From be6ed2ae836394f07787f5369bd5f3bf6ba73983 Mon Sep 17 00:00:00 2001 From: Yuppy Date: Fri, 17 Jan 2020 17:29:44 +0900 Subject: [PATCH] Upgrade to rails5.2 --- Gemfile | 5 +- Gemfile.lock | 135 ++++++++++-------- bin/setup | 2 +- bin/yarn | 6 +- config/application.rb | 7 +- config/boot.rb | 1 + config/cable.yml | 2 +- config/environments/development.rb | 11 +- config/environments/test.rb | 6 +- .../application_controller_renderer.rb | 10 +- .../initializers/content_security_policy.rb | 25 ++++ .../new_framework_defaults_5_2.rb | 38 +++++ config/routes.rb | 2 +- config/spring.rb | 4 +- config/storage.yml | 34 +++++ 15 files changed, 206 insertions(+), 82 deletions(-) create mode 100644 config/initializers/content_security_policy.rb create mode 100644 config/initializers/new_framework_defaults_5_2.rb create mode 100644 config/storage.yml diff --git a/Gemfile b/Gemfile index 6437d173e..ee9f2f3cd 100644 --- a/Gemfile +++ b/Gemfile @@ -1,13 +1,14 @@ source 'https://rubygems.org' ruby '2.6.5' -gem 'rails', '~> 5.1.7' +gem 'rails', '~> 5.2.0' gem 'puma' gem "puma_worker_killer" gem 'pg' gem 'dumper' +gem 'bootsnap' -gem 'scrivito', '~> 1.15.0' +gem 'scrivito', '~> 1.16.0' gem 'scrivito_section_widgets' gem 'scrivito_teaser_widget' diff --git a/Gemfile.lock b/Gemfile.lock index f2c4c3090..52bbf0316 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,52 +1,58 @@ GEM remote: https://rubygems.org/ specs: - actioncable (5.1.7) - actionpack (= 5.1.7) + actioncable (5.2.4.1) + actionpack (= 5.2.4.1) nio4r (~> 2.0) - websocket-driver (~> 0.6.1) - actionmailer (5.1.7) - actionpack (= 5.1.7) - actionview (= 5.1.7) - activejob (= 5.1.7) + websocket-driver (>= 0.6.1) + actionmailer (5.2.4.1) + actionpack (= 5.2.4.1) + actionview (= 5.2.4.1) + activejob (= 5.2.4.1) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (5.1.7) - actionview (= 5.1.7) - activesupport (= 5.1.7) - rack (~> 2.0) + actionpack (5.2.4.1) + actionview (= 5.2.4.1) + activesupport (= 5.2.4.1) + rack (~> 2.0, >= 2.0.8) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (5.1.7) - activesupport (= 5.1.7) + actionview (5.2.4.1) + activesupport (= 5.2.4.1) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.0.3) - activejob (5.1.7) - activesupport (= 5.1.7) + activejob (5.2.4.1) + activesupport (= 5.2.4.1) globalid (>= 0.3.6) - activemodel (5.1.7) - activesupport (= 5.1.7) - activerecord (5.1.7) - activemodel (= 5.1.7) - activesupport (= 5.1.7) - arel (~> 8.0) - activesupport (5.1.7) + activemodel (5.2.4.1) + activesupport (= 5.2.4.1) + activerecord (5.2.4.1) + activemodel (= 5.2.4.1) + activesupport (= 5.2.4.1) + arel (>= 9.0) + activestorage (5.2.4.1) + actionpack (= 5.2.4.1) + activerecord (= 5.2.4.1) + marcel (~> 0.3.1) + activesupport (5.2.4.1) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) addressable (2.7.0) public_suffix (>= 2.0.2, < 5.0) - arel (8.0.0) + arel (9.0.0) autoprefixer-rails (9.7.4) execjs backports (3.15.0) bindex (0.8.1) binding_of_caller (0.8.0) debug_inspector (>= 0.0.1) + bootsnap (1.4.5) + msgpack (~> 1.0) bootstrap-sass (3.4.1) autoprefixer-rails (>= 5.2.1) sassc (>= 2.0.0) @@ -160,7 +166,7 @@ GEM hyp_diff (0.0.6) diff-lcs (>= 1.2, < 2.0) nokogiri (>= 1.6, < 2.0) - i18n (1.7.1) + i18n (1.8.2) concurrent-ruby (~> 1.0) jbuilder (2.9.1) activesupport (>= 4.2.0) @@ -191,6 +197,8 @@ GEM nokogiri (>= 1.5.9) mail (2.7.1) mini_mime (>= 0.1.1) + marcel (0.3.3) + mimemagic (~> 0.3.2) memoist (0.16.2) memory_profiler (0.9.14) method_source (0.9.2) @@ -200,9 +208,10 @@ GEM mimemagic (0.3.3) mini_mime (1.0.2) mini_portile2 (2.4.0) - minitest (5.13.0) + minitest (5.14.0) minitest-retry (0.1.9) minitest (>= 5.0) + msgpack (1.3.1) multi_json (1.14.1) multi_xml (0.6.0) multipart-post (2.1.1) @@ -238,7 +247,7 @@ GEM pusher-client (0.6.2) json websocket (~> 1.0) - rack (2.0.8) + rack (2.1.1) rack-attack (6.2.2) rack (>= 1.0, < 3) rack-host-redirect (1.3.0) @@ -250,17 +259,18 @@ GEM rack-user_agent (0.5.2) rack (>= 1.5) woothee (>= 1.0.0) - rails (5.1.7) - actioncable (= 5.1.7) - actionmailer (= 5.1.7) - actionpack (= 5.1.7) - actionview (= 5.1.7) - activejob (= 5.1.7) - activemodel (= 5.1.7) - activerecord (= 5.1.7) - activesupport (= 5.1.7) + rails (5.2.4.1) + actioncable (= 5.2.4.1) + actionmailer (= 5.2.4.1) + actionpack (= 5.2.4.1) + actionview (= 5.2.4.1) + activejob (= 5.2.4.1) + activemodel (= 5.2.4.1) + activerecord (= 5.2.4.1) + activestorage (= 5.2.4.1) + activesupport (= 5.2.4.1) bundler (>= 1.3.0) - railties (= 5.1.7) + railties (= 5.2.4.1) sprockets-rails (>= 2.0.0) rails-controller-testing (1.0.4) actionpack (>= 5.0.1.x) @@ -271,12 +281,12 @@ GEM nokogiri (>= 1.6) rails-html-sanitizer (1.2.0) loofah (~> 2.2, >= 2.2.2) - railties (5.1.7) - actionpack (= 5.1.7) - activesupport (= 5.1.7) + railties (5.2.4.1) + actionpack (= 5.2.4.1) + activesupport (= 5.2.4.1) method_source rake (>= 0.8.7) - thor (>= 0.18.1, < 2.0) + thor (>= 0.19.0, < 2.0) rake (13.0.1) rb-fsevent (0.10.3) rb-inotify (0.10.1) @@ -323,38 +333,38 @@ GEM tilt (>= 1.1, < 3) sassc (2.2.1) ffi (~> 1.9) - scrivito (1.15.0) - scrivito_content_browser (= 1.15.0) - scrivito_editors (= 1.15.0) - scrivito_sdk (= 1.15.0) - scrivito_ui (= 1.15.0) - scrivito_content_browser (1.15.0) + scrivito (1.16.0) + scrivito_content_browser (= 1.16.0) + scrivito_editors (= 1.16.0) + scrivito_sdk (= 1.16.0) + scrivito_ui (= 1.16.0) + scrivito_content_browser (1.16.0) railties - scrivito_sdk (= 1.15.0) - scrivito_editors (1.15.0) + scrivito_sdk (= 1.16.0) + scrivito_editors (1.16.0) jquery-ui-rails (>= 5.0.0, < 7.0.0) railties - scrivito_content_browser (= 1.15.0) - scrivito_sdk (= 1.15.0) - scrivito_sdk (1.15.0) + scrivito_content_browser (= 1.16.0) + scrivito_sdk (= 1.16.0) + scrivito_sdk (1.16.0) addressable (~> 2.3) connection_pool (~> 2.2) - diff-lcs (~> 1.2) + diff-lcs (~> 1.3) hyp_diff (~> 0.0.4) - jbuilder (~> 2.0) - jquery-rails (~> 4.0) - json (>= 1.8.3) + jbuilder (~> 2.6) + jquery-rails (~> 4.1) + json (>= 1.8.6) memoist (>= 0.12.0) multi_json (~> 1.9) multipart-post (~> 2.0) - nokogiri (~> 1.6) - rails (>= 4.2, < 5.2) + nokogiri (~> 1.7) + rails (~> 5.2.0) rake (>= 0.9.2.2) scrivito_section_widgets (1.1.2) scrivito scrivito_teaser_widget (0.1.2) scrivito - scrivito_ui (1.15.0) + scrivito_ui (1.16.0) railties secure_headers (6.1.2) selenium-webdriver (3.142.7) @@ -405,7 +415,7 @@ GEM bindex (>= 0.4.0) railties (>= 5.0) websocket (1.2.8) - websocket-driver (0.6.5) + websocket-driver (0.7.1) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.4) woothee (1.10.0) @@ -417,6 +427,7 @@ PLATFORMS ruby DEPENDENCIES + bootsnap bootstrap-sass capybara coffee-rails @@ -449,7 +460,7 @@ DEPENDENCIES rack-host-redirect rack-mini-profiler rack-user_agent - rails (~> 5.1.7) + rails (~> 5.2.0) rails-controller-testing rails-html-sanitizer (~> 1.2.0) rake @@ -457,7 +468,7 @@ DEPENDENCIES rspec-retry ruby-mp3info sass-rails (>= 5) - scrivito (~> 1.15.0) + scrivito (~> 1.16.0) scrivito_section_widgets scrivito_teaser_widget secure_headers @@ -474,4 +485,4 @@ RUBY VERSION ruby 2.6.5p114 BUNDLED WITH - 1.17.2 + 1.17.3 diff --git a/bin/setup b/bin/setup index e52f53503..808a452db 100755 --- a/bin/setup +++ b/bin/setup @@ -69,4 +69,4 @@ chdir APP_ROOT do puts "\n== Restarting application server ==" system! 'bin/rails restart' -end +end \ No newline at end of file diff --git a/bin/yarn b/bin/yarn index c2bacef83..460dd565b 100755 --- a/bin/yarn +++ b/bin/yarn @@ -1,8 +1,8 @@ #!/usr/bin/env ruby -VENDOR_PATH = File.expand_path('..', __dir__) -Dir.chdir(VENDOR_PATH) do +APP_ROOT = File.expand_path('..', __dir__) +Dir.chdir(APP_ROOT) do begin - exec "yarnpkg #{ARGV.join(" ")}" + exec "yarnpkg", *ARGV rescue Errno::ENOENT $stderr.puts "Yarn executable was not detected in the system." $stderr.puts "Download Yarn at https://yarnpkg.com/en/docs/install" diff --git a/config/application.rb b/config/application.rb index a6324932d..11cc5507d 100644 --- a/config/application.rb +++ b/config/application.rb @@ -9,11 +9,12 @@ module CoderdojoJp class Application < Rails::Application # Initialize configuration defaults for originally generated Rails version. - config.load_defaults 5.1 + config.load_defaults 5.2 # Settings in config/environments/* take precedence over those specified here. - # Application configuration should go into files in config/initializers - # -- all .rb files in that directory are automatically loaded. + # Application configuration can go into files in config/initializers + # -- all .rb files in that directory are automatically loaded after loading + # the framework and any gems in your application. # Timezone config.time_zone = 'Asia/Tokyo' diff --git a/config/boot.rb b/config/boot.rb index 30f5120df..b9e460cef 100644 --- a/config/boot.rb +++ b/config/boot.rb @@ -1,3 +1,4 @@ ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) require 'bundler/setup' # Set up gems listed in the Gemfile. +require 'bootsnap/setup' # Speed up boot time by caching expensive operations. diff --git a/config/cable.yml b/config/cable.yml index 2a9777c28..b7a674014 100644 --- a/config/cable.yml +++ b/config/cable.yml @@ -6,5 +6,5 @@ test: production: adapter: redis - url: redis://localhost:6379/1 + url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %> channel_prefix: coderdojo_jp_production diff --git a/config/environments/development.rb b/config/environments/development.rb index 5187e2218..1311e3e4e 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -13,12 +13,13 @@ config.consider_all_requests_local = true # Enable/disable caching. By default caching is disabled. - if Rails.root.join('tmp/caching-dev.txt').exist? + # Run rails dev:cache to toggle caching. + if Rails.root.join('tmp', 'caching-dev.txt').exist? config.action_controller.perform_caching = true config.cache_store = :memory_store config.public_file_server.headers = { - 'Cache-Control' => "public, max-age=#{2.days.seconds.to_i}" + 'Cache-Control' => "public, max-age=#{2.days.to_i}" } else config.action_controller.perform_caching = false @@ -26,6 +27,9 @@ config.cache_store = :null_store end + # Store uploaded files on the local file system (see config/storage.yml for options) + config.active_storage.service = :local + # Don't care if the mailer can't send. config.action_mailer.raise_delivery_errors = false @@ -37,6 +41,9 @@ # Raise an error on page load if there are pending migrations. config.active_record.migration_error = :page_load + # Highlight code that triggered database queries in logs. + config.active_record.verbose_query_logs = true + # Debug mode disables concatenation and preprocessing of assets. # This option may cause significant delays in view rendering with a large # number of complex assets. diff --git a/config/environments/test.rb b/config/environments/test.rb index 8e5cbde53..0a38fd3ce 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -15,7 +15,7 @@ # Configure public file server for tests with Cache-Control for performance. config.public_file_server.enabled = true config.public_file_server.headers = { - 'Cache-Control' => "public, max-age=#{1.hour.seconds.to_i}" + 'Cache-Control' => "public, max-age=#{1.hour.to_i}" } # Show full error reports and disable caching. @@ -27,6 +27,10 @@ # Disable request forgery protection in test environment. config.action_controller.allow_forgery_protection = false + + # Store uploaded files on the local file system in a temporary directory + config.active_storage.service = :test + config.action_mailer.perform_caching = false # Tell Action Mailer not to deliver emails to the real world. diff --git a/config/initializers/application_controller_renderer.rb b/config/initializers/application_controller_renderer.rb index 51639b67a..89d2efab2 100644 --- a/config/initializers/application_controller_renderer.rb +++ b/config/initializers/application_controller_renderer.rb @@ -1,6 +1,8 @@ # Be sure to restart your server when you modify this file. -# ApplicationController.renderer.defaults.merge!( -# http_host: 'example.org', -# https: false -# ) +# ActiveSupport::Reloader.to_prepare do +# ApplicationController.renderer.defaults.merge!( +# http_host: 'example.org', +# https: false +# ) +# end diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb new file mode 100644 index 000000000..d3bcaa5ec --- /dev/null +++ b/config/initializers/content_security_policy.rb @@ -0,0 +1,25 @@ +# Be sure to restart your server when you modify this file. + +# Define an application-wide content security policy +# For further information see the following documentation +# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy + +# Rails.application.config.content_security_policy do |policy| +# policy.default_src :self, :https +# policy.font_src :self, :https, :data +# policy.img_src :self, :https, :data +# policy.object_src :none +# policy.script_src :self, :https +# policy.style_src :self, :https + +# # Specify URI for violation reports +# # policy.report_uri "/csp-violation-report-endpoint" +# end + +# If you are using UJS then enable automatic nonce generation +# Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) } + +# Report CSP violations to a specified URI +# For further information see the following documentation: +# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only +# Rails.application.config.content_security_policy_report_only = true diff --git a/config/initializers/new_framework_defaults_5_2.rb b/config/initializers/new_framework_defaults_5_2.rb new file mode 100644 index 000000000..c383d072b --- /dev/null +++ b/config/initializers/new_framework_defaults_5_2.rb @@ -0,0 +1,38 @@ +# Be sure to restart your server when you modify this file. +# +# This file contains migration options to ease your Rails 5.2 upgrade. +# +# Once upgraded flip defaults one by one to migrate to the new default. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. + +# Make Active Record use stable #cache_key alongside new #cache_version method. +# This is needed for recyclable cache keys. +# Rails.application.config.active_record.cache_versioning = true + +# Use AES-256-GCM authenticated encryption for encrypted cookies. +# Also, embed cookie expiry in signed or encrypted cookies for increased security. +# +# This option is not backwards compatible with earlier Rails versions. +# It's best enabled when your entire app is migrated and stable on 5.2. +# +# Existing cookies will be converted on read then written with the new scheme. +# Rails.application.config.action_dispatch.use_authenticated_cookie_encryption = true + +# Use AES-256-GCM authenticated encryption as default cipher for encrypting messages +# instead of AES-256-CBC, when use_authenticated_message_encryption is set to true. +# Rails.application.config.active_support.use_authenticated_message_encryption = true + +# Add default protection from forgery to ActionController::Base instead of in +# ApplicationController. +# Rails.application.config.action_controller.default_protect_from_forgery = true + +# Store boolean values are in sqlite3 databases as 1 and 0 instead of 't' and +# 'f' after migrating old data. +# Rails.application.config.active_record.sqlite3.represent_boolean_as_integer = true + +# Use SHA-1 instead of MD5 to generate non-sensitive digests, such as the ETag header. +# Rails.application.config.active_support.use_sha1_digests = true + +# Make `form_with` generate id attributes for any generated HTML tags. +# Rails.application.config.action_view.form_with_generates_ids = true diff --git a/config/routes.rb b/config/routes.rb index fa59c127e..38408489f 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -46,4 +46,4 @@ scrivito_route '/', using: 'homepage' scrivito_route '(/)(*slug-):id', using: 'slug_id' scrivito_route '/*permalink', using: 'permalink', format: false -end +end \ No newline at end of file diff --git a/config/spring.rb b/config/spring.rb index c9119b40c..9fa7863f9 100644 --- a/config/spring.rb +++ b/config/spring.rb @@ -1,6 +1,6 @@ -%w( +%w[ .ruby-version .rbenv-vars tmp/restart.txt tmp/caching-dev.txt -).each { |path| Spring.watch(path) } +].each { |path| Spring.watch(path) } diff --git a/config/storage.yml b/config/storage.yml new file mode 100644 index 000000000..d32f76e8f --- /dev/null +++ b/config/storage.yml @@ -0,0 +1,34 @@ +test: + service: Disk + root: <%= Rails.root.join("tmp/storage") %> + +local: + service: Disk + root: <%= Rails.root.join("storage") %> + +# Use rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key) +# amazon: +# service: S3 +# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %> +# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %> +# region: us-east-1 +# bucket: your_own_bucket + +# Remember not to checkin your GCS keyfile to a repository +# google: +# service: GCS +# project: your_project +# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %> +# bucket: your_own_bucket + +# Use rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key) +# microsoft: +# service: AzureStorage +# storage_account_name: your_account_name +# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %> +# container: your_container_name + +# mirror: +# service: Mirror +# primary: local +# mirrors: [ amazon, google, microsoft ]