From 05fa660570f41bf79a0e63a45ba77141d62b8647 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Fri, 20 Dec 2024 17:18:44 +0000 Subject: [PATCH 1/5] Drop support for ruby 3.1 --- .github/workflows/lint.yml | 2 +- .github/workflows/tests.yml | 2 +- .rubocop.yml | 6 +++++- app/helpers/svg_helper.rb | 8 ++++---- bin/setup | 4 ++-- lib/osm.rb | 4 ++-- 6 files changed, 15 insertions(+), 11 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 06f6ff841b..b7ab814aff 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -7,7 +7,7 @@ concurrency: cancel-in-progress: true env: os: ubuntu-22.04 - ruby: '3.1' + ruby: '3.2' jobs: rubocop: name: RuboCop diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index bfeb3d33ab..7affee57ce 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -11,7 +11,7 @@ jobs: strategy: matrix: ubuntu: [22.04, 24.04] - ruby: ['3.1', '3.2', '3.3'] + ruby: ['3.2', '3.3'] runs-on: ubuntu-${{ matrix.ubuntu }} env: RAILS_ENV: test diff --git a/.rubocop.yml b/.rubocop.yml index 68a7ca003e..abbe255273 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -10,7 +10,7 @@ require: - ./.rubocop/specific_action_names.rb AllCops: - TargetRubyVersion: 3.1 + TargetRubyVersion: 3.2 NewCops: enable Exclude: - 'vendor/**/*' @@ -106,6 +106,10 @@ Style/MixinUsage: - 'bin/setup' - 'bin/update' +Style/RaiseArgs: + Exclude: + - 'lib/osm.rb' + Style/StringLiterals: EnforcedStyle: double_quotes diff --git a/app/helpers/svg_helper.rb b/app/helpers/svg_helper.rb index b04ab1b0d5..7fb6b4321f 100644 --- a/app/helpers/svg_helper.rb +++ b/app/helpers/svg_helper.rb @@ -5,12 +5,12 @@ def notice_svg_tag tag.svg path_tag, :width => 16, :height => 16 end - def previous_page_svg_tag(**options) - adjacent_page_svg_tag(dir == "rtl" ? 1 : -1, **options) + def previous_page_svg_tag(**) + adjacent_page_svg_tag(dir == "rtl" ? 1 : -1, **) end - def next_page_svg_tag(**options) - adjacent_page_svg_tag(dir == "rtl" ? -1 : 1, **options) + def next_page_svg_tag(**) + adjacent_page_svg_tag(dir == "rtl" ? -1 : 1, **) end def key_svg_tag(**options) diff --git a/bin/setup b/bin/setup index ff6a475323..ced1ba3708 100755 --- a/bin/setup +++ b/bin/setup @@ -4,8 +4,8 @@ require "fileutils" APP_ROOT = File.expand_path("..", __dir__) APP_NAME = "openstreetmap".freeze -def system!(*args) - system(*args, :exception => true) +def system!(*) + system(*, :exception => true) end FileUtils.chdir APP_ROOT do diff --git a/lib/osm.rb b/lib/osm.rb index 46f37036f9..e0b4719608 100644 --- a/lib/osm.rb +++ b/lib/osm.rb @@ -506,10 +506,10 @@ def self.ip_location(ip_address) end # Parse a float, raising a specified exception on failure - def self.parse_float(str, klass, *args) + def self.parse_float(str, klass, *) Float(str) rescue StandardError - raise klass.new(*args) + raise klass.new(*) end # Construct a random token of a given length From 59c54b648232b43d52b865cb2079dad106194d94 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Tue, 19 Nov 2024 20:25:58 +0000 Subject: [PATCH 2/5] Update to rails 8.0.1 --- Gemfile | 4 +- Gemfile.lock | 124 +++++++++--------- bin/dev | 2 + bin/setup | 13 +- bin/thrust | 5 + config/environments/development.rb | 33 ++--- config/environments/production.rb | 87 +++++------- config/environments/test.rb | 30 ++--- config/initializers/canonical_rails.rb | 32 ++--- .../initializers/content_security_policy.rb | 4 +- .../new_framework_defaults_8_0.rb | 30 +++++ config/puma.rb | 14 +- 12 files changed, 189 insertions(+), 189 deletions(-) create mode 100755 bin/dev create mode 100755 bin/thrust create mode 100644 config/initializers/new_framework_defaults_8_0.rb diff --git a/Gemfile b/Gemfile index 2765b1ae71..b5c090204f 100644 --- a/Gemfile +++ b/Gemfile @@ -1,7 +1,7 @@ source "https://rubygems.org" # Require rails -gem "rails", "~> 7.2.0" +gem "rails", "~> 8.0.0" gem "turbo-rails" # Require json for multi_json @@ -62,7 +62,7 @@ gem "http_accept_language", "~> 2.1.1" gem "i18n-js", "~> 3.9.2" gem "openstreetmap-deadlock_retry", ">= 1.3.1", :require => "deadlock_retry" gem "rack-cors" -gem "rails-i18n", "~> 7.0.0" +gem "rails-i18n", "~> 8.0.0" gem "rails_param" gem "rinku", ">= 2.0.6", :require => "rails_rinku" gem "strong_migrations", "< 2.0.0" diff --git a/Gemfile.lock b/Gemfile.lock index 761beefa3a..6dcb988a36 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -3,32 +3,31 @@ GEM specs: aasm (5.5.0) concurrent-ruby (~> 1.0) - actioncable (7.2.2.1) - actionpack (= 7.2.2.1) - activesupport (= 7.2.2.1) + actioncable (8.0.1) + actionpack (= 8.0.1) + activesupport (= 8.0.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) zeitwerk (~> 2.6) - actionmailbox (7.2.2.1) - actionpack (= 7.2.2.1) - activejob (= 7.2.2.1) - activerecord (= 7.2.2.1) - activestorage (= 7.2.2.1) - activesupport (= 7.2.2.1) + actionmailbox (8.0.1) + actionpack (= 8.0.1) + activejob (= 8.0.1) + activerecord (= 8.0.1) + activestorage (= 8.0.1) + activesupport (= 8.0.1) mail (>= 2.8.0) - actionmailer (7.2.2.1) - actionpack (= 7.2.2.1) - actionview (= 7.2.2.1) - activejob (= 7.2.2.1) - activesupport (= 7.2.2.1) + actionmailer (8.0.1) + actionpack (= 8.0.1) + actionview (= 8.0.1) + activejob (= 8.0.1) + activesupport (= 8.0.1) mail (>= 2.8.0) rails-dom-testing (~> 2.2) - actionpack (7.2.2.1) - actionview (= 7.2.2.1) - activesupport (= 7.2.2.1) + actionpack (8.0.1) + actionview (= 8.0.1) + activesupport (= 8.0.1) nokogiri (>= 1.8.5) - racc - rack (>= 2.2.4, < 3.2) + rack (>= 2.2.4) rack-session (>= 1.0.1) rack-test (>= 0.6.3) rails-dom-testing (~> 2.2) @@ -36,39 +35,39 @@ GEM useragent (~> 0.16) actionpack-page_caching (1.2.4) actionpack (>= 4.0.0) - actiontext (7.2.2.1) - actionpack (= 7.2.2.1) - activerecord (= 7.2.2.1) - activestorage (= 7.2.2.1) - activesupport (= 7.2.2.1) + actiontext (8.0.1) + actionpack (= 8.0.1) + activerecord (= 8.0.1) + activestorage (= 8.0.1) + activesupport (= 8.0.1) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.2.2.1) - activesupport (= 7.2.2.1) + actionview (8.0.1) + activesupport (= 8.0.1) builder (~> 3.1) erubi (~> 1.11) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) active_record_union (1.3.0) activerecord (>= 4.0) - activejob (7.2.2.1) - activesupport (= 7.2.2.1) + activejob (8.0.1) + activesupport (= 8.0.1) globalid (>= 0.3.6) - activemodel (7.2.2.1) - activesupport (= 7.2.2.1) - activerecord (7.2.2.1) - activemodel (= 7.2.2.1) - activesupport (= 7.2.2.1) + activemodel (8.0.1) + activesupport (= 8.0.1) + activerecord (8.0.1) + activemodel (= 8.0.1) + activesupport (= 8.0.1) timeout (>= 0.4.0) activerecord-import (2.0.0) activerecord (>= 4.2) - activestorage (7.2.2.1) - actionpack (= 7.2.2.1) - activejob (= 7.2.2.1) - activerecord (= 7.2.2.1) - activesupport (= 7.2.2.1) + activestorage (8.0.1) + actionpack (= 8.0.1) + activejob (= 8.0.1) + activerecord (= 8.0.1) + activesupport (= 8.0.1) marcel (~> 1.0) - activesupport (7.2.2.1) + activesupport (8.0.1) base64 benchmark (>= 0.3) bigdecimal @@ -80,11 +79,12 @@ GEM minitest (>= 5.1) securerandom (>= 0.3) tzinfo (~> 2.0, >= 2.0.5) + uri (>= 0.13.1) addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) - annotate (3.2.0) - activerecord (>= 3.2, < 8.0) - rake (>= 10.4, < 14.0) + annotate (2.6.5) + activerecord (>= 2.3.0) + rake (>= 0.8.7) argon2 (2.3.0) ffi (~> 1.15) ffi-compiler (~> 1.0) @@ -491,20 +491,20 @@ GEM rackup (1.0.1) rack (< 3) webrick - rails (7.2.2.1) - actioncable (= 7.2.2.1) - actionmailbox (= 7.2.2.1) - actionmailer (= 7.2.2.1) - actionpack (= 7.2.2.1) - actiontext (= 7.2.2.1) - actionview (= 7.2.2.1) - activejob (= 7.2.2.1) - activemodel (= 7.2.2.1) - activerecord (= 7.2.2.1) - activestorage (= 7.2.2.1) - activesupport (= 7.2.2.1) + rails (8.0.1) + actioncable (= 8.0.1) + actionmailbox (= 8.0.1) + actionmailer (= 8.0.1) + actionpack (= 8.0.1) + actiontext (= 8.0.1) + actionview (= 8.0.1) + activejob (= 8.0.1) + activemodel (= 8.0.1) + activerecord (= 8.0.1) + activestorage (= 8.0.1) + activesupport (= 8.0.1) bundler (>= 1.15.0) - railties (= 7.2.2.1) + railties (= 8.0.1) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) @@ -516,15 +516,15 @@ GEM rails-html-sanitizer (1.6.2) loofah (~> 2.21) nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0) - rails-i18n (7.0.10) + rails-i18n (8.0.1) i18n (>= 0.7, < 2) - railties (>= 6.0.0, < 8) + railties (>= 8.0.0, < 9) rails_param (1.3.1) actionpack (>= 3.2.0) activesupport (>= 3.2.0) - railties (7.2.2.1) - actionpack (= 7.2.2.1) - activesupport (= 7.2.2.1) + railties (8.0.1) + actionpack (= 8.0.1) + activesupport (= 8.0.1) irb (~> 1.13) rackup (>= 1.0.0) rake (>= 12.2) @@ -743,9 +743,9 @@ DEPENDENCIES quad_tile (~> 1.0.1) rack-cors rack-uri_sanitizer - rails (~> 7.2.0) + rails (~> 8.0.0) rails-controller-testing - rails-i18n (~> 7.0.0) + rails-i18n (~> 8.0.0) rails_param rinku (>= 2.0.6) rotp diff --git a/bin/dev b/bin/dev new file mode 100755 index 0000000000..5f91c20545 --- /dev/null +++ b/bin/dev @@ -0,0 +1,2 @@ +#!/usr/bin/env ruby +exec "./bin/rails", "server", *ARGV diff --git a/bin/setup b/bin/setup index ced1ba3708..b91b090efe 100755 --- a/bin/setup +++ b/bin/setup @@ -2,7 +2,6 @@ require "fileutils" APP_ROOT = File.expand_path("..", __dir__) -APP_NAME = "openstreetmap".freeze def system!(*) system(*, :exception => true) @@ -14,7 +13,6 @@ FileUtils.chdir APP_ROOT do # Add necessary setup steps to this file. puts "== Installing dependencies ==" - system! "gem install bundler --conservative" system("bundle check") || system!("bundle install") # puts "\n== Copying sample files ==" @@ -28,10 +26,9 @@ FileUtils.chdir APP_ROOT do puts "\n== Removing old logs and tempfiles ==" system! "bin/rails log:clear tmp:clear" - puts "\n== Restarting application server ==" - system! "bin/rails restart" - - # puts "\n== Configuring puma-dev ==" - # system "ln -nfs #{APP_ROOT} ~/.puma-dev/#{APP_NAME}" - # system "curl -Is https://#{APP_NAME}.test/up | head -n 1" + unless ARGV.include?("--skip-server") + puts "\n== Starting development server ==" + $stdout.flush # flush the output before exec(2) so that it displays + exec "bin/dev" + end end diff --git a/bin/thrust b/bin/thrust new file mode 100755 index 0000000000..36bde2d832 --- /dev/null +++ b/bin/thrust @@ -0,0 +1,5 @@ +#!/usr/bin/env ruby +require "rubygems" +require "bundler/setup" + +load Gem.bin_path("thruster", "thrust") diff --git a/config/environments/development.rb b/config/environments/development.rb index bc4b587486..ffb0f566c1 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -3,9 +3,7 @@ Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # In the development environment your application's code is reloaded any time - # it changes. This slows down response time but is perfect for development - # since you don't have to restart the web server when you make code changes. + # Make code changes take effect immediately without server restart. config.enable_reloading = true # Do not eager load code on boot. @@ -17,53 +15,46 @@ # Enable server timing. config.server_timing = true - # Enable/disable caching. By default caching is disabled. - # Run rails dev:cache to toggle caching. + # Enable/disable Action Controller caching. By default Action Controller caching is disabled. + # Run rails dev:cache to toggle Action Controller caching. if Rails.root.join("tmp/caching-dev.txt").exist? config.action_controller.perform_caching = true config.action_controller.enable_fragment_cache_logging = true - - config.cache_store = :memory_store - config.public_file_server.headers = { "Cache-Control" => "public, max-age=#{2.days.to_i}" } + config.public_file_server.headers = { "cache-control" => "public, max-age=#{2.days.to_i}" } else config.action_controller.perform_caching = false - - config.cache_store = :null_store end + # Change to :null_store to avoid any caching. + config.cache_store = :memory_store + # Store uploaded files on the local file system (see config/storage.yml for options). config.active_storage.service = :local # Don't care if the mailer can't send. config.action_mailer.raise_delivery_errors = false - # Disable caching for Action Mailer templates even if Action Controller - # caching is enabled. + # Make template changes take effect immediately. config.action_mailer.perform_caching = false + # Set localhost to be used by links generated in mailer templates. config.action_mailer.default_url_options = { :host => "localhost", :port => 3000 } # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log - # Raise exceptions for disallowed deprecations. - config.active_support.disallowed_deprecation = :raise - - # Tell Active Support which deprecation messages to disallow. - config.active_support.disallowed_deprecation_warnings = [] - # Raise an error on page load if there are pending migrations. config.active_record.migration_error = :page_load unless Settings.status == "database_offline" # Highlight code that triggered database queries in logs. config.active_record.verbose_query_logs = true unless Settings.status == "database_offline" + # Append comments with runtime information tags to SQL queries in logs. + config.active_record.query_log_tags_enabled = true + # Highlight code that enqueued background job in logs. config.active_job.verbose_enqueue_logs = true - # Suppress logger output for asset requests. - config.assets.quiet = true - # Export translations automatically. config.middleware.use I18n::JS::Middleware diff --git a/config/environments/production.rb b/config/environments/production.rb index 9a7e072b4e..088412086c 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -6,83 +6,51 @@ # Code is not reloaded between requests. config.enable_reloading = false - # Eager load code on boot. This eager loads most of Rails and - # your application in memory, allowing both threaded web servers - # and those relying on copy on write to perform better. - # Rake tasks automatically ignore this option for performance. + # Eager load code on boot for better performance and memory savings (ignored by Rake tasks). config.eager_load = true - # Full error reports are disabled and caching is turned on. + # Full error reports are disabled. config.consider_all_requests_local = false - config.action_controller.perform_caching = true - - # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment - # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files). - # config.require_master_key = true - - # Disable serving static files from `public/`, relying on NGINX/Apache to do so instead. - # config.public_file_server.enabled = false - # Compress JavaScripts using a preprocessor. - config.assets.js_compressor = Terser.new - - # Compress CSS using a preprocessor. - # config.assets.css_compressor = :sass + # Turn on fragment caching in view templates. + config.action_controller.perform_caching = true - # Do not fall back to assets pipeline if a precompiled asset is missed. - config.assets.compile = false + # Cache assets for far-future expiry since they are all digest stamped. + config.public_file_server.headers = { "cache-control" => "public, max-age=#{1.year.to_i}" } # Enable serving of images, stylesheets, and JavaScripts from an asset server. # config.asset_host = "http://assets.example.com" - # Specifies the header that your server uses for sending files. - # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache - # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX - # Store uploaded files on the local file system (see config/storage.yml for options). config.active_storage.service = :local - # Mount Action Cable outside main process or domain. - # config.action_cable.mount_path = nil - # config.action_cable.url = "wss://example.com/cable" - # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ] - # Assume all access to the app is happening through a SSL-terminating reverse proxy. - # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies. - # config.assume_ssl = true + config.assume_ssl = true # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. - # config.force_ssl = true + config.force_ssl = true # Skip http-to-https redirect for the default health check endpoint. # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } } - # Log to STDOUT by default - # config.logger = ActiveSupport::Logger.new(STDOUT) - # .tap { |logger| logger.formatter = ::Logger::Formatter.new } - # .then { |logger| ActiveSupport::TaggedLogging.new(logger) } - - # Prepend all log lines with the following tags. + # Log to STDOUT with the current request id as a default log tag. config.log_tags = [:request_id] + config.logger = ActiveSupport::TaggedLogging.logger($stdout) - # "info" includes generic and useful information about system operation, but avoids logging too much - # information to avoid inadvertent exposure of personally identifiable information (PII). If you - # want to log everything, set the level to "debug". + # Change to "debug" to log everything (including potentially personally-identifiable information!) config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info") - # Use a different log path in production. - config.paths["log"] = Settings.log_path if Settings.key?(:log_path) + # Prevent health checks from clogging up the logs. + config.silence_healthcheck_path = "/up" + + # Don't log any deprecations. + config.active_support.report_deprecations = false - # Use a different cache store in production. + # Replace the default in-process memory cache store with a durable alternative. # config.cache_store = :mem_cache_store - # Use a real queuing backend for Active Job (and separate queues per environment). + # Replace the default in-process and non-durable queuing backend for Active Job. # config.active_job.queue_adapter = :resque - # config.active_job.queue_name_prefix = "openstreetmap_production" - - # Disable caching for Action Mailer templates even if Action Controller - # caching is enabled. - config.action_mailer.perform_caching = false # Configure caching of static assets config.action_controller.page_cache_directory = Rails.public_path @@ -91,21 +59,34 @@ # Set this to true and configure the email server for immediate delivery to raise delivery errors. # config.action_mailer.raise_delivery_errors = false + # Set host to be used by links generated in mailer templates. + config.action_mailer.default_url_options = { :host => "example.com" } + + # Specify outgoing SMTP server. Remember to add smtp/* credentials via rails credentials:edit. + # config.action_mailer.smtp_settings = { + # user_name: Rails.application.credentials.dig(:smtp, :user_name), + # password: Rails.application.credentials.dig(:smtp, :password), + # address: "smtp.example.com", + # port: 587, + # authentication: :plain + # } + # Enable locale fallbacks for I18n (makes lookups for any locale fall back to # the I18n.default_locale when a translation cannot be found). config.i18n.fallbacks = true - # Don't log any deprecations. - config.active_support.report_deprecations = false - # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false unless Settings.status == "database_offline" + # Only use :id for inspections in production. + config.active_record.attributes_for_inspect = [:id] + # Enable DNS rebinding protection and other `Host` header attacks. # config.hosts = [ # "example.com", # Allow requests from example.com # /.*\.example\.com/ # Allow requests from subdomains like `www.example.com` # ] + # # Skip DNS rebinding protection for the default health check endpoint. # config.host_authorization = { exclude: ->(request) { request.path == "/up" } } diff --git a/config/environments/test.rb b/config/environments/test.rb index 7ac52c5e4d..5490cf0d9e 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -1,5 +1,3 @@ -require "active_support/core_ext/integer/time" - # The test environment is used exclusively to run your application's # test suite. You never need to work with it otherwise. Remember that # your test database is "scratch space" for the test suite and is wiped @@ -17,12 +15,11 @@ # loading is working properly before deploying your code. config.eager_load = ENV["CI"].present? - # Configure public file server for tests with Cache-Control for performance. - config.public_file_server.headers = { "Cache-Control" => "public, max-age=#{1.hour.to_i}" } + # Configure public file server for tests with cache-control for performance. + config.public_file_server.headers = { "cache-control" => "public, max-age=3600" } - # Show full error reports and disable caching. + # Show full error reports. config.consider_all_requests_local = true - config.action_controller.perform_caching = false config.cache_store = :null_store # Render exception templates for rescuable exceptions and raise for other exceptions. @@ -37,31 +34,17 @@ # Disable logging in tests, for speed increases. Set to :info to bring back logging config.log_level = :warn - # Disable caching for Action Mailer templates even if Action Controller - # caching is enabled. - config.action_mailer.perform_caching = false - # Tell Action Mailer not to deliver emails to the real world. # The :test delivery method accumulates sent emails in the # ActionMailer::Base.deliveries array. config.action_mailer.delivery_method = :test - # Unlike controllers, the mailer instance doesn't have any context about the - # incoming request so you'll need to provide the :host parameter yourself. + # Set host to be used by links generated in mailer templates. config.action_mailer.default_url_options = { :host => Settings.server_url } # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr - # Raise exceptions for disallowed deprecations. - config.active_support.disallowed_deprecation = :raise - - # Tell Active Support which deprecation messages to disallow. - config.active_support.disallowed_deprecation_warnings = [] - - # Export translations automatically. - config.middleware.use I18n::JS::Middleware - # Raises error for missing translations. config.i18n.raise_on_missing_translations = true @@ -74,6 +57,9 @@ # Use the test adapter for ActiveJob during testing. config.active_job.queue_adapter = :test - # Allow FactoryBot to set primary key attributes + # Allow FactoryBot to set primary key attributes. config.factory_bot.reject_primary_key_attributes = false + + # Disable page caching. + config.action_controller.perform_caching = false end diff --git a/config/initializers/canonical_rails.rb b/config/initializers/canonical_rails.rb index c2c8440476..3731a90ea4 100644 --- a/config/initializers/canonical_rails.rb +++ b/config/initializers/canonical_rails.rb @@ -1,23 +1,23 @@ -CanonicalRails.setup do |config| - # Force the protocol. If you do not specify, the protocol will be based on the incoming request's protocol. +# CanonicalRails.setup do |config| +# # Force the protocol. If you do not specify, the protocol will be based on the incoming request's protocol. - config.protocol = "#{Settings.server_protocol}://" +# config.protocol = "#{Settings.server_protocol}://" - # This is the main host, not just the TLD, omit slashes and protocol. If you have more than one, pick the one you want to rank in search results. +# # This is the main host, not just the TLD, omit slashes and protocol. If you have more than one, pick the one you want to rank in search results. - config.host = Settings.server_url - config.port = Settings.server_protocol == "https" ? 443 : 80 +# config.host = Settings.server_url +# config.port = Settings.server_protocol == "https" ? 443 : 80 - # http://en.wikipedia.org/wiki/URL_normalization - # Trailing slash represents semantics of a directory, ie a collection view - implying an :index get route; - # otherwise we have to assume semantics of an instance of a resource type, a member view - implying a :show get route - # - # Acts as a whitelist for routes to have trailing slashes +# # http://en.wikipedia.org/wiki/URL_normalization +# # Trailing slash represents semantics of a directory, ie a collection view - implying an :index get route; +# # otherwise we have to assume semantics of an instance of a resource type, a member view - implying a :show get route +# # +# # Acts as a whitelist for routes to have trailing slashes - config.collection_actions = [:index] +# config.collection_actions = [:index] - # Parameter spamming can cause index dilution by creating seemingly different URLs with identical or near-identical content. - # Unless whitelisted, these parameters will be omitted +# # Parameter spamming can cause index dilution by creating seemingly different URLs with identical or near-identical content. +# # Unless whitelisted, these parameters will be omitted - config.whitelisted_parameters = [] -end +# config.whitelisted_parameters = [] +# end diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 9ddaf70f94..2b7260f317 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -36,9 +36,9 @@ policy.report_uri(Settings.csp_report_url) if Settings.key?(:csp_report_url) end - # Generate session nonces for permitted importmap and inline scripts + # Generate session nonces for permitted importmap, inline scripts, and inline styles. config.content_security_policy_nonce_generator = ->(_request) { SecureRandom.base64(24) } - config.content_security_policy_nonce_directives = %w[style-src] + config.content_security_policy_nonce_directives = %w[script-src style-src] # Report violations without enforcing the policy. config.content_security_policy_report_only = true unless Settings.csp_enforce diff --git a/config/initializers/new_framework_defaults_8_0.rb b/config/initializers/new_framework_defaults_8_0.rb new file mode 100644 index 0000000000..92efa95152 --- /dev/null +++ b/config/initializers/new_framework_defaults_8_0.rb @@ -0,0 +1,30 @@ +# Be sure to restart your server when you modify this file. +# +# This file eases your Rails 8.0 framework defaults upgrade. +# +# Uncomment each configuration one by one to switch to the new default. +# Once your application is ready to run with all new defaults, you can remove +# this file and set the `config.load_defaults` to `8.0`. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. +# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html + +### +# Specifies whether `to_time` methods preserve the UTC offset of their receivers or preserves the timezone. +# If set to `:zone`, `to_time` methods will use the timezone of their receivers. +# If set to `:offset`, `to_time` methods will use the UTC offset. +# If `false`, `to_time` methods will convert to the local system UTC offset instead. +#++ +# Rails.application.config.active_support.to_time_preserves_timezone = :zone + +### +# When both `If-Modified-Since` and `If-None-Match` are provided by the client +# only consider `If-None-Match` as specified by RFC 7232 Section 6. +# If set to `false` both conditions need to be satisfied. +#++ +# Rails.application.config.action_dispatch.strict_freshness = true + +### +# Set `Regexp.timeout` to `1`s by default to improve security over Regexp Denial-of-Service attacks. +#++ +# Regexp.timeout = 1 diff --git a/config/puma.rb b/config/puma.rb index 60e1b9c67a..a248513b24 100644 --- a/config/puma.rb +++ b/config/puma.rb @@ -1,13 +1,17 @@ # This configuration file will be evaluated by Puma. The top-level methods that # are invoked here are part of Puma's configuration DSL. For more information # about methods provided by the DSL, see https://puma.io/puma/Puma/DSL.html. - +# # Puma starts a configurable number of processes (workers) and each process # serves each request in a thread from an internal thread pool. # +# You can control the number of workers using ENV["WEB_CONCURRENCY"]. You +# should only set this value when you want to run 2 or more workers. The +# default is already 1. +# # The ideal number of threads per worker depends both on how much time the # application spends waiting for IO operations and on how much you wish to -# to prioritize throughput over latency. +# prioritize throughput over latency. # # As a rule of thumb, increasing the number of threads will increase how much # traffic a given process can handle (throughput), but due to CRuby's @@ -29,5 +33,9 @@ # Allow puma to be restarted by `bin/rails restart` command. plugin :tmp_restart -# Only use a pidfile when requested +# Run the Solid Queue supervisor inside of Puma for single-server deployments +plugin :solid_queue if ENV["SOLID_QUEUE_IN_PUMA"] + +# Specify the PID file. Defaults to tmp/pids/server.pid in development. +# In other environments, only set the PID file if requested. pidfile ENV["PIDFILE"] if ENV["PIDFILE"] From c2df4e06ba5d4a6ba63a77aed1171776120e5b81 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Fri, 20 Dec 2024 10:18:12 +0000 Subject: [PATCH 3/5] Avoid parsing of XML requests with ; in the body --- test/controllers/api/old_nodes_controller_test.rb | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/test/controllers/api/old_nodes_controller_test.rb b/test/controllers/api/old_nodes_controller_test.rb index 8ce19f3ea2..151018e1e3 100644 --- a/test/controllers/api/old_nodes_controller_test.rb +++ b/test/controllers/api/old_nodes_controller_test.rb @@ -48,7 +48,7 @@ def test_version propagate_tags(node, node.old_nodes.last) ## First try this with a non-public user - auth_header = bearer_authorization_header private_user + auth_header = request_headers private_user # setup a simple XML node xml_doc = xml_for_node(private_node) @@ -95,7 +95,7 @@ def test_version # probably should check that they didn't get written to the database ## Now do it with the public user - auth_header = bearer_authorization_header user + auth_header = request_headers user # setup a simple XML node @@ -482,5 +482,9 @@ def propagate_tags(node, old_node) create(:old_node_tag, :old_node => old_node, :k => k, :v => v) end end + + def request_headers(user) + bearer_authorization_header(user).merge("Content-Type" => "application/xml") + end end end From f29421149aa7550ff5646ba87a77804dfe5240a9 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Fri, 20 Dec 2024 10:26:47 +0000 Subject: [PATCH 4/5] Use rails 8 compatible active_record_union https://github.com/brianhempel/active_record_union/issues/36 --- Gemfile | 2 +- Gemfile.lock | 12 +++++++++--- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index b5c090204f..39e56cc2e6 100644 --- a/Gemfile +++ b/Gemfile @@ -49,7 +49,7 @@ gem "file_exists" # Load rails plugins gem "actionpack-page_caching", ">= 1.2.0" gem "activerecord-import" -gem "active_record_union" +gem "active_record_union", :github => "brianhempel/active_record_union", :ref => "master" gem "bootstrap", "~> 5.3.2" gem "bootstrap_form", "~> 5.0" gem "cancancan" diff --git a/Gemfile.lock b/Gemfile.lock index 6dcb988a36..8098543eba 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,3 +1,11 @@ +GIT + remote: https://github.com/brianhempel/active_record_union.git + revision: 8ebe558709aabe039abd24e3e7dd4d4354a6de88 + ref: master + specs: + active_record_union (1.3.0) + activerecord (>= 6.0) + GEM remote: https://rubygems.org/ specs: @@ -48,8 +56,6 @@ GEM erubi (~> 1.11) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - active_record_union (1.3.0) - activerecord (>= 4.0) activejob (8.0.1) activesupport (= 8.0.1) globalid (>= 0.3.6) @@ -669,7 +675,7 @@ PLATFORMS DEPENDENCIES aasm actionpack-page_caching (>= 1.2.0) - active_record_union + active_record_union! activerecord-import addressable (~> 2.8) annotate From 6a0052b63d4d766de53c1588659661026e0ed18a Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Fri, 20 Dec 2024 17:33:25 +0000 Subject: [PATCH 5/5] Use rails 8 compatible annotate gem --- Gemfile | 2 +- Gemfile.lock | 14 ++++++++++---- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/Gemfile b/Gemfile index 39e56cc2e6..c0d1f30ff2 100644 --- a/Gemfile +++ b/Gemfile @@ -180,7 +180,7 @@ group :test do end group :development, :test do - gem "annotate" + gem "annotate", :github => "andynu/annotate_models", :ref => "rails-8-0" gem "teaspoon" gem "teaspoon-mocha", "~> 2.3.3" diff --git a/Gemfile.lock b/Gemfile.lock index 8098543eba..5a636b3383 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,3 +1,12 @@ +GIT + remote: https://github.com/andynu/annotate_models.git + revision: 2c72ee8995ae8c1b9f5cf8690e8e3d22b7bd080d + ref: rails-8-0 + specs: + annotate (3.2.0) + activerecord (>= 3.2, < 9.0) + rake (>= 10.4, < 14.0) + GIT remote: https://github.com/brianhempel/active_record_union.git revision: 8ebe558709aabe039abd24e3e7dd4d4354a6de88 @@ -88,9 +97,6 @@ GEM uri (>= 0.13.1) addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) - annotate (2.6.5) - activerecord (>= 2.3.0) - rake (>= 0.8.7) argon2 (2.3.0) ffi (~> 1.15) ffi-compiler (~> 1.0) @@ -678,7 +684,7 @@ DEPENDENCIES active_record_union! activerecord-import addressable (~> 2.8) - annotate + annotate! argon2 autoprefixer-rails aws-sdk-s3