From 779e16ee042887449efd4b39f1adaa801133d04c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mar=C3=ADa=20A=2E=20Matienzo?= Date: Tue, 25 Nov 2025 09:00:19 -0800 Subject: [PATCH 01/12] Fix broken links --- app/views/layouts/application.html.erb | 6 +++--- spec/controllers/application_controller_spec.rb | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index 84116a6..c1278c0 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -1,14 +1,14 @@ - NARA + Early Arrivals Search (EARS) <%= stylesheet_link_tag :application %> <%= csrf_meta_tags %>
- <%= link_to image_tag(asset_path('nara.jpg')),"https://bancroft.berkeley.edu/collections/chinese-immigration-to-the-united-states-1884-1944/" %> + <%= link_to image_tag(asset_path('nara.jpg')),"https://web.archive.org/web/20220124061848/https://bancroft.berkeley.edu/collections/chinese-immigration-to-the-united-states-1884-1944/index.html" %>

The Early Arrivals Records Search (EARS)

@@ -18,7 +18,7 @@ <%= yield %> diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb index 2f87f5f..5362dfd 100644 --- a/spec/controllers/application_controller_spec.rb +++ b/spec/controllers/application_controller_spec.rb @@ -7,7 +7,7 @@ describe 'Land on saerch page' do it 'renders the index template' do get :index - expect(response.body).to match(/NARA/) + expect(response.body).to match(/Early Arrivals Search/) end end end From 2b0bde52e1672c1f7864d6266a6eae3734481b1e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mar=C3=ADa=20A=2E=20Matienzo?= Date: Mon, 24 Nov 2025 18:09:59 -0800 Subject: [PATCH 02/12] AP-518: start dependency upgrades: ruby 3.3 --- Dockerfile | 4 +- Gemfile | 10 +- Gemfile.lock | 359 ++++++++++++++++++++++++++----------------------- bin/webpack | 2 +- config/boot.rb | 1 + 5 files changed, 203 insertions(+), 173 deletions(-) diff --git a/Dockerfile b/Dockerfile index c7a1dff..df1ec08 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,7 @@ # The base stage scaffolds elements which are common to building and running # the application, such as installing ca-certificates, creating the app user, # and installing runtime system dependencies. -FROM ruby:3.0.3-slim AS base +FROM ruby:3.3-slim AS base # ------------------------------------------------------------ # Declarative metadata @@ -115,7 +115,7 @@ RUN apt-get install -y --no-install-recommends \ USER $APP_USER # Base image ships with an older version of bundler -RUN gem install bundler --version 2.2.33 +RUN gem install bundler --version 2.5.22 # Install gems. We don't enforce the validity of the Gemfile.lock until the # final (production) stage. diff --git a/Gemfile b/Gemfile index d089af9..50ebb83 100644 --- a/Gemfile +++ b/Gemfile @@ -7,14 +7,18 @@ gem 'amazing_print', '~> 1.1' gem 'bootstrap-sass' gem 'bundler-audit' gem 'coffee-rails' +gem 'drb' gem 'font-awesome-rails' gem 'jbuilder', '~> 2.7' gem 'jquery-rails', '~> 4.4' +gem 'logger' gem 'lograge', '~> 0.11' -gem 'mysql2', '~> 0.5' -gem 'nokogiri', '~> 1.13' +gem 'mutex_m' +gem 'mysql2', '~> 0.5.4' +gem 'nio4r', '~> 2.7' +gem 'nokogiri', '~> 1.18' gem 'ougai', '~> 1.8' -gem 'puma', '~> 4.1' +gem 'puma', '~> 4.3' gem 'rails', '~> 6.1' gem 'rails-healthcheck' gem 'rake' diff --git a/Gemfile.lock b/Gemfile.lock index e2459df..8e01ad3 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,91 +1,92 @@ GEM remote: https://rubygems.org/ specs: - actioncable (6.1.5.1) - actionpack (= 6.1.5.1) - activesupport (= 6.1.5.1) + actioncable (6.1.7.10) + actionpack (= 6.1.7.10) + activesupport (= 6.1.7.10) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (6.1.5.1) - actionpack (= 6.1.5.1) - activejob (= 6.1.5.1) - activerecord (= 6.1.5.1) - activestorage (= 6.1.5.1) - activesupport (= 6.1.5.1) + actionmailbox (6.1.7.10) + actionpack (= 6.1.7.10) + activejob (= 6.1.7.10) + activerecord (= 6.1.7.10) + activestorage (= 6.1.7.10) + activesupport (= 6.1.7.10) mail (>= 2.7.1) - actionmailer (6.1.5.1) - actionpack (= 6.1.5.1) - actionview (= 6.1.5.1) - activejob (= 6.1.5.1) - activesupport (= 6.1.5.1) + actionmailer (6.1.7.10) + actionpack (= 6.1.7.10) + actionview (= 6.1.7.10) + activejob (= 6.1.7.10) + activesupport (= 6.1.7.10) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (6.1.5.1) - actionview (= 6.1.5.1) - activesupport (= 6.1.5.1) + actionpack (6.1.7.10) + actionview (= 6.1.7.10) + activesupport (= 6.1.7.10) rack (~> 2.0, >= 2.0.9) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (6.1.5.1) - actionpack (= 6.1.5.1) - activerecord (= 6.1.5.1) - activestorage (= 6.1.5.1) - activesupport (= 6.1.5.1) + actiontext (6.1.7.10) + actionpack (= 6.1.7.10) + activerecord (= 6.1.7.10) + activestorage (= 6.1.7.10) + activesupport (= 6.1.7.10) nokogiri (>= 1.8.5) - actionview (6.1.5.1) - activesupport (= 6.1.5.1) + actionview (6.1.7.10) + activesupport (= 6.1.7.10) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0) - activejob (6.1.5.1) - activesupport (= 6.1.5.1) + activejob (6.1.7.10) + activesupport (= 6.1.7.10) globalid (>= 0.3.6) - activemodel (6.1.5.1) - activesupport (= 6.1.5.1) - activerecord (6.1.5.1) - activemodel (= 6.1.5.1) - activesupport (= 6.1.5.1) - activestorage (6.1.5.1) - actionpack (= 6.1.5.1) - activejob (= 6.1.5.1) - activerecord (= 6.1.5.1) - activesupport (= 6.1.5.1) + activemodel (6.1.7.10) + activesupport (= 6.1.7.10) + activerecord (6.1.7.10) + activemodel (= 6.1.7.10) + activesupport (= 6.1.7.10) + activestorage (6.1.7.10) + actionpack (= 6.1.7.10) + activejob (= 6.1.7.10) + activerecord (= 6.1.7.10) + activesupport (= 6.1.7.10) marcel (~> 1.0) mini_mime (>= 1.1.0) - activesupport (6.1.5.1) + activesupport (6.1.7.10) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) tzinfo (~> 2.0) zeitwerk (~> 2.3) - addressable (2.8.0) - public_suffix (>= 2.0.2, < 5.0) - amazing_print (1.4.0) - ast (2.4.2) - autoprefixer-rails (10.4.2.0) + addressable (2.8.7) + public_suffix (>= 2.0.2, < 7.0) + amazing_print (1.8.1) + ast (2.4.3) + autoprefixer-rails (10.4.21.0) execjs (~> 2) + base64 (0.3.0) + bigdecimal (3.3.1) bindex (0.8.1) bootstrap-sass (3.4.1) autoprefixer-rails (>= 5.2.1) sassc (>= 2.0.0) brakeman (4.10.1) - builder (3.2.4) - bundler-audit (0.9.0.1) + builder (3.3.0) + bundler-audit (0.9.2) bundler (>= 1.2.0, < 3) thor (~> 1.0) - byebug (11.1.3) - capybara (3.36.0) + byebug (12.0.0) + capybara (3.40.0) addressable matrix mini_mime (>= 0.1.3) - nokogiri (~> 1.8) + nokogiri (~> 1.11) rack (>= 1.6.0) rack-test (>= 0.6.3) regexp_parser (>= 1.5, < 3.0) xpath (~> 3.2) - childprocess (4.1.0) coffee-rails (5.0.0) coffee-script (>= 2.2.0) railties (>= 5.2.0) @@ -93,127 +94,145 @@ GEM coffee-script-source execjs coffee-script-source (1.12.2) - concurrent-ruby (1.1.10) + concurrent-ruby (1.3.5) crass (1.0.6) - diff-lcs (1.5.0) - docile (1.4.0) - erubi (1.10.0) - execjs (2.8.1) - ffi (1.15.5) - font-awesome-rails (4.7.0.8) - railties (>= 3.2, < 8.0) - globalid (1.0.0) - activesupport (>= 5.0) - i18n (1.10.0) + date (3.5.0) + diff-lcs (1.6.2) + docile (1.4.1) + erubi (1.13.1) + execjs (2.10.0) + ffi (1.17.2-aarch64-linux-gnu) + font-awesome-rails (4.7.0.9) + railties (>= 3.2, < 9.0) + globalid (1.3.0) + activesupport (>= 6.1) + i18n (1.14.7) concurrent-ruby (~> 1.0) - jbuilder (2.11.5) + jbuilder (2.13.0) actionview (>= 5.0.0) activesupport (>= 5.0.0) - jquery-rails (4.4.0) + jquery-rails (4.6.1) rails-dom-testing (>= 1, < 3) railties (>= 4.2.0) thor (>= 0.14, < 2.0) - listen (3.7.1) + listen (3.9.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) - lograge (0.11.2) + logger (1.7.0) + lograge (0.14.0) actionpack (>= 4) activesupport (>= 4) railties (>= 4) request_store (~> 1.0) - loofah (2.17.0) + loofah (2.24.1) crass (~> 1.0.2) - nokogiri (>= 1.5.9) - mail (2.7.1) + nokogiri (>= 1.12.0) + mail (2.9.0) + logger mini_mime (>= 0.1.1) - marcel (1.0.2) - matrix (0.4.2) - method_source (1.0.0) - mini_mime (1.1.2) - minitest (5.15.0) - mysql2 (0.5.3) - nio4r (2.5.8) - nokogiri (1.13.4-aarch64-linux) - racc (~> 1.4) - nokogiri (1.13.4-arm64-darwin) - racc (~> 1.4) - nokogiri (1.13.4-x86_64-darwin) - racc (~> 1.4) - nokogiri (1.13.4-x86_64-linux) + net-imap + net-pop + net-smtp + marcel (1.1.0) + matrix (0.4.3) + method_source (1.1.0) + mini_mime (1.1.5) + minitest (5.26.2) + mutex_m (0.2.0) + mysql2 (0.5.7) + bigdecimal + net-imap (0.5.12) + date + net-protocol + net-pop (0.1.2) + net-protocol + net-protocol (0.2.2) + timeout + net-smtp (0.5.1) + net-protocol + nio4r (2.7.5) + nokogiri (1.18.10-aarch64-linux-gnu) racc (~> 1.4) - oj (3.13.11) + oj (3.16.12) + bigdecimal (>= 3.0) + ostruct (>= 0.2) + ostruct (0.6.3) ougai (1.9.1) oj (~> 3.10) - parallel (1.21.0) - parser (3.1.1.0) + parallel (1.27.0) + parser (3.3.10.0) ast (~> 2.4.1) - public_suffix (4.0.6) - puma (4.3.11) + racc + prism (1.6.0) + public_suffix (6.0.2) + puma (4.3.12) nio4r (~> 2.0) - racc (1.6.0) - rack (2.2.3) - rack-proxy (0.7.2) + racc (1.8.1) + rack (2.2.21) + rack-proxy (0.7.7) rack - rack-test (1.1.0) - rack (>= 1.0, < 3) - rails (6.1.5.1) - actioncable (= 6.1.5.1) - actionmailbox (= 6.1.5.1) - actionmailer (= 6.1.5.1) - actionpack (= 6.1.5.1) - actiontext (= 6.1.5.1) - actionview (= 6.1.5.1) - activejob (= 6.1.5.1) - activemodel (= 6.1.5.1) - activerecord (= 6.1.5.1) - activestorage (= 6.1.5.1) - activesupport (= 6.1.5.1) + rack-test (2.2.0) + rack (>= 1.3) + rails (6.1.7.10) + actioncable (= 6.1.7.10) + actionmailbox (= 6.1.7.10) + actionmailer (= 6.1.7.10) + actionpack (= 6.1.7.10) + actiontext (= 6.1.7.10) + actionview (= 6.1.7.10) + activejob (= 6.1.7.10) + activemodel (= 6.1.7.10) + activerecord (= 6.1.7.10) + activestorage (= 6.1.7.10) + activesupport (= 6.1.7.10) bundler (>= 1.15.0) - railties (= 6.1.5.1) + railties (= 6.1.7.10) sprockets-rails (>= 2.0.0) - rails-dom-testing (2.0.3) - activesupport (>= 4.2.0) + rails-dom-testing (2.3.0) + activesupport (>= 5.0.0) + minitest nokogiri (>= 1.6) rails-healthcheck (1.4.0) actionpack railties - rails-html-sanitizer (1.4.2) - loofah (~> 2.3) - railties (6.1.5.1) - actionpack (= 6.1.5.1) - activesupport (= 6.1.5.1) + rails-html-sanitizer (1.6.2) + loofah (~> 2.21) + nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0) + railties (6.1.7.10) + actionpack (= 6.1.7.10) + activesupport (= 6.1.7.10) method_source rake (>= 12.2) thor (~> 1.0) rainbow (3.1.1) - rake (13.0.6) - rb-fsevent (0.11.1) - rb-inotify (0.10.1) + rake (13.3.1) + rb-fsevent (0.11.2) + rb-inotify (0.11.1) ffi (~> 1.0) - regexp_parser (2.2.1) - request_store (1.5.1) + regexp_parser (2.11.3) + request_store (1.7.0) rack (>= 1.4) - rexml (3.2.5) - rspec-core (3.11.0) - rspec-support (~> 3.11.0) - rspec-expectations (3.11.0) + rexml (3.4.4) + rspec-core (3.13.6) + rspec-support (~> 3.13.0) + rspec-expectations (3.13.5) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.11.0) - rspec-mocks (3.11.0) + rspec-support (~> 3.13.0) + rspec-mocks (3.13.7) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.11.0) - rspec-rails (5.1.1) - actionpack (>= 5.2) - activesupport (>= 5.2) - railties (>= 5.2) - rspec-core (~> 3.10) - rspec-expectations (~> 3.10) - rspec-mocks (~> 3.10) - rspec-support (~> 3.10) - rspec-support (3.11.0) + rspec-support (~> 3.13.0) + rspec-rails (6.1.5) + actionpack (>= 6.1) + activesupport (>= 6.1) + railties (>= 6.1) + rspec-core (~> 3.13) + rspec-expectations (~> 3.13) + rspec-mocks (~> 3.13) + rspec-support (~> 3.13) + rspec-support (3.13.6) rspec_junit_formatter (0.4.1) rspec-core (>= 2, < 4, != 2.12.0) - rubocop (1.26.0) + rubocop (1.26.1) parallel (~> 1.10) parser (>= 3.1.0.0) rainbow (>= 2.2.2, < 4.0) @@ -222,10 +241,11 @@ GEM rubocop-ast (>= 1.16.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 3.0) - rubocop-ast (1.16.0) - parser (>= 3.1.1.0) - ruby-progressbar (1.11.0) - rubyzip (2.3.2) + rubocop-ast (1.48.0) + parser (>= 3.3.7.2) + prism (~> 1.4) + ruby-progressbar (1.13.0) + rubyzip (3.2.2) sass-rails (6.0.0) sassc-rails (~> 2.1, >= 2.1.1) sassc (2.4.0) @@ -236,55 +256,57 @@ GEM sprockets (> 3.0) sprockets-rails tilt - selenium-webdriver (4.1.0) - childprocess (>= 0.5, < 5.0) + selenium-webdriver (4.38.0) + base64 (~> 0.2) + logger (~> 1.4) rexml (~> 3.2, >= 3.2.5) - rubyzip (>= 1.2.2) - semantic_range (3.0.0) - simplecov (0.21.2) + rubyzip (>= 1.2.2, < 4.0) + websocket (~> 1.0) + semantic_range (3.1.0) + simplecov (0.22.0) docile (~> 1.1) simplecov-html (~> 0.11) simplecov_json_formatter (~> 0.1) - simplecov-html (0.12.3) - simplecov-rcov (0.2.3) + simplecov-html (0.13.2) + simplecov-rcov (0.3.7) simplecov (>= 0.4.1) simplecov_json_formatter (0.1.4) - sprockets (4.0.3) + sprockets (4.2.2) concurrent-ruby (~> 1.0) - rack (> 1, < 3) - sprockets-rails (3.4.2) - actionpack (>= 5.2) - activesupport (>= 5.2) + logger + rack (>= 2.2.4, < 4) + sprockets-rails (3.5.2) + actionpack (>= 6.1) + activesupport (>= 6.1) sprockets (>= 3.0.0) - thor (1.2.1) - tilt (2.0.10) - tzinfo (2.0.4) + thor (1.4.0) + tilt (2.6.1) + timeout (0.4.4) + tzinfo (2.0.6) concurrent-ruby (~> 1.0) - unicode-display_width (2.1.0) - web-console (4.2.0) + unicode-display_width (2.6.0) + web-console (4.2.1) actionview (>= 6.0.0) activemodel (>= 6.0.0) bindex (>= 0.4.0) railties (>= 6.0.0) - webpacker (5.4.3) + webpacker (5.4.4) activesupport (>= 5.2) rack-proxy (>= 0.6.1) railties (>= 5.2) semantic_range (>= 2.3.0) - websocket-driver (0.7.5) + websocket (1.2.11) + websocket-driver (0.8.0) + base64 websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - will_paginate (3.3.1) + will_paginate (4.0.1) xpath (3.2.0) nokogiri (~> 1.8) - zeitwerk (2.5.4) + zeitwerk (2.7.3) PLATFORMS - aarch64-linux - arm64-darwin - arm64-darwin-21 - x86_64-darwin - x86_64-linux + aarch64-linux-gnu DEPENDENCIES amazing_print (~> 1.1) @@ -298,11 +320,14 @@ DEPENDENCIES jbuilder (~> 2.7) jquery-rails (~> 4.4) listen (~> 3.2) + logger lograge (~> 0.11) - mysql2 (~> 0.5) - nokogiri (~> 1.13) + mutex_m + mysql2 (~> 0.5.4) + nio4r (~> 2.7) + nokogiri (~> 1.18) ougai (~> 1.8) - puma (~> 4.1) + puma (~> 4.3) rails (~> 6.1) rails-healthcheck rake @@ -318,7 +343,7 @@ DEPENDENCIES will_paginate RUBY VERSION - ruby 3.0.3p157 + ruby 3.3.10p183 BUNDLED WITH - 2.2.33 + 2.5.22 diff --git a/bin/webpack b/bin/webpack index 1031168..bbf8892 100755 --- a/bin/webpack +++ b/bin/webpack @@ -8,7 +8,7 @@ ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile", Pathname.new(__FILE__).realpath) require "bundler/setup" - +require "logger" require "webpacker" require "webpacker/webpack_runner" diff --git a/config/boot.rb b/config/boot.rb index 30f5120..2d99227 100644 --- a/config/boot.rb +++ b/config/boot.rb @@ -1,3 +1,4 @@ ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) require 'bundler/setup' # Set up gems listed in the Gemfile. +require 'logger' From 60ec0ac4feeb5bd8308e0835b0b8a172724b7ef6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mar=C3=ADa=20A=2E=20Matienzo?= Date: Mon, 24 Nov 2025 18:26:36 -0800 Subject: [PATCH 03/12] rails 7.0; switch to use berkeley_library/logging --- Gemfile | 3 +- bin/rails | 2 +- bin/setup | 21 ++- config/application.rb | 7 +- config/boot.rb | 5 +- config/environment.rb | 2 +- config/environments/development.rb | 38 +++-- config/environments/production.rb | 63 +++----- config/environments/test.rb | 29 ++-- .../initializers/content_security_policy.rb | 47 +++--- .../initializers/filter_parameter_logging.rb | 8 +- .../new_framework_defaults_7_0.rb | 143 ++++++++++++++++++ config/initializers/permissions_policy.rb | 11 ++ db/schema.rb | 2 +- 14 files changed, 268 insertions(+), 113 deletions(-) create mode 100644 config/initializers/new_framework_defaults_7_0.rb create mode 100644 config/initializers/permissions_policy.rb diff --git a/Gemfile b/Gemfile index 50ebb83..e860262 100644 --- a/Gemfile +++ b/Gemfile @@ -5,6 +5,7 @@ ruby '~> 3.0' gem 'amazing_print', '~> 1.1' gem 'bootstrap-sass' +gem 'berkeley_library-logging' gem 'bundler-audit' gem 'coffee-rails' gem 'drb' @@ -19,7 +20,7 @@ gem 'nio4r', '~> 2.7' gem 'nokogiri', '~> 1.18' gem 'ougai', '~> 1.8' gem 'puma', '~> 4.3' -gem 'rails', '~> 6.1' +gem 'rails', '~> 7.0.8' gem 'rails-healthcheck' gem 'rake' gem 'sass-rails', '>= 6' diff --git a/bin/rails b/bin/rails index 6fb4e40..efc0377 100755 --- a/bin/rails +++ b/bin/rails @@ -1,4 +1,4 @@ #!/usr/bin/env ruby -APP_PATH = File.expand_path('../config/application', __dir__) +APP_PATH = File.expand_path("../config/application", __dir__) require_relative "../config/boot" require "rails/commands" diff --git a/bin/setup b/bin/setup index 90700ac..ec47b79 100755 --- a/bin/setup +++ b/bin/setup @@ -2,7 +2,7 @@ require "fileutils" # path to your application root. -APP_ROOT = File.expand_path('..', __dir__) +APP_ROOT = File.expand_path("..", __dir__) def system!(*args) system(*args) || abort("\n== Command #{args} failed ==") @@ -13,24 +13,21 @@ FileUtils.chdir APP_ROOT do # This script is idempotent, so that you can run it at any time and get an expectable outcome. # Add necessary setup steps to this file. - puts '== Installing dependencies ==' - system! 'gem install bundler --conservative' - system('bundle check') || system!('bundle install') - - # Install JavaScript dependencies - system! 'bin/yarn' + puts "== Installing dependencies ==" + system! "gem install bundler --conservative" + system("bundle check") || system!("bundle install") # puts "\n== Copying sample files ==" - # unless File.exist?('config/database.yml') - # FileUtils.cp 'config/database.yml.sample', 'config/database.yml' + # unless File.exist?("config/database.yml") + # FileUtils.cp "config/database.yml.sample", "config/database.yml" # end puts "\n== Preparing database ==" - system! 'bin/rails db:prepare' + system! "bin/rails db:prepare" puts "\n== Removing old logs and tempfiles ==" - system! 'bin/rails log:clear tmp:clear' + system! "bin/rails log:clear tmp:clear" puts "\n== Restarting application server ==" - system! 'bin/rails restart' + system! "bin/rails restart" end diff --git a/config/application.rb b/config/application.rb index f54f76e..8421ec5 100644 --- a/config/application.rb +++ b/config/application.rb @@ -12,12 +12,13 @@ module NewNara class Application < Rails::Application # Initialize configuration defaults for originally generated Rails version. - config.load_defaults 6.0 + config.load_defaults 7.0 + config.active_record.legacy_connection_handling = false # ############################################################ # Customize logging - require 'lib_it/logging' - LibIT::Logging.configure! + # require 'berkeley_library/logging' + # LibIT::Logging.configure! end end diff --git a/config/boot.rb b/config/boot.rb index 2d99227..2820116 100644 --- a/config/boot.rb +++ b/config/boot.rb @@ -1,4 +1,3 @@ -ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) +ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__) -require 'bundler/setup' # Set up gems listed in the Gemfile. -require 'logger' +require "bundler/setup" # Set up gems listed in the Gemfile. diff --git a/config/environment.rb b/config/environment.rb index 426333b..cac5315 100644 --- a/config/environment.rb +++ b/config/environment.rb @@ -1,5 +1,5 @@ # Load the Rails application. -require_relative 'application' +require_relative "application" # Initialize the Rails application. Rails.application.initialize! diff --git a/config/environments/development.rb b/config/environments/development.rb index a43bdb4..8500f45 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -1,7 +1,10 @@ +require "active_support/core_ext/integer/time" + Rails.application.configure do + # Settings specified here will take precedence over those in config/application.rb. - # In the development environment your application's code is reloaded on - # every request. This slows down response time but is perfect for development + # In the development environment your application's code is reloaded any time + # it changes. This slows down response time but is perfect for development # since you don't have to restart the web server when you make code changes. config.cache_classes = false @@ -11,15 +14,18 @@ # Show full error reports. config.consider_all_requests_local = true + # Enable server timing + config.server_timing = true + # Enable/disable caching. By default caching is disabled. # Run rails dev:cache to toggle caching. - if Rails.root.join('tmp', 'caching-dev.txt').exist? + if Rails.root.join("tmp/caching-dev.txt").exist? config.action_controller.perform_caching = true config.action_controller.enable_fragment_cache_logging = true config.cache_store = :memory_store config.public_file_server.headers = { - 'Cache-Control' => "public, max-age=#{2.days.to_i}" + "Cache-Control" => "public, max-age=#{2.days.to_i}" } else config.action_controller.perform_caching = false @@ -38,27 +44,27 @@ # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log + # Raise exceptions for disallowed deprecations. + config.active_support.disallowed_deprecation = :raise + + # Tell Active Support which deprecation messages to disallow. + config.active_support.disallowed_deprecation_warnings = [] + # Raise an error on page load if there are pending migrations. config.active_record.migration_error = :page_load # Highlight code that triggered database queries in logs. config.active_record.verbose_query_logs = true - # Debug mode disables concatenation and preprocessing of assets. - # This option may cause significant delays in view rendering with a large - # number of complex assets. - config.assets.debug = true - # Suppress logger output for asset requests. config.assets.quiet = true + # Raises error for missing translations. - # config.action_view.raise_on_missing_translations = true + # config.i18n.raise_on_missing_translations = true - # Use an evented file watcher to asynchronously detect changes in source code, - # routes, locales, etc. This feature depends on the listen gem. - config.file_watcher = ActiveSupport::EventedFileUpdateChecker + # Annotate rendered view with file names. + # config.action_view.annotate_rendered_view_with_filenames = true - # In development, bypass Rails 6 DNS rebinding attack protection - # to allow access by default hostname, container host, etc. - config.hosts.clear + # Uncomment if you wish to allow Action Cable access from any origin. + # config.action_cable.disable_request_forgery_protection = true end diff --git a/config/environments/production.rb b/config/environments/production.rb index a5ca612..3ab7fd8 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -1,3 +1,5 @@ +require "active_support/core_ext/integer/time" + Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. @@ -20,32 +22,38 @@ # Disable serving static files from the `/public` folder by default since # Apache or NGINX already handles this. - config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? + config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present? + + # Compress CSS using a preprocessor. + # config.assets.css_compressor = :sass + + # Do not fallback to assets pipeline if a precompiled asset is missed. + config.assets.compile = false # Enable serving of images, stylesheets, and JavaScripts from an asset server. - # config.action_controller.asset_host = 'http://assets.example.com' + # config.asset_host = "http://assets.example.com" # Specifies the header that your server uses for sending files. - # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache - # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX + # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache + # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX # Store uploaded files on the local file system (see config/storage.yml for options). config.active_storage.service = :local # Mount Action Cable outside main process or domain. # config.action_cable.mount_path = nil - # config.action_cable.url = 'wss://example.com/cable' - # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ] + # config.action_cable.url = "wss://example.com/cable" + # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ] # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. - config.force_ssl = false + # config.force_ssl = true - # Use the lowest log level to ensure availability of diagnostic information - # when problems arise. - config.log_level = :debug + # Include generic and useful information about system operation, but avoid logging too much + # information to avoid inadvertent exposure of personally identifiable information (PII). + config.log_level = :info # Prepend all log lines with the following tags. - config.log_tags = [:request_id] + config.log_tags = [ :request_id ] # Use a different cache store in production. # config.cache_store = :mem_cache_store @@ -64,43 +72,22 @@ # the I18n.default_locale when a translation cannot be found). config.i18n.fallbacks = true - # Send deprecation notices to registered listeners. - config.active_support.deprecation = :notify + # Don't log any deprecations. + config.active_support.report_deprecations = false # Use default logging formatter so that PID and timestamp are not suppressed. config.log_formatter = ::Logger::Formatter.new # Use a different logger for distributed setups. - # require 'syslog/logger' - # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name') + # require "syslog/logger" + # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name") - if ENV['RAILS_LOG_TO_STDOUT'].present? - logger = ActiveSupport::Logger.new($stdout) + if ENV["RAILS_LOG_TO_STDOUT"].present? + logger = ActiveSupport::Logger.new(STDOUT) logger.formatter = config.log_formatter config.logger = ActiveSupport::TaggedLogging.new(logger) end # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false - - # Inserts middleware to perform automatic connection switching. - # The `database_selector` hash is used to pass options to the DatabaseSelector - # middleware. The `delay` is used to determine how long to wait after a write - # to send a subsequent read to the primary. - # - # The `database_resolver` class is used by the middleware to determine which - # database is appropriate to use based on the time delay. - # - # The `database_resolver_context` class is used by the middleware to set - # timestamps for the last write to the primary. The resolver uses the context - # class timestamps to determine how long to wait before reading from the - # replica. - # - # By default Rails will store a last write timestamp in the session. The - # DatabaseSelector middleware is designed as such you can define your own - # strategy for connection switching and pass that into the middleware through - # these configuration options. - # config.active_record.database_selector = { delay: 2.seconds } - # config.active_record.database_resolver = ActiveRecord::Middleware::DatabaseSelector::Resolver - # config.active_record.database_resolver_context = ActiveRecord::Middleware::DatabaseSelector::Resolver::Session end diff --git a/config/environments/test.rb b/config/environments/test.rb index dc077a1..6ea4d1e 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -1,3 +1,5 @@ +require "active_support/core_ext/integer/time" + # The test environment is used exclusively to run your application's # test suite. You never need to work with it otherwise. Remember that # your test database is "scratch space" for the test suite and is wiped @@ -5,19 +7,19 @@ Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - config.hosts.clear - config.cache_classes = false - config.action_view.cache_template_loading = true - # Do not eager load code on boot. This avoids loading your whole application - # just for the purpose of running a single test. If you are using a tool that - # preloads Rails for running tests, you may have to set it to true. - config.eager_load = false + # Turn false under Spring and add config.action_view.cache_template_loading = true. + config.cache_classes = true + + # Eager loading loads your whole application. When running a single test locally, + # this probably isn't necessary. It's a good idea to do in a continuous integration + # system, or in some way before deploying your code. + config.eager_load = ENV["CI"].present? # Configure public file server for tests with Cache-Control for performance. config.public_file_server.enabled = true config.public_file_server.headers = { - 'Cache-Control' => "public, max-age=#{1.hour.to_i}" + "Cache-Control" => "public, max-age=#{1.hour.to_i}" } # Show full error reports and disable caching. @@ -44,6 +46,15 @@ # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr + # Raise exceptions for disallowed deprecations. + config.active_support.disallowed_deprecation = :raise + + # Tell Active Support which deprecation messages to disallow. + config.active_support.disallowed_deprecation_warnings = [] + # Raises error for missing translations. - # config.action_view.raise_on_missing_translations = true + # config.i18n.raise_on_missing_translations = true + + # Annotate rendered view with file names. + # config.action_view.annotate_rendered_view_with_filenames = true end diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 35d0f26..54f47cf 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -1,30 +1,25 @@ # Be sure to restart your server when you modify this file. -# Define an application-wide content security policy -# For further information see the following documentation -# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy +# Define an application-wide content security policy. +# See the Securing Rails Applications Guide for more information: +# https://guides.rubyonrails.org/security.html#content-security-policy-header -# Rails.application.config.content_security_policy do |policy| -# policy.default_src :self, :https -# policy.font_src :self, :https, :data -# policy.img_src :self, :https, :data -# policy.object_src :none -# policy.script_src :self, :https -# policy.style_src :self, :https -# # If you are using webpack-dev-server then specify webpack-dev-server host -# policy.connect_src :self, :https, "http://localhost:3035", "ws://localhost:3035" if Rails.env.development? - -# # Specify URI for violation reports -# # policy.report_uri "/csp-violation-report-endpoint" +# Rails.application.configure do +# config.content_security_policy do |policy| +# policy.default_src :self, :https +# policy.font_src :self, :https, :data +# policy.img_src :self, :https, :data +# policy.object_src :none +# policy.script_src :self, :https +# policy.style_src :self, :https +# # Specify URI for violation reports +# # policy.report_uri "/csp-violation-report-endpoint" +# end +# +# # Generate session nonces for permitted importmap and inline scripts +# config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s } +# config.content_security_policy_nonce_directives = %w(script-src) +# +# # Report violations without enforcing the policy. +# # config.content_security_policy_report_only = true # end - -# If you are using UJS then enable automatic nonce generation -# Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) } - -# Set the nonce only to specific directives -# Rails.application.config.content_security_policy_nonce_directives = %w(script-src) - -# Report CSP violations to a specified URI -# For further information see the following documentation: -# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only -# Rails.application.config.content_security_policy_report_only = true diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb index 4a994e1..adc6568 100644 --- a/config/initializers/filter_parameter_logging.rb +++ b/config/initializers/filter_parameter_logging.rb @@ -1,4 +1,8 @@ # Be sure to restart your server when you modify this file. -# Configure sensitive parameters which will be filtered from the log file. -Rails.application.config.filter_parameters += [:password] +# Configure parameters to be filtered from the log file. Use this to limit dissemination of +# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported +# notations and behaviors. +Rails.application.config.filter_parameters += [ + :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn +] diff --git a/config/initializers/new_framework_defaults_7_0.rb b/config/initializers/new_framework_defaults_7_0.rb new file mode 100644 index 0000000..b13ef5e --- /dev/null +++ b/config/initializers/new_framework_defaults_7_0.rb @@ -0,0 +1,143 @@ +# Be sure to restart your server when you modify this file. +# +# This file eases your Rails 7.0 framework defaults upgrade. +# +# Uncomment each configuration one by one to switch to the new default. +# Once your application is ready to run with all new defaults, you can remove +# this file and set the `config.load_defaults` to `7.0`. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. +# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html + +# `button_to` view helper will render `