diff --git a/.gitignore b/.gitignore index 9325b449..8cf65c3a 100644 --- a/.gitignore +++ b/.gitignore @@ -29,3 +29,5 @@ yarn-debug.log* # Ignore any local gitignore files .gitignore_local + +/config/master.key diff --git a/.rubocop.yml b/.rubocop.yml index 7f238c04..46a30a58 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -12,6 +12,7 @@ AllCops: - 'node_modules/**/*' DisplayCopNames: true TargetRubyVersion: 3.0 + NewCops: disable Layout/LineLength: Enabled: false diff --git a/Gemfile b/Gemfile index ff6c198c..1119c6f4 100644 --- a/Gemfile +++ b/Gemfile @@ -2,13 +2,13 @@ source 'https://rubygems.org' ruby '3.2.2' -gem 'rails', '~> 6.1.7' +gem 'rails', '~> 7.0' gem 'pg' gem 'puma' gem 'bcrypt' gem 'bugsnag' -gem 'createsend', '~> 5.1.1' +gem 'createsend' gem 'decent_exposure' gem 'devise' gem 'icalendar' @@ -22,6 +22,7 @@ gem 'sassc' gem 'validates_email_format_of' gem 'warden' # use for auth gem 'webpacker', '6.0.0.rc.6' +gem 'sprockets-rails' # as of Rails 7.0, this is optional group :production do gem 'rails_12factor' diff --git a/Gemfile.lock b/Gemfile.lock index 4f3713b0..196598ad 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -11,69 +11,86 @@ GIT GEM remote: https://rubygems.org/ specs: - actioncable (6.1.7.6) - actionpack (= 6.1.7.6) - activesupport (= 6.1.7.6) + actioncable (7.1.2) + actionpack (= 7.1.2) + activesupport (= 7.1.2) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (6.1.7.6) - actionpack (= 6.1.7.6) - activejob (= 6.1.7.6) - activerecord (= 6.1.7.6) - activestorage (= 6.1.7.6) - activesupport (= 6.1.7.6) + zeitwerk (~> 2.6) + actionmailbox (7.1.2) + actionpack (= 7.1.2) + activejob (= 7.1.2) + activerecord (= 7.1.2) + activestorage (= 7.1.2) + activesupport (= 7.1.2) mail (>= 2.7.1) - actionmailer (6.1.7.6) - actionpack (= 6.1.7.6) - actionview (= 6.1.7.6) - activejob (= 6.1.7.6) - activesupport (= 6.1.7.6) + net-imap + net-pop + net-smtp + actionmailer (7.1.2) + actionpack (= 7.1.2) + actionview (= 7.1.2) + activejob (= 7.1.2) + activesupport (= 7.1.2) mail (~> 2.5, >= 2.5.4) - rails-dom-testing (~> 2.0) - actionpack (6.1.7.6) - actionview (= 6.1.7.6) - activesupport (= 6.1.7.6) - rack (~> 2.0, >= 2.0.9) + net-imap + net-pop + net-smtp + rails-dom-testing (~> 2.2) + actionpack (7.1.2) + actionview (= 7.1.2) + activesupport (= 7.1.2) + nokogiri (>= 1.8.5) + racc + rack (>= 2.2.4) + rack-session (>= 1.0.1) rack-test (>= 0.6.3) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (6.1.7.6) - actionpack (= 6.1.7.6) - activerecord (= 6.1.7.6) - activestorage (= 6.1.7.6) - activesupport (= 6.1.7.6) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + actiontext (7.1.2) + actionpack (= 7.1.2) + activerecord (= 7.1.2) + activestorage (= 7.1.2) + activesupport (= 7.1.2) + globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (6.1.7.6) - activesupport (= 6.1.7.6) + actionview (7.1.2) + activesupport (= 7.1.2) builder (~> 3.1) - erubi (~> 1.4) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.1, >= 1.2.0) - activejob (6.1.7.6) - activesupport (= 6.1.7.6) + erubi (~> 1.11) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + activejob (7.1.2) + activesupport (= 7.1.2) globalid (>= 0.3.6) - activemodel (6.1.7.6) - activesupport (= 6.1.7.6) - activerecord (6.1.7.6) - activemodel (= 6.1.7.6) - activesupport (= 6.1.7.6) - activestorage (6.1.7.6) - actionpack (= 6.1.7.6) - activejob (= 6.1.7.6) - activerecord (= 6.1.7.6) - activesupport (= 6.1.7.6) + activemodel (7.1.2) + activesupport (= 7.1.2) + activerecord (7.1.2) + activemodel (= 7.1.2) + activesupport (= 7.1.2) + timeout (>= 0.4.0) + activestorage (7.1.2) + actionpack (= 7.1.2) + activejob (= 7.1.2) + activerecord (= 7.1.2) + activesupport (= 7.1.2) marcel (~> 1.0) - mini_mime (>= 1.1.0) - activesupport (6.1.7.6) + activesupport (7.1.2) + base64 + bigdecimal concurrent-ruby (~> 1.0, >= 1.0.2) + connection_pool (>= 2.2.5) + drb i18n (>= 1.6, < 2) minitest (>= 5.1) + mutex_m tzinfo (~> 2.0) - zeitwerk (~> 2.3) addressable (2.8.6) public_suffix (>= 2.0.2, < 6.0) ast (2.4.2) + base64 (0.2.0) bcrypt (3.1.20) + bigdecimal (3.1.5) bindex (0.8.1) bugsnag (6.26.0) concurrent-ruby (~> 1.0) @@ -92,10 +109,11 @@ GEM simplecov coderay (1.1.3) concurrent-ruby (1.2.2) + connection_pool (2.4.1) crack (0.4.5) rexml crass (1.0.6) - createsend (5.1.1) + createsend (6.1.0) hashie (~> 3.0) httparty (~> 0.14) json (>= 1.0) @@ -112,6 +130,8 @@ GEM warden (~> 1.2.3) diff-lcs (1.5.0) docile (1.4.0) + drb (2.2.0) + ruby2_keywords erubi (1.12.0) factory_bot (6.4.2) activesupport (>= 5.0.0) @@ -150,6 +170,10 @@ GEM inline_svg (1.9.0) activesupport (>= 3.0) nokogiri (>= 1.6) + io-console (0.7.0) + irb (1.10.1) + rdoc + reline (>= 0.3.8) jbuilder (2.11.5) actionview (>= 5.0.0) activesupport (>= 5.0.0) @@ -190,6 +214,7 @@ GEM mini_portile2 (2.8.5) minitest (5.20.0) multi_xml (0.6.0) + mutex_m (0.2.0) nenv (0.3.0) net-imap (0.4.8) date @@ -204,6 +229,10 @@ GEM nokogiri (1.15.5) mini_portile2 (~> 2.8.2) racc (~> 1.4) + nokogiri (1.15.5-arm64-darwin) + racc (~> 1.4) + nokogiri (1.15.5-x86_64-linux) + racc (~> 1.4) notiffany (0.1.3) nenv (~> 0.1) shellany (~> 0.0) @@ -229,31 +258,37 @@ GEM pry (>= 0.13, < 0.15) pry-rails (0.3.9) pry (>= 0.10.4) + psych (5.1.1.1) + stringio public_suffix (5.0.4) puma (6.4.0) nio4r (~> 2.0) pygmentize (0.0.3) racc (1.7.3) - rack (2.2.8) + rack (3.0.8) rack-proxy (0.7.7) rack + rack-session (2.0.0) + rack (>= 3.0.0) rack-test (2.1.0) rack (>= 1.3) - rails (6.1.7.6) - actioncable (= 6.1.7.6) - actionmailbox (= 6.1.7.6) - actionmailer (= 6.1.7.6) - actionpack (= 6.1.7.6) - actiontext (= 6.1.7.6) - actionview (= 6.1.7.6) - activejob (= 6.1.7.6) - activemodel (= 6.1.7.6) - activerecord (= 6.1.7.6) - activestorage (= 6.1.7.6) - activesupport (= 6.1.7.6) + rackup (2.1.0) + rack (>= 3) + webrick (~> 1.8) + rails (7.1.2) + actioncable (= 7.1.2) + actionmailbox (= 7.1.2) + actionmailer (= 7.1.2) + actionpack (= 7.1.2) + actiontext (= 7.1.2) + actionview (= 7.1.2) + activejob (= 7.1.2) + activemodel (= 7.1.2) + activerecord (= 7.1.2) + activestorage (= 7.1.2) + activesupport (= 7.1.2) bundler (>= 1.15.0) - railties (= 6.1.7.6) - sprockets-rails (>= 2.0.0) + railties (= 7.1.2) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) @@ -270,19 +305,25 @@ GEM rails_stdout_logging rails_serve_static_assets (0.0.5) rails_stdout_logging (0.0.5) - railties (6.1.7.6) - actionpack (= 6.1.7.6) - activesupport (= 6.1.7.6) - method_source + railties (7.1.2) + actionpack (= 7.1.2) + activesupport (= 7.1.2) + irb + rackup (>= 1.0.0) rake (>= 12.2) - thor (~> 1.0) + thor (~> 1.0, >= 1.2.2) + zeitwerk (~> 2.6) rainbow (3.1.1) rake (13.1.0) rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) + rdoc (6.6.1) + psych (>= 4.0.0) redcarpet (3.6.0) regexp_parser (2.8.3) + reline (0.4.1) + io-console (~> 0.5) responders (3.1.1) actionpack (>= 5.2) railties (>= 5.2) @@ -330,6 +371,7 @@ GEM rubocop (>= 1.33.0, < 2.0) rubocop-ast (>= 1.30.0, < 2.0) ruby-progressbar (1.13.0) + ruby2_keywords (0.0.5) sassc (2.4.0) ffi (~> 1.9) semantic_range (3.0.0) @@ -353,6 +395,7 @@ GEM actionpack (>= 5.2) activesupport (>= 5.2) sprockets (>= 3.0.0) + stringio (3.1.0) thor (1.3.0) timeout (0.4.1) tzinfo (2.0.6) @@ -376,6 +419,7 @@ GEM rack-proxy (>= 0.6.1) railties (>= 5.2) semantic_range (>= 2.3.0) + webrick (1.8.1) websocket-driver (0.7.6) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) @@ -384,7 +428,9 @@ GEM zeitwerk (2.6.12) PLATFORMS + arm64-darwin-22 ruby + x86_64-linux DEPENDENCIES bcrypt @@ -393,7 +439,7 @@ DEPENDENCIES capybara capybara-email! codeclimate-test-reporter - createsend (~> 5.1.1) + createsend decent_exposure devise factory_bot_rails @@ -411,7 +457,7 @@ DEPENDENCIES pry-rails puma pygmentize - rails (~> 6.1.7) + rails (~> 7.0) rails-controller-testing rails_12factor redcarpet @@ -424,6 +470,7 @@ DEPENDENCIES spring spring-commands-rspec spring-watcher-listen + sprockets-rails tzinfo-data validates_email_format_of warden @@ -435,4 +482,4 @@ RUBY VERSION ruby 3.2.2p53 BUNDLED WITH - 2.4.21 + 2.5.1 diff --git a/app/lib/mailing_list.rb b/app/lib/mailing_list.rb index aae3563b..0bea1dee 100644 --- a/app/lib/mailing_list.rb +++ b/app/lib/mailing_list.rb @@ -13,6 +13,10 @@ def self.all @all ||= LISTS.collect { |name| new name } end + def self.each(...) + all.each(...) + end + def initialize(name) @name = name end diff --git a/app/lib/mailing_list/create_webhooks.rb b/app/lib/mailing_list/create_webhooks.rb index 30f70248..48314835 100644 --- a/app/lib/mailing_list/create_webhooks.rb +++ b/app/lib/mailing_list/create_webhooks.rb @@ -2,7 +2,7 @@ class MailingList::CreateWebhooks def self.call - MailingList.all.each do |list| + MailingList.each do |list| new(list).call end end diff --git a/app/lib/mailing_list/setup.rb b/app/lib/mailing_list/setup.rb index 563e6660..ec57a4bc 100644 --- a/app/lib/mailing_list/setup.rb +++ b/app/lib/mailing_list/setup.rb @@ -2,7 +2,7 @@ class MailingList::Setup def self.call(user) - MailingList.all.each do |list| + MailingList.each do |list| new(user, list).call end end diff --git a/app/lib/mailing_list/sync.rb b/app/lib/mailing_list/sync.rb index a26f76ea..282da0f6 100644 --- a/app/lib/mailing_list/sync.rb +++ b/app/lib/mailing_list/sync.rb @@ -2,7 +2,7 @@ class MailingList::Sync def self.call - MailingList.all.each do |list| + MailingList.each do |list| new(list).call end end diff --git a/app/models/user.rb b/app/models/user.rb index ae7fd504..c468fc51 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -61,22 +61,18 @@ def set_up_mailing_list_flags def subscribe_to_lists return if skip_subscriptions - # rubocop:disable Rails/FindEach - MailingList.all.each do |list| + MailingList.each do |list| next unless mailing_lists[list.name] == "true" MailingList::Subscribe.call self, list end - # rubocop:enable Rails/FindEach end def update_mailing_list_email_addresses - # rubocop:disable Rails/FindEach - MailingList.all.each do |list| + MailingList.each do |list| next unless mailing_lists[list.name] == "true" MailingList::Update.call self, list end - # rubocop:enable Rails/FindEach end end diff --git a/app/views/devise/registrations/new.html.erb b/app/views/devise/registrations/new.html.erb index b3c660a0..946abdf3 100644 --- a/app/views/devise/registrations/new.html.erb +++ b/app/views/devise/registrations/new.html.erb @@ -85,7 +85,7 @@
You can choose to subscribe to news about each of our major events. If you are already subscribed to any of these lists, those subscriptions will be honoured.
- <% MailingList.all.each do |list| %> + <% MailingList.each do |list| %>
<%= hidden_field_tag "user[mailing_lists][#{list.name}]", "false" %> diff --git a/app/views/my/details/edit.html.erb b/app/views/my/details/edit.html.erb index 76f79fb1..4ca2557c 100644 --- a/app/views/my/details/edit.html.erb +++ b/app/views/my/details/edit.html.erb @@ -59,7 +59,7 @@
Mailing Lists - <% MailingList.all.each do |list| %> + <% MailingList.each do |list| %>
<%= hidden_field_tag "user[mailing_lists][#{list.name}]", "false" %> diff --git a/bin/rails b/bin/rails index 21d3e02d..efc03774 100755 --- a/bin/rails +++ b/bin/rails @@ -1,5 +1,4 @@ #!/usr/bin/env ruby -load File.expand_path("spring", __dir__) -APP_PATH = File.expand_path('../config/application', __dir__) +APP_PATH = File.expand_path("../config/application", __dir__) require_relative "../config/boot" require "rails/commands" diff --git a/bin/rake b/bin/rake index 7327f471..4fbf10b9 100755 --- a/bin/rake +++ b/bin/rake @@ -1,5 +1,4 @@ #!/usr/bin/env ruby -load File.expand_path("spring", __dir__) require_relative "../config/boot" require "rake" Rake.application.run diff --git a/bin/setup b/bin/setup index 2d33af1a..e3cd0725 100755 --- a/bin/setup +++ b/bin/setup @@ -1,36 +1,37 @@ #!/usr/bin/env ruby -require 'fileutils' +require "fileutils" # path to your application root. -APP_ROOT = File.expand_path('..', __dir__) +APP_ROOT = File.expand_path("..", __dir__) def system!(*args) - system(*args) || abort("\n== Command #{args} failed ==") + system(*args, exception: true) end FileUtils.chdir APP_ROOT do - # This script is a way to setup or update your development environment automatically. - # This script is idempotent, so that you can run it at anytime and get an expectable outcome. + # This script is a way to set up or update your development environment automatically. + # This script is idempotent, so that you can run it at any time and get an expectable outcome. # Add necessary setup steps to this file. - puts '== Installing dependencies ==' - system! 'gem install bundler --conservative' - system('bundle check') || system!('bundle install') - - # Install JavaScript dependencies - system('bin/yarn') + puts "== Installing dependencies ==" + system! "gem install bundler --conservative" + system("bundle check") || system!("bundle install") # puts "\n== Copying sample files ==" - # unless File.exist?('config/database.yml') - # FileUtils.cp 'config/database.yml.sample', 'config/database.yml' + # unless File.exist?("config/database.yml") + # FileUtils.cp "config/database.yml.sample", "config/database.yml" # end + # Install JavaScript dependencies + puts "== Installing JS packages ==" + system('bin/yarn') + puts "\n== Preparing database ==" - system! 'bin/rails db:prepare' + system! "bin/rails db:prepare" puts "\n== Removing old logs and tempfiles ==" - system! 'bin/rails log:clear tmp:clear' + system! "bin/rails log:clear tmp:clear" puts "\n== Restarting application server ==" - system! 'bin/rails restart' + system! "bin/rails restart" end diff --git a/config/application.rb b/config/application.rb index c6cd1a80..c4d4f74c 100644 --- a/config/application.rb +++ b/config/application.rb @@ -1,14 +1,18 @@ -require_relative 'boot' +require_relative "boot" require "rails" # Pick the frameworks you want: require "active_model/railtie" require "active_job/railtie" require "active_record/railtie" +# require "active_storage/engine" require "action_controller/railtie" require "action_mailer/railtie" +# require "action_mailbox/engine" +# require "action_text/engine" require "action_view/railtie" -require "sprockets/railtie" +# require "action_cable/engine" +# require "rails/test_unit/railtie" # Require the gems listed in Gemfile, including any gems # you've limited to :test, :development, or :production. @@ -16,12 +20,19 @@ module RubyAu class Application < Rails::Application - config.load_defaults 6.1 + # Initialize configuration defaults for originally generated Rails version. + config.load_defaults 7.0 + + # Please, add to the `ignore` list any other `lib` subdirectories that do + # not contain `.rb` files, or that should not be reloaded or eager loaded. + # Common ones are `templates`, `generators`, or `middleware`, for example. + config.autoload_lib(ignore: %w(assets tasks)) + + # Configuration for the application, engines, and railties goes here. + # + # These settings can be overridden in specific environments using the files + # in config/environments, which are processed later. - # Settings in config/environments/* take precedence over those specified here. - # Application configuration can go into files in config/initializers - # -- all .rb files in that directory are automatically loaded after loading - # the framework and any gems in your application. config.eager_load_paths += %W(#{config.root}/lib) config.generators do |g| @@ -30,5 +41,11 @@ class Application < Rails::Application end config.generators.javascript_engine = :js + + config.time_zone = "Australia/Melbourne" + # config.eager_load_paths << Rails.root.join("extras") + + # Don't generate system test files. + config.generators.system_tests = nil end end diff --git a/config/boot.rb b/config/boot.rb index 30f5120d..28201161 100644 --- a/config/boot.rb +++ b/config/boot.rb @@ -1,3 +1,3 @@ -ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) +ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__) -require 'bundler/setup' # Set up gems listed in the Gemfile. +require "bundler/setup" # Set up gems listed in the Gemfile. diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc new file mode 100644 index 00000000..7619e472 --- /dev/null +++ b/config/credentials.yml.enc @@ -0,0 +1 @@ +MPLyVtmJNBXuPsGjWnzORORsTI34xs1LCyoaQk7R5fUNOWsPisO+pbSaQK5LeBtLpyslRVNaS2x30n2SAQtpo2WW4TaSXemxEcpJZhArWvnNSxfzeys1cyLET3qHxurmN6hjW09PZRevYwaED3512WUugzR95WJ4jmJS3alV2bdOdNxwFadT+PUc/pQ0bN8ZYzp5rw6oAKvZHVAdAE1nspEy02HEWZ8PvF0NUeb7UP15rG5zgdfuqnO05U3JaGrAyWS3kknDPRWsRMaoX+rDzYeAjH2JcRTt8yeqF2QFtolUyxFEhOAIPK9AI4seyYttMhdEqPo/O5SABxnrmfbi4pkEGm96Fy5/FPMS03BNmxeRIWXAmWOV8XxaVSi2Xm9B9UR6xA+tdxGlA9al95cntlU2shGE5cMBFajffnLevuPtL0lAEKRdLDoKEwh6Kk1SuYh86KNjkJg7cfj0R20G7IxEwNuwT8/9cMc/t6cmNe9fgCNmFkZy7dboLaQ4z6WPIagWTPFyKwBKbydml8bgd5zVcIyfCGe+avGuVGMdZoPRtjOVtULz8N15veV0/h+XAmjrxwO3x305te4jrepIgjzdQEoCLOgIflVkLTmTKGEbLOZhOcKJEFOLHiShuYbTc4aN7lvB4L/WtwV2iLVLyq1/qMzUbTKIVhsTly7dQew4PWHPmOOJUEfbPJ/HXQrtdIgYYT7DaEPbpPaFqrNFUkJQFk/Sc8jl1aWeZBKz6TqPiDyoytc/bK/JduxP0p/jhZm4XSqBuP/UVoT1lnQGYitf490jFhk1Wsz1wNp4SEL+5nsE5EtiovD+t3qbBMlXEde85pcUnwNOgVDl1I5sA5qDGErmVQPvkq1JTN4nZGS7OlXB2wUsudIg0Bc5azwo8EFB8lmmXz6ZspLrzqbQtktQ7pXSy+9tkQEE87Z58qaOvxTwxWqBb0D0NaDlrKKiWuDW+StFUaydwgd3M7WEmuhfJREhXW8YXlXpRXVLZS+/aMe62XTYDDnJnRju834ZZtNg9EgFaLRIiTNyGpQjFrJIIXKebhD1fOJUodr6gXve/BuZQs+7AAxfBX2M3JfHrklTzLEkkwBpJI0T2y+z0tT0DMGh2UPS7tFPv/KURTYXVJtB4WSfek+wyzZyzxWnNjEN/k5/CffMdzYgsFPsfN+5mwUeE8hJk7Wpn6KIRymbinSYD85xHay0+WVxsPzH5FkOkAkFVz/7Epcfsj52n8ZUwmDPztozww==--kZ+bRIF8O4z0WHi+--04DXyP7pMOsiiM+bEsdYow== \ No newline at end of file diff --git a/config/environment.rb b/config/environment.rb index 426333bb..cac53157 100644 --- a/config/environment.rb +++ b/config/environment.rb @@ -1,5 +1,5 @@ # Load the Rails application. -require_relative 'application' +require_relative "application" # Initialize the Rails application. Rails.application.initialize! diff --git a/config/environments/development.rb b/config/environments/development.rb index a4225605..08dddecc 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -1,14 +1,12 @@ require "active_support/core_ext/integer/time" Rails.application.configure do - # Verifies that versions and hashed value of the package contents in the project's package.json - config.webpacker.check_yarn_integrity = true - # Settings specified here will take precedence over those in config/application.rb. - # In the development environment your application's code is reloaded on - # every request. This slows down response time but is perfect for development + # In the development environment your application's code is reloaded any time + # it changes. This slows down response time but is perfect for development # since you don't have to restart the web server when you make code changes. + config.enable_reloading = true config.cache_classes = false # Do not eager load code on boot. @@ -17,21 +15,22 @@ # Show full error reports. config.consider_all_requests_local = true + # Enable server timing + config.server_timing = true + # Enable/disable caching. By default caching is disabled. # Run rails dev:cache to toggle caching. - if Rails.root.join('tmp/caching-dev.txt').exist? + if Rails.root.join("tmp/caching-dev.txt").exist? config.action_controller.perform_caching = true config.action_controller.enable_fragment_cache_logging = true config.cache_store = :memory_store config.public_file_server.headers = { - 'Cache-Control' => "public, max-age=#{2.days.to_i}" + "Cache-Control" => "public, max-age=#{2.days.to_i}" } else config.action_controller.perform_caching = false - config.action_mailer.perform_caching = false - config.cache_store = :null_store end @@ -66,28 +65,18 @@ # number of complex assets. config.assets.debug = true + # Highlight code that enqueued background job in logs. + config.active_job.verbose_enqueue_logs = true + # Suppress logger output for asset requests. config.assets.quiet = true - # Asset digests allow you to set far-future HTTP expiration dates on all assets, - # yet still be able to expire them through the digest params. - config.assets.digest = true - - # Adds additional error checking when serving assets at runtime. - # Checks for improperly declared sprockets dependencies. - # Raises helpful error messages. - config.assets.raise_runtime_errors = true - # Raises error for missing translations. # config.i18n.raise_on_missing_translations = true # Annotate rendered view with file names. # config.action_view.annotate_rendered_view_with_filenames = true - # Use an evented file watcher to asynchronously detect changes in source code, - # routes, locales, etc. This feature depends on the listen gem. - config.file_watcher = ActiveSupport::EventedFileUpdateChecker - - # Uncomment if you wish to allow Action Cable access from any origin. - # config.action_cable.disable_request_forgery_protection = true + # Raise error when a before_action's only/except options reference missing actions + config.action_controller.raise_on_missing_callback_actions = true end diff --git a/config/environments/production.rb b/config/environments/production.rb index 078025c4..096e73bd 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -1,14 +1,13 @@ require "active_support/core_ext/integer/time" Rails.application.configure do + # Settings specified here will take precedence over those in config/application.rb. + # Verifies that versions and hashed value of the package contents in the project's package.json config.webpacker.check_yarn_integrity = false - # Settings specified here will take precedence over those in - # config/application.rb. - # Code is not reloaded between requests. - config.cache_classes = true + config.enable_reloading = false # Eager load code on boot. This eager loads most of Rails and # your application in memory, allowing both threaded web servers @@ -17,64 +16,56 @@ config.eager_load = true # Full error reports are disabled and caching is turned on. - config.consider_all_requests_local = false + config.consider_all_requests_local = false config.action_controller.perform_caching = true - # Disable serving static files from the `/public` folder by default since - # Apache or NGINX already handles this. - config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? + # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment + # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files). + # config.require_master_key = true + + # Disable serving static files from `public/`, relying on NGINX/Apache to do so instead. + # config.public_file_server.enabled = false - # Compress JavaScripts and CSS. - # config.assets.js_compressor = :uglifier + # Compress CSS using a preprocessor. # config.assets.css_compressor = :sass # Do not fallback to assets pipeline if a precompiled asset is missed. config.assets.compile = false - # Asset digests allow you to set far-future HTTP expiration dates on all - # assets, - # yet still be able to expire them through the digest params. - config.assets.digest = true - - # `config.assets.precompile` and `config.assets.version` have moved to - # config/initializers/assets.rb - # Enable serving of images, stylesheets, and JavaScripts from an asset server. - # config.action_controller.asset_host = 'http://assets.example.com' + # config.asset_host = "http://assets.example.com" # Specifies the header that your server uses for sending files. - # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache - # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX - - # Action Cable endpoint configuration - # config.action_cable.url = 'wss://example.com/cable' - # config.action_cable.allowed_request_origins = [ - # 'http://example.com', - # /http:\/\/example.*/ - # ] + # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache + # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX + + # Assume all access to the app is happening through a SSL-terminating reverse proxy. + # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies. + # config.assume_ssl = true # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. config.force_ssl = true - # Use the lowest log level to ensure availability of diagnostic information - # when problems arise. - config.log_level = :info + # Log to STDOUT by default + config.logger = ActiveSupport::Logger.new($stdout) + .tap { |logger| logger.formatter = ::Logger::Formatter.new } + .then { |logger| ActiveSupport::TaggedLogging.new(logger) } # Prepend all log lines with the following tags. config.log_tags = [:request_id] - # Use a different logger for distributed setups. - # require 'syslog/logger' - # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name') - - config.logger = ActiveSupport::TaggedLogging.new(Logger.new($stdout)) if ENV["RAILS_LOG_TO_STDOUT"].present? + # Info include generic and useful information about system operation, but avoids logging too much + # information to avoid inadvertent exposure of personally identifiable information (PII). If you + # want to log everything, set the level to "debug". + config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info") # Use a different cache store in production. # config.cache_store = :mem_cache_store - # Use a real queuing backend for Active Job (and separate queues per environment) - # config.active_job.queue_adapter = :resque - # config.active_job.queue_name_prefix = "ruby_au_#{Rails.env}" + # Use a real queuing backend for Active Job (and separate queues per environment). + # config.active_job.queue_adapter = :resque + # config.active_job.queue_name_prefix = "ruby_au_production" + config.action_mailer.perform_caching = false # Ignore bad email addresses and do not raise email delivery errors. @@ -85,52 +76,12 @@ # the I18n.default_locale when a translation cannot be found). config.i18n.fallbacks = true - # Send deprecation notices to registered listeners. - config.active_support.deprecation = :notify - - # Log disallowed deprecations. - config.active_support.disallowed_deprecation = :log - - # Tell Active Support which deprecation messages to disallow. - config.active_support.disallowed_deprecation_warnings = [] - - # Use default logging formatter so that PID and timestamp are not suppressed. - config.log_formatter = ::Logger::Formatter.new - - # Use a different logger for distributed setups. - # require 'syslog/logger' - # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name') - - if ENV["RAILS_LOG_TO_STDOUT"].present? - logger = ActiveSupport::Logger.new($stdout) - logger.formatter = config.log_formatter - config.logger = ActiveSupport::TaggedLogging.new(logger) - end + # Don't log any deprecations. + config.active_support.report_deprecations = false # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false - # Inserts middleware to perform automatic connection switching. - # The `database_selector` hash is used to pass options to the DatabaseSelector - # middleware. The `delay` is used to determine how long to wait after a write - # to send a subsequent read to the primary. - # - # The `database_resolver` class is used by the middleware to determine which - # database is appropriate to use based on the time delay. - # - # The `database_resolver_context` class is used by the middleware to set - # timestamps for the last write to the primary. The resolver uses the context - # class timestamps to determine how long to wait before reading from the - # replica. - # - # By default Rails will store a last write timestamp in the session. The - # DatabaseSelector middleware is designed as such you can define your own - # strategy for connection switching and pass that into the middleware through - # these configuration options. - # config.active_record.database_selector = { delay: 2.seconds } - # config.active_record.database_resolver = ActiveRecord::Middleware::DatabaseSelector::Resolver - # config.active_record.database_resolver_context = ActiveRecord::Middleware::DatabaseSelector::Resolver::Session - config.action_mailer.default_url_options = { host: 'ruby.org.au' } config.action_mailer.delivery_method = :smtp config.action_mailer.perform_deliveries = true @@ -143,4 +94,12 @@ authentication: :plain, enable_starttls_auto: true } + + # Enable DNS rebinding protection and other `Host` header attacks. + # config.hosts = [ + # "example.com", # Allow requests from example.com + # /.*\.example\.com/ # Allow requests from subdomains like `www.example.com` + # ] + # Skip DNS rebinding protection for the default health check endpoint. + # config.host_authorization = { exclude: ->(request) { request.path == "/up" } } end diff --git a/config/environments/test.rb b/config/environments/test.rb index 02320c9c..1683481c 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -1,41 +1,41 @@ +require "active_support/core_ext/integer/time" + # The test environment is used exclusively to run your application's # test suite. You never need to work with it otherwise. Remember that # your test database is "scratch space" for the test suite and is wiped # and recreated between test runs. Don't rely on the data there! -require "active_support/core_ext/integer/time" - Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. + # While tests run files are not watched, reloading is not necessary. + config.enable_reloading = false config.cache_classes = false config.action_view.cache_template_loading = true - # Do not eager load code on boot. This avoids loading your whole application - # just for the purpose of running a single test. If you are using a tool that - # preloads Rails for running tests, you may have to set it to true. - config.eager_load = false + # Eager loading loads your entire application. When running a single test locally, + # this is usually not necessary, and can slow down your test suite. However, it's + # recommended that you enable it in continuous integration systems to ensure eager + # loading is working properly before deploying your code. + config.eager_load = ENV["CI"].present? # Configure public file server for tests with Cache-Control for performance. config.public_file_server.enabled = true config.public_file_server.headers = { - 'Cache-Control' => "public, max-age=#{1.hour.to_i}" + "Cache-Control" => "public, max-age=#{1.hour.to_i}" } # Show full error reports and disable caching. - config.consider_all_requests_local = true + config.consider_all_requests_local = true config.action_controller.perform_caching = false config.cache_store = :null_store - # Raise exceptions instead of rendering exception templates. - config.action_dispatch.show_exceptions = false + # Render exception templates for rescuable exceptions and raise for other exceptions. + config.action_dispatch.show_exceptions = :rescuable # Disable request forgery protection in test environment. config.action_controller.allow_forgery_protection = false - # Raise strong parameter errors. - config.action_controller.action_on_unpermitted_parameters = :raise - config.action_mailer.perform_caching = false # Tell Action Mailer not to deliver emails to the real world. @@ -60,4 +60,7 @@ # Annotate rendered view with file names. # config.action_view.annotate_rendered_view_with_filenames = true + + # Raise error when a before_action's only/except options reference missing actions + config.action_controller.raise_on_missing_callback_actions = true end diff --git a/config/initializers/assets.rb b/config/initializers/assets.rb index 4b828e80..f400e075 100644 --- a/config/initializers/assets.rb +++ b/config/initializers/assets.rb @@ -1,10 +1,11 @@ # Be sure to restart your server when you modify this file. # Version of your assets, change this if you want to expire all your assets. -Rails.application.config.assets.version = '1.0' +Rails.application.config.assets.version = "1.0" # Add additional assets to the asset load path. # Rails.application.config.assets.paths << Emoji.images_path + # Add Yarn node_modules folder to the asset load path. Rails.application.config.assets.paths << Rails.root.join('node_modules') diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 35d0f26f..b3076b38 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -1,30 +1,25 @@ # Be sure to restart your server when you modify this file. -# Define an application-wide content security policy -# For further information see the following documentation -# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy +# Define an application-wide content security policy. +# See the Securing Rails Applications Guide for more information: +# https://guides.rubyonrails.org/security.html#content-security-policy-header -# Rails.application.config.content_security_policy do |policy| -# policy.default_src :self, :https -# policy.font_src :self, :https, :data -# policy.img_src :self, :https, :data -# policy.object_src :none -# policy.script_src :self, :https -# policy.style_src :self, :https -# # If you are using webpack-dev-server then specify webpack-dev-server host -# policy.connect_src :self, :https, "http://localhost:3035", "ws://localhost:3035" if Rails.env.development? - -# # Specify URI for violation reports -# # policy.report_uri "/csp-violation-report-endpoint" +# Rails.application.configure do +# config.content_security_policy do |policy| +# policy.default_src :self, :https +# policy.font_src :self, :https, :data +# policy.img_src :self, :https, :data +# policy.object_src :none +# policy.script_src :self, :https +# policy.style_src :self, :https +# # Specify URI for violation reports +# # policy.report_uri "/csp-violation-report-endpoint" +# end +# +# # Generate session nonces for permitted importmap, inline scripts, and inline styles. +# config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s } +# config.content_security_policy_nonce_directives = %w(script-src style-src) +# +# # Report violations without enforcing the policy. +# # config.content_security_policy_report_only = true # end - -# If you are using UJS then enable automatic nonce generation -# Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) } - -# Set the nonce only to specific directives -# Rails.application.config.content_security_policy_nonce_directives = %w(script-src) - -# Report CSP violations to a specified URI -# For further information see the following documentation: -# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only -# Rails.application.config.content_security_policy_report_only = true diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb index 3b1c1b5e..0c5dd99a 100644 --- a/config/initializers/cors.rb +++ b/config/initializers/cors.rb @@ -1,15 +1,15 @@ # Be sure to restart your server when you modify this file. # Avoid CORS issues when API is called from the frontend app. -# Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin AJAX requests. +# Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin Ajax requests. # Read more: https://github.com/cyu/rack-cors # Rails.application.config.middleware.insert_before 0, Rack::Cors do # allow do -# origins 'example.com' +# origins "example.com" # -# resource '*', +# resource "*", # headers: :any, # methods: [:get, :post, :put, :patch, :delete, :options, :head] # end diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb index 4b34a036..c2d89e28 100644 --- a/config/initializers/filter_parameter_logging.rb +++ b/config/initializers/filter_parameter_logging.rb @@ -1,6 +1,8 @@ # Be sure to restart your server when you modify this file. -# Configure sensitive parameters which will be filtered from the log file. +# Configure parameters to be partially matched (e.g. passw matches password) and filtered from the log file. +# Use this to limit dissemination of sensitive information. +# See the ActiveSupport::ParameterFilter documentation for supported notations and behaviors. Rails.application.config.filter_parameters += [ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn ] diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb index ac033bf9..3860f659 100644 --- a/config/initializers/inflections.rb +++ b/config/initializers/inflections.rb @@ -4,13 +4,13 @@ # are locale specific, and you may define rules for as many different # locales as you wish. All of these examples are active by default: # ActiveSupport::Inflector.inflections(:en) do |inflect| -# inflect.plural /^(ox)$/i, '\1en' -# inflect.singular /^(ox)en/i, '\1' -# inflect.irregular 'person', 'people' +# inflect.plural /^(ox)$/i, "\\1en" +# inflect.singular /^(ox)en/i, "\\1" +# inflect.irregular "person", "people" # inflect.uncountable %w( fish sheep ) # end # These inflection rules are supported but not enabled by default: # ActiveSupport::Inflector.inflections(:en) do |inflect| -# inflect.acronym 'RESTful' +# inflect.acronym "RESTful" # end diff --git a/config/initializers/new_framework_defaults_7_1.rb b/config/initializers/new_framework_defaults_7_1.rb new file mode 100644 index 00000000..e39bd17a --- /dev/null +++ b/config/initializers/new_framework_defaults_7_1.rb @@ -0,0 +1,279 @@ +# Be sure to restart your server when you modify this file. +# +# This file eases your Rails 7.1 framework defaults upgrade. +# +# Uncomment each configuration one by one to switch to the new default. +# Once your application is ready to run with all new defaults, you can remove +# this file and set the `config.load_defaults` to `7.1`. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. +# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html + +### +# No longer add autoloaded paths into `$LOAD_PATH`. This means that you won't be able +# to manually require files that are managed by the autoloader, which you shouldn't do anyway. +# +# This will reduce the size of the load path, making `require` faster if you don't use bootsnap, or reduce the size +# of the bootsnap cache if you use it. +#++ +# Rails.application.config.add_autoload_paths_to_load_path = false + +### +# Remove the default X-Download-Options headers since it is used only by Internet Explorer. +# If you need to support Internet Explorer, add back `"X-Download-Options" => "noopen"`. +#++ +# Rails.application.config.action_dispatch.default_headers = { +# "X-Frame-Options" => "SAMEORIGIN", +# "X-XSS-Protection" => "0", +# "X-Content-Type-Options" => "nosniff", +# "X-Permitted-Cross-Domain-Policies" => "none", +# "Referrer-Policy" => "strict-origin-when-cross-origin" +# } + +### +# Do not treat an `ActionController::Parameters` instance +# as equal to an equivalent `Hash` by default. +#++ +# Rails.application.config.action_controller.allow_deprecated_parameters_hash_equality = false + +### +# Active Record Encryption now uses SHA-256 as its hash digest algorithm. +# +# There are 3 scenarios to consider. +# +# 1. If you have data encrypted with previous Rails versions, and you have +# +config.active_support.key_generator_hash_digest_class+ configured as SHA1 (the default +# before Rails 7.0), you need to configure SHA-1 for Active Record Encryption too: +#++ +# Rails.application.config.active_record.encryption.hash_digest_class = OpenSSL::Digest::SHA1 +# +# 2. If you have +config.active_support.key_generator_hash_digest_class+ configured as SHA256 (the new default +# in 7.0), then you need to configure SHA-256 for Active Record Encryption: +#++ +# Rails.application.config.active_record.encryption.hash_digest_class = OpenSSL::Digest::SHA256 +# +# 3. If you don't currently have data encrypted with Active Record encryption, you can disable this setting to +# configure the default behavior starting 7.1+: +#++ +# Rails.application.config.active_record.encryption.support_sha1_for_non_deterministic_encryption = false + +### +# No longer run after_commit callbacks on the first of multiple Active Record +# instances to save changes to the same database row within a transaction. +# Instead, run these callbacks on the instance most likely to have internal +# state which matches what was committed to the database, typically the last +# instance to save. +#++ +# Rails.application.config.active_record.run_commit_callbacks_on_first_saved_instances_in_transaction = false + +### +# Configures SQLite with a strict strings mode, which disables double-quoted string literals. +# +# SQLite has some quirks around double-quoted string literals. +# It first tries to consider double-quoted strings as identifier names, but if they don't exist +# it then considers them as string literals. Because of this, typos can silently go unnoticed. +# For example, it is possible to create an index for a non existing column. +# See https://www.sqlite.org/quirks.html#double_quoted_string_literals_are_accepted for more details. +#++ +# Rails.application.config.active_record.sqlite3_adapter_strict_strings_by_default = true + +### +# Disable deprecated singular associations names. +#++ +# Rails.application.config.active_record.allow_deprecated_singular_associations_name = false + +### +# Enable the Active Job `BigDecimal` argument serializer, which guarantees +# roundtripping. Without this serializer, some queue adapters may serialize +# `BigDecimal` arguments as simple (non-roundtrippable) strings. +# +# When deploying an application with multiple replicas, old (pre-Rails 7.1) +# replicas will not be able to deserialize `BigDecimal` arguments from this +# serializer. Therefore, this setting should only be enabled after all replicas +# have been successfully upgraded to Rails 7.1. +#++ +# Rails.application.config.active_job.use_big_decimal_serializer = true + +### +# Specify if an `ArgumentError` should be raised if `Rails.cache` `fetch` or +# `write` are given an invalid `expires_at` or `expires_in` time. +# Options are `true`, and `false`. If `false`, the exception will be reported +# as `handled` and logged instead. +#++ +# Rails.application.config.active_support.raise_on_invalid_cache_expiration_time = true + +### +# Specify whether Query Logs will format tags using the SQLCommenter format +# (https://open-telemetry.github.io/opentelemetry-sqlcommenter/), or using the legacy format. +# Options are `:legacy` and `:sqlcommenter`. +#++ +# Rails.application.config.active_record.query_log_tags_format = :sqlcommenter + +### +# Specify the default serializer used by `MessageEncryptor` and `MessageVerifier` +# instances. +# +# The legacy default is `:marshal`, which is a potential vector for +# deserialization attacks in cases where a message signing secret has been +# leaked. +# +# In Rails 7.1, the new default is `:json_allow_marshal` which serializes and +# deserializes with `ActiveSupport::JSON`, but can fall back to deserializing +# with `Marshal` so that legacy messages can still be read. +# +# In Rails 7.2, the default will become `:json` which serializes and +# deserializes with `ActiveSupport::JSON` only. +# +# Alternatively, you can choose `:message_pack` or `:message_pack_allow_marshal`, +# which serialize with `ActiveSupport::MessagePack`. `ActiveSupport::MessagePack` +# can roundtrip some Ruby types that are not supported by JSON, and may provide +# improved performance, but it requires the `msgpack` gem. +# +# For more information, see +# https://guides.rubyonrails.org/v7.1/configuring.html#config-active-support-message-serializer +# +# If you are performing a rolling deploy of a Rails 7.1 upgrade, wherein servers +# that have not yet been upgraded must be able to read messages from upgraded +# servers, first deploy without changing the serializer, then set the serializer +# in a subsequent deploy. +#++ +# Rails.application.config.active_support.message_serializer = :json_allow_marshal + +### +# Enable a performance optimization that serializes message data and metadata +# together. This changes the message format, so messages serialized this way +# cannot be read by older versions of Rails. However, messages that use the old +# format can still be read, regardless of whether this optimization is enabled. +# +# To perform a rolling deploy of a Rails 7.1 upgrade, wherein servers that have +# not yet been upgraded must be able to read messages from upgraded servers, +# leave this optimization off on the first deploy, then enable it on a +# subsequent deploy. +#++ +# Rails.application.config.active_support.use_message_serializer_for_metadata = true + +### +# Set the maximum size for Rails log files. +# +# `config.load_defaults 7.1` does not set this value for environments other than +# development and test. +#++ +# if Rails.env.local? +# Rails.application.config.log_file_size = 100 * 1024 * 1024 +# end + +### +# Enable raising on assignment to attr_readonly attributes. The previous +# behavior would allow assignment but silently not persist changes to the +# database. +#++ +# Rails.application.config.active_record.raise_on_assign_to_attr_readonly = true + +### +# Enable validating only parent-related columns for presence when the parent is mandatory. +# The previous behavior was to validate the presence of the parent record, which performed an extra query +# to get the parent every time the child record was updated, even when parent has not changed. +#++ +# Rails.application.config.active_record.belongs_to_required_validates_foreign_key = false + +### +# Enable precompilation of `config.filter_parameters`. Precompilation can +# improve filtering performance, depending on the quantity and types of filters. +#++ +# Rails.application.config.precompile_filter_parameters = true + +### +# Enable before_committed! callbacks on all enrolled records in a transaction. +# The previous behavior was to only run the callbacks on the first copy of a record +# if there were multiple copies of the same record enrolled in the transaction. +#++ +# Rails.application.config.active_record.before_committed_on_all_records = true + +### +# Disable automatic column serialization into YAML. +# To keep the historic behavior, you can set it to `YAML`, however it is +# recommended to explicitly define the serialization method for each column +# rather than to rely on a global default. +#++ +# Rails.application.config.active_record.default_column_serializer = nil + +### +# Enable a performance optimization that serializes Active Record models +# in a faster and more compact way. +# +# To perform a rolling deploy of a Rails 7.1 upgrade, wherein servers that have +# not yet been upgraded must be able to read caches from upgraded servers, +# leave this optimization off on the first deploy, then enable it on a +# subsequent deploy. +#++ +# Rails.application.config.active_record.marshalling_format_version = 7.1 + +### +# Run `after_commit` and `after_*_commit` callbacks in the order they are defined in a model. +# This matches the behaviour of all other callbacks. +# In previous versions of Rails, they ran in the inverse order. +#++ +# Rails.application.config.active_record.run_after_transaction_callbacks_in_order_defined = true + +### +# Whether a `transaction` block is committed or rolled back when exited via `return`, `break` or `throw`. +#++ +# Rails.application.config.active_record.commit_transaction_on_non_local_return = true + +### +# Controls when to generate a value for has_secure_token declarations. +#++ +# Rails.application.config.active_record.generate_secure_token_on = :initialize + +### +# ** Please read carefully, this must be configured in config/application.rb ** +# +# Change the format of the cache entry. +# +# Changing this default means that all new cache entries added to the cache +# will have a different format that is not supported by Rails 7.0 +# applications. +# +# Only change this value after your application is fully deployed to Rails 7.1 +# and you have no plans to rollback. +# When you're ready to change format, add this to `config/application.rb` (NOT +# this file): +# config.active_support.cache_format_version = 7.1 + +### +# Configure Action View to use HTML5 standards-compliant sanitizers when they are supported on your +# platform. +# +# `Rails::HTML::Sanitizer.best_supported_vendor` will cause Action View to use HTML5-compliant +# sanitizers if they are supported, else fall back to HTML4 sanitizers. +# +# In previous versions of Rails, Action View always used `Rails::HTML4::Sanitizer` as its vendor. +#++ +# Rails.application.config.action_view.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor + +### +# Configure Action Text to use an HTML5 standards-compliant sanitizer when it is supported on your +# platform. +# +# `Rails::HTML::Sanitizer.best_supported_vendor` will cause Action Text to use HTML5-compliant +# sanitizers if they are supported, else fall back to HTML4 sanitizers. +# +# In previous versions of Rails, Action Text always used `Rails::HTML4::Sanitizer` as its vendor. +#++ +# Rails.application.config.action_text.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor + +### +# Configure the log level used by the DebugExceptions middleware when logging +# uncaught exceptions during requests. +#++ +# Rails.application.config.action_dispatch.debug_exception_log_level = :error + +### +# Configure the test helpers in Action View, Action Dispatch, and rails-dom-testing to use HTML5 +# parsers. +# +# Nokogiri::HTML5 isn't supported on JRuby, so JRuby applications must set this to :html4. +# +# In previous versions of Rails, these test helpers always used an HTML4 parser. +#++ +# Rails.application.config.dom_testing_default_html_version = :html5 diff --git a/config/initializers/permissions_policy.rb b/config/initializers/permissions_policy.rb index 00f64d71..7db3b957 100644 --- a/config/initializers/permissions_policy.rb +++ b/config/initializers/permissions_policy.rb @@ -1,11 +1,13 @@ +# Be sure to restart your server when you modify this file. + # Define an application-wide HTTP permissions policy. For further -# information see https://developers.google.com/web/updates/2018/06/feature-policy -# -# Rails.application.config.permissions_policy do |f| -# f.camera :none -# f.gyroscope :none -# f.microphone :none -# f.usb :none -# f.fullscreen :self -# f.payment :self, "https://secure.example.com" +# information see: https://developers.google.com/web/updates/2018/06/feature-policy + +# Rails.application.config.permissions_policy do |policy| +# policy.camera :none +# policy.gyroscope :none +# policy.microphone :none +# policy.usb :none +# policy.fullscreen :self +# policy.payment :self, "https://secure.example.com" # end diff --git a/lib/tasks/users.rake b/lib/tasks/users.rake index 7283b17c..2d44e5cc 100644 --- a/lib/tasks/users.rake +++ b/lib/tasks/users.rake @@ -3,7 +3,7 @@ namespace :users do task unsubscribe_spammers: :environment do User.unconfirmed.subscribed_to_any_list.each do |user| - MailingList.all.each do |list| + MailingList.each do |list| next unless user.mailing_lists[list.name] == "true" begin diff --git a/spec/controllers/pages_controller_spec.rb b/spec/controllers/pages_controller_spec.rb index d3db3342..d9a30f51 100644 --- a/spec/controllers/pages_controller_spec.rb +++ b/spec/controllers/pages_controller_spec.rb @@ -13,11 +13,11 @@ end describe "on GET to /committee-members" do - before { get :show, params: { id: "committee-members.html" } } + before { get :show, params: { id: "committee-members" } } it "responds with success and render template" do expect(response).to be_successful - expect(response).to render_template("committee-members.html") + expect(response).to render_template("committee-members") end end diff --git a/spec/features/committee_imports_members_spec.rb b/spec/features/committee_imports_members_spec.rb index 32862fe9..1d620358 100644 --- a/spec/features/committee_imports_members_spec.rb +++ b/spec/features/committee_imports_members_spec.rb @@ -73,7 +73,7 @@ scenario "accepts an invitation" do stub_request( - :get, %r{https://api.createsend.com/api/v3.2/subscribers/.*\.json} + :get, %r{https://api.createsend.com/api/v3.3/subscribers/.*\.json} ).and_return( body: JSON.dump("State" => "Active"), headers: { "Content-Type" => "application/json" } @@ -97,7 +97,7 @@ expect( a_request( - :get, %r{https://api.createsend.com/api/v3.2/subscribers/.*\.json} + :get, %r{https://api.createsend.com/api/v3.3/subscribers/.*\.json} ) ).to have_been_made.times(MailingList.all.length) @@ -113,7 +113,7 @@ scenario "accepts an invitation without a provided name" do stub_request( - :get, %r{https://api.createsend.com/api/v3.2/subscribers/.*\.json} + :get, %r{https://api.createsend.com/api/v3.3/subscribers/.*\.json} ).and_return( body: JSON.dump("State" => "Active"), headers: { "Content-Type" => "application/json" } @@ -138,7 +138,7 @@ expect( a_request( - :get, %r{https://api.createsend.com/api/v3.2/subscribers/.*\.json} + :get, %r{https://api.createsend.com/api/v3.3/subscribers/.*\.json} ) ).to have_been_made.times(MailingList.all.length) diff --git a/spec/features/committee_manages_list_webhooks_spec.rb b/spec/features/committee_manages_list_webhooks_spec.rb index 0f94f316..c9178e59 100644 --- a/spec/features/committee_manages_list_webhooks_spec.rb +++ b/spec/features/committee_manages_list_webhooks_spec.rb @@ -4,15 +4,15 @@ RSpec.feature "Committee manages list webhooks", type: :request do scenario "registering webhooks" do - MailingList.all.each do |list| - stub_request(:post, "https://api.createsend.com/api/v3.2/lists/#{list.api_id}/webhooks.json") + MailingList.each do |list| + stub_request(:post, "https://api.createsend.com/api/v3.3/lists/#{list.api_id}/webhooks.json") end MailingList::CreateWebhooks.call - MailingList.all.each do |list| + MailingList.each do |list| expect( - a_request(:post, "https://api.createsend.com/api/v3.2/lists/#{list.api_id}/webhooks.json") + a_request(:post, "https://api.createsend.com/api/v3.3/lists/#{list.api_id}/webhooks.json") ).to have_been_made end end diff --git a/spec/features/committee_sychronises_mailing_lists_spec.rb b/spec/features/committee_sychronises_mailing_lists_spec.rb index 98d09604..f27f31cc 100644 --- a/spec/features/committee_sychronises_mailing_lists_spec.rb +++ b/spec/features/committee_sychronises_mailing_lists_spec.rb @@ -10,7 +10,7 @@ jules = FactoryBot.create :user stub_request( - :get, %r{https://api.createsend.com/api/v3.2/lists/conf-key/active.json} + :get, %r{https://api.createsend.com/api/v3.3/lists/conf-key/active.json} ).to_return( body: JSON.dump( { @@ -26,7 +26,7 @@ ) stub_request( - :get, %r{https://api.createsend.com/api/v3.2/lists/girls-key/active.json} + :get, %r{https://api.createsend.com/api/v3.3/lists/girls-key/active.json} ).to_return( body: JSON.dump( { @@ -42,7 +42,7 @@ ) stub_request( - :get, %r{https://api.createsend.com/api/v3.2/lists/camp-key/active.json} + :get, %r{https://api.createsend.com/api/v3.3/lists/camp-key/active.json} ).to_return( body: JSON.dump( { diff --git a/spec/features/user_confirms_email_spec.rb b/spec/features/user_confirms_email_spec.rb index 8e44e575..bfac468d 100644 --- a/spec/features/user_confirms_email_spec.rb +++ b/spec/features/user_confirms_email_spec.rb @@ -11,21 +11,21 @@ scenario "by clicking the link in an email" do stub_request( - :get, %r{https://api.createsend.com/api/v3.2/subscribers/camp-key.json} + :get, %r{https://api.createsend.com/api/v3.3/subscribers/camp-key.json} ).and_return( body: JSON.dump("State" => "Active"), headers: { "Content-Type" => "application/json" } ) stub_request( - :get, %r{https://api.createsend.com/api/v3.2/subscribers/conf-key.json} + :get, %r{https://api.createsend.com/api/v3.3/subscribers/conf-key.json} ).and_return( body: JSON.dump("State" => "Unsubscribed"), headers: { "Content-Type" => "application/json" } ) stub_request( - :get, %r{https://api.createsend.com/api/v3.2/subscribers/girls-key.json} + :get, %r{https://api.createsend.com/api/v3.3/subscribers/girls-key.json} ).and_return( status: 400, body: JSON.dump("Code" => 203, "Message" => "Subscriber not in list"), @@ -33,7 +33,7 @@ ) stub_request( - :post, "https://api.createsend.com/api/v3.2/subscribers/camp-key.json" + :post, "https://api.createsend.com/api/v3.3/subscribers/camp-key.json" ) user @@ -56,7 +56,7 @@ expect( a_request( - :post, "https://api.createsend.com/api/v3.2/subscribers/camp-key.json" + :post, "https://api.createsend.com/api/v3.3/subscribers/camp-key.json" ) ).to have_been_made.once end diff --git a/spec/features/user_edits_details_spec.rb b/spec/features/user_edits_details_spec.rb index 64eacc28..73acbd82 100644 --- a/spec/features/user_edits_details_spec.rb +++ b/spec/features/user_edits_details_spec.rb @@ -12,10 +12,10 @@ user.update mailing_lists: { "RubyConf AU" => "true" } new_email = 'bigbunnyfoofoo@gmail.com' stub_request( - :post, %r{https://api.createsend.com/api/v3.2/subscribers/conf-key.json} + :post, %r{https://api.createsend.com/api/v3.3/subscribers/conf-key.json} ) stub_request( - :put, %r{https://api.createsend.com/api/v3.2/subscribers/conf-key.json} + :put, %r{https://api.createsend.com/api/v3.3/subscribers/conf-key.json} ) click_on 'Edit' @@ -40,14 +40,14 @@ expect( a_request( - :post, %r{https://api.createsend.com/api/v3.2/subscribers/conf-key.json} + :post, %r{https://api.createsend.com/api/v3.3/subscribers/conf-key.json} ) ).to have_been_made end scenario "subscribing to a mailing list" do stub_request( - :post, "https://api.createsend.com/api/v3.2/subscribers/girls-key.json" + :post, "https://api.createsend.com/api/v3.3/subscribers/girls-key.json" ) click_on "Edit" @@ -60,7 +60,7 @@ expect( a_request( - :post, "https://api.createsend.com/api/v3.2/subscribers/girls-key.json" + :post, "https://api.createsend.com/api/v3.3/subscribers/girls-key.json" ) ).to have_been_made.once end @@ -68,7 +68,7 @@ scenario "unsubscribing from a mailing list" do user.update mailing_lists: { "RailsGirls" => "true" } stub_request( - :post, "https://api.createsend.com/api/v3.2/subscribers/girls-key/unsubscribe.json" + :post, "https://api.createsend.com/api/v3.3/subscribers/girls-key/unsubscribe.json" ) click_on "Edit" @@ -81,7 +81,7 @@ expect( a_request( - :post, "https://api.createsend.com/api/v3.2/subscribers/girls-key/unsubscribe.json" + :post, "https://api.createsend.com/api/v3.3/subscribers/girls-key/unsubscribe.json" ) ).to have_been_made.once end diff --git a/tailwind.config.js b/tailwind.config.js index 62dfdaf3..6bee1d6e 100644 --- a/tailwind.config.js +++ b/tailwind.config.js @@ -8,4 +8,9 @@ module.exports = { extend: {}, }, plugins: [], + content: [ + "./app/views/**/*.html.erb", + "./app/helpers/**/*.rb", + "./app/javascript/**/*.js", + ], } diff --git a/yarn.lock b/yarn.lock index f4a8e111..7542b66a 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1176,9 +1176,9 @@ "@types/estree" "*" "@types/eslint@*": - version "8.44.8" - resolved "https://registry.yarnpkg.com/@types/eslint/-/eslint-8.44.8.tgz#f4fe1dab9b3d3dd98082d4b9f80e59ab40f1261c" - integrity sha512-4K8GavROwhrYl2QXDXm0Rv9epkA8GBFu0EI+XrrnnuCl7u8CWBRusX7fXJfanhZTDWSAL24gDI/UqXyUM0Injw== + version "8.44.9" + resolved "https://registry.yarnpkg.com/@types/eslint/-/eslint-8.44.9.tgz#5799663009645637bd1c45b2e1a7c8f4caf89534" + integrity sha512-6yBxcvwnnYoYT1Uk2d+jvIfsuP4mb2EdIxFnrPABj5a/838qe5bGkNLFOiipX4ULQ7XVQvTxOh7jO+BTAiqsEw== dependencies: "@types/estree" "*" "@types/json-schema" "*" @@ -1832,9 +1832,9 @@ caniuse-api@^3.0.0: lodash.uniq "^4.5.0" caniuse-lite@^1.0.0, caniuse-lite@^1.0.30000981, caniuse-lite@^1.0.30001109, caniuse-lite@^1.0.30001538, caniuse-lite@^1.0.30001565: - version "1.0.30001568" - resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001568.tgz#53fa9297273c9a977a560663f48cbea1767518b7" - integrity sha512-vSUkH84HontZJ88MiNrOau1EBrCqEQYgkC5gIySiDlpsm8sGVrhU7Kx4V6h0tnqaHzIHZv08HlJIwPbL4XL9+A== + version "1.0.30001570" + resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001570.tgz#b4e5c1fa786f733ab78fc70f592df6b3f23244ca" + integrity sha512-+3e0ASu4sw1SWaoCtvPeyXp+5PsjigkSt8OXZbF9StH5pQWbxEjLAZE3n8Aup5udop1uRiKA7a4utUk/uoSpUw== chalk@^2.4.2: version "2.4.2" @@ -2500,9 +2500,9 @@ ee-first@1.1.1: integrity sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow== electron-to-chromium@^1.4.601: - version "1.4.610" - resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.4.610.tgz#e17b22203f4aa2e1ed77759c720546d95a51186f" - integrity sha512-mqi2oL1mfeHYtOdCxbPQYV/PL7YrQlxbvFEZ0Ee8GbDdShimqt2/S6z2RWqysuvlwdOrQdqvE0KZrBTipAeJzg== + version "1.4.614" + resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.4.614.tgz#2fe789d61fa09cb875569f37c309d0c2701f91c0" + integrity sha512-X4ze/9Sc3QWs6h92yerwqv7aB/uU8vCjZcrMjA8N9R1pjMFRe44dLsck5FzLilOYvcXuDn93B+bpGYyufc70gQ== emojis-list@^3.0.0: version "3.0.0" @@ -4673,9 +4673,9 @@ regenerate@^1.4.2: integrity sha512-zrceR/XhGYU/d/opr2EKO7aRHUeiBI8qjtfHqADTwZd6Szfy16la6kqD0MIUs5z5hx6AaKa+PixpPrR289+I0A== regenerator-runtime@^0.14.0: - version "0.14.0" - resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.14.0.tgz#5e19d68eb12d486f797e15a3c6a918f7cec5eb45" - integrity sha512-srw17NI0TUWHuGa5CFGGmhfNIeja30WMBfbslPNhf6JrqQlLN5gcrvig1oqPxiVaXb0oW0XRKtH6Nngs5lKCIA== + version "0.14.1" + resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.14.1.tgz#356ade10263f685dda125100cd862c1db895327f" + integrity sha512-dYnhHh0nJoMfnkZs6GmmhFknAGRrLznOu5nc9ML+EJxGvrx6H7teuevqVqCuPcPK//3eDrrjQhehXVx9cnkGdw== regenerator-transform@^0.15.2: version "0.15.2" @@ -5637,9 +5637,9 @@ wrappy@1: integrity sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ== ws@^8.13.0: - version "8.15.0" - resolved "https://registry.yarnpkg.com/ws/-/ws-8.15.0.tgz#db080a279260c5f532fc668d461b8346efdfcf86" - integrity sha512-H/Z3H55mrcrgjFwI+5jKavgXvwQLtfPCUEp6pi35VhoB0pfcHnSoyuTzkBEZpzq49g1193CUEwIvmsjcotenYw== + version "8.15.1" + resolved "https://registry.yarnpkg.com/ws/-/ws-8.15.1.tgz#271ba33a45ca0cc477940f7f200cd7fba7ee1997" + integrity sha512-W5OZiCjXEmk0yZ66ZN82beM5Sz7l7coYxpRkzS+p9PP+ToQry8szKh+61eNktr7EA9DOwvFGhfC605jDHbP6QQ== xmldoc@^1.1.2: version "1.3.0"