From f11522c0b44fe94c967a766b0ed8f8858820a632 Mon Sep 17 00:00:00 2001 From: Lucien Date: Wed, 2 Oct 2024 16:05:56 +0200 Subject: [PATCH] update to rails 7.2.1 --- Gemfile | 2 +- Gemfile.lock | 198 +++++++++--------- bin/brakeman | 7 + bin/rails | 1 - bin/rubocop | 8 + bin/setup | 8 +- config/application.rb | 4 +- config/environments/development.rb | 58 ++--- config/environments/production.rb | 57 +++-- config/environments/test.rb | 37 ++-- config/initializers/assets.rb | 2 +- .../initializers/filter_parameter_logging.rb | 8 +- config/initializers/inflections.rb | 8 +- .../new_framework_defaults_7_2.rb | 70 +++++++ config/initializers/permissions_policy.rb | 20 +- config/puma.rb | 71 +++---- ..._to_active_storage_blobs.active_storage.rb | 23 ++ ..._storage_variant_records.active_storage.rb | 28 +++ ...e_storage_blobs_checksum.active_storage.rb | 8 + db/schema.rb | 2 +- public/robots.txt | 2 +- 21 files changed, 373 insertions(+), 249 deletions(-) create mode 100755 bin/brakeman create mode 100755 bin/rubocop create mode 100644 config/initializers/new_framework_defaults_7_2.rb create mode 100644 db/migrate/20241002095922_add_service_name_to_active_storage_blobs.active_storage.rb create mode 100644 db/migrate/20241002095923_create_active_storage_variant_records.active_storage.rb create mode 100644 db/migrate/20241002095924_remove_not_null_on_active_storage_blobs_checksum.active_storage.rb diff --git a/Gemfile b/Gemfile index 0d1e3e592a..52c6e1e473 100644 --- a/Gemfile +++ b/Gemfile @@ -12,7 +12,7 @@ end ruby '3.3.4' -gem 'rails', '~> 7.1.3.4' +gem 'rails', '~> 7.2.1' # Server gem 'foreman' diff --git a/Gemfile.lock b/Gemfile.lock index 10d18fe154..bc7b9d7f7c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -3,51 +3,46 @@ GEM specs: aasm (5.5.0) concurrent-ruby (~> 1.0) - actioncable (7.1.3.4) - actionpack (= 7.1.3.4) - activesupport (= 7.1.3.4) + actioncable (7.2.1) + actionpack (= 7.2.1) + activesupport (= 7.2.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) zeitwerk (~> 2.6) - actionmailbox (7.1.3.4) - actionpack (= 7.1.3.4) - activejob (= 7.1.3.4) - activerecord (= 7.1.3.4) - activestorage (= 7.1.3.4) - activesupport (= 7.1.3.4) - mail (>= 2.7.1) - net-imap - net-pop - net-smtp - actionmailer (7.1.3.4) - actionpack (= 7.1.3.4) - actionview (= 7.1.3.4) - activejob (= 7.1.3.4) - activesupport (= 7.1.3.4) - mail (~> 2.5, >= 2.5.4) - net-imap - net-pop - net-smtp + actionmailbox (7.2.1) + actionpack (= 7.2.1) + activejob (= 7.2.1) + activerecord (= 7.2.1) + activestorage (= 7.2.1) + activesupport (= 7.2.1) + mail (>= 2.8.0) + actionmailer (7.2.1) + actionpack (= 7.2.1) + actionview (= 7.2.1) + activejob (= 7.2.1) + activesupport (= 7.2.1) + mail (>= 2.8.0) rails-dom-testing (~> 2.2) - actionpack (7.1.3.4) - actionview (= 7.1.3.4) - activesupport (= 7.1.3.4) + actionpack (7.2.1) + actionview (= 7.2.1) + activesupport (= 7.2.1) nokogiri (>= 1.8.5) racc - rack (>= 2.2.4) + rack (>= 2.2.4, < 3.2) rack-session (>= 1.0.1) rack-test (>= 0.6.3) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - actiontext (7.1.3.4) - actionpack (= 7.1.3.4) - activerecord (= 7.1.3.4) - activestorage (= 7.1.3.4) - activesupport (= 7.1.3.4) + useragent (~> 0.16) + actiontext (7.2.1) + actionpack (= 7.2.1) + activerecord (= 7.2.1) + activestorage (= 7.2.1) + activesupport (= 7.2.1) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.1.3.4) - activesupport (= 7.1.3.4) + actionview (7.2.1) + activesupport (= 7.2.1) builder (~> 3.1) erubi (~> 1.11) rails-dom-testing (~> 2.2) @@ -79,34 +74,35 @@ GEM activeadmin (>= 2.0, < 4) activeadmin_quill_editor (1.2.0) activeadmin (>= 2.9, < 4) - activejob (7.1.3.4) - activesupport (= 7.1.3.4) + activejob (7.2.1) + activesupport (= 7.2.1) globalid (>= 0.3.6) - activemodel (7.1.3.4) - activesupport (= 7.1.3.4) - activerecord (7.1.3.4) - activemodel (= 7.1.3.4) - activesupport (= 7.1.3.4) + activemodel (7.2.1) + activesupport (= 7.2.1) + activerecord (7.2.1) + activemodel (= 7.2.1) + activesupport (= 7.2.1) timeout (>= 0.4.0) activerecord-postgres_enum (2.1.0) activerecord (>= 5.2) pg - activestorage (7.1.3.4) - actionpack (= 7.1.3.4) - activejob (= 7.1.3.4) - activerecord (= 7.1.3.4) - activesupport (= 7.1.3.4) + activestorage (7.2.1) + actionpack (= 7.2.1) + activejob (= 7.2.1) + activerecord (= 7.2.1) + activesupport (= 7.2.1) marcel (~> 1.0) - activesupport (7.1.3.4) + activesupport (7.2.1) base64 bigdecimal - concurrent-ruby (~> 1.0, >= 1.0.2) + concurrent-ruby (~> 1.0, >= 1.3.1) connection_pool (>= 2.2.5) drb i18n (>= 1.6, < 2) + logger (>= 1.4.2) minitest (>= 5.1) - mutex_m - tzinfo (~> 2.0) + securerandom (>= 0.3) + tzinfo (~> 2.0, >= 2.0.5) acts_as_list (1.2.2) activerecord (>= 6.1) activesupport (>= 6.1) @@ -123,20 +119,20 @@ GEM activerecord (>= 4.0) awesome_print (1.9.2) aws-eventstream (1.3.0) - aws-partitions (1.975.0) - aws-sdk-core (3.205.0) + aws-partitions (1.982.0) + aws-sdk-core (3.209.1) aws-eventstream (~> 1, >= 1.3.0) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.9) jmespath (~> 1, >= 1.6.1) - aws-sdk-kms (1.91.0) - aws-sdk-core (~> 3, >= 3.205.0) + aws-sdk-kms (1.94.0) + aws-sdk-core (~> 3, >= 3.207.0) aws-sigv4 (~> 1.5) - aws-sdk-s3 (1.162.0) - aws-sdk-core (~> 3, >= 3.205.0) + aws-sdk-s3 (1.166.0) + aws-sdk-core (~> 3, >= 3.207.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.5) - aws-sigv4 (1.9.1) + aws-sigv4 (1.10.0) aws-eventstream (~> 1, >= 1.0.2) axe-core-api (4.10.0) dumb_delegator @@ -234,9 +230,9 @@ GEM diff-lcs (1.5.1) docile (1.4.1) domain_name (0.6.20240107) - dotenv (3.1.2) - dotenv-rails (3.1.2) - dotenv (= 3.1.2) + dotenv (3.1.4) + dotenv-rails (3.1.4) + dotenv (= 3.1.4) railties (>= 6.1) drb (2.2.1) dumb_delegator (1.0.0) @@ -265,10 +261,10 @@ GEM csv (>= 3.0.0) globalid (1.2.1) activesupport (>= 6.1) - google-protobuf (4.28.1-arm64-darwin) + google-protobuf (4.28.2-arm64-darwin) bigdecimal rake (>= 13) - google-protobuf (4.28.1-x86_64-linux) + google-protobuf (4.28.2-x86_64-linux) bigdecimal rake (>= 13) haml (6.3.0) @@ -280,7 +276,7 @@ GEM activesupport (>= 5.1) haml (>= 4.0.6) railties (>= 5.1) - haml_lint (0.58.0) + haml_lint (0.59.0) haml (>= 5.0) parallel (~> 1.10) rainbow @@ -326,7 +322,7 @@ GEM responders (>= 2) io-console (0.7.2) ip_anonymizer (0.3.0) - irb (1.14.0) + irb (1.14.1) rdoc (>= 4.0.0) reline (>= 0.4.2) jbuilder (2.13.0) @@ -391,7 +387,6 @@ GEM msgpack (1.7.2) mustermann (3.0.3) ruby2_keywords (~> 0.0.1) - mutex_m (0.2.0) net-imap (0.4.16) date net-protocol @@ -428,7 +423,7 @@ GEM psych (5.1.2) stringio public_suffix (6.0.1) - puma (6.4.2) + puma (6.4.3) nio4r (~> 2.0) pundit (2.4.0) activesupport (>= 3.0.0) @@ -446,20 +441,20 @@ GEM rackup (2.1.0) rack (>= 3) webrick (~> 1.8) - rails (7.1.3.4) - actioncable (= 7.1.3.4) - actionmailbox (= 7.1.3.4) - actionmailer (= 7.1.3.4) - actionpack (= 7.1.3.4) - actiontext (= 7.1.3.4) - actionview (= 7.1.3.4) - activejob (= 7.1.3.4) - activemodel (= 7.1.3.4) - activerecord (= 7.1.3.4) - activestorage (= 7.1.3.4) - activesupport (= 7.1.3.4) + rails (7.2.1) + actioncable (= 7.2.1) + actionmailbox (= 7.2.1) + actionmailer (= 7.2.1) + actionpack (= 7.2.1) + actiontext (= 7.2.1) + actionview (= 7.2.1) + activejob (= 7.2.1) + activemodel (= 7.2.1) + activerecord (= 7.2.1) + activestorage (= 7.2.1) + activesupport (= 7.2.1) bundler (>= 1.15.0) - railties (= 7.1.3.4) + railties (= 7.2.1) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) @@ -483,10 +478,10 @@ GEM actionview (> 3.1) activesupport (> 3.1) railties (> 3.1) - railties (7.1.3.4) - actionpack (= 7.1.3.4) - activesupport (= 7.1.3.4) - irb + railties (7.2.1) + actionpack (= 7.2.1) + activesupport (= 7.2.1) + irb (~> 1.13) rackup (>= 1.0.0) rake (>= 12.2) thor (~> 1.0, >= 1.2.2) @@ -513,7 +508,7 @@ GEM responders (3.1.1) actionpack (>= 5.2) railties (>= 5.2) - rexml (3.3.7) + rexml (3.3.8) rorvswild (1.8.0) rspec-core (3.13.1) rspec-support (~> 3.13.0) @@ -573,15 +568,15 @@ GEM rubocop (>= 0.82.0) rubocop-i18n (3.0.0) rubocop (~> 1.0) - rubocop-performance (1.22.0) + rubocop-performance (1.22.1) rubocop (>= 1.48.1, < 2.0) rubocop-ast (>= 1.31.1, < 2.0) - rubocop-rails (2.26.1) + rubocop-rails (2.26.2) activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.52.0, < 2.0) rubocop-ast (>= 1.31.1, < 2.0) - rubocop-rspec (3.0.5) + rubocop-rspec (3.1.0) rubocop (~> 1.61) rubocop-rspec_rails (2.30.0) rubocop (~> 1.61) @@ -593,27 +588,28 @@ GEM rubystats (0.4.1) matrix rubyzip (2.3.2) - sass-embedded (1.78.0-arm64-darwin) + sass-embedded (1.79.4-arm64-darwin) google-protobuf (~> 4.27) - sass-embedded (1.78.0-x86_64-linux-gnu) + sass-embedded (1.79.4-x86_64-linux-gnu) google-protobuf (~> 4.27) - sassc-embedded (1.78.0) - sass-embedded (~> 1.78) + sassc-embedded (1.79.0) + sass-embedded (~> 1.79) + securerandom (0.3.1) selectize-rails (0.12.6) - selenium-webdriver (4.24.0) + selenium-webdriver (4.25.0) base64 (~> 0.2) logger (~> 1.4) rexml (~> 3.2, >= 3.2.5) rubyzip (>= 1.2.2, < 3.0) websocket (~> 1.0) - sentry-rails (5.19.0) + sentry-rails (5.20.1) railties (>= 5.0) - sentry-ruby (~> 5.19.0) - sentry-ruby (5.19.0) + sentry-ruby (~> 5.20.1) + sentry-ruby (5.20.1) bigdecimal concurrent-ruby (~> 1.0, >= 1.0.2) - sentry-sidekiq (5.19.0) - sentry-ruby (~> 5.19.0) + sentry-sidekiq (5.20.1) + sentry-ruby (~> 5.20.1) sidekiq (>= 3.0) shoulda-matchers (6.4.0) activesupport (>= 5.2.0) @@ -669,9 +665,8 @@ GEM thread_safe (0.3.6) tilt (2.4.0) timeout (0.4.1) - turbo-rails (2.0.7) + turbo-rails (2.0.10) actionpack (>= 6.0.0) - activejob (>= 6.0.0) railties (>= 6.0.0) typhoeus (1.4.1) ethon (>= 0.9.0) @@ -681,6 +676,7 @@ GEM uniform_notifier (1.16.0) user_impersonate2 (0.12.0) rails (>= 5.1.0) + useragent (0.16.10) virtus (2.0.0) axiom-types (~> 0.1) coercible (~> 1.0) @@ -697,11 +693,11 @@ GEM activemodel (>= 6.0.0) bindex (>= 0.4.0) railties (>= 6.0.0) - webmock (3.23.1) + webmock (3.24.0) addressable (>= 2.8.0) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) - webrick (1.8.1) + webrick (1.8.2) websocket (1.2.11) websocket-driver (0.7.6) websocket-extensions (>= 0.1.0) @@ -776,7 +772,7 @@ DEPENDENCIES puma pundit rack-attack - rails (~> 7.1.3.4) + rails (~> 7.2.1) rails-controller-testing rails-erd rails-i18n diff --git a/bin/brakeman b/bin/brakeman new file mode 100755 index 0000000000..ace1c9ba08 --- /dev/null +++ b/bin/brakeman @@ -0,0 +1,7 @@ +#!/usr/bin/env ruby +require "rubygems" +require "bundler/setup" + +ARGV.unshift("--ensure-latest") + +load Gem.bin_path("brakeman", "brakeman") diff --git a/bin/rails b/bin/rails index c8b53385b7..efc0377492 100755 --- a/bin/rails +++ b/bin/rails @@ -1,5 +1,4 @@ #!/usr/bin/env ruby -load File.expand_path("spring", __dir__) APP_PATH = File.expand_path("../config/application", __dir__) require_relative "../config/boot" require "rails/commands" diff --git a/bin/rubocop b/bin/rubocop new file mode 100755 index 0000000000..40330c0ff1 --- /dev/null +++ b/bin/rubocop @@ -0,0 +1,8 @@ +#!/usr/bin/env ruby +require "rubygems" +require "bundler/setup" + +# explicit rubocop config increases performance slightly while avoiding config confusion. +ARGV.unshift("--config", File.expand_path("../.rubocop.yml", __dir__)) + +load Gem.bin_path("rubocop", "rubocop") diff --git a/bin/setup b/bin/setup index ec47b79b3b..2001c00338 100755 --- a/bin/setup +++ b/bin/setup @@ -1,11 +1,11 @@ #!/usr/bin/env ruby require "fileutils" -# path to your application root. APP_ROOT = File.expand_path("..", __dir__) +APP_NAME = "conseillers-entreprises" def system!(*args) - system(*args) || abort("\n== Command #{args} failed ==") + system(*args, exception: true) end FileUtils.chdir APP_ROOT do @@ -30,4 +30,8 @@ FileUtils.chdir APP_ROOT do puts "\n== Restarting application server ==" system! "bin/rails restart" + + # puts "\n== Configuring puma-dev ==" + # system "ln -nfs #{APP_ROOT} ~/.puma-dev/#{APP_NAME}" + # system "curl -Is https://#{APP_NAME}.test/up | head -n 1" end diff --git a/config/application.rb b/config/application.rb index c2b2213114..6d83dd87bf 100644 --- a/config/application.rb +++ b/config/application.rb @@ -6,14 +6,12 @@ require "active_job/railtie" require "active_record/railtie" require "active_storage/engine" -require "active_storage/attached" require "action_controller/railtie" require "action_mailer/railtie" # require "action_mailbox/engine" # require "action_text/engine" require "action_view/railtie" # require "action_cable/engine" -require "sprockets/railtie" require "rails/test_unit/railtie" # Require the gems listed in Gemfile, including any gems @@ -24,6 +22,8 @@ module PlaceDesEntreprises class Application < Rails::Application config.load_defaults 7.0 + config.autoload_lib(ignore: %w[assets tasks]) + config.time_zone = 'Paris' config.i18n.available_locales = [:fr] diff --git a/config/environments/development.rb b/config/environments/development.rb index c034527074..cf2c47716a 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -3,16 +3,10 @@ Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - Rails.application.routes.default_url_options = { host: ENV['HOST_NAME'], port: ENV['PORT'] } - - if ENV['DEVELOPMENT_PUMA_SSL'].to_b - # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. - config.force_ssl = true - end # In the development environment your application's code is reloaded any time # it changes. This slows down response time but is perfect for development # since you don't have to restart the web server when you make code changes. - config.cache_classes = false + config.enable_reloading = true # Do not eager load code on boot. config.eager_load = false @@ -20,7 +14,7 @@ # Show full error reports. config.consider_all_requests_local = true - # Enable server timing + # Enable server timing. config.server_timing = true # Enable/disable caching. By default caching is disabled. @@ -30,30 +24,25 @@ config.action_controller.enable_fragment_cache_logging = true config.cache_store = :memory_store - config.public_file_server.headers = { - "Cache-Control" => "public, max-age=#{2.days.to_i}" - } + config.public_file_server.headers = { "Cache-Control" => "public, max-age=#{2.days.to_i}" } else config.action_controller.perform_caching = false config.cache_store = :null_store end - # Perform delayed jobs synchronously - if ENV['DEVELOPMENT_INLINE_JOBS'].to_b - config.active_job.queue_adapter = :inline - end - # Store uploaded files on the local file system (see config/storage.yml for options). config.active_storage.service = :local # Don't care if the mailer can't send. config.action_mailer.raise_delivery_errors = false - # Use LetterOpener - config.action_mailer.delivery_method = :letter_opener_web + # Disable caching for Action Mailer templates even if Action Controller + # caching is enabled. config.action_mailer.perform_caching = false + config.action_mailer.default_url_options = { host: "localhost", port: 3000 } + # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log @@ -69,38 +58,21 @@ # Highlight code that triggered database queries in logs. config.active_record.verbose_query_logs = true - # Debug mode disables concatenation and preprocessing of assets. - # This option may cause significant delays in view rendering with a large - # number of complex assets. - config.assets.debug = true + # Highlight code that enqueued background job in logs. + config.active_job.verbose_enqueue_logs = true # Suppress logger output for asset requests. config.assets.quiet = true - config.action_mailer.asset_host = "http://#{ENV['HOST_NAME']}:#{ENV['PORT']}" - - # Raises error for missing translations + # Raises error for missing translations. # config.i18n.raise_on_missing_translations = true # Annotate rendered view with file names. - # config.action_view.annotate_rendered_view_with_filenames = true - - # Use an evented file watcher to asynchronously detect changes in source code, - # routes, locales, etc. This feature depends on the listen gem. - config.file_watcher = ActiveSupport::EventedFileUpdateChecker + config.action_view.annotate_rendered_view_with_filenames = true - # Uncomment if you wish to allow Action Cable access from any origin. - # config.action_cable.disable_request_forgery_protection = true + # Raise error when a before_action's only/except options reference missing actions. + config.action_controller.raise_on_missing_callback_actions = false - # Let Faker load its :en text - config.i18n.enforce_available_locales = false - - # Bullet configuration. Other options : https://github.com/flyerhzm/bullet#configuration - config.after_initialize do - Bullet.enable = false - Bullet.add_footer = true - Bullet.rails_logger = true - Bullet.alert = false - Bullet.console = false - end + # Apply autocorrection by RuboCop to files generated by `bin/rails generate`. + # config.generators.apply_rubocop_autocorrect_after_generate! end diff --git a/config/environments/production.rb b/config/environments/production.rb index 0243bd6dc5..98225d13a3 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -6,7 +6,7 @@ Rails.application.routes.default_url_options = { host: ENV['HOST_NAME'] } # Code is not reloaded between requests. - config.cache_classes = true + config.enable_reloading = false # Eager load code on boot. This eager loads most of Rails and # your application in memory, allowing both threaded web servers @@ -15,11 +15,11 @@ config.eager_load = true # Full error reports are disabled and caching is turned on. - config.consider_all_requests_local = false + config.consider_all_requests_local = false config.action_controller.perform_caching = true - # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"] - # or in config/master.key. This key is used to decrypt credentials (and other encrypted files). + # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment + # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files). # config.require_master_key = true # Disable serving static files from the `/public` folder by default since @@ -51,7 +51,7 @@ # Compress CSS using a preprocessor. # config.assets.css_compressor = :sass - # Do not fallback to assets pipeline if a precompiled asset is missed. + # Do not fall back to assets pipeline if a precompiled asset is missed. config.assets.compile = false config.ssl_options = { hsts: { subdomains: true, preload: false } } @@ -62,16 +62,32 @@ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX + # Store uploaded files on the local file system (see config/storage.yml for options). + config.active_storage.service = :ovh + + # Assume all access to the app is happening through a SSL-terminating reverse proxy. + # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies. + # config.assume_ssl = true + # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. config.force_ssl = true - # Include generic and useful information about system operation, but avoid logging too much - # information to avoid inadvertent exposure of personally identifiable information (PII). - config.log_level = :info + # Skip http-to-https redirect for the default health check endpoint. + # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } } + + # Log to STDOUT by default + config.logger = ActiveSupport::Logger.new(STDOUT) # rubocop:disable Style/GlobalStdStream + .tap { |logger| logger.formatter = Logger::Formatter.new } + .then { |logger| ActiveSupport::TaggedLogging.new(logger) } # Prepend all log lines with the following tags. config.log_tags = [ :request_id ] + # "info" includes generic and useful information about system operation, but avoids logging too much + # information to avoid inadvertent exposure of personally identifiable information (PII). If you + # want to log everything, set the level to "debug". + config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info") + # Use a different cache store in production. config.cache_store = :redis_cache_store, { url: ENV['REDIS_URL'], reconnect_attempts: 3, @@ -82,7 +98,7 @@ } # Use a real queuing backend for Active Job (and separate queues per environment). - # config.active_job.queue_adapter = :resque + # config.active_job.queue_adapter = :resque # config.active_job.queue_name_prefix = "place_des_entreprises_production" config.action_mailer.asset_host = ENV['HOST_NAME'] @@ -121,15 +137,19 @@ config.i18n.fallbacks = true # Don't log any deprecations. - # config.active_support.report_deprecations = true - - # Use default logging formatter so that PID and timestamp are not suppressed. - config.log_formatter = Logger::Formatter.new + config.active_support.report_deprecations = false - # Use a different logger for distributed setups. - # require "syslog/logger" - # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name") + # Do not dump schema after migrations. + config.active_record.dump_schema_after_migration = false + # Enable DNS rebinding protection and other `Host` header attacks. + # config.hosts = [ + # "example.com", # Allow requests from example.com + # /.*\.example\.com/ # Allow requests from subdomains like `www.example.com` + # ] + # Skip DNS rebinding protection for the default health check endpoint. + # config.host_authorization = { exclude: ->(request) { request.path == "/up" } } + # if ENV["RAILS_LOG_TO_STDOUT"].present? logger = ActiveSupport::Logger.new($stdout) logger.formatter = config.log_formatter @@ -140,9 +160,4 @@ # Let Faker load its :en text config.i18n.enforce_available_locales = false end - - # Do not dump schema after migrations. - config.active_record.dump_schema_after_migration = false - - config.active_storage.service = :ovh end diff --git a/config/environments/test.rb b/config/environments/test.rb index e3734eafa3..fbc726883e 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -9,27 +9,25 @@ Rails.application.routes.default_url_options = { host: 'test.host' } # Settings specified here will take precedence over those in config/application.rb. - # Turn false under Spring and add config.action_view.cache_template_loading = true. - config.cache_classes = false + # While tests run files are not watched, reloading is not necessary. + config.enable_reloading = false - # Eager loading loads your whole application. When running a single test locally, - # this probably isn't necessary. It's a good idea to do in a continuous integration - # system, or in some way before deploying your code. + # Eager loading loads your entire application. When running a single test locally, + # this is usually not necessary, and can slow down your test suite. However, it's + # recommended that you enable it in continuous integration systems to ensure eager + # loading is working properly before deploying your code. config.eager_load = ENV["CI"].present? # Configure public file server for tests with Cache-Control for performance. - config.public_file_server.enabled = true - config.public_file_server.headers = { - "Cache-Control" => "public, max-age=#{1.hour.to_i}" - } + config.public_file_server.headers = { "Cache-Control" => "public, max-age=#{1.hour.to_i}" } # Show full error reports and disable caching. - config.consider_all_requests_local = true + config.consider_all_requests_local = true config.action_controller.perform_caching = false config.cache_store = :null_store - # Raise exceptions instead of rendering exception templates. - config.action_dispatch.show_exceptions = false + # Render exception templates for rescuable exceptions and raise for other exceptions. + config.action_dispatch.show_exceptions = :raise # Disable request forgery protection in test environment. config.action_controller.allow_forgery_protection = false @@ -37,15 +35,18 @@ # Store uploaded files on the local file system in a temporary directory. config.active_storage.service = :test + # Disable caching for Action Mailer templates even if Action Controller + # caching is enabled. config.action_mailer.perform_caching = false # Tell Action Mailer not to deliver emails to the real world. # The :test delivery method accumulates sent emails in the # ActionMailer::Base.deliveries array. config.action_mailer.delivery_method = :test - # config.active_job.queue_adapter = :inline - config.action_mailer.default_url_options = { host: 'test.host' } + # Unlike controllers, the mailer instance doesn't have any context about the + # incoming request so you'll need to provide the :host parameter yourself. + config.action_mailer.default_url_options = { host: "www.example.com" } # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr @@ -64,4 +65,12 @@ # Annotate rendered view with file names. # config.action_view.annotate_rendered_view_with_filenames = true + + # Raise error when a before_action's only/except options reference missing actions. + config.action_controller.raise_on_missing_callback_actions = false + + # Turn false under Spring and add config.action_view.cache_template_loading = true. + config.cache_classes = false + + config.active_job.queue_adapter = :test end diff --git a/config/initializers/assets.rb b/config/initializers/assets.rb index 455a7d06d1..533dc5085c 100644 --- a/config/initializers/assets.rb +++ b/config/initializers/assets.rb @@ -15,4 +15,4 @@ # Precompile additional assets. # application.js, application.css, and all non-JS/CSS in the app/assets # folder are already added. -# Rails.application.config.assets.precompile += %w( admin.js admin.css ) +# Rails.application.config.assets.precompile += %w[ admin.js admin.css ] diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb index adc6568ce8..c010b83ddd 100644 --- a/config/initializers/filter_parameter_logging.rb +++ b/config/initializers/filter_parameter_logging.rb @@ -1,8 +1,8 @@ # Be sure to restart your server when you modify this file. -# Configure parameters to be filtered from the log file. Use this to limit dissemination of -# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported -# notations and behaviors. +# Configure parameters to be partially matched (e.g. passw matches password) and filtered from the log file. +# Use this to limit dissemination of sensitive information. +# See the ActiveSupport::ParameterFilter documentation for supported notations and behaviors. Rails.application.config.filter_parameters += [ - :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn + :passw, :email, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn ] diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb index d2571b5cea..48a4f9f453 100644 --- a/config/initializers/inflections.rb +++ b/config/initializers/inflections.rb @@ -4,10 +4,10 @@ # are locale specific, and you may define rules for as many different # locales as you wish. All of these examples are active by default: ActiveSupport::Inflector.inflections(:en) do |inflect| - # inflect.plural /^(ox)$/i, '\1en' - # inflect.singular /^(ox)en/i, '\1' - # inflect.irregular 'person', 'people' - # inflect.uncountable %w( fish sheep ) + # inflect.plural /^(ox)$/i, "\\1en" + # inflect.singular /^(ox)en/i, "\\1" + # inflect.irregular "person", "people" + # inflect.uncountable %w( fish sheep ) inflect.irregular 'InstitutionSubject', 'InstitutionsSubjects' inflect.irregular 'institution_subject', 'institutions_subjects' inflect.irregular 'ExpertSubject', 'ExpertsSubjects' diff --git a/config/initializers/new_framework_defaults_7_2.rb b/config/initializers/new_framework_defaults_7_2.rb new file mode 100644 index 0000000000..b549c4a258 --- /dev/null +++ b/config/initializers/new_framework_defaults_7_2.rb @@ -0,0 +1,70 @@ +# Be sure to restart your server when you modify this file. +# +# This file eases your Rails 7.2 framework defaults upgrade. +# +# Uncomment each configuration one by one to switch to the new default. +# Once your application is ready to run with all new defaults, you can remove +# this file and set the `config.load_defaults` to `7.2`. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. +# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html + +### +# Controls whether Active Job's `#perform_later` and similar methods automatically defer +# the job queuing to after the current Active Record transaction is committed. +# +# Example: +# Topic.transaction do +# topic = Topic.create(...) +# NewTopicNotificationJob.perform_later(topic) +# end +# +# In this example, if the configuration is set to `:never`, the job will +# be enqueued immediately, even though the `Topic` hasn't been committed yet. +# Because of this, if the job is picked up almost immediately, or if the +# transaction doesn't succeed for some reason, the job will fail to find this +# topic in the database. +# +# If `enqueue_after_transaction_commit` is set to `:default`, the queue adapter +# will define the behaviour. +# +# Note: Active Job backends can disable this feature. This is generally done by +# backends that use the same database as Active Record as a queue, hence they +# don't need this feature. +#++ +# Rails.application.config.active_job.enqueue_after_transaction_commit = :default + +### +# Adds image/webp to the list of content types Active Storage considers as an image +# Prevents automatic conversion to a fallback PNG, and assumes clients support WebP, as they support gif, jpeg, and png. +# This is possible due to broad browser support for WebP, but older browsers and email clients may still not support +# WebP. Requires imagemagick/libvips built with WebP support. +#++ +# Rails.application.config.active_storage.web_image_content_types = %w[image/png image/jpeg image/gif image/webp] + +### +# Enable validation of migration timestamps. When set, an ActiveRecord::InvalidMigrationTimestampError +# will be raised if the timestamp prefix for a migration is more than a day ahead of the timestamp +# associated with the current time. This is done to prevent forward-dating of migration files, which can +# impact migration generation and other migration commands. +# +# Applications with existing timestamped migrations that do not adhere to the +# expected format can disable validation by setting this config to `false`. +#++ +# Rails.application.config.active_record.validate_migration_timestamps = true + +### +# Controls whether the PostgresqlAdapter should decode dates automatically with manual queries. +# +# Example: +# ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.select_value("select '2024-01-01'::date") #=> Date +# +# This query used to return a `String`. +#++ +# Rails.application.config.active_record.postgresql_adapter_decode_dates = true + +### +# Enables YJIT as of Ruby 3.3, to bring sizeable performance improvements. If you are +# deploying to a memory constrained environment you may want to set this to `false`. +#++ +# Rails.application.config.yjit = true diff --git a/config/initializers/permissions_policy.rb b/config/initializers/permissions_policy.rb index 00f64d71b0..7db3b9577e 100644 --- a/config/initializers/permissions_policy.rb +++ b/config/initializers/permissions_policy.rb @@ -1,11 +1,13 @@ +# Be sure to restart your server when you modify this file. + # Define an application-wide HTTP permissions policy. For further -# information see https://developers.google.com/web/updates/2018/06/feature-policy -# -# Rails.application.config.permissions_policy do |f| -# f.camera :none -# f.gyroscope :none -# f.microphone :none -# f.usb :none -# f.fullscreen :self -# f.payment :self, "https://secure.example.com" +# information see: https://developers.google.com/web/updates/2018/06/feature-policy + +# Rails.application.config.permissions_policy do |policy| +# policy.camera :none +# policy.gyroscope :none +# policy.microphone :none +# policy.usb :none +# policy.fullscreen :self +# policy.payment :self, "https://secure.example.com" # end diff --git a/config/puma.rb b/config/puma.rb index ade1970fee..03c166f4cf 100644 --- a/config/puma.rb +++ b/config/puma.rb @@ -1,51 +1,34 @@ -# Puma can serve each request in a thread from an internal thread pool. -# The `threads` method setting takes two numbers: a minimum and maximum. -# Any libraries that use thread pools should be configured to match -# the maximum value specified for Puma. Default is set to 5 threads for minimum -# and maximum; this matches the default thread size of Active Record. -# -max_threads_count = ENV.fetch("RAILS_MAX_THREADS", 5) -min_threads_count = ENV.fetch("RAILS_MIN_THREADS", max_threads_count) -threads min_threads_count, max_threads_count - -# Specify SSL in local development -if ENV.fetch("RACK_ENV") == "development" && ENV['DEVELOPMENT_PUMA_SSL']&.to_b - ssl_bind '0.0.0.0', ENV.fetch("PORT"), { - key: ENV.fetch('DEVELOPMENT_PUMA_SSL_KEY'), - cert: ENV.fetch('DEVELOPMENT_PUMA_SSL_CERT') - } -else - # Specifies the `port` that Puma will listen on to receive requests; default is 3000. - # - port ENV.fetch("PORT", 3000) -end +# This configuration file will be evaluated by Puma. The top-level methods that +# are invoked here are part of Puma's configuration DSL. For more information +# about methods provided by the DSL, see https://puma.io/puma/Puma/DSL.html. -# Specifies the `worker_timeout` threshold that Puma will use to wait before -# terminating a worker in development environments. +# Puma starts a configurable number of processes (workers) and each process +# serves each request in a thread from an internal thread pool. # -worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development" - -# Specifies the `environment` that Puma will run in. +# The ideal number of threads per worker depends both on how much time the +# application spends waiting for IO operations and on how much you wish to +# to prioritize throughput over latency. # -environment ENV.fetch("RAILS_ENV", "development") - -# Specifies the `pidfile` that Puma will use. -pidfile ENV.fetch("PIDFILE", "tmp/pids/server.pid") - -# Specifies the number of `workers` to boot in clustered mode. -# Workers are forked web server processes. If using threads and workers together -# the concurrency of the application would be max `threads` * `workers`. -# Workers do not work on JRuby or Windows (both of which do not support -# processes). +# As a rule of thumb, increasing the number of threads will increase how much +# traffic a given process can handle (throughput), but due to CRuby's +# Global VM Lock (GVL) it has diminishing returns and will degrade the +# response time (latency) of the application. # -# workers ENV.fetch("WEB_CONCURRENCY") { 2 } - -# Use the `preload_app!` method when specifying a `workers` number. -# This directive tells Puma to first boot the application and load code -# before forking the application. This takes advantage of Copy On Write -# process behavior so workers use less memory. +# The default is set to 3 threads as it's deemed a decent compromise between +# throughput and latency for the average Rails application. # -# preload_app! +# Any libraries that use a connection pool or another resource pool should +# be configured to provide at least as many connections as the number of +# threads. This includes Active Record's `pool` parameter in `database.yml`. +threads_count = ENV.fetch("RAILS_MAX_THREADS", 3) +threads threads_count, threads_count -# Allow puma to be restarted by `rails restart` command. +# Specifies the `port` that Puma will listen on to receive requests; default is 3000. +port ENV.fetch("PORT", 3000) + +# Allow puma to be restarted by `bin/rails restart` command. plugin :tmp_restart + +# Specify the PID file. Defaults to tmp/pids/server.pid in development. +# In other environments, only set the PID file if requested. +pidfile ENV["PIDFILE"] if ENV["PIDFILE"] diff --git a/db/migrate/20241002095922_add_service_name_to_active_storage_blobs.active_storage.rb b/db/migrate/20241002095922_add_service_name_to_active_storage_blobs.active_storage.rb new file mode 100644 index 0000000000..64e0ee4380 --- /dev/null +++ b/db/migrate/20241002095922_add_service_name_to_active_storage_blobs.active_storage.rb @@ -0,0 +1,23 @@ +# This migration comes from active_storage (originally 20190112182829) +class AddServiceNameToActiveStorageBlobs < ActiveRecord::Migration[6.0] + def up + return unless table_exists?(:active_storage_blobs) + + unless column_exists?(:active_storage_blobs, :service_name) + add_column :active_storage_blobs, :service_name, :string + + configured_service = ActiveStorage::Blob.service.name + if configured_service + ActiveStorage::Blob.unscoped.update_all(service_name: configured_service) + end + + change_column :active_storage_blobs, :service_name, :string, null: false + end + end + + def down + return unless table_exists?(:active_storage_blobs) + + remove_column :active_storage_blobs, :service_name + end +end diff --git a/db/migrate/20241002095923_create_active_storage_variant_records.active_storage.rb b/db/migrate/20241002095923_create_active_storage_variant_records.active_storage.rb new file mode 100644 index 0000000000..95fd27fa6d --- /dev/null +++ b/db/migrate/20241002095923_create_active_storage_variant_records.active_storage.rb @@ -0,0 +1,28 @@ +# This migration comes from active_storage (originally 20191206030411) +class CreateActiveStorageVariantRecords < ActiveRecord::Migration[6.0] + def change + return unless table_exists?(:active_storage_blobs) + + # Use Active Record's configured type for primary key + create_table :active_storage_variant_records, id: primary_key_type, if_not_exists: true do |t| + t.belongs_to :blob, null: false, index: false, type: blobs_primary_key_type + t.string :variation_digest, null: false + + t.index %i[blob_id variation_digest], name: "index_active_storage_variant_records_uniqueness", unique: true + t.foreign_key :active_storage_blobs, column: :blob_id + end + end + + private + + def primary_key_type + config = Rails.configuration.generators + config.options[config.orm][:primary_key_type] || :primary_key + end + + def blobs_primary_key_type + pkey_name = connection.primary_key(:active_storage_blobs) + pkey_column = connection.columns(:active_storage_blobs).find { |c| c.name == pkey_name } + pkey_column.bigint? ? :bigint : pkey_column.type + end +end diff --git a/db/migrate/20241002095924_remove_not_null_on_active_storage_blobs_checksum.active_storage.rb b/db/migrate/20241002095924_remove_not_null_on_active_storage_blobs_checksum.active_storage.rb new file mode 100644 index 0000000000..93c8b85ade --- /dev/null +++ b/db/migrate/20241002095924_remove_not_null_on_active_storage_blobs_checksum.active_storage.rb @@ -0,0 +1,8 @@ +# This migration comes from active_storage (originally 20211119233751) +class RemoveNotNullOnActiveStorageBlobsChecksum < ActiveRecord::Migration[6.0] + def change + return unless table_exists?(:active_storage_blobs) + + change_column_null(:active_storage_blobs, :checksum, true) + end +end diff --git a/db/schema.rb b/db/schema.rb index dd2ee7941c..5705b4527f 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -70,7 +70,7 @@ t.text "metadata" t.string "service_name", null: false t.bigint "byte_size", null: false - t.string "checksum", null: false + t.string "checksum" t.datetime "created_at", precision: nil, null: false t.index ["key"], name: "index_active_storage_blobs_on_key", unique: true end diff --git a/public/robots.txt b/public/robots.txt index 2fbab211d0..f212c1a144 100644 --- a/public/robots.txt +++ b/public/robots.txt @@ -1,4 +1,4 @@ -# See http://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file +# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file # # Incompatibilité avec balise noindex ? https://developers.google.com/search/docs/advanced/crawling/remove-information?visit_id=637529589118073605-2322335355&rd=1#if-the-information-still-exists-on-the-web User-agent: Googlebot