JRuby applications must set this to :html4. +# +# In previous versions of Rails, these test helpers always used an HTML4 parser. +#++ +# Rails.application.config.dom_testing_default_html_version = :html5 From a314fc331d7d279666961b3944ca441910f16d26 Mon Sep 17 00:00:00 2001 From: Iain McNulty Date: Thu, 11 Apr 2024 09:07:27 +0100 Subject: [PATCH 08/16] Use join instead of merging scopes in through association A bug appears to exist (or existed previously) in ActiveRecord where the scope on an association behaves differently between rails 7.0 and 7.1. The through association is being passed the scope as a value rather on assignment. We can avoid this by using a join instead. --- app/models/course.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/course.rb b/app/models/course.rb index 9552e502d9..a5e985176f 100644 --- a/app/models/course.rb +++ b/app/models/course.rb @@ -127,7 +127,7 @@ def set_subject_position(course_subject) accepts_nested_attributes_for :site_statuses has_many :sites, - -> { distinct.merge(SiteStatus.where(status: %i[new_status running])) }, + -> { distinct.joins(:site_statuses).where(site_statuses: { status: %i[new_status running] }) }, through: :site_statuses has_many :study_sites, through: :study_site_placements, source: :site From 82593ca7a4aa8d342a5cda4687666eb7d0f607d1 Mon Sep 17 00:00:00 2001 From: Iain McNulty Date: Thu, 11 Apr 2024 09:30:01 +0100 Subject: [PATCH 09/16] Pass serialize coder as a keyword argument --- app/models/provider.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/provider.rb b/app/models/provider.rb index 39701bfe39..5002289872 100644 --- a/app/models/provider.rb +++ b/app/models/provider.rb @@ -138,7 +138,7 @@ def current_accredited_courses scope :with_can_sponsor_student_visa, ->(can_sponsor_student_visa) { where(can_sponsor_student_visa:) } - serialize :accrediting_provider_enrichments, AccreditingProviderEnrichment::ArraySerializer + serialize :accrediting_provider_enrichments, coder: AccreditingProviderEnrichment::ArraySerializer validates :train_with_us, words_count: { maximum: 250, message: '^Reduce the word count for training with you' } validates :train_with_disability, words_count: { maximum: 250, message: '^Reduce the word count for training with disabilities and other needs' } From af5d3ddc828117cd3c018d255f848c8418cfe175 Mon Sep 17 00:00:00 2001 From: Iain McNulty Date: Thu, 11 Apr 2024 09:34:11 +0100 Subject: [PATCH 10/16] Exclude Rails generated files STringLiteral Rubocop --- config/rubocop/style.yml | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/config/rubocop/style.yml b/config/rubocop/style.yml index c4fc657b50..943583356b 100644 --- a/config/rubocop/style.yml +++ b/config/rubocop/style.yml @@ -6,5 +6,21 @@ Style/HashLikeCase: Exclude: - 'app/models/concerns/with_qualifications.rb' Style/ReturnNilInPredicateMethodDefinition: - Exclude: + Exclude: - 'app/forms/publish/notification_form.rb' + +# Exclude Rails generated files +Style/StringLiterals: + Enabled: true + EnforcedStyle: single_quotes + Exclude: + - config/boot.rb + - config/application.rb + - config/environment.rb + - config/environments/* + - config/initializers/assets.rb + - config/initializers/content_security_policy.rb + - config/initializers/filter_parameter_logging.rb + - config/initializers/inflections.rb + - bin/rails + - bin/rake From c15c7b14ee886c34fb7833c72d17fc6abf6cb386 Mon Sep 17 00:00:00 2001 From: Iain McNulty Date: Thu, 11 Apr 2024 09:59:22 +0100 Subject: [PATCH 11/16] RuboCop linting --- config/application.rb | 4 ++-- config/initializers/new_framework_defaults_7_1.rb | 6 ++---- config/initializers/semantic_logger.rb | 2 +- 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/config/application.rb b/config/application.rb index 24c76088c7..15672ff75f 100644 --- a/config/application.rb +++ b/config/application.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -require_relative "boot" +require_relative "boot" require 'rails/all' require 'active_support/core_ext/integer/time' @@ -18,7 +18,7 @@ class Application < Rails::Application # Please, add to the `ignore` list any other `lib` subdirectories that do # not contain `.rb` files, or that should not be reloaded or eager loaded. # Common ones are `templates`, `generators`, or `middleware`, for example. - config.autoload_lib(ignore: %w(assets tasks)) + config.autoload_lib(ignore: %w[assets tasks]) # Configuration for the application, engines, and railties goes here. # diff --git a/config/initializers/new_framework_defaults_7_1.rb b/config/initializers/new_framework_defaults_7_1.rb index 4ba02970b6..1622dbd8ed 100644 --- a/config/initializers/new_framework_defaults_7_1.rb +++ b/config/initializers/new_framework_defaults_7_1.rb @@ -1,3 +1,5 @@ +# # frozen_string_literal: true + # Be sure to restart your server when you modify this file. # # This file eases your Rails 7.1 framework defaults upgrade. @@ -241,7 +243,6 @@ # this file): # config.active_support.cache_format_version = 7.1 - ### # Configure Action View to use HTML5 standards-compliant sanitizers when they are supported on your # platform. @@ -253,7 +254,6 @@ #++ # Rails.application.config.action_view.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor - ### # Configure Action Text to use an HTML5 standards-compliant sanitizer when it is supported on your # platform. @@ -265,14 +265,12 @@ #++ # Rails.application.config.action_text.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor - ### # Configure the log level used by the DebugExceptions middleware when logging # uncaught exceptions during requests. #++ # Rails.application.config.action_dispatch.debug_exception_log_level = :error - ### # Configure the test helpers in Action View, Action Dispatch, and rails-dom-testing to use HTML5 # parsers. diff --git a/config/initializers/semantic_logger.rb b/config/initializers/semantic_logger.rb index 1e7f52405c..3125f66177 100644 --- a/config/initializers/semantic_logger.rb +++ b/config/initializers/semantic_logger.rb @@ -58,7 +58,7 @@ def method_is_post_or_put_or_patch? end end -unless Rails.env.development? || Rails.env.test? +unless Rails.env.local? Rails.application.configure do config.semantic_logger.application = Settings.application_name config.log_tags = [:request_id] From 32eeb5d2bc2449e4647ba8f652676056837a71a0 Mon Sep 17 00:00:00 2001 From: Iain McNulty Date: Thu, 11 Apr 2024 13:05:55 +0100 Subject: [PATCH 12/16] Api::System doesn't exist anymore --- .../api/system/application_controller.rb | 18 ------------ .../api/system/application_controller_spec.rb | 29 ------------------- 2 files changed, 47 deletions(-) delete mode 100644 app/controllers/api/system/application_controller.rb delete mode 100644 spec/controllers/api/system/application_controller_spec.rb diff --git a/app/controllers/api/system/application_controller.rb b/app/controllers/api/system/application_controller.rb deleted file mode 100644 index 5b97a4fb0c..0000000000 --- a/app/controllers/api/system/application_controller.rb +++ /dev/null @@ -1,18 +0,0 @@ -# frozen_string_literal: true - -module API - module System - class ApplicationController < ::ApplicationController - before_action -> { skip_authorization } - - def authenticate - authenticate_or_request_with_http_token do |token| - ActiveSupport::SecurityUtils.secure_compare( - token, - Settings.system_authentication_token - ) - end - end - end - end -end diff --git a/spec/controllers/api/system/application_controller_spec.rb b/spec/controllers/api/system/application_controller_spec.rb deleted file mode 100644 index 3f22452a47..0000000000 --- a/spec/controllers/api/system/application_controller_spec.rb +++ /dev/null @@ -1,29 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' - -describe API::System::ApplicationController do - let(:credentials) do - ActionController::HttpAuthentication::Token - .encode_credentials('Ge32') - end - - let(:unauthorized_credentials) do - ActionController::HttpAuthentication::Token - .encode_credentials('Si14') - end - - it 'authenticates given the correct credentials' do - request.headers['HTTP_AUTHORIZATION'] = credentials - controller.response = response - controller.authenticate - expect(response).to have_http_status(:success) - end - - it 'does not authenticate given incorrect credentials' do - controller.response = response - request.headers['HTTP_AUTHORIZATION'] = unauthorized_credentials - controller.authenticate - expect(response).to have_http_status(:unauthorized) - end -end From f5b3b7c546b92305b51779f456044032a47d57ef Mon Sep 17 00:00:00 2001 From: Iain McNulty Date: Thu, 11 Apr 2024 15:21:50 +0100 Subject: [PATCH 13/16] Upgrade sprockets to 4.2.1 --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 776ba3da69..c2ef118eb3 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -694,9 +694,9 @@ GEM spring-watcher-listen (2.1.0) listen (>= 2.7, < 4.0) spring (>= 4) - sprockets (4.0.3) + sprockets (4.2.1) concurrent-ruby (~> 1.0) - rack (> 1, < 3) + rack (>= 2.2.4, < 4) sprockets-rails (3.4.2) actionpack (>= 5.2) activesupport (>= 5.2) From d4bfd46c4cbb17329cd0abca45459058029dd2ce Mon Sep 17 00:00:00 2001 From: Iain McNulty Date: Thu, 11 Apr 2024 15:23:37 +0100 Subject: [PATCH 14/16] Only need to ignore tasks in lib --- config/application.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/application.rb b/config/application.rb index 15672ff75f..6a7a69d409 100644 --- a/config/application.rb +++ b/config/application.rb @@ -18,7 +18,7 @@ class Application < Rails::Application # Please, add to the `ignore` list any other `lib` subdirectories that do # not contain `.rb` files, or that should not be reloaded or eager loaded. # Common ones are `templates`, `generators`, or `middleware`, for example. - config.autoload_lib(ignore: %w[assets tasks]) + config.autoload_lib(ignore: %w[tasks]) # Configuration for the application, engines, and railties goes here. # From 5c0a3cc5c230b79bea2de6dd258e24d47adabbd3 Mon Sep 17 00:00:00 2001 From: Iain McNulty Date: Thu, 11 Apr 2024 15:24:10 +0100 Subject: [PATCH 15/16] Explicitly require active_support string inflecitons --- spec/support/feature_helpers/page_objects/auth.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/spec/support/feature_helpers/page_objects/auth.rb b/spec/support/feature_helpers/page_objects/auth.rb index 778f080e9a..5164508f58 100644 --- a/spec/support/feature_helpers/page_objects/auth.rb +++ b/spec/support/feature_helpers/page_objects/auth.rb @@ -1,6 +1,7 @@ # frozen_string_literal: true require_relative 'helper' +require 'active_support/core_ext/string/inflections' module FeatureHelpers module PageObject From 17d30952b0b21684bd403ffc8c6d96da57f10b6c Mon Sep 17 00:00:00 2001 From: Iain McNulty Date: Thu, 11 Apr 2024 16:41:00 +0100 Subject: [PATCH 16/16] Rubocop --- .../new_framework_defaults_7_0.rb | 122 ------------------ .../new_framework_defaults_7_1.rb | 2 +- config/initializers/permissions_policy.rb | 1 + 3 files changed, 2 insertions(+), 123 deletions(-) delete mode 100644 config/initializers/new_framework_defaults_7_0.rb diff --git a/config/initializers/new_framework_defaults_7_0.rb b/config/initializers/new_framework_defaults_7_0.rb deleted file mode 100644 index 285d8f5aaa..0000000000 --- a/config/initializers/new_framework_defaults_7_0.rb +++ /dev/null @@ -1,122 +0,0 @@ -# frozen_string_literal: true - -# Be sure to restart your server when you modify this file. -# -# This file eases your Rails 7.0 framework defaults upgrade. -# -# Uncomment each configuration one by one to switch to the new default. -# Once your application is ready to run with all new defaults, you can remove -# this file and set the `config.load_defaults` to `7.0`. -# -# Read the Guide for Upgrading Ruby on Rails for more info on each option. -# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html - -# Temporarily disable this until we clean up the reference data stuff -# Rails.configuration.active_record.belongs_to_required_by_default = false - -# `button_to` view helper will render `