forked from ontoportal/ontoportal_web_ui
-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #302 from ncbo/refactor/rails-7-upgrade/297
Upgrade Rails from 6.1.7.3 to 7.0.8
Showing
20 changed files
with
396 additions
and
322 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
#!/usr/bin/env ruby | ||
APP_PATH = File.expand_path('../config/application', __dir__) | ||
APP_PATH = File.expand_path("../config/application", __dir__) | ||
require_relative "../config/boot" | ||
require "rails/commands" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,3 @@ | ||
ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) | ||
ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__) | ||
|
||
require "bundler/setup" # Set up gems listed in the Gemfile. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,30 +1,25 @@ | ||
# Be sure to restart your server when you modify this file. | ||
|
||
# Define an application-wide content security policy | ||
# For further information see the following documentation | ||
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy | ||
# Define an application-wide content security policy. | ||
# See the Securing Rails Applications Guide for more information: | ||
# https://guides.rubyonrails.org/security.html#content-security-policy-header | ||
|
||
# Rails.application.config.content_security_policy do |policy| | ||
# policy.default_src :self, :https | ||
# policy.font_src :self, :https, :data | ||
# policy.img_src :self, :https, :data | ||
# policy.object_src :none | ||
# policy.script_src :self, :https | ||
# policy.style_src :self, :https | ||
# # If you are using webpack-dev-server then specify webpack-dev-server host | ||
# policy.connect_src :self, :https, "http://localhost:3035", "ws://localhost:3035" if Rails.env.development? | ||
|
||
# # Specify URI for violation reports | ||
# # policy.report_uri "/csp-violation-report-endpoint" | ||
# Rails.application.configure do | ||
# config.content_security_policy do |policy| | ||
# policy.default_src :self, :https | ||
# policy.font_src :self, :https, :data | ||
# policy.img_src :self, :https, :data | ||
# policy.object_src :none | ||
# policy.script_src :self, :https | ||
# policy.style_src :self, :https | ||
# # Specify URI for violation reports | ||
# # policy.report_uri "/csp-violation-report-endpoint" | ||
# end | ||
# | ||
# # Generate session nonces for permitted importmap and inline scripts | ||
# config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s } | ||
# config.content_security_policy_nonce_directives = %w(script-src) | ||
# | ||
# # Report violations without enforcing the policy. | ||
# # config.content_security_policy_report_only = true | ||
# end | ||
|
||
# If you are using UJS then enable automatic nonce generation | ||
# Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) } | ||
|
||
# Set the nonce only to specific directives | ||
# Rails.application.config.content_security_policy_nonce_directives = %w(script-src) | ||
|
||
# Report CSP violations to a specified URI | ||
# For further information see the following documentation: | ||
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only | ||
# Rails.application.config.content_security_policy_report_only = true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
Rails.application.config.after_initialize do | ||
Rails.application.config.action_dispatch.cookies_rotations.tap do |cookies| | ||
authenticated_encrypted_cookie_salt = Rails.application.config.action_dispatch.authenticated_encrypted_cookie_salt | ||
signed_cookie_salt = Rails.application.config.action_dispatch.signed_cookie_salt | ||
|
||
secret_key_base = Rails.application.secret_key_base | ||
|
||
key_generator = ActiveSupport::KeyGenerator.new( | ||
secret_key_base, iterations: 1000, hash_digest_class: OpenSSL::Digest::SHA1 | ||
) | ||
key_len = ActiveSupport::MessageEncryptor.key_len | ||
|
||
old_encrypted_secret = key_generator.generate_key(authenticated_encrypted_cookie_salt, key_len) | ||
old_signed_secret = key_generator.generate_key(signed_cookie_salt) | ||
|
||
cookies.rotate :encrypted, old_encrypted_secret | ||
cookies.rotate :signed, old_signed_secret | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,8 @@ | ||
# Be sure to restart your server when you modify this file. | ||
|
||
# Configure sensitive parameters which will be filtered from the log file. | ||
# Configure parameters to be filtered from the log file. Use this to limit dissemination of | ||
# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported | ||
# notations and behaviors. | ||
Rails.application.config.filter_parameters += [ | ||
:passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn | ||
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,143 @@ | ||
# Be sure to restart your server when you modify this file. | ||
# | ||
# This file eases your Rails 7.0 framework defaults upgrade. | ||
# | ||
# Uncomment each configuration one by one to switch to the new default. | ||
# Once your application is ready to run with all new defaults, you can remove | ||
# this file and set the `config.load_defaults` to `7.0`. | ||
# | ||
# Read the Guide for Upgrading Ruby on Rails for more info on each option. | ||
# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html | ||
|
||
# `button_to` view helper will render `<button>` element, regardless of whether | ||
# or not the content is passed as the first argument or as a block. | ||
Rails.application.config.action_view.button_to_generates_button_tag = true | ||
|
||
# `stylesheet_link_tag` view helper will not render the media attribute by default. | ||
Rails.application.config.action_view.apply_stylesheet_media_default = false | ||
|
||
# Change the digest class for the key generators to `OpenSSL::Digest::SHA256`. | ||
# Changing this default means invalidate all encrypted messages generated by | ||
# your application and, all the encrypted cookies. Only change this after you | ||
# rotated all the messages using the key rotator. | ||
# | ||
# See upgrading guide for more information on how to build a rotator. | ||
# https://guides.rubyonrails.org/v7.0/upgrading_ruby_on_rails.html | ||
# Rails.application.config.active_support.key_generator_hash_digest_class = OpenSSL::Digest::SHA256 | ||
|
||
# Change the digest class for ActiveSupport::Digest. | ||
# Changing this default means that for example Etags change and | ||
# various cache keys leading to cache invalidation. | ||
Rails.application.config.active_support.hash_digest_class = OpenSSL::Digest::SHA256 | ||
|
||
# Don't override ActiveSupport::TimeWithZone.name and use the default Ruby | ||
# implementation. | ||
Rails.application.config.active_support.remove_deprecated_time_with_zone_name = true | ||
|
||
# Calls `Rails.application.executor.wrap` around test cases. | ||
# This makes test cases behave closer to an actual request or job. | ||
# Several features that are normally disabled in test, such as Active Record query cache | ||
# and asynchronous queries will then be enabled. | ||
Rails.application.config.active_support.executor_around_test_case = true | ||
|
||
# Set both the `:open_timeout` and `:read_timeout` values for `:smtp` delivery method. | ||
Rails.application.config.action_mailer.smtp_timeout = 5 | ||
|
||
# The ActiveStorage video previewer will now use scene change detection to generate | ||
# better preview images (rather than the previous default of using the first frame | ||
# of the video). | ||
Rails.application.config.active_storage.video_preview_arguments = | ||
"-vf 'select=eq(n\\,0)+eq(key\\,1)+gt(scene\\,0.015),loop=loop=-1:size=2,trim=start_frame=1' -frames:v 1 -f image2" | ||
|
||
# Automatically infer `inverse_of` for associations with a scope. | ||
Rails.application.config.active_record.automatic_scope_inversing = true | ||
|
||
# Raise when running tests if fixtures contained foreign key violations | ||
Rails.application.config.active_record.verify_foreign_keys_for_fixtures = true | ||
|
||
# Disable partial inserts. | ||
# This default means that all columns will be referenced in INSERT queries | ||
# regardless of whether they have a default or not. | ||
Rails.application.config.active_record.partial_inserts = false | ||
|
||
# Protect from open redirect attacks in `redirect_back_or_to` and `redirect_to`. | ||
Rails.application.config.action_controller.raise_on_open_redirects = true | ||
|
||
# Change the variant processor for Active Storage. | ||
# Changing this default means updating all places in your code that | ||
# generate variants to use image processing macros and ruby-vips | ||
# operations. See the upgrading guide for detail on the changes required. | ||
# The `:mini_magick` option is not deprecated; it's fine to keep using it. | ||
Rails.application.config.active_storage.variant_processor = :vips | ||
|
||
# Enable parameter wrapping for JSON. | ||
# Previously this was set in an initializer. It's fine to keep using that initializer if you've customized it. | ||
# To disable parameter wrapping entirely, set this config to `false`. | ||
Rails.application.config.action_controller.wrap_parameters_by_default = true | ||
|
||
# Specifies whether generated namespaced UUIDs follow the RFC 4122 standard for namespace IDs provided as a | ||
# `String` to `Digest::UUID.uuid_v3` or `Digest::UUID.uuid_v5` method calls. | ||
# | ||
# See https://guides.rubyonrails.org/configuring.html#config-active-support-use-rfc4122-namespaced-uuids for | ||
# more information. | ||
Rails.application.config.active_support.use_rfc4122_namespaced_uuids = true | ||
|
||
# Change the default headers to disable browsers' flawed legacy XSS protection. | ||
Rails.application.config.action_dispatch.default_headers = { | ||
"X-Frame-Options" => "SAMEORIGIN", | ||
"X-XSS-Protection" => "0", | ||
"X-Content-Type-Options" => "nosniff", | ||
"X-Download-Options" => "noopen", | ||
"X-Permitted-Cross-Domain-Policies" => "none", | ||
"Referrer-Policy" => "strict-origin-when-cross-origin" | ||
} | ||
|
||
|
||
# ** Please read carefully, this must be configured in config/application.rb ** | ||
# Change the format of the cache entry. | ||
# Changing this default means that all new cache entries added to the cache | ||
# will have a different format that is not supported by Rails 6.1 applications. | ||
# Only change this value after your application is fully deployed to Rails 7.0 | ||
# and you have no plans to rollback. | ||
# When you're ready to change format, add this to `config/application.rb` (NOT this file): | ||
# config.active_support.cache_format_version = 7.0 | ||
|
||
|
||
# Cookie serializer: 2 options | ||
# | ||
# If you're upgrading and haven't set `cookies_serializer` previously, your cookie serializer | ||
# is `:marshal`. The default for new apps is `:json`. | ||
# | ||
# Rails.application.config.action_dispatch.cookies_serializer = :json | ||
# | ||
# | ||
# To migrate an existing application to the `:json` serializer, use the `:hybrid` option. | ||
# | ||
# Rails transparently deserializes existing (Marshal-serialized) cookies on read and | ||
# re-writes them in the JSON format. | ||
# | ||
# It is fine to use `:hybrid` long term; you should do that until you're confident *all* your cookies | ||
# have been converted to JSON. To keep using `:hybrid` long term, move this config to its own | ||
# initializer or to `config/application.rb`. | ||
# | ||
# Rails.application.config.action_dispatch.cookies_serializer = :hybrid | ||
# | ||
# | ||
# If your cookies can't yet be serialized to JSON, keep using `:marshal` for backward-compatibility. | ||
# | ||
# If you have configured the serializer elsewhere, you can remove this section of the file. | ||
# | ||
# See https://guides.rubyonrails.org/action_controller_overview.html#cookies for more information. | ||
|
||
# Change the return value of `ActionDispatch::Request#content_type` to the Content-Type header without modification. | ||
Rails.application.config.action_dispatch.return_only_request_media_type_on_content_type = false | ||
|
||
# Active Storage `has_many_attached` relationships will default to replacing the current collection instead of appending to it. | ||
# Thus, to support submitting an empty collection, the `file_field` helper will render an hidden field `include_hidden` by default when `multiple_file_field_include_hidden` is set to `true`. | ||
# See https://guides.rubyonrails.org/configuring.html#config-active-storage-multiple-file-field-include-hidden for more information. | ||
Rails.application.config.active_storage.multiple_file_field_include_hidden = true | ||
|
||
# ** Please read carefully, this must be configured in config/application.rb (NOT this file) ** | ||
# Disables the deprecated #to_s override in some Ruby core classes | ||
# See https://guides.rubyonrails.org/configuring.html#config-active-support-disable-to-s-conversion for more information. | ||
# config.active_support.disable_to_s_conversion = true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
8 changes: 8 additions & 0 deletions
8
db/migrate/20231130210229_remove_not_null_on_active_storage_blobs_checksum.active_storage.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
# This migration comes from active_storage (originally 20211119233751) | ||
class RemoveNotNullOnActiveStorageBlobsChecksum < ActiveRecord::Migration[6.0] | ||
def change | ||
return unless table_exists?(:active_storage_blobs) | ||
|
||
change_column_null(:active_storage_blobs, :checksum, true) | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters