diff --git a/.dockerignore b/.dockerignore index e3cd043e9..fb4e9b361 100644 --- a/.dockerignore +++ b/.dockerignore @@ -6,9 +6,12 @@ # Ignore bundler config. /.bundle -# Ignore all environment files (except templates). +# Ignore all environment files /.env* -!/.env*.erb + +# Ignore Kamal files. +/config/deploy*.yml +/.kamal # Ignore all default key files. /config/master.key diff --git a/.gitignore b/.gitignore index f856c4e89..bf1f2d413 100644 --- a/.gitignore +++ b/.gitignore @@ -7,9 +7,8 @@ # Ignore bundler config /.bundle -# Ignore all environment files (except templates). +# Ignore all environment files /.env* -!/.env*.erb # Ignore all logfiles and tempfiles. /log/* @@ -30,8 +29,8 @@ !/public/assets/.keep .byebug_history -# Ignore master key for decrypting credentials and more. -/config/master.key +# Ignore key files for decrypting credentials and more. +/config/*.key /config/credentials/*.key /coverage diff --git a/.rubocop.yml b/.rubocop.yml index 0d729d038..9d04a4079 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -12,8 +12,8 @@ require: Rails: Enabled: true AllCops: - TargetRubyVersion: 3.2.5 - TargetRailsVersion: 7.1 + TargetRubyVersion: 3.4 + TargetRailsVersion: 8.1 Style/StringLiterals: EnforcedStyle: single_quotes diff --git a/.ruby-version b/.ruby-version index 5ae69bd5f..7bcbb3808 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -3.2.5 +3.4.9 diff --git a/CHANGELOG.md b/CHANGELOG.md index 0c88f2f20..ac7ab1bba 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,16 @@ +### 1.22.0 + +**Rails 7.2 Upgrade** +The primary goal of this release is to upgrade the Rails version without causing +any breaking changes to functionality. + +* Upgrades Rails 7.1.3.4 to 8.0.5 +* Upgrades Ruby 3.2.5 to 3.4.9 +* Some dependency updates/changes allowed or required by the above: + * Upgraded `sprockets` from 3.7.2 to 4.0.3 + * Upgraded `papertrail` from 15.1.0 to 17.0.0 + * Upgraded `acts-as-taggable-on` from 10.0.0 to 12.0.0 + ### 1.21.2 **Species+** diff --git a/Dockerfile b/Dockerfile index 5b18e7dcc..5ce6e24a8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,7 @@ # or SUS-ORS project. # Dockerfile -FROM ruby:3.2.5 +FROM ruby:3.4.9 # Rails and SAPI has some additional dependencies, e.g. rake requires a JS # runtime, so attempt to get these from apt, where possible @@ -21,11 +21,13 @@ RUN apt-get update && apt-get install -y --force-yes \ RUN mkdir /SAPI WORKDIR /SAPI -# -# Don't need to do these, as we have done this with Docker bindings -# COPY Gemfile /SAPI/Gemfile -# COPY Gemfile.lock /SAPI/Gemfile.lock -RUN gem install bundler -v 2.5.17 +COPY Gemfile.lock /SAPI/Gemfile.lock + +RUN grep -A1 '^BUNDLED WITH$' Gemfile.lock | tail -n1 | tr -d ' ' \ + | xargs -I _BUNDLER_VERSION_ gem install bundler -v _BUNDLER_VERSION_ + +# Don't this any more, as we get it with Docker bindings +RUN rm /SAPI/Gemfile.lock ## # This happens in the entrypoint diff --git a/Dockerfile.cap-deploy b/Dockerfile.cap-deploy index 377c091fc..dab0ef354 100644 --- a/Dockerfile.cap-deploy +++ b/Dockerfile.cap-deploy @@ -1,5 +1,5 @@ # Dockerfile -FROM ruby:3.2.5 +FROM ruby:3.4.9 ENV DEBIAN_FRONTEND=noninteractive # Rails and SAPI has some additional dependencies, e.g. rake requires a JS @@ -20,7 +20,7 @@ WORKDIR /SAPI # https://stackoverflow.com/questions/43612927/how-to-correctly-install-rvm-in-docker RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB RUN curl -sSL https://get.rvm.io | bash -s -RUN /bin/bash -l -c ". /etc/profile.d/rvm.sh && rvm install 3.2.5" +RUN /bin/bash -l -c ". /etc/profile.d/rvm.sh && rvm install 3.4.9" # RVM installed in multi-user mode. However cap assume rvm is installed in single user mode. # Create a soft link to fake it. RUN mkdir -p ~/.rvm/bin && ln -s /usr/local/rvm/bin/rvm ~/.rvm/bin/rvm @@ -29,9 +29,11 @@ COPY Gemfile /SAPI/Gemfile COPY Gemfile.lock /SAPI/Gemfile.lock ENV BUNDLE_SILENCE_ROOT_WARNING=1 + RUN /bin/bash -c "source /etc/profile.d/rvm.sh \ - && gem install bundler:2.5.17 \ - && bundle" + && grep -A1 '^BUNDLED WITH$' Gemfile.lock | tail -n1 | tr -d ' ' \ + | xargs -I _BUNDLER_VERSION_ gem install bundler -v _BUNDLER_VERSION_ \ + && bundle install" ENTRYPOINT ["/bin/bash", "-l"] diff --git a/Gemfile b/Gemfile index 100a8b7da..fe385b3d5 100644 --- a/Gemfile +++ b/Gemfile @@ -1,9 +1,9 @@ source 'https://rubygems.org' -ruby '3.2.5' +ruby '3.4.9' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem 'rails', '7.1.3.4' +gem 'rails', '8.1.3' # Configure Cross-Origin resource sharing gem 'rack-cors' @@ -14,15 +14,10 @@ gem 'rack-cors' gem 'puma', '~> 5.0' # Use SCSS for stylesheets -# TODO: Can't upgrade sass-rails to 6.0, it raise the following error when running `RAILS_ENV=staging rake assets:precompile`. -# SassC::SyntaxError: Error: Invalid CSS after "...in-bottom:-3px;": expected "}", was ".margin-bottom:-3px" -# on line 3712:5063 of stdin -# >> ction=135,Strength=3)";_margin-bottom:-3px;.margin-bottom:-3px;}/*!Add round -# gem 'sass-rails', '>= 6' -gem 'sass-rails', '~> 5.0' +gem 'sass-rails', '~> 6' # https://stackoverflow.com/questions/55213868/rails-6-how-to-disable-webpack-and-use-sprockets-instead -gem 'sprockets', '3.7.2' +gem 'sprockets', '~> 4' gem 'sprockets-rails', require: 'sprockets/railtie' # Use Terser as compressor for JavaScript assets @@ -34,10 +29,10 @@ gem 'coffee-rails', '~> 5.0' # gem 'mini_racer', platforms: :ruby gem 'active_model_serializers', '0.8.4' # Deprecated -gem "active_storage_validations", "~> 2.0" +gem 'active_storage_validations', '~> 2.0' # Use redis for caching -gem "redis", "~> 4.8" +gem 'redis', '~> 4.8' # Use PostgreSQL database gem 'pg', '~> 1.5', '>= 1.5.4' @@ -53,6 +48,7 @@ gem 'devise', '~> 4.9', '>= 4.9.3' gem 'cancancan', '~> 3.5' gem 'ahoy_matey', '~> 5.0', '>= 5.0.2' gem 'uuidtools', '~> 2.2' # For Ahoy. (https://github.com/ankane/ahoy/blob/v2.2.1/docs/Ahoy-2-Upgrade.md#activerecordstore) +gem 'csv', '~> 3.3.5' # no longer a default gem from Ruby 3.4.0 onwards gem 'wicked', '2.0.0' @@ -70,7 +66,7 @@ gem 'httparty', '~> 0.21.0' gem 'kaminari', '~> 1.2', '>= 1.2.2' # TODO: Suggest migrate to pagy gem. -gem 'acts-as-taggable-on', '~> 10.0' # TODO: refuses to install against Rails 7.2 +gem 'acts-as-taggable-on', '~> 13.0' gem 'carrierwave', '~> 3.0', '>= 3.0.5' # PDF @@ -98,17 +94,22 @@ gem 'bootsnap', '>= 1.4.4', require: false # To use Jbuilder templates for JSON # gem 'jbuilder', '~> 2.7' +gem 'erb', '~> 6.0.2' + group :development do + ## # Adds comments at the top of models describing table column # (replaces annotate) - gem 'annotaterb', '~> 4.10.2' + gem 'annotaterb', '~> 4.22.0' + ## # Access an interactive console on exception pages or by calling 'console' anywhere in the code. - gem 'web-console', '>= 4.1.0' + gem 'web-console' + # Display performance information such as SQL time and flame graphs for each request in your browser. # Can be configured to work on production as well see: https://github.com/MiniProfiler/rack-mini-profiler/blob/master/README.md - gem 'rack-mini-profiler', '~> 2.0' - gem 'listen', '~> 3.3' + gem 'rack-mini-profiler', '~> 4.0.1' + gem 'listen', '~> 3.10.0' # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring gem 'spring' @@ -145,11 +146,15 @@ group :development do gem 'bcrypt_pbkdf', '1.1.0' gem 'ed25519', '1.2.4' - # @TODO: bring back when ruby updated to > 2.6 # gem 'net-ssh', '7.0.0.beta1' # openssl 3.0 compatibility @see https://stackoverflow.com/q/72068406/1090438 + ## + # Static analysis for security vulnerabilities [https://brakemanscanner.org/] + gem 'brakeman', require: false + + gem 'net-ssh', '7.3.2' end group :test, :development do - gem 'rspec-rails', '~> 6.1', '>= 6.1.1' + gem 'rspec-rails', '~> 7.1' gem 'rspec-collection_matchers', '~> 1.2', '>= 1.2.1' gem 'json_spec', '~> 1.1', '>= 1.1.5' gem 'database_cleaner', '~> 2.0', '>= 2.0.2' @@ -161,12 +166,12 @@ end group :test do # Adds support for Capybara system testing and selenium driver gem 'capybara', '>= 3.26' - gem 'selenium-webdriver', '>= 4.0.0.rc1' + gem 'selenium-webdriver', '~> 4.41' # Easy installation and use of web drivers to run system tests with browsers gem 'webdrivers' gem 'rails-controller-testing' - gem 'factory_bot_rails', '5.2.0' + gem 'factory_bot_rails', '~> 6.5.1' gem 'simplecov', '~> 0.22.0', require: false gem 'coveralls_reborn', '~> 0.28.0', require: false end @@ -174,7 +179,7 @@ end gem 'geoip', '1.3.5' # TODO: no change logs, no idea if safe to update. Latest version is 1.6.4 @ 2018 gem 'request_store', '~> 1.5', '>= 1.5.1' -gem 'paper_trail', '15.1.0' +gem 'paper_trail', '~> 17.0.0' gem 'dotenv-rails', '2.0.1' @@ -228,6 +233,4 @@ gem 'handlebars-source', '1.0.12' # TODO: just a wrapwrapper. Any update will ch # # It might be possible to fix this if we had an nginx version which supported # the config: `passenger_preload_bundler on;` -gem 'base64', '0.1.1' - - +gem 'base64', '0.2.0' diff --git a/Gemfile.lock b/Gemfile.lock index d9acef088..cf9a538a3 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -2,51 +2,48 @@ GEM remote: https://rubygems.org/ specs: Ascii85 (1.0.3) - actioncable (7.1.3.4) - actionpack (= 7.1.3.4) - activesupport (= 7.1.3.4) + action_text-trix (2.1.18) + railties + actioncable (8.1.3) + actionpack (= 8.1.3) + activesupport (= 8.1.3) nio4r (~> 2.0) websocket-driver (>= 0.6.1) zeitwerk (~> 2.6) - actionmailbox (7.1.3.4) - actionpack (= 7.1.3.4) - activejob (= 7.1.3.4) - activerecord (= 7.1.3.4) - activestorage (= 7.1.3.4) - activesupport (= 7.1.3.4) - mail (>= 2.7.1) - net-imap - net-pop - net-smtp - actionmailer (7.1.3.4) - actionpack (= 7.1.3.4) - actionview (= 7.1.3.4) - activejob (= 7.1.3.4) - activesupport (= 7.1.3.4) - mail (~> 2.5, >= 2.5.4) - net-imap - net-pop - net-smtp + actionmailbox (8.1.3) + actionpack (= 8.1.3) + activejob (= 8.1.3) + activerecord (= 8.1.3) + activestorage (= 8.1.3) + activesupport (= 8.1.3) + mail (>= 2.8.0) + actionmailer (8.1.3) + actionpack (= 8.1.3) + actionview (= 8.1.3) + activejob (= 8.1.3) + activesupport (= 8.1.3) + mail (>= 2.8.0) rails-dom-testing (~> 2.2) - actionpack (7.1.3.4) - actionview (= 7.1.3.4) - activesupport (= 7.1.3.4) + actionpack (8.1.3) + actionview (= 8.1.3) + activesupport (= 8.1.3) nokogiri (>= 1.8.5) - racc rack (>= 2.2.4) rack-session (>= 1.0.1) rack-test (>= 0.6.3) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - actiontext (7.1.3.4) - actionpack (= 7.1.3.4) - activerecord (= 7.1.3.4) - activestorage (= 7.1.3.4) - activesupport (= 7.1.3.4) + useragent (~> 0.16) + actiontext (8.1.3) + action_text-trix (~> 2.1.15) + actionpack (= 8.1.3) + activerecord (= 8.1.3) + activestorage (= 8.1.3) + activesupport (= 8.1.3) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.1.3.4) - activesupport (= 7.1.3.4) + actionview (8.1.3) + activesupport (= 8.1.3) builder (~> 3.1) erubi (~> 1.11) rails-dom-testing (~> 2.2) @@ -55,67 +52,77 @@ GEM ember-data-source (>= 1.13, < 3.0) active_model_serializers (0.8.4) activemodel (>= 3.0) - active_storage_validations (2.0.3) + active_storage_validations (2.0.4) activejob (>= 6.1.4) activemodel (>= 6.1.4) activestorage (>= 6.1.4) activesupport (>= 6.1.4) marcel (>= 1.0.3) - activejob (7.1.3.4) - activesupport (= 7.1.3.4) + activejob (8.1.3) + activesupport (= 8.1.3) globalid (>= 0.3.6) - activemodel (7.1.3.4) - activesupport (= 7.1.3.4) - activerecord (7.1.3.4) - activemodel (= 7.1.3.4) - activesupport (= 7.1.3.4) + activemodel (8.1.3) + activesupport (= 8.1.3) + activerecord (8.1.3) + activemodel (= 8.1.3) + activesupport (= 8.1.3) timeout (>= 0.4.0) - activestorage (7.1.3.4) - actionpack (= 7.1.3.4) - activejob (= 7.1.3.4) - activerecord (= 7.1.3.4) - activesupport (= 7.1.3.4) + activestorage (8.1.3) + actionpack (= 8.1.3) + activejob (= 8.1.3) + activerecord (= 8.1.3) + activesupport (= 8.1.3) marcel (~> 1.0) - activesupport (7.1.3.4) + activesupport (8.1.3) base64 bigdecimal - concurrent-ruby (~> 1.0, >= 1.0.2) + concurrent-ruby (~> 1.0, >= 1.3.1) connection_pool (>= 2.2.5) drb i18n (>= 1.6, < 2) + json + logger (>= 1.4.2) minitest (>= 5.1) - mutex_m - tzinfo (~> 2.0) - acts-as-taggable-on (10.0.0) - activerecord (>= 6.1, < 7.2) - addressable (2.8.7) - public_suffix (>= 2.0.2, < 7.0) + securerandom (>= 0.3) + tzinfo (~> 2.0, >= 2.0.5) + uri (>= 0.13.1) + acts-as-taggable-on (13.0.0) + activerecord (>= 7.1, < 8.2) + zeitwerk (>= 2.4, < 3.0) + addressable (2.9.0) + public_suffix (>= 2.0.2, < 8.0) afm (0.2.2) - ahoy_matey (5.1.0) - activesupport (>= 6.1) + ahoy_matey (5.5.0) + activesupport (>= 7.2) + cgi device_detector (>= 1) safely_block (>= 0.4) - airbrussh (1.5.2) + airbrussh (1.6.1) sshkit (>= 1.6.1, != 1.7.0) - annotaterb (4.10.2) + annotaterb (4.22.0) + activerecord (>= 6.0.0) + activesupport (>= 6.0.0) appsignal (3.13.1) rack - ast (2.4.2) - aws-eventstream (1.3.0) - aws-partitions (1.961.0) - aws-sdk-core (3.201.3) + ast (2.4.3) + aws-eventstream (1.4.0) + aws-partitions (1.1237.0) + aws-sdk-core (3.244.0) aws-eventstream (~> 1, >= 1.3.0) - aws-partitions (~> 1, >= 1.651.0) - aws-sigv4 (~> 1.8) + aws-partitions (~> 1, >= 1.992.0) + aws-sigv4 (~> 1.9) + base64 + bigdecimal jmespath (~> 1, >= 1.6.1) - aws-sdk-kms (1.88.0) - aws-sdk-core (~> 3, >= 3.201.0) + logger + aws-sdk-kms (1.123.0) + aws-sdk-core (~> 3, >= 3.244.0) aws-sigv4 (~> 1.5) - aws-sdk-s3 (1.157.0) - aws-sdk-core (~> 3, >= 3.201.0) + aws-sdk-s3 (1.219.0) + aws-sdk-core (~> 3, >= 3.244.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.5) - aws-sigv4 (1.9.1) + aws-sigv4 (1.12.1) aws-eventstream (~> 1, >= 1.0.2) babel-source (5.8.35) babel-transpiler (0.7.0) @@ -124,20 +131,23 @@ GEM barber (0.12.2) ember-source (>= 1.0, < 3.1) execjs (>= 1.2, < 3) - base64 (0.1.1) - bcrypt (3.1.20) + base64 (0.2.0) + bcrypt (3.1.22) bcrypt_pbkdf (1.1.0) - bigdecimal (3.1.8) + bigdecimal (4.1.1) bindex (0.8.1) - bootsnap (1.18.3) + bootsnap (1.23.0) msgpack (~> 1.2) bootstrap-sass (2.3.2.2) sass (~> 3.2) + brakeman (8.0.4) + racc brpoplpush-redis_script (0.1.3) concurrent-ruby (~> 1.0, >= 1.0.5) redis (>= 1.0, < 6) builder (3.3.0) - byebug (11.1.3) + byebug (13.0.0) + reline (>= 0.6.0) cancancan (3.6.1) capistrano (3.18.0) airbrussh (>= 1.0.0) @@ -171,14 +181,15 @@ GEM rack-test (>= 0.6.3) regexp_parser (>= 1.5, < 3.0) xpath (~> 3.2) - carrierwave (3.0.7) + carrierwave (3.1.2) activemodel (>= 6.0.0) activesupport (>= 6.0.0) addressable (~> 2.6) image_processing (~> 1.1) marcel (~> 1.0.0) ssrf_filter (~> 1.0) - chartkick (5.0.7) + cgi (0.5.1) + chartkick (5.2.1) chronic_duration (0.10.6) numerizer (~> 0.1.1) coffee-rails (5.0.0) @@ -188,21 +199,22 @@ GEM coffee-script-source execjs coffee-script-source (1.12.2) - concurrent-ruby (1.3.5) - connection_pool (2.5.0) + concurrent-ruby (1.3.6) + connection_pool (2.5.5) coveralls_reborn (0.28.0) simplecov (~> 0.22.0) term-ansicolor (~> 1.7) thor (~> 1.2) tins (~> 1.32) crass (1.0.6) - database_cleaner (2.0.2) + csv (3.3.5) + database_cleaner (2.1.0) database_cleaner-active_record (>= 2, < 3) - database_cleaner-active_record (2.2.0) + database_cleaner-active_record (2.2.2) activerecord (>= 5.a) - database_cleaner-core (~> 2.0.0) + database_cleaner-core (~> 2.0) database_cleaner-core (2.0.1) - date (3.4.1) + date (3.5.1) device_detector (1.1.3) devise (4.9.4) bcrypt (~> 3.0) @@ -210,12 +222,12 @@ GEM railties (>= 4.1.0) responders warden (~> 1.2.3) - diff-lcs (1.5.1) + diff-lcs (1.6.2) docile (1.4.1) dotenv (2.0.1) dotenv-rails (2.0.1) dotenv (= 2.0.1) - drb (2.2.1) + drb (2.2.3) ed25519 (1.2.4) ember-cli-assets (0.0.37) ember-data-source (1.13.0) @@ -238,59 +250,62 @@ GEM railties (>= 4.2) ember-source (1.8.0) handlebars-source (~> 1.0) - erubi (1.13.0) - et-orbi (1.2.11) + erb (6.0.2) + erubi (1.13.1) + et-orbi (1.4.0) tzinfo - execjs (2.9.1) - factory_bot (5.2.0) - activesupport (>= 4.2.0) - factory_bot_rails (5.2.0) - factory_bot (~> 5.2.0) - railties (>= 4.2.0) - ffi (1.17.0) + execjs (2.10.1) + factory_bot (6.5.6) + activesupport (>= 6.1.0) + factory_bot_rails (6.5.1) + factory_bot (~> 6.5) + railties (>= 6.1.0) + ffi (1.17.4-x86_64-linux-gnu) file_exists (0.2.0) - fugit (1.11.0) - et-orbi (~> 1, >= 1.2.11) + fugit (1.12.1) + et-orbi (~> 1.4) raabro (~> 1.4) geoip (1.3.5) - globalid (1.2.1) + globalid (1.3.0) activesupport (>= 6.1) - gon (6.4.0) + gon (6.6.0) actionpack (>= 3.0.20) i18n (>= 0.7) multi_json request_store (>= 1.0) - groupdate (6.4.0) - activesupport (>= 6.1) + groupdate (6.8.0) + activesupport (>= 7.2) handlebars-source (1.0.12) - has_scope (0.8.2) - actionpack (>= 5.2) - activesupport (>= 5.2) + has_scope (0.9.0) + actionpack (>= 7.0) + activesupport (>= 7.0) hashery (2.1.2) httparty (0.21.0) mini_mime (>= 1.0.0) multi_xml (>= 0.5.2) - i18n (1.14.5) + i18n (1.14.8) concurrent-ruby (~> 1.0) - image_processing (1.13.0) - mini_magick (>= 4.9.5, < 5) + image_processing (1.14.0) + mini_magick (>= 4.9.5, < 6) ruby-vips (>= 2.0.17, < 3) inherited_resources (1.14.0) actionpack (>= 6.0) has_scope (>= 0.6) railties (>= 6.0) responders (>= 2) - io-console (0.7.2) - irb (1.14.0) + io-console (0.8.2) + irb (1.17.0) + pp (>= 0.6.0) + prism (>= 1.3.0) rdoc (>= 4.0.0) reline (>= 0.4.2) jmespath (1.6.2) - jquery-rails (4.6.0) + jquery-rails (4.6.1) rails-dom-testing (>= 1, < 3) railties (>= 4.2.0) thor (>= 0.14, < 2.0) jslint_on_rails (1.1.1) - json (2.7.2) + json (2.19.3) json_spec (1.1.5) multi_json (~> 1.0) rspec (>= 2.0, < 4.0) @@ -306,65 +321,74 @@ GEM activerecord kaminari-core (= 1.2.2) kaminari-core (1.2.2) - language_server-protocol (3.17.0.3) + language_server-protocol (3.17.0.5) launchy (2.4.3) addressable (~> 2.3) - listen (3.9.0) + lint_roller (1.1.0) + listen (3.10.0) + logger rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) - logger (1.6.0) - loofah (2.24.0) + logger (1.7.0) + loofah (2.25.1) crass (~> 1.0.2) nokogiri (>= 1.12.0) - mail (2.8.1) + mail (2.9.0) + logger mini_mime (>= 0.1.1) net-imap net-pop net-smtp marcel (1.0.4) - matrix (0.4.2) - mini_magick (4.13.2) + matrix (0.4.3) + mini_magick (5.3.1) + logger mini_mime (1.1.5) - mini_portile2 (2.8.8) - minitest (5.24.1) - mobility (1.2.9) + mini_portile2 (2.8.9) + minitest (6.0.3) + drb (~> 2.0) + prism (~> 1.5) + mize (0.6.1) + mobility (1.3.2) i18n (>= 0.6.10, < 2) request_store (~> 1.0) - msgpack (1.7.2) - multi_json (1.15.0) - multi_xml (0.6.0) - mutex_m (0.2.0) + msgpack (1.8.0) + multi_json (1.20.0) + multi_xml (0.8.1) + bigdecimal (>= 3.1, < 5) nested-hstore (0.1.2) activerecord activesupport nested_form (0.3.2) - net-imap (0.4.20) + net-imap (0.6.3) date net-protocol net-pop (0.1.2) net-protocol net-protocol (0.2.2) timeout - net-scp (4.0.0) + net-scp (4.1.0) net-ssh (>= 2.6.5, < 8.0.0) net-sftp (4.0.0) net-ssh (>= 5.0.0, < 8.0.0) - net-smtp (0.5.0) + net-smtp (0.5.1) net-protocol - net-ssh (7.2.3) - nio4r (2.7.3) - nokogiri (1.18.8) + net-ssh (7.3.2) + nio4r (2.7.5) + nokogiri (1.19.2) mini_portile2 (~> 2.8.2) racc (~> 1.4) numerizer (0.1.1) - oj (3.16.4) + oj (3.16.16) bigdecimal (>= 3.0) + ostruct (>= 0.2) orm_adapter (0.5.0) - paper_trail (15.1.0) - activerecord (>= 6.1) + ostruct (0.6.3) + paper_trail (17.0.0) + activerecord (>= 7.1) request_store (~> 1.4) - parallel (1.25.1) - parser (3.3.4.0) + parallel (2.0.1) + parser (3.3.11.1) ast (~> 2.4.1) racc pdf-reader (1.4.1) @@ -374,69 +398,75 @@ GEM ruby-rc4 ttfunk pdfkit (0.8.7.3) - pg (1.5.7) + pg (1.6.3-x86_64-linux) pg_array_parser (0.0.9) - pg_search (2.3.6) - activerecord (>= 5.2) - activesupport (>= 5.2) + pg_search (2.3.7) + activerecord (>= 6.1) + activesupport (>= 6.1) + pp (0.6.3) + prettyprint prawn (0.13.2) pdf-reader (~> 1.2) ruby-rc4 ttfunk (~> 1.0.3) - psych (5.1.2) + prettyprint (0.2.0) + prism (1.9.0) + psych (5.3.1) + date stringio - public_suffix (6.0.1) - puma (5.6.8) + public_suffix (7.0.5) + puma (5.6.9) nio4r (~> 2.0) raabro (1.4.0) racc (1.8.1) - rack (2.2.14) + rack (2.2.23) rack-cors (2.0.2) rack (>= 2.0.0) - rack-mini-profiler (2.3.4) + rack-mini-profiler (4.0.1) rack (>= 1.2.0) rack-session (1.0.2) rack (< 3) - rack-test (2.1.0) + rack-test (2.2.0) rack (>= 1.3) - rackup (1.0.0) + rackup (1.0.1) rack (< 3) webrick - rails (7.1.3.4) - actioncable (= 7.1.3.4) - actionmailbox (= 7.1.3.4) - actionmailer (= 7.1.3.4) - actionpack (= 7.1.3.4) - actiontext (= 7.1.3.4) - actionview (= 7.1.3.4) - activejob (= 7.1.3.4) - activemodel (= 7.1.3.4) - activerecord (= 7.1.3.4) - activestorage (= 7.1.3.4) - activesupport (= 7.1.3.4) + rails (8.1.3) + actioncable (= 8.1.3) + actionmailbox (= 8.1.3) + actionmailer (= 8.1.3) + actionpack (= 8.1.3) + actiontext (= 8.1.3) + actionview (= 8.1.3) + activejob (= 8.1.3) + activemodel (= 8.1.3) + activerecord (= 8.1.3) + activestorage (= 8.1.3) + activesupport (= 8.1.3) bundler (>= 1.15.0) - railties (= 7.1.3.4) + railties (= 8.1.3) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) activesupport (>= 5.0.1.rc1) - rails-dom-testing (2.2.0) + rails-dom-testing (2.3.0) activesupport (>= 5.0.0) minitest nokogiri (>= 1.6) - rails-html-sanitizer (1.6.1) - loofah (~> 2.21) + rails-html-sanitizer (1.7.0) + loofah (~> 2.25) nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0) - railties (7.1.3.4) - actionpack (= 7.1.3.4) - activesupport (= 7.1.3.4) - irb + railties (8.1.3) + actionpack (= 8.1.3) + activesupport (= 8.1.3) + irb (~> 1.13) rackup (>= 1.0.0) rake (>= 12.2) thor (~> 1.0, >= 1.2.2) + tsort (>= 0.2) zeitwerk (~> 2.6) rainbow (3.1.1) - rake (13.2.1) + rake (13.3.1) rb-fsevent (0.11.2) rb-inotify (0.11.1) ffi (~> 1.0) @@ -444,96 +474,110 @@ GEM ffi rbnacl-libsodium (1.0.16) rbnacl (>= 3.0.1) - rdoc (6.7.0) + rdoc (7.2.0) + erb psych (>= 4.0.0) + tsort + readline (0.0.4) + reline redis (4.8.1) - regexp_parser (2.9.2) - reline (0.5.9) + regexp_parser (2.12.0) + reline (0.6.3) io-console (~> 0.5) request_store (1.7.0) rack (>= 1.4) - responders (3.1.1) - actionpack (>= 5.2) - railties (>= 5.2) - rexml (3.3.9) - rspec (3.13.0) + responders (3.2.0) + actionpack (>= 7.0) + railties (>= 7.0) + rexml (3.4.4) + rspec (3.13.2) rspec-core (~> 3.13.0) rspec-expectations (~> 3.13.0) rspec-mocks (~> 3.13.0) rspec-collection_matchers (1.2.1) rspec-expectations (>= 2.99.0.beta1) - rspec-core (3.13.0) + rspec-core (3.13.6) rspec-support (~> 3.13.0) - rspec-expectations (3.13.1) + rspec-expectations (3.13.5) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-mocks (3.13.1) + rspec-mocks (3.13.8) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-rails (6.1.3) - actionpack (>= 6.1) - activesupport (>= 6.1) - railties (>= 6.1) + rspec-rails (7.1.1) + actionpack (>= 7.0) + activesupport (>= 7.0) + railties (>= 7.0) rspec-core (~> 3.13) rspec-expectations (~> 3.13) rspec-mocks (~> 3.13) rspec-support (~> 3.13) - rspec-support (3.13.1) - rubocop (1.65.1) + rspec-support (3.13.7) + rubocop (1.86.1) json (~> 2.3) - language_server-protocol (>= 3.17.0) - parallel (~> 1.10) + language_server-protocol (~> 3.17.0.2) + lint_roller (~> 1.1.0) + parallel (>= 1.10) parser (>= 3.3.0.2) rainbow (>= 2.2.2, < 4.0) - regexp_parser (>= 2.4, < 3.0) - rexml (>= 3.2.5, < 4.0) - rubocop-ast (>= 1.31.1, < 2.0) + regexp_parser (>= 2.9.3, < 3.0) + rubocop-ast (>= 1.49.0, < 2.0) ruby-progressbar (~> 1.7) - unicode-display_width (>= 2.4.0, < 3.0) - rubocop-ast (1.31.3) - parser (>= 3.3.1.0) - rubocop-capybara (2.21.0) - rubocop (~> 1.41) - rubocop-factory_bot (2.26.1) - rubocop (~> 1.61) - rubocop-minitest (0.35.1) - rubocop (>= 1.61, < 2.0) - rubocop-ast (>= 1.31.1, < 2.0) - rubocop-performance (1.21.1) - rubocop (>= 1.48.1, < 2.0) - rubocop-ast (>= 1.31.1, < 2.0) - rubocop-rails (2.25.1) + unicode-display_width (>= 2.4.0, < 4.0) + rubocop-ast (1.49.1) + parser (>= 3.3.7.2) + prism (~> 1.7) + rubocop-capybara (2.22.1) + lint_roller (~> 1.1) + rubocop (~> 1.72, >= 1.72.1) + rubocop-factory_bot (2.28.0) + lint_roller (~> 1.1) + rubocop (~> 1.72, >= 1.72.1) + rubocop-performance (1.26.1) + lint_roller (~> 1.1) + rubocop (>= 1.75.0, < 2.0) + rubocop-ast (>= 1.47.1, < 2.0) + rubocop-rails (2.34.3) activesupport (>= 4.2.0) + lint_roller (~> 1.1) rack (>= 1.1) - rubocop (>= 1.33.0, < 2.0) - rubocop-ast (>= 1.31.1, < 2.0) - rubocop-rails-omakase (1.0.0) - rubocop - rubocop-minitest - rubocop-performance - rubocop-rails - rubocop-rspec (3.0.3) - rubocop (~> 1.61) - rubocop-rspec_rails (2.30.0) - rubocop (~> 1.61) - rubocop-rspec (~> 3, >= 3.0.1) + rubocop (>= 1.75.0, < 2.0) + rubocop-ast (>= 1.44.0, < 2.0) + rubocop-rails-omakase (1.1.0) + rubocop (>= 1.72) + rubocop-performance (>= 1.24) + rubocop-rails (>= 2.30) + rubocop-rspec (3.9.0) + lint_roller (~> 1.1) + rubocop (~> 1.81) + rubocop-rspec_rails (2.32.0) + lint_roller (~> 1.1) + rubocop (~> 1.72, >= 1.72.1) + rubocop-rspec (~> 3.5) ruby-progressbar (1.13.0) ruby-rc4 (0.1.5) - ruby-vips (2.2.2) + ruby-vips (2.3.0) ffi (~> 1.12) logger - rubyzip (2.3.2) - safely_block (0.4.0) + rubyzip (2.4.1) + safely_block (1.0.0) sass (3.4.25) - sass-rails (5.1.0) - railties (>= 5.2.0) - sass (~> 3.1) - sprockets (>= 2.8, < 4.0) - sprockets-rails (>= 2.0, < 4.0) - tilt (>= 1.1, < 3) - selenium-webdriver (4.16.0) + sass-rails (6.0.0) + sassc-rails (~> 2.1, >= 2.1.1) + sassc (2.4.0) + ffi (~> 1.9) + sassc-rails (2.1.2) + railties (>= 4.0.0) + sassc (>= 2.0) + sprockets (> 3.0) + sprockets-rails + tilt + securerandom (0.4.1) + selenium-webdriver (4.43.0) + base64 (~> 0.2) + logger (~> 1.4) rexml (~> 3.2, >= 3.2.5) - rubyzip (>= 1.2.2, < 3.0) + rubyzip (>= 1.2.2, < 4.0) websocket (~> 1.0) sidekiq (6.5.12) connection_pool (>= 2.2.5, < 3) @@ -556,86 +600,96 @@ GEM docile (~> 1.1) simplecov-html (~> 0.11) simplecov_json_formatter (~> 0.1) - simplecov-html (0.12.3) + simplecov-html (0.13.2) simplecov_json_formatter (0.1.4) sitemap_generator (6.3.0) builder (~> 3.0) slackistrano (0.1.9) capistrano (>= 3.0.1) json - spring (4.2.1) - sprockets (3.7.2) + spring (4.4.2) + sprockets (4.0.3) concurrent-ruby (~> 1.0) rack (> 1, < 3) sprockets-rails (3.5.2) actionpack (>= 6.1) activesupport (>= 6.1) sprockets (>= 3.0.0) - sshkit (1.23.0) + sshkit (1.25.0) base64 + logger net-scp (>= 1.1.2) net-sftp (>= 2.1.2) net-ssh (>= 2.8.0) - ssrf_filter (1.1.2) - stringio (3.1.1) + ostruct + ssrf_filter (1.5.0) + stringio (3.2.0) strong_migrations (1.8.0) activerecord (>= 5.2) susy (2.2.14) sass (>= 3.3.0, < 3.5) sync (0.5.0) - term-ansicolor (1.11.1) - tins (~> 1.0) - terser (1.2.3) + term-ansicolor (1.11.3) + tins (~> 1) + terser (1.2.7) execjs (>= 0.3.0, < 3) - thor (1.3.2) - tilt (2.4.0) - timeout (0.4.3) - tins (1.33.0) + thor (1.5.0) + tilt (2.7.0) + timeout (0.6.1) + tins (1.52.0) bigdecimal + mize (~> 0.6) + readline sync + tsort (0.2.0) ttfunk (1.0.3) tzinfo (2.0.6) concurrent-ruby (~> 1.0) - unicode-display_width (2.5.0) + unicode-display_width (3.2.0) + unicode-emoji (~> 4.1) + unicode-emoji (4.2.0) + uri (1.1.1) + useragent (0.16.11) uuidtools (2.2.0) warden (1.2.9) rack (>= 2.0.9) - web-console (4.2.1) - actionview (>= 6.0.0) - activemodel (>= 6.0.0) + web-console (4.3.0) + actionview (>= 8.0.0) bindex (>= 0.4.0) - railties (>= 6.0.0) + railties (>= 8.0.0) webdrivers (5.2.0) nokogiri (~> 1.6) rubyzip (>= 1.3.0) selenium-webdriver (~> 4.0) - webrick (1.8.2) + webrick (1.9.2) websocket (1.2.11) - websocket-driver (0.7.6) + websocket-driver (0.8.0) + base64 websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) wicked (2.0.0) railties (>= 3.0.7) - wkhtmltopdf-binary (0.12.6.7) + wkhtmltopdf-binary (0.12.6.10) xpath (3.2.0) nokogiri (~> 1.8) - zeitwerk (2.6.17) + zeitwerk (2.7.5) PLATFORMS - ruby + x86_64-linux-gnu DEPENDENCIES active_model_serializers (= 0.8.4) active_storage_validations (~> 2.0) - acts-as-taggable-on (~> 10.0) + acts-as-taggable-on (~> 13.0) ahoy_matey (~> 5.0, >= 5.0.2) - annotaterb (~> 4.10.2) + annotaterb (~> 4.22.0) appsignal (~> 3.13.1) aws-sdk-s3 (~> 1.143) - base64 (= 0.1.1) + base64 (= 0.2.0) bcrypt_pbkdf (= 1.1.0) bootsnap (>= 1.4.4) bootstrap-sass (= 2.3.2.2) + brakeman byebug cancancan (~> 3.5) capistrano (= 3.18.0) @@ -651,6 +705,7 @@ DEPENDENCIES chartkick (~> 5.0, >= 5.0.5) coffee-rails (~> 5.0) coveralls_reborn (~> 0.28.0) + csv (~> 3.3.5) database_cleaner (~> 2.0, >= 2.0.2) devise (~> 4.9, >= 4.9.3) dotenv-rails (= 2.0.1) @@ -658,7 +713,8 @@ DEPENDENCIES ember-data-source (= 1.13.0) ember-rails (~> 0.21.0) ember-source (= 1.8.0) - factory_bot_rails (= 5.2.0) + erb (~> 6.0.2) + factory_bot_rails (~> 6.5.1) file_exists (~> 0.2.0) geoip (= 1.3.5) gon (~> 6.4) @@ -670,13 +726,14 @@ DEPENDENCIES json_spec (~> 1.1, >= 1.1.5) kaminari (~> 1.2, >= 1.2.2) launchy (= 2.4.3) - listen (~> 3.3) + listen (~> 3.10.0) mobility (~> 1.2, >= 1.2.9) nested-hstore (~> 0.1.2) nested_form (~> 0.3.2) + net-ssh (= 7.3.2) nokogiri (~> 1.18) oj (~> 3.16, >= 3.16.3) - paper_trail (= 15.1.0) + paper_trail (~> 17.0.0) pdfkit (~> 0.8.7.3) pg (~> 1.5, >= 1.5.4) pg_array_parser (~> 0.0.9) @@ -684,8 +741,8 @@ DEPENDENCIES prawn (= 0.13.2) puma (~> 5.0) rack-cors - rack-mini-profiler (~> 2.0) - rails (= 7.1.3.4) + rack-mini-profiler (~> 4.0.1) + rails (= 8.1.3) rails-controller-testing rbnacl (= 4.0.2) rbnacl-libsodium (= 1.0.16) @@ -693,7 +750,7 @@ DEPENDENCIES request_store (~> 1.5, >= 1.5.1) responders (~> 3.1, >= 3.1.1) rspec-collection_matchers (~> 1.2, >= 1.2.1) - rspec-rails (~> 6.1, >= 6.1.1) + rspec-rails (~> 7.1) rubocop rubocop-capybara rubocop-factory_bot @@ -702,8 +759,8 @@ DEPENDENCIES rubocop-rspec rubocop-rspec_rails rubyzip (~> 2.3, >= 2.3.2) - sass-rails (~> 5.0) - selenium-webdriver (>= 4.0.0.rc1) + sass-rails (~> 6) + selenium-webdriver (~> 4.41) sidekiq (< 7) sidekiq-cron (~> 1.12) sidekiq-status (~> 3.0, >= 3.0.3) @@ -712,19 +769,19 @@ DEPENDENCIES sitemap_generator (~> 6.3) slackistrano (= 0.1.9) spring - sprockets (= 3.7.2) + sprockets (~> 4) sprockets-rails strong_migrations (~> 1.7) susy (~> 2.2, >= 2.2.14) terser (~> 1.2.3) uuidtools (~> 2.2) - web-console (>= 4.1.0) + web-console webdrivers wicked (= 2.0.0) wkhtmltopdf-binary (~> 0.12.6.6) RUBY VERSION - ruby 3.2.5p208 + ruby 3.4.9p82 BUNDLED WITH - 2.5.17 + 4.0.10 diff --git a/app/assets/stylesheets/mobile/mobile.scss b/app/assets/stylesheets/mobile/mobile.scss index b4a7ddb10..efff1051d 100644 --- a/app/assets/stylesheets/mobile/mobile.scss +++ b/app/assets/stylesheets/mobile/mobile.scss @@ -1,6 +1,4 @@ // Settings (mobile-first) -@import url('https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap'); - $navy: #253848; $black: #2D2D2D; $medium-grey: #dddddd; diff --git a/app/assets/stylesheets/species/all.scss b/app/assets/stylesheets/species/all.scss index b28ec7f5e..a18e844fb 100755 --- a/app/assets/stylesheets/species/all.scss +++ b/app/assets/stylesheets/species/all.scss @@ -3,7 +3,6 @@ License: none (public domain) */ -@import url(https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,600,700); @import './variables'; html, body, div, span, applet, object, iframe, h1, h2, h3, h4, h5, h6, p, blockquote, pre, a, abbr, acronym, address, big, cite, code, del, dfn, em, img, ins, kbd, q, s, samp, small, strike, strong, sub, sup, tt, var, b, u, i, center, dl, dt, dd, ol, ul, li, fieldset, form, label, legend, table, caption, tbody, tfoot, thead, tr, th, td, article, aside, canvas, details, embed, figure, figcaption, footer, header, hgroup, menu, nav, output, ruby, section, summary, time, mark, audio, video { diff --git a/app/channels/application_cable/channel.rb b/app/channels/application_cable/channel.rb deleted file mode 100644 index d67269728..000000000 --- a/app/channels/application_cable/channel.rb +++ /dev/null @@ -1,4 +0,0 @@ -module ApplicationCable - class Channel < ActionCable::Channel::Base - end -end diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb deleted file mode 100644 index 0ff5442f4..000000000 --- a/app/channels/application_cable/connection.rb +++ /dev/null @@ -1,4 +0,0 @@ -module ApplicationCable - class Connection < ActionCable::Connection::Base - end -end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 815be2559..dbb08db6e 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,4 +1,7 @@ class ApplicationController < ActionController::Base + # Only allow modern browsers supporting webp images, web push, badges, import maps, CSS nesting, and CSS :has. + allow_browser versions: :modern + before_action :track_who_does_it_current_user before_action :set_locale before_action :configure_permitted_parameters, if: :devise_controller? diff --git a/app/models/ahoy/visit.rb b/app/models/ahoy/visit.rb index 648a62e0e..fb3bfdeca 100644 --- a/app/models/ahoy/visit.rb +++ b/app/models/ahoy/visit.rb @@ -48,6 +48,8 @@ class Visit < ApplicationRecord # (https://github.com/ankane/ahoy/blob/v1.0.1/lib/generators/ahoy/stores/templates/active_record_visits_migration.rb) # However it has changed since version 1.4.0, from `id` to `visit_token`, and from `visitor_id` to `visitor_token`. # (https://github.com/ankane/ahoy/blob/v1.4.0/lib/generators/ahoy/stores/templates/active_record_visits_migration.rb) + # Note that this will bypass custom methods on the original attribute, which thankfully we don't have: + # (https://guides.rubyonrails.org/upgrading_ruby_on_rails.html#alias-attribute-now-bypasses-custom-methods-on-the-original-attribute) alias_attribute :visit_token, :id alias_attribute :visitor_token, :visitor_id end diff --git a/app/views/layouts/mobile.html.erb b/app/views/layouts/mobile.html.erb index f37c2e414..eef38bf48 100644 --- a/app/views/layouts/mobile.html.erb +++ b/app/views/layouts/mobile.html.erb @@ -7,6 +7,10 @@ + + <%= stylesheet_link_tag "mobile" %> <%= javascript_include_tag "application" %> <%= csrf_meta_tags %> diff --git a/app/views/layouts/species.html.erb b/app/views/layouts/species.html.erb index 054f63979..10a4f6590 100644 --- a/app/views/layouts/species.html.erb +++ b/app/views/layouts/species.html.erb @@ -8,7 +8,11 @@ - <%= stylesheet_link_tag "species" %> + + + <%= stylesheet_link_tag "species" %> diff --git a/bin/brakeman b/bin/brakeman new file mode 100755 index 000000000..ace1c9ba0 --- /dev/null +++ b/bin/brakeman @@ -0,0 +1,7 @@ +#!/usr/bin/env ruby +require "rubygems" +require "bundler/setup" + +ARGV.unshift("--ensure-latest") + +load Gem.bin_path("brakeman", "brakeman") diff --git a/bin/dev b/bin/dev new file mode 100755 index 000000000..5f91c2054 --- /dev/null +++ b/bin/dev @@ -0,0 +1,2 @@ +#!/usr/bin/env ruby +exec "./bin/rails", "server", *ARGV diff --git a/bin/docker-entrypoint b/bin/docker-entrypoint index cd970544f..66c698432 100755 --- a/bin/docker-entrypoint +++ b/bin/docker-entrypoint @@ -4,6 +4,13 @@ if [[ "${@}" =~ "rails server" ]]; then rm -f ./tmp/pids/server.pid; fi +# Removed per https://railsdiff.org/8.0.5/8.1.3 +# Enable jemalloc for reduced memory usage and latency. +# if [ -z "${LD_PRELOAD+x}" ]; then +# LD_PRELOAD=$(find /usr/lib -name libjemalloc.so.2 -print -quit) +# export LD_PRELOAD +# fi + bundle install mkdir -p {./,spec/}public/downloads/checklist @@ -31,7 +38,7 @@ mkdir -p {./,spec/}public/downloads/taxon_concepts_distributions mkdir -p {./,spec/}public/downloads/taxon_concepts_names # If running the rails server then create or migrate existing database -# if [ "${1}" == "./bin/rails" ] && [ "${2}" == "server" ]; then +# if [ "${@: -2:1}" == "./bin/rails" ] && [ "${@: -1:1}" == "server" ]; then # ./bin/rails db:prepare # fi diff --git a/bin/rubocop b/bin/rubocop new file mode 100755 index 000000000..5a2050471 --- /dev/null +++ b/bin/rubocop @@ -0,0 +1,8 @@ +#!/usr/bin/env ruby +require "rubygems" +require "bundler/setup" + +# Explicit RuboCop config increases performance slightly while avoiding config confusion. +ARGV.unshift("--config", File.expand_path("../.rubocop.yml", __dir__)) + +load Gem.bin_path("rubocop", "rubocop") diff --git a/bin/setup b/bin/setup index 3cd5a9d78..d9b575d79 100755 --- a/bin/setup +++ b/bin/setup @@ -3,6 +3,7 @@ require "fileutils" # path to your application root. APP_ROOT = File.expand_path("..", __dir__) +APP_NAME = "sapi" def system!(*args) system(*args, exception: true) @@ -14,7 +15,6 @@ FileUtils.chdir APP_ROOT do # Add necessary setup steps to this file. puts "== Installing dependencies ==" - system! "gem install bundler --conservative" system("bundle check") || system!("bundle install") # puts "\n== Copying sample files ==" @@ -24,10 +24,14 @@ FileUtils.chdir APP_ROOT do puts "\n== Preparing database ==" system! "bin/rails db:prepare" + system! "bin/rails db:reset" if ARGV.include?("--reset") puts "\n== Removing old logs and tempfiles ==" system! "bin/rails log:clear tmp:clear" - puts "\n== Restarting application server ==" - system! "bin/rails restart" + unless ARGV.include?("--skip-server") + puts "\n== Starting development server ==" + STDOUT.flush # flush the output before exec(2) so that it displays + exec "bin/dev" + end end diff --git a/config/application.rb b/config/application.rb index d08af56ef..1d5184a55 100644 --- a/config/application.rb +++ b/config/application.rb @@ -11,7 +11,7 @@ module SAPI class Application < Rails::Application # Initialize configuration defaults for originally generated Rails version. - config.load_defaults 7.1 + config.load_defaults 8.1 # Since Rails 5, on submit, submission buttons in `form_for` are disabled. # However, if errors are thrown and the whole form is not rerendered, then diff --git a/config/deploy.rb b/config/deploy.rb index ce0f0d011..f0a1295f9 100644 --- a/config/deploy.rb +++ b/config/deploy.rb @@ -20,7 +20,7 @@ # set :format, :pretty set :rvm_type, :user -set :rvm_ruby_version, '3.2.5' +set :rvm_ruby_version, '3.4.9' # Sidekiq config set :sidekiq_service_unit_user, :system diff --git a/config/environments/development.rb b/config/environments/development.rb index f994d2d70..311a5bd08 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -3,9 +3,7 @@ Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # In the development environment your application's code is reloaded any time - # it changes. This slows down response time but is perfect for development - # since you don't have to restart the web server when you make code changes. + # Make code changes take effect immediately without server restart. config.enable_reloading = true # Do not eager load code on boot. @@ -40,6 +38,8 @@ # Don't care if the mailer can't send. config.action_mailer.raise_delivery_errors = false + # Disable caching for Action Mailer templates even if Action Controller + # caching is enabled. config.action_mailer.perform_caching = false # Print deprecation notices to the Rails logger. @@ -61,9 +61,15 @@ # Lets keep this for now, its development mode only. config.assets.debug = true + # Append comments with runtime information tags to SQL queries in logs. + config.active_record.query_log_tags_enabled = true + # Highlight code that enqueued background job in logs. config.active_job.verbose_enqueue_logs = true + # Highlight code that triggered redirect in logs. + config.action_dispatch.verbose_redirect_logs = true + # Suppress logger output for asset requests. config.assets.quiet = true @@ -80,12 +86,12 @@ # config.i18n.raise_on_missing_translations = true # Annotate rendered view with file names. - # config.action_view.annotate_rendered_view_with_filenames = true + config.action_view.annotate_rendered_view_with_filenames = true # Uncomment if you wish to allow Action Cable access from any origin. # config.action_cable.disable_request_forgery_protection = true - # Raise error when a before_action's only/except options reference missing actions + # Raise error when a before_action's only/except options reference missing actions. config.action_controller.raise_on_missing_callback_actions = true ### diff --git a/config/environments/production.rb b/config/environments/production.rb index d93986aa5..5cb80ab25 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -6,19 +6,14 @@ # Code is not reloaded between requests. config.enable_reloading = false - # Eager load code on boot. This eager loads most of Rails and - # your application in memory, allowing both threaded web servers - # and those relying on copy on write to perform better. - # Rake tasks automatically ignore this option for performance. + # Eager load code on boot for better performance and memory savings (ignored by Rake tasks). config.eager_load = true - # Full error reports are disabled and caching is turned on. + # Full error reports are disabled. config.consider_all_requests_local = false - config.action_controller.perform_caching = true - # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment - # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files). - # config.require_master_key = true + # Turn on fragment caching in view templates. + config.action_controller.perform_caching = true # Disable serving static files from `public/`, relying on NGINX/Apache to do so instead. config.public_file_server.enabled = false @@ -29,8 +24,10 @@ # Compress CSS using a preprocessor. # config.assets.css_compressor = :sass - # Do not fall back to assets pipeline if a precompiled asset is missed. - config.assets.compile = false + # Cache assets for far-future expiry since they are all digest stamped. + config.public_file_server.headers = { + 'cache-control' => "public, max-age=#{1.year.to_i}" + } # Enable serving of images, stylesheets, and JavaScripts from an asset server. # config.asset_host = "http://assets.example.com" @@ -48,11 +45,13 @@ # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ] # Assume all access to the app is happening through a SSL-terminating reverse proxy. - # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies. # config.assume_ssl = true # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. - # config.force_ssl = true # TODO: should we enable it? Rails enable it by default since 7.1 + # config.force_ssl = true + + # Skip http-to-https redirect for the default health check endpoint. + # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } } # TODO: Since Rails 7.1, the log no longer output to file, but STDOUT, which is the better approach, specially suitable # for docker. However this project still deploying use cap, we may need to change it back until we ready? @@ -77,18 +76,22 @@ # Prepend all log lines with the following tags. config.log_tags = [ :request_id ] - # "info" includes generic and useful information about system operation, but avoids logging too much - # information to avoid inadvertent exposure of personally identifiable information (PII). If you - # want to log everything, set the level to "debug". + # Change to "debug" to log everything (including potentially personally-identifiable information!) # config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info") # Leonardo: override default behaviour and hard-code warn. # @see https://github.com/heartcombo/devise#password-reset-tokens-and-rails-logs config.log_level = 'warn' + # Prevent health checks from clogging up the logs. + config.silence_healthcheck_path = '/up' + + # Don't log any deprecations. + config.active_support.report_deprecations = false + # Use a redis instance as a cache store on production. config.cache_store = :redis_cache_store, { url: ENV.fetch('SAPI_SIDEKIQ_REDIS_CACHE_URL', Rails.application.credentials.dig(:redis_cache, :url)) } - # Use a real queuing backend for Active Job (and separate queues per environment). + # Replace the default in-process and non-durable queuing backend for Active Job. # config.active_job.queue_adapter = :resque # config.active_job.queue_name_prefix = "sapi_production" @@ -103,9 +106,6 @@ # config.i18n.fallbacks = true config.i18n.fallbacks = false - # Don't log any deprecations. - config.active_support.report_deprecations = false - # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false @@ -114,6 +114,7 @@ # "example.com", # Allow requests from example.com # /.*\.example\.com/ # Allow requests from subdomains like `www.example.com` # ] + # # Skip DNS rebinding protection for the default health check endpoint. # config.host_authorization = { exclude: ->(request) { request.path == "/up" } } config.hosts += ENV['ALLOWED_HOSTS'].split(',') if ENV['ALLOWED_HOSTS'].present? diff --git a/config/environments/test.rb b/config/environments/test.rb index 0ecd0a654..3d9eb940e 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -1,5 +1,3 @@ -require 'active_support/core_ext/integer/time' - # The test environment is used exclusively to run your application's # test suite. You never need to work with it otherwise. Remember that # your test database is "scratch space" for the test suite and is wiped @@ -29,6 +27,9 @@ config.action_controller.perform_caching = false config.cache_store = :null_store + # https://guides.rubyonrails.org/upgrading_ruby_on_rails.html#all-tests-now-respect-the-active-job-queue-adapter-config + config.active_job.queue_adapter = :test + # Render exception templates for rescuable exceptions and raise for other exceptions. config.action_dispatch.show_exceptions = :rescuable @@ -38,6 +39,8 @@ # Store uploaded files on the local file system in a temporary directory. config.active_storage.service = :test + # Disable caching for Action Mailer templates even if Action Controller + # caching is enabled. config.action_mailer.perform_caching = false # Tell Action Mailer not to deliver emails to the real world. @@ -60,7 +63,7 @@ # Annotate rendered view with file names. # config.action_view.annotate_rendered_view_with_filenames = true - # Raise error when a before_action's only/except options reference missing actions + # Raise error when a before_action's only/except options reference missing actions. config.action_controller.raise_on_missing_callback_actions = true ### diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index b3076b38f..d51d71397 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -20,6 +20,10 @@ # config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s } # config.content_security_policy_nonce_directives = %w(script-src style-src) # +# # Automatically add `nonce` to `javascript_tag`, `javascript_include_tag`, and `stylesheet_link_tag` +# # if the corresponding directives are specified in `content_security_policy_nonce_directives`. +# # config.content_security_policy_nonce_auto = true +# # # Report violations without enforcing the policy. # # config.content_security_policy_report_only = true # end diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb index ab670b5e6..0c5dd99ac 100644 --- a/config/initializers/cors.rb +++ b/config/initializers/cors.rb @@ -1,14 +1,16 @@ -Rails.application.config.middleware.insert_before 0, Rack::Cors do - allow do - app_cors_origins = - Rails.application.credentials.dig( - :cors, :origins - ) || [] +# Be sure to restart your server when you modify this file. - origins app_cors_origins&.map(&:strip) +# Avoid CORS issues when API is called from the frontend app. +# Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin Ajax requests. - resource '*', headers: :any, methods: [ - :get, :post, :patch, :put, :delete - ] - end -end +# Read more: https://github.com/cyu/rack-cors + +# Rails.application.config.middleware.insert_before 0, Rack::Cors do +# allow do +# origins "example.com" +# +# resource "*", +# headers: :any, +# methods: [:get, :post, :put, :patch, :delete, :options, :head] +# end +# end diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb index c2d89e28a..c0b717f7e 100644 --- a/config/initializers/filter_parameter_logging.rb +++ b/config/initializers/filter_parameter_logging.rb @@ -4,5 +4,5 @@ # Use this to limit dissemination of sensitive information. # See the ActiveSupport::ParameterFilter documentation for supported notations and behaviors. Rails.application.config.filter_parameters += [ - :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn + :passw, :email, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn, :cvv, :cvc ] diff --git a/config/puma.rb b/config/puma.rb index 58e1c205b..38c4b8659 100644 --- a/config/puma.rb +++ b/config/puma.rb @@ -1,35 +1,42 @@ # This configuration file will be evaluated by Puma. The top-level methods that # are invoked here are part of Puma's configuration DSL. For more information # about methods provided by the DSL, see https://puma.io/puma/Puma/DSL.html. - -# Puma can serve each request in a thread from an internal thread pool. -# The `threads` method setting takes two numbers: a minimum and maximum. -# Any libraries that use thread pools should be configured to match -# the maximum value specified for Puma. Default is set to 5 threads for minimum -# and maximum; this matches the default thread size of Active Record. -max_threads_count = ENV.fetch('RAILS_MAX_THREADS') { 5 } -min_threads_count = ENV.fetch('RAILS_MIN_THREADS') { max_threads_count } -threads min_threads_count, max_threads_count - -# Specifies that the worker count should equal the number of processors in production. -if ENV['RAILS_ENV'] == 'production' - require 'concurrent-ruby' - worker_count = Integer(ENV.fetch('WEB_CONCURRENCY') { Concurrent.physical_processor_count }) - workers worker_count if worker_count > 1 -end - -# Specifies the `worker_timeout` threshold that Puma will use to wait before -# terminating a worker in development environments. -worker_timeout 3600 if ENV.fetch('RAILS_ENV', 'development') == 'development' +# +# Puma starts a configurable number of processes (workers) and each process +# serves each request in a thread from an internal thread pool. +# +# You can control the number of workers using ENV["WEB_CONCURRENCY"]. You +# should only set this value when you want to run 2 or more workers. The +# default is already 1. You can set it to `auto` to automatically start a worker +# for each available processor. +# +# The ideal number of threads per worker depends both on how much time the +# application spends waiting for IO operations and on how much you wish to +# prioritize throughput over latency. +# +# As a rule of thumb, increasing the number of threads will increase how much +# traffic a given process can handle (throughput), but due to CRuby's +# Global VM Lock (GVL) it has diminishing returns and will degrade the +# response time (latency) of the application. +# +# The default is set to 3 threads as it's deemed a decent compromise between +# throughput and latency for the average Rails application. +# +# Any libraries that use a connection pool or another resource pool should +# be configured to provide at least as many connections as the number of +# threads. This includes Active Record's `pool` parameter in `database.yml`. +threads_count = ENV.fetch("RAILS_MAX_THREADS", 3) +threads threads_count, threads_count # Specifies the `port` that Puma will listen on to receive requests; default is 3000. -port ENV.fetch('PORT') { 3000 } +port ENV.fetch("PORT", 3000) -# Specifies the `environment` that Puma will run in. -environment ENV.fetch('RAILS_ENV') { 'development' } +# Allow puma to be restarted by `bin/rails restart` command. +plugin :tmp_restart -# Specifies the `pidfile` that Puma will use. -pidfile ENV.fetch('PIDFILE') { 'tmp/pids/server.pid' } +# Run the Solid Queue supervisor inside of Puma for single-server deployments. +plugin :solid_queue if ENV["SOLID_QUEUE_IN_PUMA"] -# Allow puma to be restarted by `rails restart` command. -plugin :tmp_restart +# Specify the PID file. Defaults to tmp/pids/server.pid in development. +# In other environments, only set the PID file if requested. +pidfile ENV["PIDFILE"] if ENV["PIDFILE"] diff --git a/public/400.html b/public/400.html new file mode 100644 index 000000000..640de0339 --- /dev/null +++ b/public/400.html @@ -0,0 +1,135 @@ + + + + + + + The server cannot process the request due to a client error (400 Bad Request) + + + + + + + + + + + + + +
+
+ +
+
+

The server cannot process the request due to a client error. Please check the request and try again. If you're the application owner check the logs for more information.

+
+
+ + + + diff --git a/public/404.html b/public/404.html index f028a6e83..d7f0f1422 100644 --- a/public/404.html +++ b/public/404.html @@ -1,69 +1,135 @@ - - - - - The page you were looking for doesn't exist (404) - - - - - - -
-
-

The page you were looking for doesn't exist.

-

You may have mistyped the address or the page may have moved.

-
-

If you are the application owner check the logs for more information.

-
- + + + + + + + The page you were looking for doesn't exist (404 Not found) + + + + + + + + + + + + + +
+
+ +
+
+

The page you were looking for doesn't exist. You may have mistyped the address or the page may have moved. If you're the application owner check the logs for more information.

+
+
+ + diff --git a/public/406-unsupported-browser.html b/public/406-unsupported-browser.html new file mode 100644 index 000000000..43d2811e8 --- /dev/null +++ b/public/406-unsupported-browser.html @@ -0,0 +1,135 @@ + + + + + + + Your browser is not supported (406 Not Acceptable) + + + + + + + + + + + + + +
+
+ +
+
+

Your browser is not supported.
Please upgrade your browser to continue.

+
+
+ + + + diff --git a/public/422.html b/public/422.html index 33dda348e..f12fb4aa1 100644 --- a/public/422.html +++ b/public/422.html @@ -1,69 +1,135 @@ - - - - - The change you wanted was rejected (422) - - - - - - -
-
-

The change you wanted was rejected.

-

Maybe you tried to change something you didn't have access to.

-
-

If you are the application owner check the logs for more information.

-
- + + + + + + + The change you wanted was rejected (422 Unprocessable Entity) + + + + + + + + + + + + + +
+
+ +
+
+

The change you wanted was rejected. Maybe you tried to change something you didn't have access to. If you're the application owner check the logs for more information.

+
+
+ + diff --git a/public/500.html b/public/500.html index 90beade75..e4eb18a75 100644 --- a/public/500.html +++ b/public/500.html @@ -1,68 +1,135 @@ - - - - - We're sorry, but something went wrong (500) - - - - - - -
-
-

We're sorry, but something went wrong.

-
-

If you are the application owner check the logs for more information.

-
- + + + + + + + We're sorry, but something went wrong (500 Internal Server Error) + + + + + + + + + + + + + +
+
+ +
+
+

We're sorry, but something went wrong.
If you're the application owner check the logs for more information.

+
+
+ +