From ee65dfbd51ea423e7b2ded13eb48debcfc9a59b1 Mon Sep 17 00:00:00 2001 From: Mateusz Grotek Date: Thu, 22 Aug 2024 13:03:26 +0100 Subject: [PATCH 1/3] Upgrade Rails version to 7.2.1 --- Gemfile | 2 +- Gemfile.lock | 133 +++++++++++++++++++++++++-------------------------- 2 files changed, 67 insertions(+), 68 deletions(-) diff --git a/Gemfile b/Gemfile index f91e2a02f..2a78d06e1 100644 --- a/Gemfile +++ b/Gemfile @@ -2,7 +2,7 @@ source "https://rubygems.org" ruby "~> 3.2.0" -gem "rails", "7.1.3.4" +gem "rails", "7.2.1" gem "bootsnap", require: false gem "dalli" diff --git a/Gemfile.lock b/Gemfile.lock index 66b89375a..c46fa643c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,80 +1,76 @@ GEM remote: https://rubygems.org/ specs: - actioncable (7.1.3.4) - actionpack (= 7.1.3.4) - activesupport (= 7.1.3.4) + actioncable (7.2.1) + actionpack (= 7.2.1) + activesupport (= 7.2.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) zeitwerk (~> 2.6) - actionmailbox (7.1.3.4) - actionpack (= 7.1.3.4) - activejob (= 7.1.3.4) - activerecord (= 7.1.3.4) - activestorage (= 7.1.3.4) - activesupport (= 7.1.3.4) - mail (>= 2.7.1) - net-imap - net-pop - net-smtp - actionmailer (7.1.3.4) - actionpack (= 7.1.3.4) - actionview (= 7.1.3.4) - activejob (= 7.1.3.4) - activesupport (= 7.1.3.4) - mail (~> 2.5, >= 2.5.4) - net-imap - net-pop - net-smtp + actionmailbox (7.2.1) + actionpack (= 7.2.1) + activejob (= 7.2.1) + activerecord (= 7.2.1) + activestorage (= 7.2.1) + activesupport (= 7.2.1) + mail (>= 2.8.0) + actionmailer (7.2.1) + actionpack (= 7.2.1) + actionview (= 7.2.1) + activejob (= 7.2.1) + activesupport (= 7.2.1) + mail (>= 2.8.0) rails-dom-testing (~> 2.2) - actionpack (7.1.3.4) - actionview (= 7.1.3.4) - activesupport (= 7.1.3.4) + actionpack (7.2.1) + actionview (= 7.2.1) + activesupport (= 7.2.1) nokogiri (>= 1.8.5) racc - rack (>= 2.2.4) + rack (>= 2.2.4, < 3.2) rack-session (>= 1.0.1) rack-test (>= 0.6.3) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - actiontext (7.1.3.4) - actionpack (= 7.1.3.4) - activerecord (= 7.1.3.4) - activestorage (= 7.1.3.4) - activesupport (= 7.1.3.4) + useragent (~> 0.16) + actiontext (7.2.1) + actionpack (= 7.2.1) + activerecord (= 7.2.1) + activestorage (= 7.2.1) + activesupport (= 7.2.1) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.1.3.4) - activesupport (= 7.1.3.4) + actionview (7.2.1) + activesupport (= 7.2.1) builder (~> 3.1) erubi (~> 1.11) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - activejob (7.1.3.4) - activesupport (= 7.1.3.4) + activejob (7.2.1) + activesupport (= 7.2.1) globalid (>= 0.3.6) - activemodel (7.1.3.4) - activesupport (= 7.1.3.4) - activerecord (7.1.3.4) - activemodel (= 7.1.3.4) - activesupport (= 7.1.3.4) + activemodel (7.2.1) + activesupport (= 7.2.1) + activerecord (7.2.1) + activemodel (= 7.2.1) + activesupport (= 7.2.1) timeout (>= 0.4.0) - activestorage (7.1.3.4) - actionpack (= 7.1.3.4) - activejob (= 7.1.3.4) - activerecord (= 7.1.3.4) - activesupport (= 7.1.3.4) + activestorage (7.2.1) + actionpack (= 7.2.1) + activejob (= 7.2.1) + activerecord (= 7.2.1) + activesupport (= 7.2.1) marcel (~> 1.0) - activesupport (7.1.3.4) + activesupport (7.2.1) base64 bigdecimal - concurrent-ruby (~> 1.0, >= 1.0.2) + concurrent-ruby (~> 1.0, >= 1.3.1) connection_pool (>= 2.2.5) drb i18n (>= 1.6, < 2) + logger (>= 1.4.2) minitest (>= 5.1) - mutex_m - tzinfo (~> 2.0) + securerandom (>= 0.3) + tzinfo (~> 2.0, >= 2.0.5) addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) ansi (1.5.0) @@ -211,6 +207,7 @@ GEM rexml language_server-protocol (3.17.0.3) link_header (0.0.8) + logger (1.6.0) logstasher (2.1.5) activesupport (>= 5.2) request_store @@ -484,20 +481,20 @@ GEM rackup (2.1.0) rack (>= 3) webrick (~> 1.8) - rails (7.1.3.4) - actioncable (= 7.1.3.4) - actionmailbox (= 7.1.3.4) - actionmailer (= 7.1.3.4) - actionpack (= 7.1.3.4) - actiontext (= 7.1.3.4) - actionview (= 7.1.3.4) - activejob (= 7.1.3.4) - activemodel (= 7.1.3.4) - activerecord (= 7.1.3.4) - activestorage (= 7.1.3.4) - activesupport (= 7.1.3.4) + rails (7.2.1) + actioncable (= 7.2.1) + actionmailbox (= 7.2.1) + actionmailer (= 7.2.1) + actionpack (= 7.2.1) + actiontext (= 7.2.1) + actionview (= 7.2.1) + activejob (= 7.2.1) + activemodel (= 7.2.1) + activerecord (= 7.2.1) + activestorage (= 7.2.1) + activesupport (= 7.2.1) bundler (>= 1.15.0) - railties (= 7.1.3.4) + railties (= 7.2.1) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) @@ -517,10 +514,10 @@ GEM csv (~> 3.2) i18n-tasks rails-i18n - railties (7.1.3.4) - actionpack (= 7.1.3.4) - activesupport (= 7.1.3.4) - irb + railties (7.2.1) + actionpack (= 7.2.1) + activesupport (= 7.2.1) + irb (~> 1.13) rackup (>= 1.0.0) rake (>= 12.2) thor (~> 1.0, >= 1.2.2) @@ -585,6 +582,7 @@ GEM sass-embedded (1.77.8) google-protobuf (~> 4.26) rake (>= 13) + securerandom (0.3.1) selenium-webdriver (4.21.1) base64 (~> 0.2) rexml (~> 3.2, >= 3.2.5) @@ -630,6 +628,7 @@ GEM tzinfo (2.0.6) concurrent-ruby (~> 1.0) unicode-display_width (2.5.0) + useragent (0.16.10) webmock (3.23.1) addressable (>= 2.8.0) crack (>= 0.3.2) @@ -669,7 +668,7 @@ DEPENDENCIES mocha plek pry-byebug - rails (= 7.1.3.4) + rails (= 7.2.1) rails-controller-testing rails-i18n rails_translation_manager From 93552ae193d0ed14780de960e24e28f854ead6db Mon Sep 17 00:00:00 2001 From: Mateusz Grotek Date: Thu, 22 Aug 2024 14:09:50 +0100 Subject: [PATCH 2/3] Update config based on rails app:update --- bin/brakeman | 7 ++ bin/rubocop | 8 +++ bin/setup | 6 +- config/application.rb | 7 +- config/environments/development.rb | 11 +-- config/environments/production.rb | 21 +++--- config/environments/test.rb | 5 +- .../new_framework_defaults_7_2.rb | 70 +++++++++++++++++++ config/initializers/permissions_policy.rb | 20 +++--- public/404.html | 12 ++-- public/406-unsupported-browser.html | 66 +++++++++++++++++ public/422.html | 12 ++-- public/500.html | 12 ++-- 13 files changed, 214 insertions(+), 43 deletions(-) create mode 100755 bin/brakeman create mode 100755 bin/rubocop create mode 100644 config/initializers/new_framework_defaults_7_2.rb create mode 100644 public/406-unsupported-browser.html diff --git a/bin/brakeman b/bin/brakeman new file mode 100755 index 000000000..ace1c9ba0 --- /dev/null +++ b/bin/brakeman @@ -0,0 +1,7 @@ +#!/usr/bin/env ruby +require "rubygems" +require "bundler/setup" + +ARGV.unshift("--ensure-latest") + +load Gem.bin_path("brakeman", "brakeman") diff --git a/bin/rubocop b/bin/rubocop new file mode 100755 index 000000000..40330c0ff --- /dev/null +++ b/bin/rubocop @@ -0,0 +1,8 @@ +#!/usr/bin/env ruby +require "rubygems" +require "bundler/setup" + +# explicit rubocop config increases performance slightly while avoiding config confusion. +ARGV.unshift("--config", File.expand_path("../.rubocop.yml", __dir__)) + +load Gem.bin_path("rubocop", "rubocop") diff --git a/bin/setup b/bin/setup index cf2acd188..c1d57b6c5 100755 --- a/bin/setup +++ b/bin/setup @@ -1,8 +1,8 @@ #!/usr/bin/env ruby require "fileutils" -# path to your application root. APP_ROOT = File.expand_path("..", __dir__) +APP_NAME = "government-frontend" def system!(*args) system(*args, exception: true) @@ -22,4 +22,8 @@ FileUtils.chdir APP_ROOT do puts "\n== Restarting application server ==" system! "bin/rails restart" + + # puts "\n== Configuring puma-dev ==" + # system "ln -nfs #{APP_ROOT} ~/.puma-dev/#{APP_NAME}" + # system "curl -Is https://#{APP_NAME}.test/up | head -n 1" end diff --git a/config/application.rb b/config/application.rb index b2abf63d5..69e2ff117 100644 --- a/config/application.rb +++ b/config/application.rb @@ -23,13 +23,18 @@ class Application < Rails::Application # Initialize configuration defaults for originally generated Rails version. config.load_defaults 7.1 + # Please, add to the `ignore` list any other `lib` subdirectories that do + # not contain `.rb` files, or that should not be reloaded or eager loaded. + # Common ones are `templates`, `generators`, or `middleware`, for example. + config.autoload_lib(ignore: %w[assets tasks]) + # Settings in config/environments/* take precedence over those specified here. # Application configuration can go into files in config/initializers # -- all .rb files in that directory are automatically loaded after loading # the framework and any gems in your application. # Custom directories with classes and modules you want to be autoloadable. - config.autoload_paths += %W[#{config.root}/lib] + config.autoload_paths += %W[#{config.root}/lib/helpers] # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded. # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s] diff --git a/config/environments/development.rb b/config/environments/development.rb index 214a3ee8d..77abae0e9 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -14,7 +14,7 @@ # Show full error reports. config.consider_all_requests_local = true - # Enable server timing + # Enable server timing. config.server_timing = true # Enable/disable caching. By default caching is disabled. @@ -52,10 +52,13 @@ # config.i18n.raise_on_missing_translations = true # Annotate rendered view with file names. - # config.action_view.annotate_rendered_view_with_filenames = true + config.action_view.annotate_rendered_view_with_filenames = true config.hosts.clear - # Uncomment if you wish to allow Action Cable access from any origin. - # config.action_cable.disable_request_forgery_protection = true + # Raise error when a before_action's only/except options reference missing actions. + config.action_controller.raise_on_missing_callback_actions = false + + # Apply autocorrection by RuboCop to files generated by `bin/rails generate`. + config.generators.apply_rubocop_autocorrect_after_generate! end diff --git a/config/environments/production.rb b/config/environments/production.rb index d3222bf1e..5e0ef543d 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -13,15 +13,14 @@ config.eager_load = true # Full error reports are disabled and caching is turned on. - config.consider_all_requests_local = false + config.consider_all_requests_local = false config.action_controller.perform_caching = true - # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"] - # or in config/master.key. This key is used to decrypt credentials (and other encrypted files). + # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment + # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files). # config.require_master_key = true - # Disable serving static files from the `/public` folder by default since - # Apache or NGINX already handles this. + # Disable serving static files from `public/`, relying on NGINX/Apache to do so instead. config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present? # Compress JS using a preprocessor. @@ -47,18 +46,22 @@ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # config.force_ssl = true - # Include generic and useful information about system operation, but avoid logging too much - # information to avoid inadvertent exposure of personally identifiable information (PII). - config.log_level = ENV.fetch("RAILS_LOG_LEVEL", :info) + # Skip http-to-https redirect for the default health check endpoint. + # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } } # Prepend all log lines with the following tags. config.log_tags = [:request_id] + # "info" includes generic and useful information about system operation, but avoids logging too much + # information to avoid inadvertent exposure of personally identifiable information (PII). If you + # want to log everything, set the level to "debug". + config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info") + # Use a different cache store in production. config.cache_store = :mem_cache_store, nil, { namespace: :government_frontend, compress: true } # Use a real queuing backend for Active Job (and separate queues per environment). - # config.active_job.queue_adapter = :resque + # config.active_job.queue_adapter = :resque # config.active_job.queue_name_prefix = "government_frontend_production" # Enable locale fallbacks for I18n (makes lookups for any locale fall back to diff --git a/config/environments/test.rb b/config/environments/test.rb index 04e791737..42d4062ae 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -24,7 +24,7 @@ } # Show full error reports and disable caching. - config.consider_all_requests_local = true + config.consider_all_requests_local = true config.action_controller.perform_caching = false config.cache_store = :null_store @@ -48,4 +48,7 @@ # Annotate rendered view with file names. # config.action_view.annotate_rendered_view_with_filenames = true + + # Raise error when a before_action's only/except options reference missing actions. + config.action_controller.raise_on_missing_callback_actions = false end diff --git a/config/initializers/new_framework_defaults_7_2.rb b/config/initializers/new_framework_defaults_7_2.rb new file mode 100644 index 000000000..b549c4a25 --- /dev/null +++ b/config/initializers/new_framework_defaults_7_2.rb @@ -0,0 +1,70 @@ +# Be sure to restart your server when you modify this file. +# +# This file eases your Rails 7.2 framework defaults upgrade. +# +# Uncomment each configuration one by one to switch to the new default. +# Once your application is ready to run with all new defaults, you can remove +# this file and set the `config.load_defaults` to `7.2`. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. +# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html + +### +# Controls whether Active Job's `#perform_later` and similar methods automatically defer +# the job queuing to after the current Active Record transaction is committed. +# +# Example: +# Topic.transaction do +# topic = Topic.create(...) +# NewTopicNotificationJob.perform_later(topic) +# end +# +# In this example, if the configuration is set to `:never`, the job will +# be enqueued immediately, even though the `Topic` hasn't been committed yet. +# Because of this, if the job is picked up almost immediately, or if the +# transaction doesn't succeed for some reason, the job will fail to find this +# topic in the database. +# +# If `enqueue_after_transaction_commit` is set to `:default`, the queue adapter +# will define the behaviour. +# +# Note: Active Job backends can disable this feature. This is generally done by +# backends that use the same database as Active Record as a queue, hence they +# don't need this feature. +#++ +# Rails.application.config.active_job.enqueue_after_transaction_commit = :default + +### +# Adds image/webp to the list of content types Active Storage considers as an image +# Prevents automatic conversion to a fallback PNG, and assumes clients support WebP, as they support gif, jpeg, and png. +# This is possible due to broad browser support for WebP, but older browsers and email clients may still not support +# WebP. Requires imagemagick/libvips built with WebP support. +#++ +# Rails.application.config.active_storage.web_image_content_types = %w[image/png image/jpeg image/gif image/webp] + +### +# Enable validation of migration timestamps. When set, an ActiveRecord::InvalidMigrationTimestampError +# will be raised if the timestamp prefix for a migration is more than a day ahead of the timestamp +# associated with the current time. This is done to prevent forward-dating of migration files, which can +# impact migration generation and other migration commands. +# +# Applications with existing timestamped migrations that do not adhere to the +# expected format can disable validation by setting this config to `false`. +#++ +# Rails.application.config.active_record.validate_migration_timestamps = true + +### +# Controls whether the PostgresqlAdapter should decode dates automatically with manual queries. +# +# Example: +# ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.select_value("select '2024-01-01'::date") #=> Date +# +# This query used to return a `String`. +#++ +# Rails.application.config.active_record.postgresql_adapter_decode_dates = true + +### +# Enables YJIT as of Ruby 3.3, to bring sizeable performance improvements. If you are +# deploying to a memory constrained environment you may want to set this to `false`. +#++ +# Rails.application.config.yjit = true diff --git a/config/initializers/permissions_policy.rb b/config/initializers/permissions_policy.rb index 00f64d71b..7db3b9577 100644 --- a/config/initializers/permissions_policy.rb +++ b/config/initializers/permissions_policy.rb @@ -1,11 +1,13 @@ +# Be sure to restart your server when you modify this file. + # Define an application-wide HTTP permissions policy. For further -# information see https://developers.google.com/web/updates/2018/06/feature-policy -# -# Rails.application.config.permissions_policy do |f| -# f.camera :none -# f.gyroscope :none -# f.microphone :none -# f.usb :none -# f.fullscreen :self -# f.payment :self, "https://secure.example.com" +# information see: https://developers.google.com/web/updates/2018/06/feature-policy + +# Rails.application.config.permissions_policy do |policy| +# policy.camera :none +# policy.gyroscope :none +# policy.microphone :none +# policy.usb :none +# policy.fullscreen :self +# policy.payment :self, "https://secure.example.com" # end diff --git a/public/404.html b/public/404.html index b612547fc..2be3af26f 100644 --- a/public/404.html +++ b/public/404.html @@ -4,7 +4,7 @@ The page you were looking for doesn't exist (404) - +
diff --git a/public/406-unsupported-browser.html b/public/406-unsupported-browser.html new file mode 100644 index 000000000..7cf1e168e --- /dev/null +++ b/public/406-unsupported-browser.html @@ -0,0 +1,66 @@ + + + + Your browser is not supported (406) + + + + + + +
+
+

Your browser is not supported.

+

Please upgrade your browser to continue.

+
+
+ + diff --git a/public/422.html b/public/422.html index a21f82b3b..c08eac0d1 100644 --- a/public/422.html +++ b/public/422.html @@ -4,7 +4,7 @@ The change you wanted was rejected (422) - +
diff --git a/public/500.html b/public/500.html index 061abc587..78a030af2 100644 --- a/public/500.html +++ b/public/500.html @@ -4,7 +4,7 @@ We're sorry, but something went wrong (500) - +
From adc2015affbb8f97ba380293527a0c7ec2976dc1 Mon Sep 17 00:00:00 2001 From: Mateusz Grotek Date: Thu, 22 Aug 2024 14:58:10 +0100 Subject: [PATCH 3/3] Enable new Rails 7.2 configuration --- config/application.rb | 2 +- .../new_framework_defaults_7_2.rb | 70 ------------------- 2 files changed, 1 insertion(+), 71 deletions(-) delete mode 100644 config/initializers/new_framework_defaults_7_2.rb diff --git a/config/application.rb b/config/application.rb index 69e2ff117..dfa0fed8b 100644 --- a/config/application.rb +++ b/config/application.rb @@ -21,7 +21,7 @@ module GovernmentFrontend class Application < Rails::Application # Initialize configuration defaults for originally generated Rails version. - config.load_defaults 7.1 + config.load_defaults 7.2 # Please, add to the `ignore` list any other `lib` subdirectories that do # not contain `.rb` files, or that should not be reloaded or eager loaded. diff --git a/config/initializers/new_framework_defaults_7_2.rb b/config/initializers/new_framework_defaults_7_2.rb deleted file mode 100644 index b549c4a25..000000000 --- a/config/initializers/new_framework_defaults_7_2.rb +++ /dev/null @@ -1,70 +0,0 @@ -# Be sure to restart your server when you modify this file. -# -# This file eases your Rails 7.2 framework defaults upgrade. -# -# Uncomment each configuration one by one to switch to the new default. -# Once your application is ready to run with all new defaults, you can remove -# this file and set the `config.load_defaults` to `7.2`. -# -# Read the Guide for Upgrading Ruby on Rails for more info on each option. -# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html - -### -# Controls whether Active Job's `#perform_later` and similar methods automatically defer -# the job queuing to after the current Active Record transaction is committed. -# -# Example: -# Topic.transaction do -# topic = Topic.create(...) -# NewTopicNotificationJob.perform_later(topic) -# end -# -# In this example, if the configuration is set to `:never`, the job will -# be enqueued immediately, even though the `Topic` hasn't been committed yet. -# Because of this, if the job is picked up almost immediately, or if the -# transaction doesn't succeed for some reason, the job will fail to find this -# topic in the database. -# -# If `enqueue_after_transaction_commit` is set to `:default`, the queue adapter -# will define the behaviour. -# -# Note: Active Job backends can disable this feature. This is generally done by -# backends that use the same database as Active Record as a queue, hence they -# don't need this feature. -#++ -# Rails.application.config.active_job.enqueue_after_transaction_commit = :default - -### -# Adds image/webp to the list of content types Active Storage considers as an image -# Prevents automatic conversion to a fallback PNG, and assumes clients support WebP, as they support gif, jpeg, and png. -# This is possible due to broad browser support for WebP, but older browsers and email clients may still not support -# WebP. Requires imagemagick/libvips built with WebP support. -#++ -# Rails.application.config.active_storage.web_image_content_types = %w[image/png image/jpeg image/gif image/webp] - -### -# Enable validation of migration timestamps. When set, an ActiveRecord::InvalidMigrationTimestampError -# will be raised if the timestamp prefix for a migration is more than a day ahead of the timestamp -# associated with the current time. This is done to prevent forward-dating of migration files, which can -# impact migration generation and other migration commands. -# -# Applications with existing timestamped migrations that do not adhere to the -# expected format can disable validation by setting this config to `false`. -#++ -# Rails.application.config.active_record.validate_migration_timestamps = true - -### -# Controls whether the PostgresqlAdapter should decode dates automatically with manual queries. -# -# Example: -# ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.select_value("select '2024-01-01'::date") #=> Date -# -# This query used to return a `String`. -#++ -# Rails.application.config.active_record.postgresql_adapter_decode_dates = true - -### -# Enables YJIT as of Ruby 3.3, to bring sizeable performance improvements. If you are -# deploying to a memory constrained environment you may want to set this to `false`. -#++ -# Rails.application.config.yjit = true