diff --git a/Gemfile b/Gemfile index 44388fc3..37f0440e 100644 --- a/Gemfile +++ b/Gemfile @@ -1,6 +1,6 @@ source "https://rubygems.org" -gem "rails", "~> 5.2.4.3" +gem "rails", "~> 6.0.0" gem "mysql2" diff --git a/Gemfile.lock b/Gemfile.lock index 6ff2c559..9c7dff21 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -2,56 +2,69 @@ GEM remote: https://rubygems.org/ specs: Ascii85 (1.0.3) - actioncable (5.2.4.3) - actionpack (= 5.2.4.3) + actioncable (6.0.3.1) + actionpack (= 6.0.3.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailer (5.2.4.3) - actionpack (= 5.2.4.3) - actionview (= 5.2.4.3) - activejob (= 5.2.4.3) + actionmailbox (6.0.3.1) + actionpack (= 6.0.3.1) + activejob (= 6.0.3.1) + activerecord (= 6.0.3.1) + activestorage (= 6.0.3.1) + activesupport (= 6.0.3.1) + mail (>= 2.7.1) + actionmailer (6.0.3.1) + actionpack (= 6.0.3.1) + actionview (= 6.0.3.1) + activejob (= 6.0.3.1) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (5.2.4.3) - actionview (= 5.2.4.3) - activesupport (= 5.2.4.3) + actionpack (6.0.3.1) + actionview (= 6.0.3.1) + activesupport (= 6.0.3.1) rack (~> 2.0, >= 2.0.8) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionpack-page_caching (1.2.2) + rails-html-sanitizer (~> 1.0, >= 1.2.0) + actionpack-page_caching (1.2.3) actionpack (>= 5.0.0) - actionview (5.2.4.3) - activesupport (= 5.2.4.3) + actiontext (6.0.3.1) + actionpack (= 6.0.3.1) + activerecord (= 6.0.3.1) + activestorage (= 6.0.3.1) + activesupport (= 6.0.3.1) + nokogiri (>= 1.8.5) + actionview (6.0.3.1) + activesupport (= 6.0.3.1) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.0.3) - activejob (5.2.4.3) - activesupport (= 5.2.4.3) + rails-html-sanitizer (~> 1.1, >= 1.2.0) + activejob (6.0.3.1) + activesupport (= 6.0.3.1) globalid (>= 0.3.6) - activemodel (5.2.4.3) - activesupport (= 5.2.4.3) - activerecord (5.2.4.3) - activemodel (= 5.2.4.3) - activesupport (= 5.2.4.3) - arel (>= 9.0) + activemodel (6.0.3.1) + activesupport (= 6.0.3.1) + activerecord (6.0.3.1) + activemodel (= 6.0.3.1) + activesupport (= 6.0.3.1) activerecord-typedstore (1.3.0) activerecord (>= 5.2) - activestorage (5.2.4.3) - actionpack (= 5.2.4.3) - activerecord (= 5.2.4.3) + activestorage (6.0.3.1) + actionpack (= 6.0.3.1) + activejob (= 6.0.3.1) + activerecord (= 6.0.3.1) marcel (~> 0.3.1) - activesupport (5.2.4.3) + activesupport (6.0.3.1) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) + zeitwerk (~> 2.2, >= 2.2.2) addressable (2.7.0) public_suffix (>= 2.0.2, < 5.0) afm (0.2.2) - arel (9.0.0) - ast (2.4.0) + ast (2.4.1) bcrypt (3.1.13) builder (3.2.4) bullet (6.1.0) @@ -86,9 +99,9 @@ GEM factory_bot_rails (5.2.0) factory_bot (~> 5.2.0) railties (>= 4.2.0) - faker (2.11.0) + faker (2.12.0) i18n (>= 1.6, < 2) - ffi (1.12.2) + ffi (1.13.1) globalid (0.4.2) activesupport (>= 4.2.0) good_migrations (0.0.2) @@ -97,7 +110,7 @@ GEM hashdiff (1.0.1) hashery (2.1.2) htmlentities (4.3.4) - i18n (1.8.2) + i18n (1.8.3) concurrent-ruby (~> 1.0) jaro_winkler (1.5.4) jquery-rails (4.4.0) @@ -126,7 +139,7 @@ GEM mini_portile2 (~> 2.4.0) oauth (0.5.4) parallel (1.19.1) - parser (2.7.1.2) + parser (2.7.1.3) ast (~> 2.4.0) pdf-reader (2.4.0) Ascii85 (~> 1.0.0) @@ -140,37 +153,39 @@ GEM rack (2.2.3) rack-test (1.1.0) rack (>= 1.0, < 3) - rails (5.2.4.3) - actioncable (= 5.2.4.3) - actionmailer (= 5.2.4.3) - actionpack (= 5.2.4.3) - actionview (= 5.2.4.3) - activejob (= 5.2.4.3) - activemodel (= 5.2.4.3) - activerecord (= 5.2.4.3) - activestorage (= 5.2.4.3) - activesupport (= 5.2.4.3) + rails (6.0.3.1) + actioncable (= 6.0.3.1) + actionmailbox (= 6.0.3.1) + actionmailer (= 6.0.3.1) + actionpack (= 6.0.3.1) + actiontext (= 6.0.3.1) + actionview (= 6.0.3.1) + activejob (= 6.0.3.1) + activemodel (= 6.0.3.1) + activerecord (= 6.0.3.1) + activestorage (= 6.0.3.1) + activesupport (= 6.0.3.1) bundler (>= 1.3.0) - railties (= 5.2.4.3) + railties (= 6.0.3.1) sprockets-rails (>= 2.0.0) rails-dom-testing (2.0.3) activesupport (>= 4.2.0) nokogiri (>= 1.6) rails-html-sanitizer (1.3.0) loofah (~> 2.3) - railties (5.2.4.3) - actionpack (= 5.2.4.3) - activesupport (= 5.2.4.3) + railties (6.0.3.1) + actionpack (= 6.0.3.1) + activesupport (= 6.0.3.1) method_source rake (>= 0.8.7) - thor (>= 0.19.0, < 2.0) + thor (>= 0.20.3, < 2.0) rainbow (3.0.0) rake (13.0.1) rb-fsevent (0.10.4) rb-inotify (0.10.1) ffi (~> 1.0) rb-readline (0.5.5) - regexp_parser (1.7.0) + regexp_parser (1.7.1) rexml (3.2.4) rotp (6.0.0) addressable (~> 2.7) @@ -207,13 +222,13 @@ GEM activesupport rack (>= 1.1) rubocop (>= 0.72.0) - rubocop-rspec (1.39.0) + rubocop-rspec (1.40.0) rubocop (>= 0.68.1) ruby-enum (0.8.0) i18n ruby-progressbar (1.10.1) ruby-rc4 (0.1.5) - ruumba (0.1.14) + ruumba (0.1.16) rubocop safe_yaml (1.0.5) scenic (1.5.2) @@ -222,7 +237,7 @@ GEM scenic-mysql_adapter (1.0.1) mysql2 scenic (>= 1.4.0) - sitemap_generator (6.1.0) + sitemap_generator (6.1.2) builder (~> 3.0) sprockets (3.7.2) concurrent-ruby (~> 1.0) @@ -251,11 +266,12 @@ GEM addressable (>= 2.3.6) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) - websocket-driver (0.7.1) + websocket-driver (0.7.2) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) xpath (3.2.0) nokogiri (~> 1.8) + zeitwerk (2.3.0) PLATFORMS ruby @@ -284,7 +300,7 @@ DEPENDENCIES oauth pdf-reader puma - rails (~> 5.2.4.3) + rails (~> 6.0.0) rb-readline rotp rqrcode diff --git a/app/models/tag.rb b/app/models/tag.rb index b4057f03..f82e0db9 100644 --- a/app/models/tag.rb +++ b/app/models/tag.rb @@ -15,7 +15,7 @@ class Tag < ApplicationRecord attr_writer :filtered_count validates :tag, length: { maximum: 25 }, presence: true, - uniqueness: true, format: { without: /,/ } + uniqueness: { case_sensitive: true }, format: { without: /,/ } validates :description, length: { maximum: 100 } validates :hotness_mod, inclusion: { in: -10..10 } validates :permit_by_new_users, :privileged, inclusion: { in: [true, false] } diff --git a/bin/setup b/bin/setup index 94fd4d79..0e39e8cb 100755 --- a/bin/setup +++ b/bin/setup @@ -1,6 +1,5 @@ #!/usr/bin/env ruby require 'fileutils' -include FileUtils # path to your application root. APP_ROOT = File.expand_path('..', __dir__) @@ -9,24 +8,22 @@ def system!(*args) system(*args) || abort("\n== Command #{args} failed ==") end -chdir APP_ROOT do - # This script is a starting point to setup your application. +FileUtils.chdir APP_ROOT do + # This script is a way to setup or update your development environment automatically. + # This script is idempotent, so that you can run it at anytime and get an expectable outcome. # Add necessary setup steps to this file. puts '== Installing dependencies ==' system! 'gem install bundler --conservative' system('bundle check') || system!('bundle install') - # Install JavaScript dependencies if using Yarn - # system('bin/yarn') - # puts "\n== Copying sample files ==" # unless File.exist?('config/database.yml') - # cp 'config/database.yml.sample', 'config/database.yml' + # FileUtils.cp 'config/database.yml.sample', 'config/database.yml' # end puts "\n== Preparing database ==" - system! 'bin/rails db:setup' + system! 'bin/rails db:prepare' puts "\n== Removing old logs and tempfiles ==" system! 'bin/rails log:clear tmp:clear' diff --git a/config/application.rb b/config/application.rb index 9d846338..70042907 100644 --- a/config/application.rb +++ b/config/application.rb @@ -1,21 +1,19 @@ require_relative 'boot' -# included from https://github.com/rails/rails/blob/5-2-stable/railties/lib/rails/all.rb -require 'rails' - -%w( - active_record/railtie - action_controller/railtie - action_view/railtie - action_mailer/railtie - rails/test_unit/railtie - sprockets/railtie -).each do |railtie| - begin - require railtie - rescue LoadError - end -end +require "rails" +# Pick the frameworks you want: +require "active_model/railtie" +# require "active_job/railtie" +require "active_record/railtie" +# require "active_storage/engine" +require "action_controller/railtie" +require "action_mailer/railtie" +# require "action_mailbox/engine" +# require "action_text/engine" +require "action_view/railtie" +# require "action_cable/engine" +require "sprockets/railtie" +require "rails/test_unit/railtie" # Require the gems listed in Gemfile, including any gems # you've limited to :test, :development, or :production. diff --git a/config/environments/development.rb b/config/environments/development.rb index e267083f..b8c063cd 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -16,9 +16,12 @@ Rails.application.configure do # Run rails dev:cache to toggle caching. if Rails.root.join('tmp', 'caching-dev.txt').exist? config.action_controller.perform_caching = true + config.action_controller.enable_fragment_cache_logging = true config.cache_store = :memory_store - config.public_file_server.headers = { 'Cache-Control' => "public, max-age=#{2.days.to_i}" } + config.public_file_server.headers = { + 'Cache-Control' => "public, max-age=#{2.days.to_i}", + } else config.action_controller.perform_caching = false @@ -47,7 +50,7 @@ Rails.application.configure do # Suppress logger output for asset requests. config.assets.quiet = true - # Raises error for missing translations + # Raises error for missing translations. # config.action_view.raise_on_missing_translations = true # Use an evented file watcher to asynchronously detect changes in source code, diff --git a/config/environments/production.rb b/config/environments/production.rb index cb88b1db..60a382fe 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -22,10 +22,12 @@ Rails.application.configure do # Apache or NGINX already handles this. config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? - # Compress JavaScripts and CSS. - config.assets.js_compressor = :uglifier + # Compress CSS using a preprocessor. # config.assets.css_compressor = :sass + # Compress Javascript using a preprocessor. + config.assets.js_compressor = :uglifier + # Do not fallback to assets pipeline if a precompiled asset is missed. config.assets.compile = false @@ -52,9 +54,9 @@ Rails.application.configure do # Use a different cache store in production. # config.cache_store = :mem_cache_store - # Use a real queuing backend for Active Job (and separate queues per environment) + # Use a real queuing backend for Active Job (and separate queues per environment). # config.active_job.queue_adapter = :resque - # config.active_job.queue_name_prefix = "lobsters_#{Rails.env}" + # config.active_job.queue_name_prefix = "lobsters_production" config.action_mailer.perform_caching = false @@ -85,9 +87,33 @@ Rails.application.configure do # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false + # cache full pages for logged-out visitors without tag filters config.action_controller.page_cache_directory = "#{Rails.root}/public/cache" + + # Inserts middleware to perform automatic connection switching. + # The `database_selector` hash is used to pass options to the DatabaseSelector + # middleware. The `delay` is used to determine how long to wait after a write + # to send a subsequent read to the primary. + # + # The `database_resolver` class is used by the middleware to determine which + # database is appropriate to use based on the time delay. + # + # The `database_resolver_context` class is used by the middleware to set + # timestamps for the last write to the primary. The resolver uses the context + # class timestamps to determine how long to wait before reading from the + # replica. + # + # By default Rails will store a last write timestamp in the session. The + # DatabaseSelector middleware is designed as such you can define your own + # strategy for connection switching and pass that into the middleware through + # these configuration options. + # config.active_record.database_selector = { delay: 2.seconds } + # config.active_record.database_resolver = ActiveRecord::Middleware::DatabaseSelector::Resolver + # config.active_record.database_resolver_context = + # ActiveRecord::Middleware::DatabaseSelector::Resolver::Session end +# disable some excessive logging in production %w{render_template render_partial render_collection}.each do |event| ActiveSupport::Notifications.unsubscribe "#{event}.action_view" end diff --git a/config/environments/test.rb b/config/environments/test.rb index e5ca07a5..369786f9 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -1,10 +1,11 @@ +# The test environment is used exclusively to run your application's +# test suite. You never need to work with it otherwise. Remember that +# your test database is "scratch space" for the test suite and is wiped +# and recreated between test runs. Don't rely on the data there! + Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # The test environment is used exclusively to run your application's - # test suite. You never need to work with it otherwise. Remember that - # your test database is "scratch space" for the test suite and is wiped - # and recreated between test runs. Don't rely on the data there! config.cache_classes = true # Disable caching when running tests @@ -17,11 +18,14 @@ Rails.application.configure do # Configure public file server for tests with Cache-Control for performance. config.public_file_server.enabled = true - config.public_file_server.headers = { 'Cache-Control' => "public, max-age=#{1.hour.to_i}" } + config.public_file_server.headers = { + 'Cache-Control' => "public, max-age=#{1.hour.to_i}", + } # Show full error reports and disable caching. config.consider_all_requests_local = true config.action_controller.perform_caching = false + config.cache_store = :null_store # Raise exceptions instead of rendering exception templates. config.action_dispatch.show_exceptions = false @@ -39,6 +43,6 @@ Rails.application.configure do # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr - # Raises error for missing translations + # Raises error for missing translations. config.action_view.raise_on_missing_translations = true end diff --git a/config/initializers/assets.rb b/config/initializers/assets.rb index 8ebda7a5..8991cf49 100644 --- a/config/initializers/assets.rb +++ b/config/initializers/assets.rb @@ -5,8 +5,6 @@ Rails.application.config.assets.version = '2.0' # Add additional assets to the asset load path. # Rails.application.config.assets.paths << Emoji.images_path -# Add Yarn node_modules folder to the asset load path. -# Rails.application.config.assets.paths << Rails.root.join('node_modules') # Precompile additional assets. # application.js, application.css, and all non-JS/CSS in the app/assets diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 109d2a48..8d612c74 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -23,6 +23,9 @@ end # Rails.application.config.content_security_policy_nonce_generator = # -> request { SecureRandom.base64(16) } +# Set the nonce only to specific directives +# Rails.application.config.content_security_policy_nonce_directives = %w(script-src) + # Report CSP violations to a specified URI # For further information see the following documentation: # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only diff --git a/config/initializers/new_framework_defaults_6_0.rb b/config/initializers/new_framework_defaults_6_0.rb new file mode 100644 index 00000000..dd883802 --- /dev/null +++ b/config/initializers/new_framework_defaults_6_0.rb @@ -0,0 +1,52 @@ +# Be sure to restart your server when you modify this file. +# +# This file contains migration options to ease your Rails 6.0 upgrade. +# +# Once upgraded flip defaults one by one to migrate to the new default. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. + +# Don't force requests from old versions of IE to be UTF-8 encoded. +Rails.application.config.action_view.default_enforce_utf8 = false + +# Embed purpose and expiry metadata inside signed and encrypted +# cookies for increased security. +# +# This option is not backwards compatible with earlier Rails versions. +# It's best enabled when your entire app is migrated and stable on 6.0. +# Rails.application.config.action_dispatch.use_cookies_with_metadata = true + +# Change the return value of `ActionDispatch::Response#content_type` to +# Content-Type header without modification. +# Rails.application.config.action_dispatch.return_only_media_type_on_content_type = false + +if Rails.application.config.respond_to?(:active_job) + # Return false instead of self when enqueuing is aborted from a callback. + Rails.application.config.active_job.return_false_on_aborted_enqueue = true +end + +if Rails.application.config.respond_to?(:active_storage) + # Send Active Storage analysis and purge jobs to dedicated queues. + Rails.application.config.active_storage.queues.analysis = :active_storage_analysis + Rails.application.config.active_storage.queues.purge = :active_storage_purge + + # When assigning to a collection of attachments declared via `has_many_attached`, replace existing + # attachments instead of appending. Use #attach to add new attachments + # without replacing existing ones. + Rails.application.config.active_storage.replace_on_assign_to_many = true +end + +# Use ActionMailer::MailDeliveryJob for sending parameterized and normal mail. +# +# The default delivery jobs (ActionMailer::Parameterized::DeliveryJob, ActionMailer::DeliveryJob), +# will be removed in Rails 6.1. This setting is not backwards compatible +# with earlier Rails versions. +# If you send mail in the background, job workers need to have a copy of +# MailDeliveryJob to ensure all delivery jobs are processed properly. +# Make sure your entire app is migrated and stable on 6.0 before using this setting. +# Rails.application.config.action_mailer.delivery_job = "ActionMailer::MailDeliveryJob" + +# Enable the same cache key to be reused when the object being cached of type +# `ActiveRecord::Relation` changes by moving the volatile information (max updated at and count) +# of the relation's cache key into the cache version to support recycling cache key. +# Rails.application.config.active_record.collection_cache_versioning = true diff --git a/config/locales/en.yml b/config/locales/en.yml index decc5a85..cf9b342d 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -27,7 +27,7 @@ # 'true': 'foo' # # To learn more, please read the Rails Internationalization guide -# available at http://guides.rubyonrails.org/i18n.html. +# available at https://guides.rubyonrails.org/i18n.html. en: hello: "Hello world"