# HG changeset patch # User nanaya # Date 1571728650 -32400 # Node ID fd3078b4d355ac7542c165779bdad6cd2afcfc9e # Parent 722f4eccd370db31a4b7031afd21bc05e69531cc Update to latest rails diff -r 722f4eccd370 -r fd3078b4d355 Gemfile --- a/Gemfile Fri May 31 09:10:37 2019 +0900 +++ b/Gemfile Tue Oct 22 16:17:30 2019 +0900 @@ -1,6 +1,6 @@ source "https://rubygems.org" -gem "rails", "~> 5.2.0" +gem "rails", "~> 6.0.0" gem "jquery-rails" gem "coffee-rails" gem "bootstrap-sass" diff -r 722f4eccd370 -r fd3078b4d355 Gemfile.lock --- a/Gemfile.lock Fri May 31 09:10:37 2019 +0900 +++ b/Gemfile.lock Tue Oct 22 16:17:30 2019 +0900 @@ -2,54 +2,67 @@ remote: https://rubygems.org/ remote: https://rails-assets.org/ specs: - actioncable (5.2.3) - actionpack (= 5.2.3) + actioncable (6.0.0) + actionpack (= 6.0.0) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailer (5.2.3) - actionpack (= 5.2.3) - actionview (= 5.2.3) - activejob (= 5.2.3) + actionmailbox (6.0.0) + actionpack (= 6.0.0) + activejob (= 6.0.0) + activerecord (= 6.0.0) + activestorage (= 6.0.0) + activesupport (= 6.0.0) + mail (>= 2.7.1) + actionmailer (6.0.0) + actionpack (= 6.0.0) + actionview (= 6.0.0) + activejob (= 6.0.0) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (5.2.3) - actionview (= 5.2.3) - activesupport (= 5.2.3) + actionpack (6.0.0) + actionview (= 6.0.0) + activesupport (= 6.0.0) rack (~> 2.0) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (5.2.3) - activesupport (= 5.2.3) + rails-html-sanitizer (~> 1.0, >= 1.2.0) + actiontext (6.0.0) + actionpack (= 6.0.0) + activerecord (= 6.0.0) + activestorage (= 6.0.0) + activesupport (= 6.0.0) + nokogiri (>= 1.8.5) + actionview (6.0.0) + activesupport (= 6.0.0) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.0.3) - activejob (5.2.3) - activesupport (= 5.2.3) + rails-html-sanitizer (~> 1.1, >= 1.2.0) + activejob (6.0.0) + activesupport (= 6.0.0) globalid (>= 0.3.6) - activemodel (5.2.3) - activesupport (= 5.2.3) - activerecord (5.2.3) - activemodel (= 5.2.3) - activesupport (= 5.2.3) - arel (>= 9.0) - activerecord-jdbc-adapter (52.2-java) - activerecord (~> 5.2.0) - activerecord-jdbcpostgresql-adapter (52.2-java) - activerecord-jdbc-adapter (= 52.2) + activemodel (6.0.0) + activesupport (= 6.0.0) + activerecord (6.0.0) + activemodel (= 6.0.0) + activesupport (= 6.0.0) + activerecord-jdbc-adapter (50.0) + activerecord (>= 2.2) + activerecord-jdbcpostgresql-adapter (50.0) + activerecord-jdbc-adapter (~> 50.0) jdbc-postgres (>= 9.4, < 43) - activestorage (5.2.3) - actionpack (= 5.2.3) - activerecord (= 5.2.3) + activestorage (6.0.0) + actionpack (= 6.0.0) + activejob (= 6.0.0) + activerecord (= 6.0.0) marcel (~> 0.3.1) - activesupport (5.2.3) + activesupport (6.0.0) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) - arel (9.0.0) - autoprefixer-rails (9.5.1.1) + zeitwerk (~> 2.1, >= 2.1.8) + autoprefixer-rails (9.6.5) execjs bootstrap-sass (3.4.1) autoprefixer-rails (>= 5.2.1) @@ -63,22 +76,22 @@ execjs coffee-script-source (1.12.2) concurrent-ruby (1.1.5) - crass (1.0.4) - erubi (1.8.0) + crass (1.0.5) + erubi (1.9.0) execjs (2.7.0) ffi (1.11.1) ffi (1.11.1-java) globalid (0.4.2) activesupport (>= 4.2.0) - i18n (1.6.0) + i18n (1.7.0) concurrent-ruby (~> 1.0) - jdbc-postgres (42.1.4) - jquery-rails (4.3.3) + jdbc-postgres (42.2.6) + jquery-rails (4.3.5) rails-dom-testing (>= 1, < 3) railties (>= 4.2.0) thor (>= 0.14, < 2.0) jruby-openssl (0.10.2-java) - loofah (2.2.3) + loofah (2.3.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) mail (2.7.1) @@ -87,88 +100,86 @@ mimemagic (~> 0.3.2) method_source (0.9.2) mimemagic (0.3.3) - mini_mime (1.0.1) + mini_mime (1.0.2) mini_portile2 (2.4.0) - minitest (5.11.3) - newrelic_rpm (6.4.0.356) - nio4r (2.3.1) - nio4r (2.3.1-java) - nokogiri (1.10.3) + minitest (5.12.2) + newrelic_rpm (6.7.0.359) + nio4r (2.5.2) + nio4r (2.5.2-java) + nokogiri (1.10.4) mini_portile2 (~> 2.4.0) - nokogiri (1.10.3-java) + nokogiri (1.10.4-java) pg (1.1.4) - puma (3.12.1) - puma (3.12.1-java) + puma (4.2.1) + nio4r (~> 2.0) + puma (4.2.1-java) + nio4r (~> 2.0) rack (2.0.7) rack-test (1.1.0) rack (>= 1.0, < 3) - rails (5.2.3) - actioncable (= 5.2.3) - actionmailer (= 5.2.3) - actionpack (= 5.2.3) - actionview (= 5.2.3) - activejob (= 5.2.3) - activemodel (= 5.2.3) - activerecord (= 5.2.3) - activestorage (= 5.2.3) - activesupport (= 5.2.3) + rails (6.0.0) + actioncable (= 6.0.0) + actionmailbox (= 6.0.0) + actionmailer (= 6.0.0) + actionpack (= 6.0.0) + actiontext (= 6.0.0) + actionview (= 6.0.0) + activejob (= 6.0.0) + activemodel (= 6.0.0) + activerecord (= 6.0.0) + activestorage (= 6.0.0) + activesupport (= 6.0.0) bundler (>= 1.3.0) - railties (= 5.2.3) + railties (= 6.0.0) sprockets-rails (>= 2.0.0) rails-assets-commonmark (0.29.0) rails-assets-highlightjs (9.12.0) rails-dom-testing (2.0.3) activesupport (>= 4.2.0) nokogiri (>= 1.6) - rails-html-sanitizer (1.0.4) - loofah (~> 2.2, >= 2.2.2) - railties (5.2.3) - actionpack (= 5.2.3) - activesupport (= 5.2.3) + rails-html-sanitizer (1.3.0) + loofah (~> 2.3) + railties (6.0.0) + actionpack (= 6.0.0) + activesupport (= 6.0.0) method_source rake (>= 0.8.7) - thor (>= 0.19.0, < 2.0) - rake (12.3.2) - rb-fsevent (0.10.3) - rb-inotify (0.10.0) - ffi (~> 1.0) - sass (3.7.4) - sass-listen (~> 4.0.0) - sass-listen (4.0.0) - rb-fsevent (~> 0.9, >= 0.9.4) - rb-inotify (~> 0.9, >= 0.9.7) - sass-rails (5.0.7) - railties (>= 4.0.0, < 6) - sass (~> 3.1) - sprockets (>= 2.8, < 4.0) - sprockets-rails (>= 2.0, < 4.0) - tilt (>= 1.1, < 3) - sassc (2.0.1) + thor (>= 0.20.3, < 2.0) + rake (13.0.0) + sass-rails (6.0.0) + sassc-rails (~> 2.1, >= 2.1.1) + sassc (2.2.1) ffi (~> 1.9) - rake - sprockets (3.7.2) + sassc-rails (2.1.2) + railties (>= 4.0.0) + sassc (>= 2.0) + sprockets (> 3.0) + sprockets-rails + tilt + sprockets (4.0.0) concurrent-ruby (~> 1.0) rack (> 1, < 3) sprockets-rails (3.2.1) actionpack (>= 4.0) activesupport (>= 4.0) sprockets (>= 3.0.0) - therubyrhino (2.0.4) - therubyrhino_jar (>= 1.7.3) - therubyrhino_jar (1.7.6) + therubyrhino (2.1.2) + therubyrhino_jar (>= 1.7.4, < 1.7.9) + therubyrhino_jar (1.7.8) thor (0.20.3) thread_safe (0.3.6) thread_safe (0.3.6-java) - tilt (2.0.9) + tilt (2.0.10) tzinfo (1.2.5) thread_safe (~> 0.1) - uglifier (4.1.20) + uglifier (4.2.0) execjs (>= 0.3.0, < 3) - websocket-driver (0.7.0) + websocket-driver (0.7.1) websocket-extensions (>= 0.1.0) - websocket-driver (0.7.0-java) + websocket-driver (0.7.1-java) websocket-extensions (>= 0.1.0) - websocket-extensions (0.1.3) + websocket-extensions (0.1.4) + zeitwerk (2.2.0) PLATFORMS java @@ -183,7 +194,7 @@ newrelic_rpm pg puma - rails (~> 5.2.0) + rails (~> 6.0.0) rails-assets-commonmark! rails-assets-highlightjs! sass-rails diff -r 722f4eccd370 -r fd3078b4d355 bin/setup --- a/bin/setup Fri May 31 09:10:37 2019 +0900 +++ b/bin/setup Tue Oct 22 16:17:30 2019 +0900 @@ -1,6 +1,5 @@ #!/usr/bin/env ruby require 'fileutils' -include FileUtils # path to your application root. APP_ROOT = File.expand_path('..', __dir__) @@ -9,24 +8,25 @@ system(*args) || abort("\n== Command #{args} failed ==") end -chdir APP_ROOT do - # This script is a starting point to setup your application. +FileUtils.chdir APP_ROOT do + # This script is a way to setup or update your development environment automatically. + # This script is idempotent, so that you can run it at anytime and get an expectable outcome. # Add necessary setup steps to this file. puts '== Installing dependencies ==' system! 'gem install bundler --conservative' system('bundle check') || system!('bundle install') - # Install JavaScript dependencies if using Yarn + # Install JavaScript dependencies # system('bin/yarn') # puts "\n== Copying sample files ==" # unless File.exist?('config/database.yml') - # cp 'config/database.yml.sample', 'config/database.yml' + # FileUtils.cp 'config/database.yml.sample', 'config/database.yml' # end puts "\n== Preparing database ==" - system! 'bin/rails db:setup' + system! 'bin/rails db:prepare' puts "\n== Removing old logs and tempfiles ==" system! 'bin/rails log:clear tmp:clear' diff -r 722f4eccd370 -r fd3078b4d355 config/application.rb --- a/config/application.rb Fri May 31 09:10:37 2019 +0900 +++ b/config/application.rb Tue Oct 22 16:17:30 2019 +0900 @@ -64,6 +64,6 @@ config.action_view.field_error_proc = proc { |html| html } - config.load_defaults 5.0 + config.middleware.delete ActionDispatch::HostAuthorization end end diff -r 722f4eccd370 -r fd3078b4d355 config/boot.rb --- a/config/boot.rb Fri May 31 09:10:37 2019 +0900 +++ b/config/boot.rb Tue Oct 22 16:17:30 2019 +0900 @@ -1,3 +1,3 @@ -ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__) +ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) -require "bundler/setup" # Set up gems listed in the Gemfile. +require 'bundler/setup' # Set up gems listed in the Gemfile. diff -r 722f4eccd370 -r fd3078b4d355 config/environment.rb --- a/config/environment.rb Fri May 31 09:10:37 2019 +0900 +++ b/config/environment.rb Tue Oct 22 16:17:30 2019 +0900 @@ -1,5 +1,5 @@ -# Load the rails application. -require_relative "application" +# Load the Rails application. +require_relative 'application' -# Initialize the rails application. +# Initialize the Rails application. Rails.application.initialize! diff -r 722f4eccd370 -r fd3078b4d355 config/environments/development.rb --- a/config/environments/development.rb Fri May 31 09:10:37 2019 +0900 +++ b/config/environments/development.rb Tue Oct 22 16:17:30 2019 +0900 @@ -16,6 +16,7 @@ # Run rails dev:cache to toggle caching. if Rails.root.join('tmp', 'caching-dev.txt').exist? config.action_controller.perform_caching = true + config.action_controller.enable_fragment_cache_logging = true config.cache_store = :memory_store config.public_file_server.headers = { @@ -27,9 +28,6 @@ config.cache_store = :null_store end - # Store uploaded files on the local file system (see config/storage.yml for options) - # config.active_storage.service = :local - # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log @@ -47,7 +45,7 @@ # Suppress logger output for asset requests. config.assets.quiet = true - # Raises error for missing translations + # Raises error for missing translations. # config.action_view.raise_on_missing_translations = true # Use an evented file watcher to asynchronously detect changes in source code, diff -r 722f4eccd370 -r fd3078b4d355 config/environments/production.rb --- a/config/environments/production.rb Fri May 31 09:10:37 2019 +0900 +++ b/config/environments/production.rb Tue Oct 22 16:17:30 2019 +0900 @@ -14,19 +14,20 @@ config.consider_all_requests_local = false config.action_controller.perform_caching = true + # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"] + # or in config/master.key. This key is used to decrypt credentials (and other encrypted files). + # config.require_master_key = true + # Disable serving static files from the `/public` folder by default since # Apache or NGINX already handles this. - config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present? + config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? - # Compress JavaScripts and CSS. - config.assets.js_compressor = :uglifier + # Compress CSS using a preprocessor. # config.assets.css_compressor = :sass # Do not fallback to assets pipeline if a precompiled asset is missed. config.assets.compile = false - # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb - # Enable serving of images, stylesheets, and JavaScripts from an asset server. # config.action_controller.asset_host = 'http://assets.example.com' @@ -34,13 +35,6 @@ # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX - # Action Cable endpoint configuration - # config.action_cable.url = 'wss://example.com/cable' - # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ] - - # Don't mount Action Cable in the main server process. - # config.action_cable.mount_path = nil - # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # config.force_ssl = true @@ -49,19 +43,14 @@ config.log_level = :debug # Prepend all log lines with the following tags. - config.log_tags = [:request_id] + config.log_tags = [ :request_id ] # Use a different cache store in production. # config.cache_store = :mem_cache_store - # Use a real queuing backend for Active Job (and separate queues per environment) + # Use a real queuing backend for Active Job (and separate queues per environment). # config.active_job.queue_adapter = :resque - # config.active_job.queue_name_prefix = "zeropaste_#{Rails.env}" - # config.action_mailer.perform_caching = false - - # Ignore bad email addresses and do not raise email delivery errors. - # Set this to true and configure the email server for immediate delivery to raise delivery errors. - # config.action_mailer.raise_delivery_errors = false + # config.active_job.queue_name_prefix = "zeropaste_production" # Enable locale fallbacks for I18n (makes lookups for any locale fall back to # the I18n.default_locale when a translation cannot be found). @@ -78,11 +67,32 @@ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name') if $cfg[:log_to_stdout] - logger = ActiveSupport::Logger.new(STDOUT) + logger = ActiveSupport::Logger.new(STDOUT) logger.formatter = config.log_formatter - config.logger = ActiveSupport::TaggedLogging.new(logger) + config.logger = ActiveSupport::TaggedLogging.new(logger) end # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false + + # Inserts middleware to perform automatic connection switching. + # The `database_selector` hash is used to pass options to the DatabaseSelector + # middleware. The `delay` is used to determine how long to wait after a write + # to send a subsequent read to the primary. + # + # The `database_resolver` class is used by the middleware to determine which + # database is appropriate to use based on the time delay. + # + # The `database_resolver_context` class is used by the middleware to set + # timestamps for the last write to the primary. The resolver uses the context + # class timestamps to determine how long to wait before reading from the + # replica. + # + # By default Rails will store a last write timestamp in the session. The + # DatabaseSelector middleware is designed as such you can define your own + # strategy for connection switching and pass that into the middleware through + # these configuration options. + # config.active_record.database_selector = { delay: 2.seconds } + # config.active_record.database_resolver = ActiveRecord::Middleware::DatabaseSelector::Resolver + # config.active_record.database_resolver_context = ActiveRecord::Middleware::DatabaseSelector::Resolver::Session end diff -r 722f4eccd370 -r fd3078b4d355 config/environments/test.rb --- a/config/environments/test.rb Fri May 31 09:10:37 2019 +0900 +++ b/config/environments/test.rb Tue Oct 22 16:17:30 2019 +0900 @@ -1,10 +1,11 @@ +# The test environment is used exclusively to run your application's +# test suite. You never need to work with it otherwise. Remember that +# your test database is "scratch space" for the test suite and is wiped +# and recreated between test runs. Don't rely on the data there! + Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # The test environment is used exclusively to run your application's - # test suite. You never need to work with it otherwise. Remember that - # your test database is "scratch space" for the test suite and is wiped - # and recreated between test runs. Don't rely on the data there! config.cache_classes = true # Do not eager load code on boot. This avoids loading your whole application @@ -21,6 +22,7 @@ # Show full error reports and disable caching. config.consider_all_requests_local = true config.action_controller.perform_caching = false + config.cache_store = :null_store # Raise exceptions instead of rendering exception templates. config.action_dispatch.show_exceptions = false @@ -28,12 +30,9 @@ # Disable request forgery protection in test environment. config.action_controller.allow_forgery_protection = false - # Store uploaded files on the local file system in a temporary directory - # config.active_storage.service = :test - # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr - # Raises error for missing translations + # Raises error for missing translations. # config.action_view.raise_on_missing_translations = true end diff -r 722f4eccd370 -r fd3078b4d355 config/initializers/content_security_policy.rb --- a/config/initializers/content_security_policy.rb Fri May 31 09:10:37 2019 +0900 +++ b/config/initializers/content_security_policy.rb Tue Oct 22 16:17:30 2019 +0900 @@ -11,6 +11,8 @@ # policy.object_src :none # policy.script_src :self, :https # policy.style_src :self, :https +# # If you are using webpack-dev-server then specify webpack-dev-server host +# policy.connect_src :self, :https, "http://localhost:3035", "ws://localhost:3035" if Rails.env.development? # # Specify URI for violation reports # # policy.report_uri "/csp-violation-report-endpoint" @@ -19,6 +21,9 @@ # If you are using UJS then enable automatic nonce generation # Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) } +# Set the nonce only to specific directives +# Rails.application.config.content_security_policy_nonce_directives = %w(script-src) + # Report CSP violations to a specified URI # For further information see the following documentation: # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only diff -r 722f4eccd370 -r fd3078b4d355 config/initializers/new_framework_defaults_6_0.rb --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/config/initializers/new_framework_defaults_6_0.rb Tue Oct 22 16:17:30 2019 +0900 @@ -0,0 +1,45 @@ +# Be sure to restart your server when you modify this file. +# +# This file contains migration options to ease your Rails 6.0 upgrade. +# +# Once upgraded flip defaults one by one to migrate to the new default. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. + +# Don't force requests from old versions of IE to be UTF-8 encoded. +# Rails.application.config.action_view.default_enforce_utf8 = false + +# Embed purpose and expiry metadata inside signed and encrypted +# cookies for increased security. +# +# This option is not backwards compatible with earlier Rails versions. +# It's best enabled when your entire app is migrated and stable on 6.0. +# Rails.application.config.action_dispatch.use_cookies_with_metadata = true + +# Change the return value of `ActionDispatch::Response#content_type` to Content-Type header without modification. +# Rails.application.config.action_dispatch.return_only_media_type_on_content_type = false + +# Return false instead of self when enqueuing is aborted from a callback. +# Rails.application.config.active_job.return_false_on_aborted_enqueue = true + +# Send Active Storage analysis and purge jobs to dedicated queues. +# Rails.application.config.active_storage.queues.analysis = :active_storage_analysis +# Rails.application.config.active_storage.queues.purge = :active_storage_purge + +# When assigning to a collection of attachments declared via `has_many_attached`, replace existing +# attachments instead of appending. Use #attach to add new attachments without replacing existing ones. +# Rails.application.config.active_storage.replace_on_assign_to_many = true + +# Use ActionMailer::MailDeliveryJob for sending parameterized and normal mail. +# +# The default delivery jobs (ActionMailer::Parameterized::DeliveryJob, ActionMailer::DeliveryJob), +# will be removed in Rails 6.1. This setting is not backwards compatible with earlier Rails versions. +# If you send mail in the background, job workers need to have a copy of +# MailDeliveryJob to ensure all delivery jobs are processed properly. +# Make sure your entire app is migrated and stable on 6.0 before using this setting. +# Rails.application.config.action_mailer.delivery_job = "ActionMailer::MailDeliveryJob" + +# Enable the same cache key to be reused when the object being cached of type +# `ActiveRecord::Relation` changes by moving the volatile information (max updated at and count) +# of the relation's cache key into the cache version to support recycling cache key. +# Rails.application.config.active_record.collection_cache_versioning = true diff -r 722f4eccd370 -r fd3078b4d355 config/initializers/wrap_parameters.rb --- a/config/initializers/wrap_parameters.rb Fri May 31 09:10:37 2019 +0900 +++ b/config/initializers/wrap_parameters.rb Tue Oct 22 16:17:30 2019 +0900 @@ -5,7 +5,7 @@ # Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array. ActiveSupport.on_load(:action_controller) do - wrap_parameters :format => [:json] + wrap_parameters format: [:json] end # To enable root element in JSON for ActiveRecord objects.