From 028e647f4dc7cab7607bb1637e0b5ed5541e5fa9 Mon Sep 17 00:00:00 2001 From: Oleksii Kriuchykhin Date: Wed, 3 Jul 2019 09:48:20 +0200 Subject: [PATCH] Upgrade to Rails 5.2.3 [SCI-3651] --- .rubocop.yml | 2 +- Gemfile | 11 +- Gemfile.lock | 139 ++++++++++-------- app/services/projects_overview_service.rb | 4 +- bin/bundle | 2 +- bin/setup | 4 +- bin/update | 6 +- bin/yarn | 6 +- config/boot.rb | 1 + config/cable.yml | 2 +- config/database.yml | 2 +- config/environments/development.rb | 19 ++- config/environments/production.rb | 49 +++--- config/environments/test.rb | 2 + .../application_controller_renderer.rb | 10 +- .../initializers/content_security_policy.rb | 25 ++++ .../new_framework_defaults_5_2.rb | 38 +++++ config/storage.yml | 34 +++++ lib/tasks/i18n_missing_keys.rake | 14 +- 19 files changed, 238 insertions(+), 132 deletions(-) create mode 100644 config/initializers/content_security_policy.rb create mode 100644 config/initializers/new_framework_defaults_5_2.rb create mode 100644 config/storage.yml diff --git a/.rubocop.yml b/.rubocop.yml index 8fcf1f300..b94e63629 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -91,7 +91,7 @@ Style/FormatString: EnforcedStyle: format Style/FrozenStringLiteralComment: - EnforcedStyle: when_needed + EnforcedStyle: always Style/GuardClause: Enabled: false diff --git a/Gemfile b/Gemfile index cc9023a0b..211cdd05d 100644 --- a/Gemfile +++ b/Gemfile @@ -4,18 +4,20 @@ source 'http://rubygems.org' ruby '2.5.5' +gem 'bootsnap', require: false gem 'bootstrap-sass', '~> 3.3.7' gem 'bootstrap_form', '~> 2.7.0' gem 'devise', '~> 4.6.2' gem 'devise_invitable' gem 'figaro' -gem 'pg', '~> 0.18' +gem 'pg', '~> 1.1.4' gem 'pg_search' # PostgreSQL full text search -gem 'rails', '~> 5.1.7' +gem 'rails', '~> 5.2.3' gem 'recaptcha', require: 'recaptcha/rails' -gem 'sanitize', '~> 4.4' +gem 'sanitize', '~> 5.0' gem 'sassc-rails' gem 'simple_token_authentication', '~> 1.15.1' # Token authentication for Devise +gem 'webpacker', '~> 4.0.0' gem 'yomu' # Gems for OAuth2 subsystem @@ -65,7 +67,7 @@ gem 'i18n-js', '~> 3.0' # Localization in javascript files gem 'jbuilder' # JSON structures via a Builder-style DSL gem 'logging', '~> 2.0.0' gem 'nested_form_fields' -gem 'nokogiri', '~> 1.8.1' # HTML/XML parser +gem 'nokogiri', '~> 1.10.3' # HTML/XML parser gem 'rails_autolink', '~> 1.1', '>= 1.1.6' gem 'rgl' # Graph framework for project diagram calculations gem 'roo', '~> 2.8.2' # Spreadsheet parser @@ -100,7 +102,6 @@ gem 'newrelic_rpm' # Permission helper Gem gem 'canaid', git: 'https://github.com/biosistemika/canaid', branch: 'master' -gem 'webpacker', '~> 4.0.0' group :development, :test do gem 'awesome_print' diff --git a/Gemfile.lock b/Gemfile.lock index cc4cdca53..a50b2e6a9 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -42,25 +42,25 @@ GIT GEM remote: http://rubygems.org/ specs: - actioncable (5.1.7) - actionpack (= 5.1.7) + actioncable (5.2.3) + actionpack (= 5.2.3) nio4r (~> 2.0) - websocket-driver (~> 0.6.1) - actionmailer (5.1.7) - actionpack (= 5.1.7) - actionview (= 5.1.7) - activejob (= 5.1.7) + websocket-driver (>= 0.6.1) + actionmailer (5.2.3) + actionpack (= 5.2.3) + actionview (= 5.2.3) + activejob (= 5.2.3) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (5.1.7) - actionview (= 5.1.7) - activesupport (= 5.1.7) + actionpack (5.2.3) + actionview (= 5.2.3) + activesupport (= 5.2.3) rack (~> 2.0) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (5.1.7) - activesupport (= 5.1.7) + actionview (5.2.3) + activesupport (= 5.2.3) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) @@ -70,18 +70,22 @@ GEM activemodel (>= 4.1, < 6) case_transform (>= 0.2) jsonapi-renderer (>= 0.1.1.beta1, < 0.3) - activejob (5.1.7) - activesupport (= 5.1.7) + activejob (5.2.3) + activesupport (= 5.2.3) globalid (>= 0.3.6) - activemodel (5.1.7) - activesupport (= 5.1.7) - activerecord (5.1.7) - activemodel (= 5.1.7) - activesupport (= 5.1.7) - arel (~> 8.0) + activemodel (5.2.3) + activesupport (= 5.2.3) + activerecord (5.2.3) + activemodel (= 5.2.3) + activesupport (= 5.2.3) + arel (>= 9.0) activerecord-import (1.0.1) activerecord (>= 3.2) - activesupport (5.1.7) + activestorage (5.2.3) + actionpack (= 5.2.3) + activerecord (= 5.2.3) + marcel (~> 0.3.1) + activesupport (5.2.3) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) @@ -91,7 +95,7 @@ GEM aes_key_wrap (1.0.1) ajax-datatables-rails (0.3.1) railties (>= 3.1) - arel (8.0.0) + arel (9.0.0) aspector (0.14.0) ast (2.4.0) auto_strip_attributes (2.5.0) @@ -127,6 +131,8 @@ GEM bindata (2.4.4) binding_of_caller (0.8.0) debug_inspector (>= 0.0.1) + bootsnap (1.4.4) + msgpack (~> 1.0) bootstrap-sass (3.3.7) autoprefixer-rails (>= 5.2.1) sass (>= 3.3.4) @@ -135,7 +141,7 @@ GEM momentjs-rails (>= 2.8.1) bootstrap_form (2.7.0) builder (3.2.3) - bullet (6.0.0) + bullet (6.0.1) activesupport (>= 3.0.0) uniform_notifier (~> 1.11) byebug (11.0.1) @@ -308,14 +314,17 @@ GEM nokogiri (>= 1.5.9) mail (2.7.1) mini_mime (>= 0.1.1) + marcel (0.3.3) + mimemagic (~> 0.3.2) method_source (0.9.2) mime-types (1.25.1) mimemagic (0.3.3) mini_mime (1.0.1) - mini_portile2 (2.3.0) + mini_portile2 (2.4.0) minitest (5.11.3) momentjs-rails (2.17.1) railties (>= 3.1) + msgpack (1.3.0) multi_json (1.13.1) multi_test (0.1.2) multi_xml (0.6.0) @@ -326,10 +335,10 @@ GEM rails (>= 3.2.0) newrelic_rpm (6.2.0.354) nio4r (2.3.1) - nokogiri (1.8.5) - mini_portile2 (~> 2.3.0) - nokogumbo (1.5.0) - nokogiri + nokogiri (1.10.3) + mini_portile2 (~> 2.4.0) + nokogumbo (2.0.1) + nokogiri (~> 1.8, >= 1.8.4) oauth2 (1.4.1) faraday (>= 0.8, < 0.16.0) jwt (>= 1.0, < 3.0) @@ -357,7 +366,7 @@ GEM parallel (1.17.0) parser (2.6.3.0) ast (~> 2.4.0) - pg (0.21.0) + pg (1.1.4) pg_search (2.1.7) activerecord (>= 4.2) activesupport (>= 4.2) @@ -385,17 +394,18 @@ GEM rack rack-test (1.1.0) rack (>= 1.0, < 3) - rails (5.1.7) - actioncable (= 5.1.7) - actionmailer (= 5.1.7) - actionpack (= 5.1.7) - actionview (= 5.1.7) - activejob (= 5.1.7) - activemodel (= 5.1.7) - activerecord (= 5.1.7) - activesupport (= 5.1.7) + rails (5.2.3) + actioncable (= 5.2.3) + actionmailer (= 5.2.3) + actionpack (= 5.2.3) + actionview (= 5.2.3) + activejob (= 5.2.3) + activemodel (= 5.2.3) + activerecord (= 5.2.3) + activestorage (= 5.2.3) + activesupport (= 5.2.3) bundler (>= 1.3.0) - railties (= 5.1.7) + railties (= 5.2.3) sprockets-rails (>= 2.0.0) rails-controller-testing (1.0.4) actionpack (>= 5.0.1.x) @@ -413,12 +423,12 @@ GEM rails (> 3.1) rails_serve_static_assets (0.0.5) rails_stdout_logging (0.0.5) - railties (5.1.7) - actionpack (= 5.1.7) - activesupport (= 5.1.7) + railties (5.2.3) + actionpack (= 5.2.3) + activesupport (= 5.2.3) method_source rake (>= 0.8.7) - thor (>= 0.18.1, < 2.0) + thor (>= 0.19.0, < 2.0) rainbow (3.0.0) rake (12.3.2) rb-fsevent (0.10.3) @@ -437,23 +447,23 @@ GEM roo (2.8.2) nokogiri (~> 1) rubyzip (>= 1.2.1, < 2.0.0) - rspec-core (3.7.1) - rspec-support (~> 3.7.0) - rspec-expectations (3.7.0) + rspec-core (3.8.2) + rspec-support (~> 3.8.0) + rspec-expectations (3.8.4) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.7.0) - rspec-mocks (3.7.0) + rspec-support (~> 3.8.0) + rspec-mocks (3.8.1) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.7.0) - rspec-rails (3.7.2) + rspec-support (~> 3.8.0) + rspec-rails (3.8.2) actionpack (>= 3.0) activesupport (>= 3.0) railties (>= 3.0) - rspec-core (~> 3.7.0) - rspec-expectations (~> 3.7.0) - rspec-mocks (~> 3.7.0) - rspec-support (~> 3.7.0) - rspec-support (3.7.0) + rspec-core (~> 3.8.0) + rspec-expectations (~> 3.8.0) + rspec-mocks (~> 3.8.0) + rspec-support (~> 3.8.0) + rspec-support (3.8.2) rubocop (0.68.0) jaro_winkler (~> 1.5.1) parallel (~> 1.10) @@ -470,10 +480,10 @@ GEM rufus-scheduler (3.6.0) fugit (~> 1.1, >= 1.1.6) safe_yaml (1.0.5) - sanitize (4.6.6) + sanitize (5.0.0) crass (~> 1.0.2) - nokogiri (>= 1.4.4) - nokogumbo (~> 1.4) + nokogiri (>= 1.8.0) + nokogumbo (~> 2.0) sass (3.7.4) sass-listen (~> 4.0.0) sass-listen (4.0.0) @@ -543,9 +553,9 @@ GEM activesupport (>= 4.2) rack-proxy (>= 0.6.1) railties (>= 4.2) - websocket-driver (0.6.5) + websocket-driver (0.7.1) websocket-extensions (>= 0.1.0) - websocket-extensions (0.1.3) + websocket-extensions (0.1.4) whacamole (1.2.0) wicked_pdf (1.1.0) wkhtmltopdf-heroku (2.12.4.0) @@ -571,6 +581,7 @@ DEPENDENCIES bcrypt (~> 3.1.10) better_errors binding_of_caller + bootsnap bootstrap-sass (~> 3.3.7) bootstrap-select-rails (~> 1.12.4) bootstrap3-datetimepicker-rails (~> 4.15.35) @@ -613,12 +624,12 @@ DEPENDENCIES momentjs-rails (~> 2.17.1) nested_form_fields newrelic_rpm - nokogiri (~> 1.8.1) + nokogiri (~> 1.10.3) omniauth omniauth-linkedin-oauth2 overcommit paperclip (~> 6.1) - pg (~> 0.18) + pg (~> 1.1.4) pg_search phantomjs poltergeist @@ -627,7 +638,7 @@ DEPENDENCIES pry-rails puma rack-attack - rails (~> 5.1.7) + rails (~> 5.2.3) rails-controller-testing rails_12factor rails_autolink (~> 1.1, >= 1.1.6) @@ -640,7 +651,7 @@ DEPENDENCIES ruby-graphviz (~> 1.2) rubyzip rufus-scheduler (~> 3.5) - sanitize (~> 4.4) + sanitize (~> 5.0) sassc-rails scenic (~> 1.4) sdoc (~> 1.0) diff --git a/app/services/projects_overview_service.rb b/app/services/projects_overview_service.rb index 082c0b589..78edc42cd 100644 --- a/app/services/projects_overview_service.rb +++ b/app/services/projects_overview_service.rb @@ -84,7 +84,9 @@ class ProjectsOverviewService ).joins( "LEFT OUTER JOIN (#{due_modules.to_sql}) due_modules "\ "ON due_modules.experiment_id = experiments.id" - ).left_outer_joins(:user_projects, :project_comments) + ).joins( + 'LEFT OUTER JOIN user_projects ON user_projects.project_id = projects.id' + ).left_outer_joins(:project_comments) # Only admins see all projects of the team unless @user.is_admin_of_team?(@team) diff --git a/bin/bundle b/bin/bundle index 66e9889e8..f19acf5b5 100755 --- a/bin/bundle +++ b/bin/bundle @@ -1,3 +1,3 @@ #!/usr/bin/env ruby -ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__) +ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) load Gem.bin_path('bundler', 'bundle') diff --git a/bin/setup b/bin/setup index 78c4e861d..94fd4d797 100755 --- a/bin/setup +++ b/bin/setup @@ -1,10 +1,9 @@ #!/usr/bin/env ruby -require 'pathname' require 'fileutils' include FileUtils # path to your application root. -APP_ROOT = Pathname.new File.expand_path('../../', __FILE__) +APP_ROOT = File.expand_path('..', __dir__) def system!(*args) system(*args) || abort("\n== Command #{args} failed ==") @@ -21,7 +20,6 @@ chdir APP_ROOT do # Install JavaScript dependencies if using Yarn # system('bin/yarn') - # puts "\n== Copying sample files ==" # unless File.exist?('config/database.yml') # cp 'config/database.yml.sample', 'config/database.yml' diff --git a/bin/update b/bin/update index a8e4462f2..58bfaed51 100755 --- a/bin/update +++ b/bin/update @@ -1,10 +1,9 @@ #!/usr/bin/env ruby -require 'pathname' require 'fileutils' include FileUtils # path to your application root. -APP_ROOT = Pathname.new File.expand_path('../../', __FILE__) +APP_ROOT = File.expand_path('..', __dir__) def system!(*args) system(*args) || abort("\n== Command #{args} failed ==") @@ -18,6 +17,9 @@ chdir APP_ROOT do system! 'gem install bundler --conservative' system('bundle check') || system!('bundle install') + # Install JavaScript dependencies if using Yarn + # system('bin/yarn') + puts "\n== Updating database ==" system! 'bin/rails db:migrate' diff --git a/bin/yarn b/bin/yarn index c2bacef83..460dd565b 100755 --- a/bin/yarn +++ b/bin/yarn @@ -1,8 +1,8 @@ #!/usr/bin/env ruby -VENDOR_PATH = File.expand_path('..', __dir__) -Dir.chdir(VENDOR_PATH) do +APP_ROOT = File.expand_path('..', __dir__) +Dir.chdir(APP_ROOT) do begin - exec "yarnpkg #{ARGV.join(" ")}" + exec "yarnpkg", *ARGV rescue Errno::ENOENT $stderr.puts "Yarn executable was not detected in the system." $stderr.puts "Download Yarn at https://yarnpkg.com/en/docs/install" diff --git a/config/boot.rb b/config/boot.rb index 30f5120df..b9e460cef 100644 --- a/config/boot.rb +++ b/config/boot.rb @@ -1,3 +1,4 @@ ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) require 'bundler/setup' # Set up gems listed in the Gemfile. +require 'bootsnap/setup' # Speed up boot time by caching expensive operations. diff --git a/config/cable.yml b/config/cable.yml index e93e8dfed..e81931f2c 100644 --- a/config/cable.yml +++ b/config/cable.yml @@ -6,5 +6,5 @@ test: production: adapter: redis - url: redis://localhost:6379/1 + url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %> channel_prefix: scinote_production diff --git a/config/database.yml b/config/database.yml index a3f75e69c..f19ef1c46 100644 --- a/config/database.yml +++ b/config/database.yml @@ -18,7 +18,7 @@ default: &default adapter: postgresql encoding: unicode database: postgres - pool: 5 + pool: <%= ENV['DB_POOL'] || ENV['RAILS_MAX_THREADS'] || 5 %> # For details on connection pooling, see rails configuration guide # http://guides.rubyonrails.org/configuring.html#database-pooling diff --git a/config/environments/development.rb b/config/environments/development.rb index 22df30016..3af42d8d7 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -27,8 +27,6 @@ Rails.application.configure do from: Rails.application.secrets.mailer_from, reply_to: Rails.application.secrets.mailer_reply_to } - config.action_mailer.raise_delivery_errors = false - config.action_mailer.perform_caching = false if ENV['CUCUMBER'] == 'cucumber' config.action_mailer.delivery_method = :test @@ -57,6 +55,11 @@ Rails.application.configure do password: Rails.application.secrets.mailer_password } + # Don't care if the mailer can't send. + config.action_mailer.raise_delivery_errors = false + + config.action_mailer.perform_caching = false + # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log @@ -65,6 +68,9 @@ Rails.application.configure do # Raise an error on page load if there are pending migrations. config.active_record.migration_error = :page_load + # Highlight code that triggered database queries in logs. + config.active_record.verbose_query_logs = true + # Debug mode disables concatenation and preprocessing of assets. # This option may cause significant delays in view rendering with a large # number of complex assets. @@ -86,6 +92,9 @@ Rails.application.configure do # one you use and put it into application.yml! BetterErrors::Middleware.allow_ip! ENV['TRUSTED_IP'] if ENV['TRUSTED_IP'] + # Suppress logger output for asset requests. + config.assets.quiet = false + # Raises error for missing translations config.action_view.raise_on_missing_translations = true @@ -108,11 +117,7 @@ Rails.application.configure do # Use an evented file watcher to asynchronously detect changes in source code, # routes, locales, etc. This feature depends on the listen gem. - #config.file_watcher = ActiveSupport::EventedFileUpdateChecker - - # Suppress logger output for asset requests. By default logger output is - # enabled. - # config.assets.quiet = true + config.file_watcher = ActiveSupport::EventedFileUpdateChecker # Enable/disable caching. By default caching is disabled. if Rails.root.join('tmp/caching-dev.txt').exist? diff --git a/config/environments/production.rb b/config/environments/production.rb index 600a005b6..70a7ce3d7 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -43,14 +43,12 @@ Rails.application.configure do } #config.action_mailer.perform_deliveries = false - # Enable Rack::Cache to put a simple HTTP cache in front of your application - # Add `rack-cache` to your Gemfile before enabling this. - # For large-scale production use, consider using a caching reverse proxy like - # NGINX, varnish or squid. - # config.action_dispatch.rack_cache = true + # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"] + # or in config/master.key. This key is used to decrypt credentials (and other encrypted files). + # config.require_master_key = true # Compress JavaScripts and CSS. - config.assets.js_compressor = Uglifier.new(harmony: true) + config.assets.js_compressor = :uglifier # config.assets.css_compressor = :sass # Do not fallback to assets pipeline if a precompiled asset is missed. @@ -66,20 +64,23 @@ Rails.application.configure do # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX + # Mount Action Cable outside main process or domain + # config.action_cable.mount_path = nil + # config.action_cable.url = 'wss://example.com/cable' + # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ] + # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. config.force_ssl = ENV['RAILS_FORCE_SSL'].present? - # Display info and higher on production. - config.log_level = :info + # Skip SSL redirect for api/health endpoint + config.ssl_options = { redirect: { exclude: ->(request) { request.path =~ %r{api\/health} } } } + + # Use the lowest log level to ensure availability of diagnostic information + # when problems arise. + config.log_level = :debug # Prepend all log lines with the following tags. - # config.log_tags = [ :subdomain, :uuid ] - - # Use a different logger for distributed setups. - # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new) - - # Enable serving of images, stylesheets, and JavaScripts from an asset server. - # config.action_controller.asset_host = 'http://assets.example.com' + config.log_tags = [:request_id] # Ignore bad email addresses and do not raise email delivery errors. # Set this to true and configure the email server for immediate delivery to raise delivery errors. @@ -87,7 +88,7 @@ Rails.application.configure do # Enable locale fallbacks for I18n (makes lookups for any locale fall back to # the I18n.default_locale when a translation cannot be found). - config.i18n.fallbacks = [I18n.default_locale] + config.i18n.fallbacks = true # Send deprecation notices to registered listeners. config.active_support.deprecation = :notify @@ -133,29 +134,13 @@ Rails.application.configure do config.active_job.queue_name_prefix = "scinote_#{Rails.env}" config.action_mailer.perform_caching = false - # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb - # Enable serving of images, stylesheets, and JavaScripts from an asset server. # config.action_controller.asset_host = 'http://assets.example.com' - # Specifies the header that your server uses for sending files. - # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache - # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX - - # Mount Action Cable outside main process or domain - # config.action_cable.mount_path = nil - # config.action_cable.url = 'wss://example.com/cable' - # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ] - # Disable serving static files from the `/public` folder by default since # Apache or NGINX already handles this. config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? - # Attempt to read encrypted secrets from `config/secrets.yml.enc`. - # Requires an encryption key in `ENV["RAILS_MASTER_KEY"]` or - # `config/secrets.yml.key`. - config.read_encrypted_secrets = true - # Enable new team on sign up new_team_on_signup = ENV['NEW_TEAM_ON_SIGNUP'] || 'true' if new_team_on_signup == 'true' diff --git a/config/environments/test.rb b/config/environments/test.rb index e88351ccb..a1e70b6fd 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -43,6 +43,8 @@ Rails.application.configure do # Disable request forgery protection in test environment. config.action_controller.allow_forgery_protection = false + config.action_mailer.perform_caching = false + # Tell Action Mailer not to deliver emails to the real world. # The :test delivery method accumulates sent emails in the # ActionMailer::Base.deliveries array. diff --git a/config/initializers/application_controller_renderer.rb b/config/initializers/application_controller_renderer.rb index 51639b67a..89d2efab2 100644 --- a/config/initializers/application_controller_renderer.rb +++ b/config/initializers/application_controller_renderer.rb @@ -1,6 +1,8 @@ # Be sure to restart your server when you modify this file. -# ApplicationController.renderer.defaults.merge!( -# http_host: 'example.org', -# https: false -# ) +# ActiveSupport::Reloader.to_prepare do +# ApplicationController.renderer.defaults.merge!( +# http_host: 'example.org', +# https: false +# ) +# end diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb new file mode 100644 index 000000000..d3bcaa5ec --- /dev/null +++ b/config/initializers/content_security_policy.rb @@ -0,0 +1,25 @@ +# Be sure to restart your server when you modify this file. + +# Define an application-wide content security policy +# For further information see the following documentation +# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy + +# Rails.application.config.content_security_policy do |policy| +# policy.default_src :self, :https +# policy.font_src :self, :https, :data +# policy.img_src :self, :https, :data +# policy.object_src :none +# policy.script_src :self, :https +# policy.style_src :self, :https + +# # Specify URI for violation reports +# # policy.report_uri "/csp-violation-report-endpoint" +# end + +# If you are using UJS then enable automatic nonce generation +# Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) } + +# Report CSP violations to a specified URI +# For further information see the following documentation: +# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only +# Rails.application.config.content_security_policy_report_only = true diff --git a/config/initializers/new_framework_defaults_5_2.rb b/config/initializers/new_framework_defaults_5_2.rb new file mode 100644 index 000000000..c383d072b --- /dev/null +++ b/config/initializers/new_framework_defaults_5_2.rb @@ -0,0 +1,38 @@ +# Be sure to restart your server when you modify this file. +# +# This file contains migration options to ease your Rails 5.2 upgrade. +# +# Once upgraded flip defaults one by one to migrate to the new default. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. + +# Make Active Record use stable #cache_key alongside new #cache_version method. +# This is needed for recyclable cache keys. +# Rails.application.config.active_record.cache_versioning = true + +# Use AES-256-GCM authenticated encryption for encrypted cookies. +# Also, embed cookie expiry in signed or encrypted cookies for increased security. +# +# This option is not backwards compatible with earlier Rails versions. +# It's best enabled when your entire app is migrated and stable on 5.2. +# +# Existing cookies will be converted on read then written with the new scheme. +# Rails.application.config.action_dispatch.use_authenticated_cookie_encryption = true + +# Use AES-256-GCM authenticated encryption as default cipher for encrypting messages +# instead of AES-256-CBC, when use_authenticated_message_encryption is set to true. +# Rails.application.config.active_support.use_authenticated_message_encryption = true + +# Add default protection from forgery to ActionController::Base instead of in +# ApplicationController. +# Rails.application.config.action_controller.default_protect_from_forgery = true + +# Store boolean values are in sqlite3 databases as 1 and 0 instead of 't' and +# 'f' after migrating old data. +# Rails.application.config.active_record.sqlite3.represent_boolean_as_integer = true + +# Use SHA-1 instead of MD5 to generate non-sensitive digests, such as the ETag header. +# Rails.application.config.active_support.use_sha1_digests = true + +# Make `form_with` generate id attributes for any generated HTML tags. +# Rails.application.config.action_view.form_with_generates_ids = true diff --git a/config/storage.yml b/config/storage.yml new file mode 100644 index 000000000..2d082c0cb --- /dev/null +++ b/config/storage.yml @@ -0,0 +1,34 @@ +# test: +# service: Disk +# root: <%= Rails.root.join("tmp/storage") %> +# +# local: +# service: Disk +# root: <%= Rails.root.join("storage") %> + +# Use rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key) +# amazon: +# service: S3 +# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %> +# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %> +# region: us-east-1 +# bucket: your_own_bucket + +# Remember not to checkin your GCS keyfile to a repository +# google: +# service: GCS +# project: your_project +# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %> +# bucket: your_own_bucket + +# Use rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key) +# microsoft: +# service: AzureStorage +# storage_account_name: your_account_name +# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %> +# container: your_container_name + +# mirror: +# service: Mirror +# primary: local +# mirrors: [ amazon, google, microsoft ] diff --git a/lib/tasks/i18n_missing_keys.rake b/lib/tasks/i18n_missing_keys.rake index f299b7aea..76013d449 100644 --- a/lib/tasks/i18n_missing_keys.rake +++ b/lib/tasks/i18n_missing_keys.rake @@ -28,14 +28,14 @@ namespace :i18n do all_good = true all_keys.each do |key| - output = `grep -rn #{key} .` - if !$?.success? - if all_good - all_good = false - puts "Following keys are unused (for locale #{lang}):" - end - puts " #{key}" + `grep -rn #{key} .` + next if $CHILD_STATUS.successful? + + if all_good + all_good = false + puts "Following keys are unused (for locale #{lang}):" end + puts " #{key}" end if all_good